You've already forked geoipmysql-py
razian
53 lines
1.2 KiB
Markdown
53 lines
1.2 KiB
Markdown
Create and populate a "locations" table with the IP's location informations of a list generated by Cowrie.
|
|
|
|
## Informations
|
|
|
|
- Latitude
|
|
- Longitude
|
|
- ISP
|
|
- Country
|
|
- CountryCode
|
|
|
|
These informations are provided by ip-api.com.
|
|
|
|
## Installation
|
|
|
|
```
|
|
git clone https://git.rznet.fr/razian/geoipmysql-py.git
|
|
pip install -r requirements.txt
|
|
chmod +x geoipmysql-py/geoipmysql.py
|
|
cp geoipmysql-py/geoipmysql.py /usr/local/bin/geoipmysql
|
|
```
|
|
|
|
## Cowrie configuration
|
|
|
|
Enable the output_mysql in `cowrie.cfg` :
|
|
```
|
|
[output_mysql]
|
|
host = localhost
|
|
database = cowrie
|
|
username = cowrie
|
|
password = <password>
|
|
port = 3306
|
|
debug = false
|
|
enabled = true
|
|
```
|
|
|
|
## Usage
|
|
|
|
```
|
|
usage: geoipmysql.py [-h] [-a HOST] [-u USER] [-p PORT] [-d DATABASE] [-P PASSWORD] [-r] [-n] [-i] [-m MAX]
|
|
|
|
optional arguments:
|
|
-h, --help show this help message and exit
|
|
-a, --address mysql host
|
|
-u, --user mysql user
|
|
-p, --port mysql port
|
|
-d, --database mysql database
|
|
-P, --password mysql password
|
|
-r, --regen drop and recreate locations table
|
|
-n, --new create a new locations table
|
|
-i, --interactive ask for confirmation before commit
|
|
-m, --max-rate max ip-api requests rate
|
|
```
|