NIPAP integration for Abuse.IO 3

NIPAP is a very usefull IP address management system, in which you can assign IP-addresses to customers. AbuseIO saves you a lot of time collecting and parsing abuse reports from IP addresses in your network. Let's combine them!

I noticed there are not many example's of connecting to the NIPAP API using PHP. I hope this example is usefull for other developers.

Getting started

The NIPAP database I used contains all IP assignments. It has a field 'Customer ID' in which I entered the (unique) customernumber. AbuseIO has the option to write a custom function for retrieving customer information by IP address. You can find an example in APP/lib/custom/find_customer.php.example.

Let the magic begin!

I created APP/lib/custom/find_customer.php with the following PHP script:

<?php /* ** Function: custom_find_customer_by_ip ** Parameters: ** ip (string): a valid IP address ** Returns: ** customer(array): a set of customer values with required values ** Code(string): The customer id code ** Name(string): The customer name ** Contact(string): The customer e-mail contacts using a comma (,) seperator without spaces ** AutoNotify(boolean): Wither the customer is allowed to receive automated notifications */ require_once 'XML/RPC2/Client.php'; function custom_find_customer_by_ip($ip) { // Change the credentioals and url to your own NIPAP setup $client = XML_RPC2_Client::create('http://myUsername:MyPAssword@127.0.0.1:1337/XMLRPC'); $auth = array('authoritative_source' => 'nipap'); try { $objects = Array(); $result = $client->search_prefix( array( 'auth' => $auth, 'query' => array( 'operator' => 'contains', 'val1' => 'prefix', 'val2' => $ip, ) ) ); if (array_key_exists('result', $result)) { $bestPrefix = null; // get most specific prefix foreach ($result['result'] as $prefix) { if (is_null($bestPrefix) || $prefix['prefix_length'] > $bestPrefix['prefix_length']) { $bestPrefix = $prefix; } } /* You might add some code here to connect to a database and get information about your customer. */ $customerName = 'John Doe'; $customerEmail = 'john@example.com'; $customer = array( 'Code' => 'CUSTOMER-' . $bestPrefix['customer_id'], 'Name' => $customerName, 'Contact' => $customerEmail, 'AutoNotify'=> true, ); return $customer; } else { // error: ip not found return false; } } catch (\Exception $e) { // error: exception occured return false; } }

That's it, were almost done! Just add find_customer to CUSTOM_MODULES in your APP/etc/settings.conf of AbuseIO.

CUSTOM_MODULES = find_customer

Share the knowledge

Did you like this article? Please share it on twitter!