Shell Script to get the network list by domain name

If you followed my guide HERE and HERE you might be wondering if there is no easier/more automated way of doing it, and in fact there is a simple script that you could build.


#!/bin/bash
if [ "$#" -eq 0 ]; then
  echo "Usage: ./${0}  [v4|v6]"
  exit 1
fi

FILTER="route"
if [ "$#" -eq 2 ]; then
  if [ "$2" == "v4" ]
  then
     FILTER="route:"
  fi
  if [ "$2" == "v6" ]
     then
         FILTER="route6:"
  fi
fi

WHOISSERVER="whois.radb.net"
IPN=$(dig +short $1 | head -1)
ASN=$( whois -h ${WHOISSERVER} ${IPN} | grep -i origin | tr -s " " | cut -d " " -f2)
for i in $ASN; do
  whois -h ${WHOISSERVER} -- "-i origin ${i}" | grep ^${FILTER} | tr -s " " | cut -d " " -f2-
done

 
While this script is handy and it’s nice to know the networks of the large players of the internet, you shouldn’t be too trigger happy with its output, for example if you attempt to block just the domain “example.com” this way you would block a WHOLE LOT more than you are expecting,the primary goal of this script not to be an input for iptables but to be a guide of which networks belongs to whom.
 

Bonus:

You can make the list shorter by aggregating smaller networks in a bigger CIDR, for example “192.168.0.0/24” and “192.168.1.0/24” could be expressed as “192.168.0.0/23”
HERE you can find a python script that accept as input a list of networks, all you need to do is pipe the output of the script above in this script and you’ll get an optimized list.
an example to get a nice list of CIDRs of the facebook network.


./getnetworks.sh facebook.com | aggregate6

It should output the following as of 2019-11-02:


31.13.24.0/21
31.13.64.0/18
45.64.40.0/22
66.220.144.0/20
69.63.176.0/20
69.171.224.0/19
74.119.76.0/22
102.132.96.0/20
103.4.96.0/22
129.134.0.0/16
157.240.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
199.201.64.0/22
204.15.20.0/22
2401:db00::/32
2620:0:1c00::/40
2803:6080::/32
2a03:2880::/32
2a03:2887:ff34::/48

Sources:

https://stackoverflow.com/questions/11164672/list-of-ip-space-used-by-facebook
https://gist.github.com/normoes/829d65866c8bf6d32b13f020479b172b
https://developers.facebook.com/docs/sharing/webmasters/crawler
https://github.com/job/aggregate6

Get AS(Autonomous System) Number By domain name

If you followed my last post HERE you might be wondering “That’s great and all, but how do I find the AS number in the first place?”.

If you are running Linux it’s easy:

First install dig and whois:

If you are using Centos/Fedora:


yum install bind-utils whois -y

 
In case you are using Debian/Ubuntu:


apt install dnsutils whois -y

 
After that to get the IP number associated with the domain.


dig +short facebook.com | head -1

 
The output should be an IP address in example:


31.13.91.36

 
With the IP address in hand to get the ASN you just need to run:


whois -h whois.radb.net '31.13.91.36' | grep -i origin | tr -s " " | cut -d " " -f2

 
Voila the output should be the AS number(s)


AS32934

 
And with most things on the internet these lists are not static so you should build a script to update them from time to time.

Sources:

https://stackoverflow.com/questions/11164672/list-of-ip-space-used-by-facebook
https://gist.github.com/normoes/829d65866c8bf6d32b13f020479b172b
https://developers.facebook.com/docs/sharing/webmasters/crawler

Get IP address Space By AS(Autonomous System) Number

Sometimes you need to get all possible address blocks of a network but most of the time there is no easy way to figure it out, looking at you Facebook and Google, but fear not sysadmin we have one handy trick up in our sleeve, by using whois with the AS number of the company we can build this kind of list.
 
We’ll use Facebook(AS32934) as an example, but it should work for any Autonomous System.


whois -h whois.radb.net -- "-i origin AS32934" | grep ^route | tr -s " " | cut -d " " -f2-

Continue reading “Get IP address Space By AS(Autonomous System) Number”

Zombasite error while loading shared libraries: libpng12.so.0

If you are trying to run Zombasite GoG Version and the game is not starting properly what you can do to try and debug the issue is to run in in a terminal and see the output.


~/GOG\ Games/Zombasite/start.sh

 
If you get de following output:


Running Zombasite
./Zombasite: error while loading shared libraries: libpng12.so.0:
 cannot open shared object file: No such file or directory


 
This output means you are missing at least libpng12.
Continue reading “Zombasite error while loading shared libraries: libpng12.so.0”

Install proxmox 6.0 on top of Debian Buster

This is mostly a copy&paste of the article about installing Proxmox 5.X on top of Debian Stretch, but with the links and repositories updated to the new Debian Buster and Proxmox 6.X

The default proxmox installation ISO is notably minimalist, and one way to be able to do simple customization and have a little bit more flexibility to for example choose the partition layout or use an encrypted LVM is to first make a basic Debian installation and then upgrade it to a full blown Proxmox Installation.

This process is simple, fast and is described in detail at the official proxmox wiki here

But here is the tl;dr version with a few extras and useful modifications from the original article:

Start by making a minimal installation of Debian 10,ie. at the software selection screen check only “SSH server” and “standard system utilities”.
After installation boot to your new Debian machine and be sure that you can resolve the host-name of your machine, the command bellow must return an IP address that is not ‘127.0.0.1’.
This step is important because Proxmox expect to have a “real”( non localhost) IP or else the installation of the package ‘proxmox-ve’ will fail during post-install.
Continue reading “Install proxmox 6.0 on top of Debian Buster”

RIP Sound Card Audio in Linux

Sometimes you need a quick and dirty way of ripping the audio of your sound card, in Linux you can easily do it with the following script:


#!/bin/bash
set -x
WAV="$1"
if [ -z "$WAV" ]; then
    echo "Usage: $0 OUTPUT.WAV" >&2
    exit 1
fi
rm -f "$WAV"

# Get sink monitor:
MONITOR=$(pactl list | egrep -A2 '^(\*\*\* )?Source #' | \
    grep 'Name: .*\.monitor$' | awk '{print $NF}' | tail -n1)
echo "set-source-mute ${MONITOR} false" | pacmd >/dev/null

# Record it raw, and convert to a wav
echo "Recording to $WAV ..."
echo "Close this window to stop"
parec -d "$MONITOR" | sox -t raw -b 16 -e signed -c 2 -r 44100 - "$WAV"

 
Store it somewhere in your PATH, and when you need to record the audio just use it as:


./soundRipper.sh output.wav

 
If you don’t want to store wave files you can convert it as shown HERE

Sources:

https://outflux.net/blog/archives/2009/04/19/recording-from-pulseaudio/
https://www.pantz.org/software/alsa/recording_sound_from_your_web_browser_using_linux.html

Convert wav files to mp3

When you want to convert a wave file to MP3, one of the simplest ways you’ll find is by using ffmpeg.

If you use Debian, you can install it with:

apt install ffmpeg

 
If you use Centos you can install it following this steps:

sudo rpm -v --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
wget http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
yum localinstall nux-dextop-release-0-5.el7.nux.noarch.rpm -y 
yum update
yum install ffmpeg -y

 
After that, you just need to specify the files input and output names

ffmpeg -i input.wav -acodec mp3 -ab 256k output.mp3

 

Sources:

https://lonewolfonline.net/convert-wav-mp3-linux/
https://linuxadmin.io/install-ffmpeg-on-centos-7/

Install proxmox 5.0 on top of Debian Stretch

The default proxmox installation ISO is notably minimalist, and one way to be able to do simple customization and have a little bit more flexibility to for example choose the partition layout or use an encrypted LVM is to first make a basic Debian installation and then upgrade it to a full blown Proxmox Installation.

This process is simple, fast and is described in detail at the official proxmox wiki here

But here is the tl;dr version with a few extras and useful modifications from the original article:

Start by making a minimal installation of Debian 9,ie. at the software selection screen check only “SSH server” and “standard system utilities”.
After installation boot to your new Debian machine and be sure that you can resolve the host-name of your machine, the command bellow must return an IP address that is not ‘127.0.0.1’.
This step is important because Proxmox expect to have a “real”( non localhost) IP or else the installation of the package ‘proxmox-ve’ will fail during post-install.
Continue reading “Install proxmox 5.0 on top of Debian Stretch”

Bad Idea of the day, Compiling PHP-52 for Debian 8

Sometimes you have to test a bad idea, or you just don’t want/can’t to let that 10+ years old ugly and unmaintained project die no matter what, and for that you might have to use a EOL unsupported PHP version

First install the necessary build tools, some of which you may not need:

apt-get install -y autoconf2.13 libbz2-dev libcurl4-openssl-dev libltdl-dev libmcrypt-dev libevent-dev libmhash-dev libmysqlclient-dev libpcre3-dev libpng12-dev libxml2-dev make patch xmlstarlet make patch libssl-dev libssl1.0.0

Continue reading “Bad Idea of the day, Compiling PHP-52 for Debian 8”

Bad Idea of the day, Disable Secure Repository check APT

Sometimes you are trying to install stuff from a really ancient repository that sometimes don’t have the necessary security functions in place, looking at you ‘HP Software Delivery Repository for mcp’, while this is generally a bad idea you can force apt to ignore the safety checks, and what could possibly wrong by doing it :), by appending “-o Acquire::Check-Valid-Until=false -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true” at the end of your apt command.
 

apt update -o Acquire::Check-Valid-Until=false -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true

Continue reading “Bad Idea of the day, Disable Secure Repository check APT”