mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-12-01 18:43:16 +00:00
174 lines
5.2 KiB
Python
174 lines
5.2 KiB
Python
#!/usr/bin/python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
# Copyright (c) 2015, LCI Technology Group, LLC
|
|
# All rights reserved.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions are met:
|
|
#
|
|
# Redistributions of source code must retain the above copyright notice, this
|
|
# list of conditions and the following disclaimer.
|
|
#
|
|
# Redistributions in binary form must reproduce the above copyright notice,
|
|
# this list of conditions and the following disclaimer in the documentation
|
|
# and/or other materials provided with the distribution.
|
|
#
|
|
# Neither the name of LCI Technology Group, LLC nor the names of its
|
|
# contributors may be used to endorse or promote products derived from this
|
|
# software without specific prior written permission.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
|
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
|
|
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
# POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
|
import datetime
|
|
import sqlite3
|
|
import time
|
|
import sys
|
|
import re
|
|
|
|
#-----------------------------------------------------------------------------
|
|
# Compiled Regular Expressions
|
|
#-----------------------------------------------------------------------------
|
|
q_re = re.compile(r'(.*) dnsmasq\[\d+\]: query\[(.*)\] (.*) from (.*)')
|
|
f_re = re.compile(r'(.*) dnsmasq\[\d+\]: forwarded (.*) to (.*)')
|
|
r_re = re.compile(r'(.*) dnsmasq\[\d+\]: (reply|cached) (.*) is (.*)')
|
|
|
|
|
|
#-----------------------------------------------------------------------------
|
|
# Functions
|
|
#-----------------------------------------------------------------------------
|
|
def create_tables():
|
|
qt = '''
|
|
CREATE TABLE IF NOT EXISTS queries (
|
|
id integer primary key autoincrement,
|
|
source text,
|
|
query_type text,
|
|
name text,
|
|
ts datetime
|
|
)
|
|
'''
|
|
c.execute(qt)
|
|
conn.commit()
|
|
|
|
ft = '''
|
|
CREATE TABLE IF NOT EXISTS forwards (
|
|
id integer primary key autoincrement,
|
|
resolver text,
|
|
name text,
|
|
ts datetime
|
|
)
|
|
'''
|
|
c.execute(ft)
|
|
conn.commit()
|
|
|
|
rt = '''
|
|
CREATE TABLE IF NOT EXISTS replies (
|
|
id integer primary key autoincrement,
|
|
ip text,
|
|
reply_type text,
|
|
name text,
|
|
ts datetime
|
|
)
|
|
'''
|
|
c.execute(rt)
|
|
conn.commit()
|
|
|
|
|
|
def convert_date(ds):
|
|
y = str(datetime.datetime.now().year)
|
|
ltime = time.strptime('{0} {1}'.format(y, ds), '%Y %b %d %H:%M:%S')
|
|
|
|
return time.strftime('%Y-%m-%d %H:%M:%S', ltime)
|
|
|
|
|
|
def parse_query(query):
|
|
m = q_re.match(query)
|
|
if m is not None:
|
|
counts['qc'] += 1
|
|
add_query(m.group(4), m.group(2), m.group(3), m.group(1))
|
|
|
|
|
|
def parse_forward(query):
|
|
m = f_re.match(query)
|
|
if m is not None:
|
|
counts['fc'] += 1
|
|
add_forward(m.group(3), m.group(2), m.group(1))
|
|
|
|
|
|
def parse_reply(query):
|
|
m = r_re.match(query)
|
|
if m is not None:
|
|
counts['rc'] += 1
|
|
add_reply(m.group(4), m.group(2), m.group(3), m.group(1))
|
|
|
|
|
|
def add_query(source, qtype, name, ts):
|
|
sql = "INSERT INTO queries (source, query_type, name, ts) VALUES(?,?,?,?)"
|
|
c.execute(sql, (source, qtype, name, convert_date(ts)))
|
|
|
|
|
|
def add_forward(resolver, name, ts):
|
|
sql = "INSERT INTO forwards (resolver, name, ts) VALUES(?,?,?)"
|
|
c.execute(sql, (resolver, name, convert_date(ts)))
|
|
|
|
|
|
def add_reply(ip, rtype, name, ts):
|
|
sql = "INSERT INTO replies (ip, reply_type, name, ts) VALUES(?,?,?,?)"
|
|
c.execute(sql, (ip, rtype, name, convert_date(ts)))
|
|
|
|
|
|
#-----------------------------------------------------------------------------
|
|
# Main
|
|
#-----------------------------------------------------------------------------
|
|
if len(sys.argv) != 2:
|
|
print 'Usage: dnsmasq_parse.py logfile'
|
|
sys.exit()
|
|
|
|
logfile = sys.argv[1]
|
|
|
|
counts = {'lc': 0, 'qc': 0, 'fc': 0, 'rc': 0, 'bc':0}
|
|
|
|
# Create the SQLite connection
|
|
conn = sqlite3.connect('/etc/pihole/pihole.db')
|
|
c = conn.cursor()
|
|
|
|
create_tables()
|
|
|
|
# Parse the log file.
|
|
for line in open(logfile):
|
|
line = line.rstrip()
|
|
counts['lc'] += 1
|
|
|
|
if (counts['lc'] % 10000) == 0:
|
|
print 'Processed {0} lines.'.format(counts['lc'])
|
|
conn.commit()
|
|
|
|
if ': query[' in line:
|
|
parse_query(line)
|
|
|
|
elif ': forwarded ' in line:
|
|
parse_forward(line)
|
|
|
|
elif (': reply ' in line) or (': cached ' in line):
|
|
parse_reply(line)
|
|
|
|
else:
|
|
counts['bc'] += 1
|
|
|
|
print 'Imported {0} log entries.'.format(counts['lc'] - counts['bc'])
|
|
print '{0} queries, {1} forwards, and {2} replies.'.format(counts['qc'],
|
|
counts['fc'],
|
|
counts['rc'])
|
|
|
|
conn.commit()
|