Skip to content

Commit

Permalink
abuseipdb-reporter.py 0.4.5 add ETHERNET_MASK variable
Browse files Browse the repository at this point in the history 
Default is ETHERNET_MASK = True to mask NIC names, you can set it in abuseipdb-reporter.ini to False if you don't want NIC names masked
  • Loading branch information
@centminmod
centminmod committed Jul 31, 2023
1 parent b9fae93 commit 635414d
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 5 deletions.
15 changes: 10 additions & 5 deletions abuseipdb-reporter.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@
import datetime
from urllib.parse import quote

VERSION = "0.4.4"
VERSION = "0.4.5"
# Set the DEBUG and LOG_API_REQUEST variables here (True or False)
# DEBUG doesn't send to AbuseIPDB. Only logs to file
# LOG_API_REQUEST, when True, logs API requests to file
Expand Down Expand Up @@ -83,6 +83,7 @@
EMAIL_REPLACEMENT = 'EMAIL'

# Set privacy masks
ETHERNET_MASK = True
hostname = socket.gethostname()
full_hostname = socket.getfqdn()
short_hostname = socket.gethostname()
Expand Down Expand Up @@ -121,6 +122,9 @@
if config.has_option('settings', 'DEBUG'):
DEBUG = config.getboolean('settings', 'DEBUG')

if config.has_option('settings', 'ETHERNET_MASK'):
ETHERNET_MASK = config.getboolean('settings', 'ETHERNET_MASK')

if config.has_option('settings', 'LOG_API_REQUEST'):
LOG_API_REQUEST = config.getboolean('settings', 'LOG_API_REQUEST')

Expand Down Expand Up @@ -423,10 +427,11 @@ def get_all_public_ips():
# Replace MAC addresses with a 'masked' string
masked_logs = re.sub(pattern, r'\1xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx', masked_logs)

# This pattern will match the `IN=... OUT=...` pattern in your logs
pattern = r'(IN=)(\w+)( OUT=)'
# Replace ethernet device names with a 'masked' string
masked_logs = re.sub(pattern, r'\1ethX\3', masked_logs)
if ETHERNET_MASK:
# This pattern will match the `IN=... OUT=...` pattern in your logs
pattern = r'(IN=)(\w+)( OUT=)'
# Replace ethernet device names with a 'masked' string
masked_logs = re.sub(pattern, r'\1ethX\3', masked_logs)

if LOG_MODE == 'full':
# Truncate masked_logs to no more than 500 characters
Expand Down
2 changes: 2 additions & 0 deletions readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,7 @@ The script now supports `abuseipdb-reporter.ini` file you can create within same
```
[settings]
DEBUG = True
ETHERNET_MASK = True
LOG_API_REQUEST = True
LOG_MODE = full
JSON_LOG_FORMAT = False
Expand Down Expand Up @@ -346,6 +347,7 @@ Here's an example `abuseipdb-reporter.ini` settings config to enable API submiss
```
[settings]
DEBUG = False
ETHERNET_MASK = True
LOG_API_REQUEST = True
LOG_MODE = compact
JSON_LOG_FORMAT = True
Expand Down

0 comments on commit 635414d

Please sign in to comment.