#!/bin/bash

### Sample download script for https://mailfud.org/geoip-legacy/
### - Adjust DBDIR and FILES below
### - Adjust XTABLES and XT_GEOIP_BUILD if needed
### - Copy script to /etc/cron.weekly or similar for your OS,
###   note that /etc/cron.* filename MUST NOT HAVE .sh extension,
###   rename to /etc/cron.weekly/geoip_update
### Contact: admin@mailfud.org

# Download site/dir
SITE_DIR=https://mailfud.org/geoip-legacy
# Database directory
DBDIR=/usr/share/GeoIP
# Files to download (.dat.gz suffix not required)
#FILES="GeoIP GeoIPv6"
#FILES="GeoIP GeoIPv6 GeoIPCity GeoIPCityv6 GeoIPASNum GeoIPASNumv6 GeoIPOrg GeoIPISP"
FILES="GeoIP GeoIPv6 GeoIPCity GeoIPCityv6 GeoIPASNum GeoIPASNumv6"

# If http proxy needed
#https_proxy="http://foo.bar:3128"

# Uncomment XTABLES to enable iptables xt_geoip updating
# Must contain filename for legacy IPv4/IPv6 CSV file (GeoIP-legacy.csv)
# 
# xtables-addons needs to be installed
# (apt-get linux-headers-generic xtables-addons-dkms)
# More info: https://inai.de/projects/xtables-addons/
#
#XTABLES="GeoIP-legacy.csv"
# Standard distribution location for xtables script, change if using custom
#XT_GEOIP_BUILD=/usr/lib/xtables-addons/xt_geoip_build

### v0.24
### - add support for Ubuntu 22.04 /usr/libexec/xtables-addons/xt_geoip_build
### v0.23
### - fix xtables 3.8+, requires dbip-country-lite.csv
### v0.22
### - fix xtables stuff
### v0.21
### - added GeoIPCityv6, GeoIPASNumv6, fix https_proxy export

# DB directory
test -w $DBDIR && cd $DBDIR 2>/dev/null || { echo "Invalid directory: $DBDIR"; exit 1; }

# Sleep 0-60 sec if started from cron
if [ ! -t 0 ]; then sleep $((RANDOM%60)); fi

if [ "$XTABLES" != "" ]; then
	FILES="$FILES $XTABLES"
fi

export https_proxy
for f in $FILES; do
	# Make sure .gz is stripped
	f=${f%*.gz}
	# Make sure .dat exists
	if [[ ! "$f" =~ \.csv ]]; then f=${f%*.dat}.dat; fi
	# .gz files are kept on disk to compare timestamps (-N)
	wget -nv -N -T 30 --max-redirect 0 $SITE_DIR/$f.gz
	RET=$?
	if [ $RET -ne 0 ]; then
		echo "wget $f.gz failed: $RET" >&2
		continue
	fi
	# Unpack and replace files atomically
	if gunzip -dc $f.gz >$f.tmp; then
		if ! cmp $f $f.tmp >/dev/null 2>&1; then
			if [ "$f" = "$XTABLES" ]; then XUPD=1; fi
			echo -n "updating $f..."
			/bin/chmod 644 $f.tmp
			/bin/mv -f $f.tmp $f
		fi
		echo "$f is up to date"
	else
		echo "gunzip $f failed" >&2
		/bin/rm -f $f.gz
	fi
	/bin/rm -f $f.tmp
done

if [ "$XTABLES" != "" ]; then
	if [ -z "$XT_GEOIP_BUILD" ]; then
		if [ -f /usr/lib/xtables-addons/xt_geoip_build ]; then
			XT_GEOIP_BUILD=/usr/lib/xtables-addons/xt_geoip_build
		else
			XT_GEOIP_BUILD=/usr/libexec/xtables-addons/xt_geoip_build
		fi
	fi
	if [ ! -f "$XT_GEOIP_BUILD" ]; then
		echo "xt_geoip_build not found, xtables-addons-common package not installed?" >&2
		exit 0
	fi
	if [ ! -f "GeoIP-legacy.csv" ]; then
		echo "GeoIP-legacy.csv not found, cannot update xt_geoip" >&2
		exit 0
	fi
	if [ ! -z "$XUPD" -o "$(find /usr/share/xt_geoip -name 'US.*' -mtime -14 2>/dev/null)" = "" ]; then
		mkdir -m 755 /usr/share/xt_geoip 2>/dev/null
		# Convert to dbip-country-lite format if needed (xtables-addons 3.8+)
		if grep dbip-country-lite $XT_GEOIP_BUILD >/dev/null; then
			cat $DBDIR/GeoIP-legacy.csv | tr -d '"' | cut -d, -f1,2,5 >$DBDIR/dbip-country-lite.csv.tmp &&
			/bin/mv -f $DBDIR/dbip-country-lite.csv.tmp $DBDIR/dbip-country-lite.csv
			XCMD="perl $XT_GEOIP_BUILD -D /usr/share/xt_geoip -S $DBDIR"
		else
			XCMD="perl $XT_GEOIP_BUILD -D /usr/share/xt_geoip $DBDIR/GeoIP-legacy.csv"
		fi
		RET=$($XCMD 2>/dev/null | tail -1)
		if [[ "$RET" =~ (Zimbabwe|ZW) ]]; then
			echo "xt_geoip updated"
		else
			echo "something went wrong with xt_geoip update" >&2
			echo "do you have perl module Text::CSV_XS / libtext-csv-xs-perl installed?" >&2
			echo "try running command manually:" >&2
			echo "$XCMD" >&2
		fi
	else
		echo "xt_geoip is up to date"
	fi
fi

