search

evilsocket / opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
GNU General Public License v3.0
9.88k stars 490 forks source link

Pyasn installed but opensnitch does not find #795

Open Ygarr opened 1 year ago

Ygarr commented 1 year ago

Cannot run opensnitch-ui

last version of opensnitch OS: Distributor ID: Ubuntu Description: Ubuntu 20.04.5 LTS Release: 20.04 Codename: focal

Installed all packages

log in terminal:

Loading translations: /usr/lib/python3/dist-packages/opensnitch/i18n locale: en_US
using IPASN DB: /usr/lib/python3/dist-packages/data/ipasn_20140513_v12.dat.gz
exception loading ipasn db: [Errno 2] No such file or directory: '/usr/lib/python3/dist-packages/data/ipasn_20140513_v12.dat.gz'
Install python3-pyasn to display IP's network name.

but 

pip install  pyasn
Requirement already satisfied: pyasn in /usr/local/lib/python3.8/dist-packages (1.6.1)

and

python3-pyasn1/focal,focal,now 0.4.2-3build1 all [installed]
  ASN.1 library for Python (Python 3 module)

python3-pyasn1-modules/focal,focal,now 0.2.1-0.2build1 all [installed]
  Collection of protocols modules written in ASN.1 language (Python 3)
python-pyasn1/focal,focal,now 0.4.2-3build1 all [installed]
  ASN.1 library for Python (Python 2 module)
pypy-pyasn1/focal,focal,now 0.4.2-3build1 all [installed]
  ASN.1 library for Python (PyPy module)
gustavo-iniguez-goya commented 1 year ago

Hi @Ygarr ,

You're right, it seems that the package does not distribute the db /usr/lib/python3/dist-packages/data/ipasn_20140513_v12.dat.gz for some python versions. I'll investigate it.

For the time being, you can download the default db from their repository (https://github.com/hadiasghari/pyasn):

~ $ cd .config/opensnitch/
~ $ wget https://github.com/hadiasghari/pyasn/blob/master/data/ipasn_20140513_v12.dat.gz?raw=true -O ipasn_db.dat.gz
~ $ wget https://github.com/hadiasghari/pyasn/blob/master/data/asnames.json?raw=true

python3-pyasn1

Regarding this package, it's for a different purpose. not for Adresses lookup.

gustavo-iniguez-goya commented 1 year ago

In order to download latest db:

~ $ cd .config/opensnitch
~ $ pyasn_util_download.py --latest # <- this will download the file rib.*
~ $ pyasn_util_convert.py --single ./rib.20230110.1400.bz2 ipasn_db.dat
~ $ gzip ipasn_db.dat
grawlinson commented 1 year ago

I stumbled upon this issue when looking into finding an ASN database, so here's how to obtain a recent-ish asnames.json file courtesy of RIPE.

cd .config/opensnitch
curl -LO https://ftp.ripe.net/ripe/asnames/asn.txt

Then use the following Python script to convert the text file to asnames.json:

#!/usr/bin/env python3
# SPDX-FileCopyrightText: 2023 George Rawlinson <george@rawlinson.net.nz>
# SPDX-License-Identifier: GFDL-1.3-or-later

import json

# initialise buffer for file contents
buf = {}

with open("asn.txt") as fh:
    for line in fh:
        # extract id + name
        asn_id, asn_name = line.split(" ", maxsplit=1)

        # add to buffer (minus trailing newline)
        buf[asn_id] = asn_name.rstrip()

# dump buffer to asnames.json
out_file = open("asnames.json", "w")
json.dump(buf, out_file)
out_file.close()
grawlinson commented 1 year ago

I’ve looked at the upstream scripts for pyasn as I’ve recently packaged pyasn for Arch Linux, the data directory isn’t supposed to be included when installed as it is only for examples & testing. So Debian is actually breaking upstream pyasn intention by erroneously including it.

Not to mention that the data included is a very stale snapshot from 2015(?), so it would be a good idea if this code was refactored to reflect that.