From bf8b467a3e28196f15479d467936cf0b19793fab Mon Sep 17 00:00:00 2001
From: Xavier Claude <contact@xavierclaude.be>
Date: Wed, 3 Aug 2016 19:59:55 +0200
Subject: [PATCH] Add a tool to generate public dns resolver list

The tool generate two lists, one for IPv4 (list4.json) and one for IPv6
(list6.json) to allow the user to only enable one of the two.

The list is downloaded from http://public-dns.info/ and a sample of the
list was tested with:

for dns in $( awk -F ","  '{ print $1 }' < nameservers.csv ) ; do dig +noedns @$dns google.com | grep NOERROR 1>/dev/null  || echo $dns ; done

~95% of the tested servers responded. So the list is not all crap.
---
 tools/generate-publicdns.py | 69 +++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100755 tools/generate-publicdns.py

diff --git a/tools/generate-publicdns.py b/tools/generate-publicdns.py
new file mode 100755
index 0000000..e4c6d17
--- /dev/null
+++ b/tools/generate-publicdns.py
@@ -0,0 +1,69 @@
+#!/usr/bin/env python3
+
+import csv
+import datetime
+import logging
+import ipaddress
+import json
+import os
+import requests
+
+servers_url = 'http://public-dns.info/nameservers.csv'
+csv_path = 'nameservers.csv'
+dns4_path = 'list4.json'
+dns6_path = 'list6.json'
+
+if os.path.isfile(csv_path):
+    logging.warning('Not erasing local csv file')
+else:
+    req = requests.get(servers_url)
+    with open(csv_path, 'wb') as fd:
+        for chunk in req.iter_content(4096):
+            fd.write(chunk)
+
+ip4_list = []
+ip6_list = []
+with open(csv_path) as csv_file:
+    servers_list = csv.reader(csv_file, delimiter=',', quotechar='"')
+
+    for row in servers_list:
+        if row[5] == '':
+            try: 
+                ip = ipaddress.ip_address(row[0])
+
+                if ip.version == 4:
+                    list = ip4_list
+                else:
+                    list = ip6_list
+
+                list.append(ip.compressed)
+                if len(row[1]) > 0 and row[1] != '.':
+                    list.append(row[1])
+
+            except ValueError as exc:
+                logging.warning(str(exc))
+
+version = datetime.datetime.now().strftime('%Y%m%d')
+
+out4_list = {}
+out4_list['name'] = 'List of known IPv4 public DNS resolvers'
+out4_list['version'] = version
+out4_list['description'] = 'Event contains one or more public IPv4 DNS resolvers as attribute with an IDS flag set'
+out4_list['matching_attribute'] = [ 'ip-src', 'ip-dst', 'domain|ip' ]
+out4_list['list'] = sorted(ip4_list)
+
+
+out6_list = {}
+out6_list['name'] = 'List of known IPv6 public DNS resolvers'
+out6_list['version'] = version
+out6_list['description'] = 'Event contains one or more public IPv6 DNS resolvers as attribute with an IDS flag set'
+out6_list['matching_attribute'] = [ 'ip-src', 'ip-dst', 'domain|ip' ]
+out6_list['list'] = sorted(ip6_list)
+
+
+#print(json.dumps(out4_list, indent=True))
+with open(dns4_path, 'w') as dns4_file:
+    dns4_file.write(json.dumps(out4_list, indent=4, sort_keys=True))
+
+with open(dns6_path, 'w') as dns6_file:
+    dns6_file.write(json.dumps(out6_list, indent=4, sort_keys=True))