cclogconv(IPアドレスから国名を取得するツール)を使ってみた
???
[PMAC226S ~/src/github.com/rhykw/cclogconv]$ echo "111.169.213.70" | cclogconv --data ./GeoLite2-Country.mmdb JP 111.169.213.70
とりあえずtmp直下にDBはおくように設定してビルド
[PMAC226S ~/src/github.com/rhykw/cclogconv]$ git diff diff --git a/cclogconv.go b/cclogconv.go index e4bf4da..883fc76 100644 --- a/cclogconv.go +++ b/cclogconv.go @@ -15,7 +15,7 @@ import ( func main() { var ( - optMmdbFilePath = flag.String("data", "/usr/share/GeoIP2/GeoLite2-Country.mmdb", "GeoIP2 Database Filename") + optMmdbFilePath = flag.String("data", "/tmp/GeoLite2-Country.mmdb", "GeoIP2 Database Filename") selectCc = flag.String("cc", "", "Only displays line including this country's ip") nFlag = flag.Bool("n", false, "Not adding country code") vFlag = flag.Bool("v", false, "Reverse condition for cc option")
cd /tmp curl -O http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.mmdb.gz gunzip GeoLite2-Country.mmdb.gz
準備OK
使う
- 未使用時
[PMAC226S ~/src/github.com/rhykw/cclogconv]$ tail -10 access.log 66.249.71.213 - - [29/Jan/2016:21:47:09 +0900] "GET /feed/ HTTP/1.1" 404 168 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 17.142.156.142 - - [29/Jan/2016:21:53:00 +0900] "GET / HTTP/1.1" 200 15817 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5 (Applebot/0.1; +http://www.apple.com/go/applebot)" 66.249.71.213 - - [29/Jan/2016:21:56:09 +0900] "GET /%E3%81%8B%E3%82%81%E3%83%95%E3%83%BC%E3%83%89%E5%A5%BD%E3%81%8D%E4%B8%89%E4%BA%BA%E8%A1%86/ HTTP/1.1" 404 168 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 157.55.39.71 - - [29/Jan/2016:21:56:21 +0900] "GET /robots.txt HTTP/1.1" 404 168 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" 157.55.39.71 - - [29/Jan/2016:21:56:26 +0900] "GET / HTTP/1.1" 200 15828 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" 185.130.5.244 - - [29/Jan/2016:22:20:26 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.0" 404 16 "-" "-" 66.249.71.252 - - [29/Jan/2016:22:26:35 +0900] "GET /?cat=11 HTTP/1.1" 200 15992 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 157.55.39.71 - - [29/Jan/2016:22:59:20 +0900] "GET /%e3%82%ad%e3%83%9c%e3%82%b75/ HTTP/1.1" 404 168 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" 66.249.71.234 - - [29/Jan/2016:23:14:35 +0900] "GET /?m=201509 HTTP/1.1" 200 16072 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 184.105.139.68 - - [29/Jan/2016:23:22:49 +0900] "GET / HTTP/1.1" 200 15828 "-" "-"
- かませてみる
[PMAC226S ~/src/github.com/rhykw/cclogconv]$ tail -10 access.log | ./cclogconv US 66.249.71.213 - - [29/Jan/2016:21:47:09 +0900] "GET /feed/ HTTP/1.1" 404 168 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" US 17.142.156.142 - - [29/Jan/2016:21:53:00 +0900] "GET / HTTP/1.1" 200 15817 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5 (Applebot/0.1; +http://www.apple.com/go/applebot)" US 66.249.71.213 - - [29/Jan/2016:21:56:09 +0900] "GET /%E3%81%8B%E3%82%81%E3%83%95%E3%83%BC%E3%83%89%E5%A5%BD%E3%81%8D%E4%B8%89%E4%BA%BA%E8%A1%86/ HTTP/1.1" 404 168 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" US 157.55.39.71 - - [29/Jan/2016:21:56:21 +0900] "GET /robots.txt HTTP/1.1" 404 168 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" US 157.55.39.71 - - [29/Jan/2016:21:56:26 +0900] "GET / HTTP/1.1" 200 15828 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" LT 185.130.5.244 - - [29/Jan/2016:22:20:26 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.0" 404 16 "-" "-" US 66.249.71.252 - - [29/Jan/2016:22:26:35 +0900] "GET /?cat=11 HTTP/1.1" 200 15992 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" US 157.55.39.71 - - [29/Jan/2016:22:59:20 +0900] "GET /%e3%82%ad%e3%83%9c%e3%82%b75/ HTTP/1.1" 404 168 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" US 66.249.71.234 - - [29/Jan/2016:23:14:35 +0900] "GET /?m=201509 HTTP/1.1" 200 16072 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" US 184.105.139.68 - - [29/Jan/2016:23:22:49 +0900] "GET / HTTP/1.1" 200 15828 "-" "-"
使いみち
たとえば、便利だと思うのが中国からきてるIPをまるっと弾きたいとき
[PMAC226S ~/src/github.com/rhykw/cclogconv]$ cat access.log | ./cclogconv | grep '^CN' | awk '{print $2}' | sort | uniq 101.254.204.65 171.214.248.34 180.76.15.13 180.76.15.135 180.76.15.136 180.76.15.137 180.76.15.141 180.76.15.143 180.76.15.147 180.76.15.155 180.76.15.157 180.76.15.162 180.76.15.17 180.76.15.19 180.76.15.22 180.76.15.31 180.76.15.6 180.97.106.161 202.46.50.12 222.191.236.114
かんたんに取り出せる。
