feat: add wave 3 local database plugins
GeoIP and ASN lookup via MaxMind GeoLite2 mmdb, Tor exit node check against local bulk exit list, IP reputation via Firehol/ET blocklist feeds, and CVE lookup against local NVD JSON mirror. Includes cron-friendly update script (scripts/update-data.sh) for all data sources and make update-data target. GeoLite2 requires a free MaxMind license key; all other sources are freely downloadable. Plugins: geoip, asn, torcheck, iprep, cve Commands: !geoip, !asn, !tor, !iprep, !cve Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
user
@@ -85,6 +85,11 @@ level = "info" # Logging level: debug, info, warning, error
|
||||
| `!timer <duration> [label]` | Set countdown timer with notification |
|
||||
| `!timer list` | Show active timers |
|
||||
| `!timer cancel <label>` | Cancel a running timer |
|
||||
| `!geoip <ip>` | GeoIP lookup (city, country, coords, timezone) |
|
||||
| `!asn <ip>` | ASN lookup (AS number, organization) |
|
||||
| `!tor <ip\|update>` | Check IP against Tor exit nodes |
|
||||
| `!iprep <ip\|update>` | Check IP against Firehol/ET blocklists |
|
||||
| `!cve <id\|search>` | CVE lookup from local NVD mirror |
|
||||
|
||||
### Command Shorthand
|
||||
|
||||
@@ -155,6 +160,48 @@ async def cmd_dangerous(bot, message):
|
||||
...
|
||||
```
|
||||
|
||||
## Local Databases (Wave 3)
|
||||
|
||||
Several plugins rely on local data files in the `data/` directory. Use the
|
||||
update script or in-bot commands to populate them.
|
||||
|
||||
### Data Update Script
|
||||
|
||||
```bash
|
||||
./scripts/update-data.sh # Update all feeds
|
||||
MAXMIND_LICENSE_KEY=xxx ./scripts/update-data.sh # Include GeoLite2
|
||||
```
|
||||
|
||||
The script is cron-friendly (exit 0/1, quiet unless `NO_COLOR` is unset).
|
||||
|
||||
### In-Bot Updates
|
||||
|
||||
```
|
||||
!tor update # Download Tor exit node list
|
||||
!iprep update # Download Firehol/ET blocklist feeds
|
||||
!cve update # Download NVD CVE feed (slow, paginated)
|
||||
```
|
||||
|
||||
### Data Directory Layout
|
||||
|
||||
```
|
||||
data/
|
||||
GeoLite2-City.mmdb # MaxMind GeoIP (requires license key)
|
||||
GeoLite2-ASN.mmdb # MaxMind ASN (requires license key)
|
||||
tor-exit-nodes.txt # Tor exit node IPs
|
||||
iprep/ # Firehol/ET blocklist feeds
|
||||
firehol_level1.netset
|
||||
firehol_level2.netset
|
||||
et_compromised.ipset
|
||||
...
|
||||
nvd/ # NVD CVE JSON files
|
||||
nvd_0000.json
|
||||
...
|
||||
```
|
||||
|
||||
GeoLite2 databases require a free MaxMind license key. Set
|
||||
`MAXMIND_LICENSE_KEY` when running the update script.
|
||||
|
||||
## Plugin Management
|
||||
|
||||
Plugins can be loaded, unloaded, and reloaded at runtime without
|
||||
|
||||
Reference in New Issue
Block a user