dns_bird/dnsmasq_exp_rej.py

import sqlite3
from netaddr import IPNetwork, IPAddress, cidr_merge

DB_FILE = "/etc/bird/dnsmasq.db"
OUTPUT_FILE = "/etc/bird/notRU_ips.txt"
EXCLUDE_COUNTRY = "Russia"

conn = sqlite3.connect(DB_FILE)
cur = conn.cursor()

# --- Получаем все IP кроме России ---
cur.execute(f"""
    SELECT ip FROM dns_log
    WHERE ip != '193.124.203.97'
    and ip not like '172.16.%'
    and ip not like '192.168.%'
    and ip not like '10.%'
     and country != ?
""", (EXCLUDE_COUNTRY,))

ips = [row[0] for row in cur.fetchall()]

# --- Преобразуем в объекты IPAddress ---
ip_objs = [IPAddress(ip) for ip in ips]

# --- Объединяем соседние IP в минимальные сети ---
cidrs = cidr_merge(ip_objs)

# --- Выгружаем в формат reject ---
with open(OUTPUT_FILE, "w") as f:
    for net in cidrs:
        if net.prefixlen == 32:
            f.write(f"route {net.network}/32 reject;\n")
        else:
            # Для сети /24, /16 и т.д. — блокируем всю сеть
            f.write(f"route {net} reject;\n")

print(f"Exported {len(cidrs)} networks to {OUTPUT_FILE}")