gru/ip-whois
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
094480eb285acf17a4644df41a73dbca2a35b519
ip-whois/README.md
Mateusz Gruszczyński e90ea1631c first commit
2026-02-05 12:11:32 +01:00

3.5 KiB
Raw Blame History

IP WHOIS Analyzer Pro

IP WHOIS Analyzer Pro is a small Flask-based web application for bulk IP analysis.
It queries WHOIS/ASN data, lets you filter results, and generates ready-to-use firewall rules.

Features

  • Paste a free-form list of IPv4 addresses (mixed separators).
  • Bulk lookup via Team Cymru WHOIS, with classic WHOIS as a fallback.
  • Per-IP details: ASN, owner, country, network/prefix.
  • Interactive filters by:
    • Country
    • ASN
    • Owner
  • Export of selected/filtered IPs to:
    • IPSet (with timeout)
    • iptables
    • Nginx deny
    • Apache access rules
    • Firewalld rich rules
    • MikroTik RouterOS address-list + firewall filter
    • CIDR network list
    • CSV

Requirements

  • Python 3.9+
  • System packages:
    • whois (Debian/Ubuntu: sudo apt install whois)
  • Python packages:
    • flask
    • requests

You can install Python dependencies with:

pip install -r requirements.txt

(Or, if you do not use the file, install manually:)

pip install flask requests

Running the Application

python ip_analyzer.py

By default the app listens on:

You can change host/port in ip_analyzer.py if needed.

Usage (Web UI)

  1. Open http://localhost:8799 in your browser.
  2. Paste IP addresses into the textarea.
    • Lines, spaces, commas, semicolons and tabs are all accepted.
  3. Click "Analyze IP Addresses".
  4. Use the filters (countries, ASNs, owners) to narrow down results.
  5. Select/deselect IPs in the table if you only want a subset.
  6. Choose an export format (IPSet, iptables, Nginx, etc.) and copy or download the output.

Usage (API)

Analyze IPs

curl -X POST http://localhost:8799/api/analyze \
  -H "Content-Type: application/json" \
  -d '{"ips": "1.1.1.1, 8.8.8.8, 9.9.9.9"}'

Example in Python:

import requests

resp = requests.post(
    "http://localhost:8799/api/analyze",
    json={"ips": "1.1.1.1, 8.8.8.8, 9.9.9.9"},
)
data = resp.json()
print("Total IPs:", data["stats"]["total"])
for row in data["results"]:
    print(row["ip"], "->", row["country"], row["asn"])

Export IPSet Rules

curl -X POST http://localhost:8799/api/export/ipset \
  -H "Content-Type: application/json" \
  -d '{"ips": ["1.1.1.1", "8.8.8.8"], "timeout": 86400}'

Other export endpoints follow the same pattern:

  • /api/export/iptables
  • /api/export/nginx
  • /api/export/apache
  • /api/export/firewalld
  • /api/export/mikrotik
  • /api/export/cidr
  • /api/export/csv

Refer to the web API documentation at /api for full examples.

Project Structure

ip-whois-analyzer/
├── ip_analyzer.py              # Main Flask application
├── requirements.txt            # Python dependencies
├── README.md                   # This file
├── templates/
│   ├── base.html              # Base template
│   ├── index.html             # Main web interface
│   └── api.html               # API documentation
└── static/
    ├── css/
    │   └── style.css          # Custom styles
    └── js/
        ├── main.js            # Main app logic
        └── api.js             # API docs logic

Security Notes

  • The application is designed for local/admin use.
  • If you expose it externally, put it behind proper authentication and TLS.
  • Generated rules should be reviewed before applying to production firewalls.

License

This project is provided as-is, without any warranty.
Use at your own risk.

Reference in New Issue View Git Blame Copy Permalink