Event stats with GeoIP info (#160)

* add geoip lookup for new registrations - no stats printing yet

* add mmdb paths to config file

* stats for expired registrations

* stats for closed connections including geoip

* omit empty field in bettter event logging and generalize err handling

* handle nil err pointer deref

* missed negate on bool check

* remove reg expire msg and add extra info to tun close msg

* remove omit for default values on v6 and tun count

* add libver and gen to closed proxy event log

* disable tests requiring installed mmdb

* fix linter issue

Author: jmwample

.github/workflows/golang.yml

@@ -63,4 +63,4 @@ jobs:
         uses: golangci/golangci-lint-action@v3
         with:
           version: latest
-          args: --disable structcheck,govet
+          args: -v --disable structcheck,govet

application/config.toml

@@ -99,6 +99,12 @@ detector_filter_list = [
 # Log level, one of the following: info, error, warn, debug, trace
 log_level = "error"
 
+# MaxMind Database files - if empty then the Empty Geoip lookup will be used (effictvely disaling
+# lookup). The default path used by the maxmind geoiupdate tool is `/usr/local/share/GeoIP`.
+# repo - https://github.com/maxmind/geoipupdate/blob/main/pkg/geoipupdate/defaults_notwin.go#L15
+geoip_cc_db_path = ""
+geoip_asn_db_path = ""
+
 ### ZMQ sockets to connect to and subscribe
 
 ## Registration API

application/geoip/empty.go

@@ -0,0 +1,29 @@
+package geoip
+
+import (
+	"errors"
+	"net"
+)
+
+var (
+	// ErrNoDatabasesProvided indicates that no databases were provided so we are going to return a
+	// struct implementing the Database interface so stations that don't support geoip can still
+	// operate normally.
+	ErrNoDatabasesProvided = errors.New("no databases provided - using empty Geoip")
+)
+
+// EmptyDatabase provides the Geoip functionality that we need using the MaxMind GeoIP service
+type EmptyDatabase struct {
+}
+
+// ASN returns the Autonomous System Number (ASN) associated with the provided IP.
+// The Empty Database Returns 0.
+func (mmdb *EmptyDatabase) ASN(ip net.IP) (uint, error) {
+	return 0, nil
+}
+
+// CC returns the ISO country code associated with the provided IP. The Empty Database Returns an
+// empty string.
+func (mmdb *EmptyDatabase) CC(ip net.IP) (string, error) {
+	return "", nil
+}

application/geoip/geoip.go

@@ -0,0 +1,114 @@
+package geoip
+
+import (
+	"errors"
+	"fmt"
+	"net"
+
+	"github.com/oschwald/geoip2-golang"
+)
+
+// Database provides the minimal useful interface for looking up relevant information so we
+// aren't tied tp the types / interface of a specific GeoIP library
+type Database interface {
+	ASN(ip net.IP) (uint, error)
+	CC(ip net.IP) (string, error)
+}
+
+var (
+	// ErrMissingDB indicates that one or more of the utility databases was not provided. The wrapped
+	// error message should indicate which database was missing.
+	ErrMissingDB = errors.New("missing one or more geoip DBs")
+)
+
+// DBConfig contains options used for GeoIP lookup - including paths to database files
+type DBConfig struct {
+	CCDBPath  string `toml:"geoip_cc_db_path"`
+	ASNDBPath string `toml:"geoip_asn_db_path"`
+}
+
+// New returns a database given a config. If the provided config is nil, the Empty Database will
+// be returned.
+func New(conf *DBConfig) (Database, error) {
+
+	// If no config is provided or the config provided contains no DB paths return the empty db.
+	if conf == nil {
+		return &EmptyDatabase{}, fmt.Errorf("%w: no config", ErrMissingDB)
+	} else if conf.ASNDBPath == "" && conf.CCDBPath == "" {
+		return &EmptyDatabase{}, fmt.Errorf("%w: no asn or cc db files", ErrMissingDB)
+	}
+
+	db := &maxMindDatabase{DBConfig: conf}
+
+	err := db.init()
+	if errors.Is(err, ErrMissingDB) {
+		return db, err
+	} else if err != nil {
+		return nil, err
+	}
+
+	return db, nil
+}
+
+// maxMindDatabase provides the GeoIP functionality that we need using the MaxMind GeoIP service
+type maxMindDatabase struct {
+	*DBConfig
+
+	asnReader *geoip2.Reader
+	ccReader  *geoip2.Reader
+}
+
+// ASN returns the Autonomous System Number (ASN) associated with the provided IP.
+func (mmdb *maxMindDatabase) init() error {
+	var err error
+
+	if mmdb.ASNDBPath != "" {
+		mmdb.asnReader, err = geoip2.Open(mmdb.DBConfig.ASNDBPath)
+		if err != nil {
+			return err
+		}
+	}
+
+	if mmdb.CCDBPath != "" {
+		mmdb.ccReader, err = geoip2.Open(mmdb.DBConfig.CCDBPath)
+		if err != nil {
+			return err
+		}
+	}
+
+	if mmdb.ccReader == nil && mmdb.asnReader != nil {
+		return fmt.Errorf("%w: no cc db file", ErrMissingDB)
+	} else if mmdb.ccReader != nil && mmdb.asnReader == nil {
+		return fmt.Errorf("%w: no asn db file", ErrMissingDB)
+	}
+
+	return nil
+}
+
+// ASN returns the Autonomous System Number (ASN) associated with the provided IP.
+func (mmdb *maxMindDatabase) ASN(ipAddress net.IP) (uint, error) {
+	if mmdb == nil || mmdb.asnReader == nil {
+		return 0, nil
+	}
+
+	record, err := mmdb.asnReader.ASN(ipAddress)
+	if err != nil {
+		return 0, err
+	}
+
+	return record.AutonomousSystemNumber, nil
+}
+
+// CC returns the ISO country code associated with the provided IP.
+func (mmdb *maxMindDatabase) CC(ipAddress net.IP) (string, error) {
+	if mmdb == nil || mmdb.ccReader == nil {
+		return "", nil
+	}
+
+	record, err := mmdb.ccReader.Country(ipAddress)
+	if err != nil {
+		return "", err
+	}
+
+	return record.Country.IsoCode, nil
+}

application/geoip/geoip_test.go

@@ -0,0 +1,109 @@
+package geoip
+
+import (
+	"net"
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func DisabledTestGeoIPMaxMind(t *testing.T) {
+	dbDir := "/opt/mmdb/"
+	c := &DBConfig{
+		ASNDBPath: filepath.Join(dbDir, "GeoLite2-ASN.mmdb"),
+		CCDBPath:  filepath.Join(dbDir, "GeoLite2-Country.mmdb"),
+	}
+
+	db, err := New(c)
+	require.Nil(t, err)
+
+	// If you are using strings that may be invalid, check that ip is not nil
+	ip := net.ParseIP("81.2.69.142")
+	cc, err := db.CC(ip)
+	require.Nil(t, err)
+
+	asn, err := db.ASN(ip)
+	require.Nil(t, err)
+
+	t.Log(cc)
+	t.Log(asn)
+}
+
+func DisabledTestGeoIPNoASN(t *testing.T) {
+	dbDir := "/opt/mmdb/"
+	c := &DBConfig{
+		CCDBPath: filepath.Join(dbDir, "GeoLite2-Country.mmdb"),
+	}
+
+	db, err := New(c)
+	require.ErrorIs(t, err, ErrMissingDB)
+	require.NotNil(t, db)
+
+	// If you are using strings that may be invalid, check that ip is not nil
+	ip := net.ParseIP("81.2.69.142")
+	cc, err := db.CC(ip)
+	require.Nil(t, err)
+	require.Equal(t, "GB", cc)
+
+	asn, err := db.ASN(ip)
+	require.Nil(t, err)
+	require.Equal(t, uint(0), asn)
+}
+
+func DisabledTestGeoIPNoCC(t *testing.T) {
+	dbDir := "/opt/mmdb/"
+	c := &DBConfig{
+		ASNDBPath: filepath.Join(dbDir, "GeoLite2-ASN.mmdb"),
+		CCDBPath:  "",
+	}
+
+	db, err := New(c)
+	require.ErrorIs(t, err, ErrMissingDB)
+	require.NotNil(t, db)
+
+	// If you are using strings that may be invalid, check that ip is not nil
+	ip := net.ParseIP("81.2.69.142")
+	cc, err := db.CC(ip)
+	require.Nil(t, err)
+	require.Equal(t, "", cc)
+
+	asn, err := db.ASN(ip)
+	require.Nil(t, err)
+	require.Equal(t, uint(20712), asn)
+}
+
+func TestGeoIPEmpty(t *testing.T) {
+	c := &DBConfig{
+		ASNDBPath: "",
+		CCDBPath:  "",
+	}
+
+	_, err := New(nil)
+	require.ErrorIs(t, err, ErrMissingDB)
+
+	db, err := New(c)
+	require.ErrorIs(t, err, ErrMissingDB)
+	require.NotNil(t, db)
+
+	// If you are using strings that may be invalid, check that ip is not nil
+	ip := net.ParseIP("81.2.69.142")
+	cc, err := db.CC(ip)
+	require.Nil(t, err)
+	require.Equal(t, "", cc)
+
+	asn, err := db.ASN(ip)
+	require.Nil(t, err)
+	require.Equal(t, uint(0), asn)
+}
+
+func TestGeoIPNonMissingError(t *testing.T) {
+	c := &DBConfig{
+		ASNDBPath: "",
+		CCDBPath:  "abcdef",
+	}
+
+	db, err := New(c)
+	require.NotErrorIs(t, err, ErrMissingDB)
+	require.Nil(t, db)
+}

application/lib/config_test.go

@@ -20,4 +20,8 @@ func TestConfigParse(t *testing.T) {
 	lc := c.LivenessConfig()
 	require.NotEqual(t, "", lc.CacheDuration)
 	require.NotEqual(t, "", lc.CacheDurationNonLive)
+
+	// var db geoip.Database
+	require.NotNil(t, c.RegConfig.DBConfig)
+	// require.IsType(t, db, c.RegConfig.DBConfig)
 }