from datetime import datetime def _ts() -> str: return datetime.now().strftime('%Y-%m-%d') def generate_ipset(ips: list[str], timeout: int = 86400) -> str: timestamp = _ts() rules = f'''#!/bin/bash # IPSet Rules - Generated {timestamp} # Total IPs: {len(ips)} # Timeout: {timeout} seconds ({timeout//3600} hours) # Create ipset ipset create blocked_ips hash:ip timeout {timeout} maxelem 1000000 # Add IPs to set ''' for ip in ips: rules += f'ipset add blocked_ips {ip}\n' rules += ''' # Apply iptables rules iptables -I INPUT -m set --match-set blocked_ips src -j DROP iptables -I FORWARD -m set --match-set blocked_ips src -j DROP echo "IPSet created and iptables rules applied" echo "To remove: ipset destroy blocked_ips" ''' return rules def generate_iptables(ips: list[str]) -> str: timestamp = _ts() rules = f'''#!/bin/bash # iptables Rules - Generated {timestamp} # Total IPs: {len(ips)} # INPUT chain (incoming connections) ''' for ip in ips: rules += f'iptables -A INPUT -s {ip} -j DROP\n' rules += '\n# FORWARD chain (routed traffic)\n' for ip in ips: rules += f'iptables -A FORWARD -s {ip} -j DROP\n' rules += ''' # Save rules iptables-save > /etc/iptables/rules.v4 echo "iptables rules applied and saved" ''' return rules def generate_nginx(ips: list[str]) -> str: timestamp = _ts() rules = f'''# Nginx Deny Rules - Generated {timestamp} # Total IPs: {len(ips)} # # Usage: Include in http or server block # include /etc/nginx/conf.d/blocked_ips.conf; ''' for ip in ips: rules += f'deny {ip};\n' rules += '\n# After adding rules, reload nginx:\n# nginx -t && nginx -s reload\n' return rules def generate_apache(ips: list[str]) -> str: timestamp = _ts() rules = f'''# Apache Deny Rules - Generated {timestamp} # Total IPs: {len(ips)} # # Usage: Add to .htaccess or VirtualHost configuration Require all granted ''' for ip in ips: rules += f' Require not ip {ip}\n' rules += ''' # After adding rules, restart apache: # systemctl restart apache2 ''' return rules def generate_firewalld(ips: list[str]) -> str: timestamp = _ts() rules = f'''#!/bin/bash # Firewalld Rules - Generated {timestamp} # Total IPs: {len(ips)} ''' for ip in ips: rules += f'firewall-cmd --permanent --add-rich-rule="rule family=\'ipv4\' source address=\'{ip}\' reject"\n' rules += ''' # Reload firewall firewall-cmd --reload echo "Firewalld rules applied" ''' return rules def generate_mikrotik(ips: list[str]) -> str: timestamp = _ts() rules = f'''# MikroTik RouterOS Configuration - Generated {timestamp} # Total IPs: {len(ips)} # # Usage: Copy and paste into RouterOS Terminal /ip firewall address-list ''' for ip in ips: rules += f'add list=blocked_ips address={ip} comment="Auto-blocked {timestamp}"\n' rules += ''' # Create firewall filter rules (if not exists) /ip firewall filter add chain=input src-address-list=blocked_ips action=drop comment="Drop blocked IPs - input" add chain=forward src-address-list=blocked_ips action=drop comment="Drop blocked IPs - forward" # Verify /ip firewall address-list print where list=blocked_ips ''' return rules def generate_cidr(results: list[dict[str, str]]) -> str: networks = sorted(set(r['network'] for r in results if r['network'] != 'Unknown')) timestamp = _ts() output = f'''# CIDR Networks - Generated {timestamp} # Total unique networks: {len(networks)} # # One network per line ''' return output + '\n'.join(networks) def generate_csv(results: list[dict[str, str]]) -> str: csv = 'IP,ASN,Owner,User,Country,Network\n' for item in results: ip = item['ip'] asn = item['asn'].replace('"', '""') owner = item['owner'].replace('"', '""') user = item.get('user', 'Unknown').replace('"', '""') country = item['country'] network = item['network'] csv += f'"{ip}","{asn}","{owner}","{user}","{country}","{network}"\n' return csv