new version without iptables, plus config

This commit is contained in:
bert hubert 2022-08-29 15:59:59 +02:00
parent 61ac5df1f2
commit 21f887bcd8
7 changed files with 18595 additions and 79 deletions

View File

@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.1)
project(googerteller VERSION 1.0 project(googerteller VERSION 1.0
DESCRIPTION "Audible feedback on Google communications" DESCRIPTION "Audible feedback on Google communications"
LANGUAGES CXX) LANGUAGES CXX C)
set(CMAKE_CXX_STANDARD 17 CACHE STRING "The C++ standard to use") set(CMAKE_CXX_STANDARD 17 CACHE STRING "The C++ standard to use")
@ -20,7 +20,7 @@ set(CMAKE_CXX_EXTENSIONS ON)
#target_include_directories(support PUBLIC ext/powerblog/ext/simplesocket ext/powerblog/ext ext/fmt-7.1.3/include/) #target_include_directories(support PUBLIC ext/powerblog/ext/simplesocket ext/powerblog/ext ext/fmt-7.1.3/include/)
#target_link_libraries(support PUBLIC -lh2o-evloop -lssl -lcrypto Threads::Threads) #target_link_libraries(support PUBLIC -lh2o-evloop -lssl -lcrypto Threads::Threads)
add_executable(teller teller.cc ) add_executable(teller teller.cc ext/lpm.c)
target_link_libraries(teller -lpcaudio -lpthread) target_link_libraries(teller -lpcaudio -lpthread)
#enable_testing() #enable_testing()

View File

@ -5,7 +5,7 @@ Audible feedback on just how much your browsing feeds into Google.
By bert@hubertnet.nl / https://berthub.eu/ By bert@hubertnet.nl / https://berthub.eu/
Makes a little bit of noise any time your computer sends a packet to a Makes a little bit of noise any time your computer sends a packet to a
Google service, which excludes Google Cloud users. tracker or a Google service, which excludes Google Cloud users.
Demo video [in this tweet](https://twitter.com/bert_hu_bert/status/1561466204602220544) Demo video [in this tweet](https://twitter.com/bert_hu_bert/status/1561466204602220544)
@ -23,51 +23,9 @@ make
``` ```
## How to run ## How to run
Google is so large its IPv4 and IPv6 footprint can't be handled by tcpdump, Start as:
or at least not efficiently. Therefore we need to define an ip(6)tables
`ipset`. This will first exclude Google Cloud, and then include all the
other Google IP addresses.
Install iptables 'ipset', and run (as root) the `ipset-setup.sh` script, or
execute:
``` ```
ipset create google-services hash:net sudo tcpdump -nql | ./teller
for a in $(cat goog-cloud-prefixes.txt)
do
echo $a
ipset add google-services $a nomatch
done
for a in $(cat goog-prefixes.txt)
do
ipset add google-services $a
done
ipset create google-services6 hash:net family inet6
for a in $(cat goog-cloud-prefixes6.txt)
do
ipset add google-services6 $a nomatch
done
for a in $(cat goog-prefixes6.txt)
do
ipset add google-services6 $a
done
iptables -I OUTPUT -m set --match-set google-services dst -j NFLOG --nflog-group 20 --nflog-threshold 1
ip6tables -I OUTPUT -m set --match-set google-services6 dst -j NFLOG --nflog-group 20 --nflog-threshold 1
```
Then start as:
```
sudo tcpdump -i nflog:20 -ln | ./teller
```
Or, to track a single process, fe `firefox`, start it and run:
```shell
sudo bpftrace netsendmsg.bt |
grep --line-buffered ^$(pgrep firefox) |
stdbuf -oL cut -f2 | ./cidr.py | ./teller
``` ```
And cry. And cry.
@ -80,3 +38,15 @@ Note that this splits out Google services and Google cloud user IP
addresses. However, it appears the Google services set includes the cloud IP addresses. However, it appears the Google services set includes the cloud IP
addresses, so you must check both sets before determining something is in addresses, so you must check both sets before determining something is in
fact a Google service and not a Google customer. fact a Google service and not a Google customer.
# To run on a single process on Linux
Or, to track a single process, fe `firefox`, start it and run:
```shell
sudo bpftrace netsendmsg.bt |
grep --line-buffered ^$(pgrep firefox) |
stdbuf -oL cut -f2 | ./cidr.py | ./teller
```
And cry.

420
ext/lpm.c Normal file
View File

@ -0,0 +1,420 @@
/*
* Copyright (c) 2016 Mindaugas Rasiukevicius <rmind at noxt eu>
* All rights reserved.
*
* Use is subject to license terms, as specified in the LICENSE file.
*/
/*
* Longest Prefix Match (LPM) library supporting IPv4 and IPv6.
*
* Algorithm:
*
* Each prefix gets its own hash map and all added prefixes are saved
* in a bitmap. On a lookup, we perform a linear scan of hash maps,
* iterating through the added prefixes only. Usually, there are only
* a few unique prefixes used and such simple algorithm is very efficient.
* With many IPv6 prefixes, the linear scan might become a bottleneck.
*/
#include <sys/socket.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <stddef.h>
#include <inttypes.h>
#include <string.h>
#include <strings.h>
#include <errno.h>
#include <assert.h>
#include "lpm.h"
#define LPM_MAX_PREFIX (128)
#define LPM_MAX_WORDS (LPM_MAX_PREFIX >> 5)
#define LPM_TO_WORDS(x) ((x) >> 2)
#define LPM_HASH_STEP (8)
#define LPM_LEN_IDX(len) ((len) >> 4)
#ifdef DEBUG
#define ASSERT assert
#else
#define ASSERT(x)
#endif
typedef struct lpm_ent {
struct lpm_ent *next;
void * val;
unsigned len;
uint8_t key[];
} lpm_ent_t;
typedef struct {
unsigned hashsize;
unsigned nitems;
lpm_ent_t ** bucket;
} lpm_hmap_t;
struct lpm {
uint32_t bitmask[LPM_MAX_WORDS];
void * defvals[2];
lpm_hmap_t prefix[LPM_MAX_PREFIX + 1];
};
static const uint32_t zero_address[LPM_MAX_WORDS];
lpm_t *
lpm_create(void)
{
lpm_t *lpm;
if ((lpm = calloc(1, sizeof(lpm_t))) == NULL) {
return NULL;
}
return lpm;
}
void
lpm_clear(lpm_t *lpm, lpm_dtor_t dtor, void *arg)
{
for (unsigned n = 0; n <= LPM_MAX_PREFIX; n++) {
lpm_hmap_t *hmap = &lpm->prefix[n];
if (!hmap->hashsize) {
ASSERT(!hmap->bucket);
continue;
}
for (unsigned i = 0; i < hmap->hashsize; i++) {
lpm_ent_t *entry = hmap->bucket[i];
while (entry) {
lpm_ent_t *next = entry->next;
if (dtor) {
dtor(arg, entry->key,
entry->len, entry->val);
}
free(entry);
entry = next;
}
}
free(hmap->bucket);
hmap->bucket = NULL;
hmap->hashsize = 0;
hmap->nitems = 0;
}
if (dtor) {
dtor(arg, zero_address, 4, lpm->defvals[0]);
dtor(arg, zero_address, 16, lpm->defvals[1]);
}
memset(lpm->bitmask, 0, sizeof(lpm->bitmask));
memset(lpm->defvals, 0, sizeof(lpm->defvals));
}
void
lpm_destroy(lpm_t *lpm)
{
lpm_clear(lpm, NULL, NULL);
free(lpm);
}
/*
* fnv1a_hash: Fowler-Noll-Vo hash function (FNV-1a variant).
*/
static uint32_t
fnv1a_hash(const void *buf, size_t len)
{
uint32_t hash = 2166136261UL;
const uint8_t *p = buf;
while (len--) {
hash ^= *p++;
hash *= 16777619U;
}
return hash;
}
static bool
hashmap_rehash(lpm_hmap_t *hmap, unsigned size)
{
lpm_ent_t **bucket;
unsigned hashsize;
for (hashsize = 1; hashsize < size; hashsize <<= 1) {
continue;
}
if ((bucket = calloc(1, hashsize * sizeof(lpm_ent_t *))) == NULL) {
return false;
}
for (unsigned n = 0; n < hmap->hashsize; n++) {
lpm_ent_t *list = hmap->bucket[n];
while (list) {
lpm_ent_t *entry = list;
uint32_t hash = fnv1a_hash(entry->key, entry->len);
const unsigned i = hash & (hashsize - 1);
list = entry->next;
entry->next = bucket[i];
bucket[i] = entry;
}
}
hmap->hashsize = hashsize;
free(hmap->bucket); // may be NULL
hmap->bucket = bucket;
return true;
}
static lpm_ent_t *
hashmap_insert(lpm_hmap_t *hmap, const void *key, size_t len)
{
const unsigned target = hmap->nitems + LPM_HASH_STEP;
const size_t entlen = offsetof(lpm_ent_t, key[len]);
uint32_t hash, i;
lpm_ent_t *entry;
if (hmap->hashsize < target && !hashmap_rehash(hmap, target)) {
return NULL;
}
hash = fnv1a_hash(key, len);
i = hash & (hmap->hashsize - 1);
entry = hmap->bucket[i];
while (entry) {
if (entry->len == len && memcmp(entry->key, key, len) == 0) {
return entry;
}
entry = entry->next;
}
if ((entry = malloc(entlen)) != NULL) {
memcpy(entry->key, key, len);
entry->next = hmap->bucket[i];
entry->len = len;
hmap->bucket[i] = entry;
hmap->nitems++;
}
return entry;
}
static lpm_ent_t *
hashmap_lookup(lpm_hmap_t *hmap, const void *key, size_t len)
{
const uint32_t hash = fnv1a_hash(key, len);
const unsigned i = hash & (hmap->hashsize - 1);
lpm_ent_t *entry;
if (hmap->hashsize == 0) {
return NULL;
}
entry = hmap->bucket[i];
while (entry) {
if (entry->len == len && memcmp(entry->key, key, len) == 0) {
return entry;
}
entry = entry->next;
}
return NULL;
}
static int
hashmap_remove(lpm_hmap_t *hmap, const void *key, size_t len)
{
const uint32_t hash = fnv1a_hash(key, len);
const unsigned i = hash & (hmap->hashsize - 1);
lpm_ent_t *prev = NULL, *entry;
if (hmap->hashsize == 0) {
return -1;
}
entry = hmap->bucket[i];
while (entry) {
if (entry->len == len && memcmp(entry->key, key, len) == 0) {
if (prev) {
prev->next = entry->next;
} else {
hmap->bucket[i] = entry->next;
}
free(entry);
return 0;
}
prev = entry;
entry = entry->next;
}
return -1;
}
/*
* compute_prefix: given the address and prefix length, compute and
* return the address prefix.
*/
static inline void
compute_prefix(const unsigned nwords, const uint32_t *addr,
unsigned preflen, uint32_t *prefix)
{
uint32_t addr2[4];
if ((uintptr_t)addr & 3) {
/* Unaligned address: just copy for now. */
memcpy(addr2, addr, nwords * 4);
addr = addr2;
}
for (unsigned i = 0; i < nwords; i++) {
if (preflen == 0) {
prefix[i] = 0;
continue;
}
if (preflen < 32) {
uint32_t mask = htonl(0xffffffff << (32 - preflen));
prefix[i] = addr[i] & mask;
preflen = 0;
} else {
prefix[i] = addr[i];
preflen -= 32;
}
}
}
/*
* lpm_insert: insert the CIDR into the LPM table.
*
* => Returns zero on success and -1 on failure.
*/
int
lpm_insert(lpm_t *lpm, const void *addr,
size_t len, unsigned preflen, void *val)
{
const unsigned nwords = LPM_TO_WORDS(len);
uint32_t prefix[nwords];
lpm_ent_t *entry;
ASSERT(len == 4 || len == 16);
if (preflen == 0) {
/* 0-length prefix is a special case. */
lpm->defvals[LPM_LEN_IDX(len)] = val;
return 0;
}
compute_prefix(nwords, addr, preflen, prefix);
entry = hashmap_insert(&lpm->prefix[preflen], prefix, len);
if (entry) {
const unsigned n = --preflen >> 5;
lpm->bitmask[n] |= 0x80000000U >> (preflen & 31);
entry->val = val;
return 0;
}
return -1;
}
/*
* lpm_remove: remove the specified prefix.
*/
int
lpm_remove(lpm_t *lpm, const void *addr, size_t len, unsigned preflen)
{
const unsigned nwords = LPM_TO_WORDS(len);
uint32_t prefix[nwords];
ASSERT(len == 4 || len == 16);
if (preflen == 0) {
lpm->defvals[LPM_LEN_IDX(len)] = NULL;
return 0;
}
compute_prefix(nwords, addr, preflen, prefix);
return hashmap_remove(&lpm->prefix[preflen], prefix, len);
}
/*
* lpm_lookup: find the longest matching prefix given the IP address.
*
* => Returns the associated value on success or NULL on failure.
*/
void *
lpm_lookup(lpm_t *lpm, const void *addr, size_t len)
{
const unsigned nwords = LPM_TO_WORDS(len);
unsigned i, n = nwords;
uint32_t prefix[nwords];
while (n--) {
uint32_t bitmask = lpm->bitmask[n];
while ((i = ffs(bitmask)) != 0) {
const unsigned preflen = (32 * n) + (32 - --i);
lpm_hmap_t *hmap = &lpm->prefix[preflen];
lpm_ent_t *entry;
compute_prefix(nwords, addr, preflen, prefix);
entry = hashmap_lookup(hmap, prefix, len);
if (entry) {
return entry->val;
}
bitmask &= ~(1U << i);
}
}
return lpm->defvals[LPM_LEN_IDX(len)];
}
/*
* lpm_lookup_prefix: return the value associated with a prefix
*
* => Returns the associated value on success or NULL on failure.
*/
void *
lpm_lookup_prefix(lpm_t *lpm, const void *addr, size_t len, unsigned preflen)
{
const unsigned nwords = LPM_TO_WORDS(len);
uint32_t prefix[nwords];
lpm_ent_t *entry;
ASSERT(len == 4 || len == 16);
if (preflen == 0) {
return lpm->defvals[LPM_LEN_IDX(len)];
}
compute_prefix(nwords, addr, preflen, prefix);
entry = hashmap_lookup(&lpm->prefix[preflen], prefix, len);
if (entry) {
return entry->val;
}
return NULL;
}
/*
* lpm_strtobin: convert CIDR string to the binary IP address and mask.
*
* => The address will be in the network byte order.
* => Returns 0 on success or -1 on failure.
*/
int
lpm_strtobin(const char *cidr, void *addr, size_t *len, unsigned *preflen)
{
char *p, buf[INET6_ADDRSTRLEN];
strncpy(buf, cidr, sizeof(buf));
buf[sizeof(buf) - 1] = '\0';
if ((p = strchr(buf, '/')) != NULL) {
const ptrdiff_t off = p - buf;
*preflen = atoi(&buf[off + 1]);
buf[off] = '\0';
} else {
*preflen = LPM_MAX_PREFIX;
}
if (inet_pton(AF_INET6, buf, addr) == 1) {
*len = 16;
return 0;
}
if (inet_pton(AF_INET, buf, addr) == 1) {
if (*preflen == LPM_MAX_PREFIX) {
*preflen = 32;
}
*len = 4;
return 0;
}
return -1;
}

28
ext/lpm.h Normal file
View File

@ -0,0 +1,28 @@
/*
* Copyright (c) 2016 Mindaugas Rasiukevicius <rmind at noxt eu>
* All rights reserved.
*
* Use is subject to license terms, as specified in the LICENSE file.
*/
#ifndef _LPM_H_
#define _LPM_H_
__BEGIN_DECLS
typedef struct lpm lpm_t;
typedef void (*lpm_dtor_t)(void *, const void *, size_t, void *);
lpm_t * lpm_create(void);
void lpm_destroy(lpm_t *);
void lpm_clear(lpm_t *, lpm_dtor_t, void *);
int lpm_insert(lpm_t *, const void *, size_t, unsigned, void *);
int lpm_remove(lpm_t *, const void *, size_t, unsigned);
void * lpm_lookup(lpm_t *, const void *, size_t);
void * lpm_lookup_prefix(lpm_t *, const void *, size_t, unsigned);
int lpm_strtobin(const char *, void *, size_t *, unsigned *);
__END_DECLS
#endif

17169
ext/toml.hpp Normal file

File diff suppressed because it is too large Load Diff

210
teller.cc
View File

@ -5,57 +5,203 @@
#include <thread> #include <thread>
#include <atomic> #include <atomic>
#include <pcaudiolib/audio.h> #include <pcaudiolib/audio.h>
#include "ext/toml.hpp"
extern "C" {
#include "ext/lpm.h"
}
using namespace std; using namespace std;
int main() class LPMWrapper
{ {
audio_object* ao; public:
LPMWrapper()
{
d_lpm = lpm_create();
}
~LPMWrapper()
{
lpm_destroy(d_lpm);
}
void insert(const std::string& str, void* val=(void*)1)
{
char addr[16];
size_t len=sizeof(addr);
unsigned preflen=0;
lpm_strtobin(str.c_str(), addr, &len, &preflen);
if(lpm_insert(d_lpm, addr, len, preflen, val) < 0)
throw std::runtime_error("Error inserting prefix");
}
void* lookup(const char*str)
{
char addr[16];
size_t len=sizeof(addr);
unsigned preflen=0;
lpm_strtobin(str, addr, &len, &preflen);
return lpm_lookup(d_lpm, addr, len);
}
private:
lpm_t* d_lpm;
};
struct TrackerConf
{
double freq{400};
double balance{0.5}; // 0 is left, 1 is right
std::atomic<int64_t> counter{0};
};
void playerThread(const TrackerConf* tcptr)
{
auto& counter = tcptr->counter;
audio_object* ao;
ao=create_audio_device_object(0, "teller", ""); ao=create_audio_device_object(0, "teller", "");
if(!ao) { if(!ao) {
cerr<<"Unable to open audio file "<<endl; cerr<<"Unable to open audio file "<<endl;
return 0; return;
} }
int res = audio_object_open(ao, AUDIO_OBJECT_FORMAT_S16LE, 44100, 1); int res = audio_object_open(ao, AUDIO_OBJECT_FORMAT_S16LE, 44100, 2);
if(res < 0) { if(res < 0) {
cerr<<"Error opening audio: "<<audio_object_strerror(ao, res)<<endl; cerr<<"Error opening audio: "<<audio_object_strerror(ao, res)<<endl;
return;
} }
std::atomic<int64_t> counter = 0; vector<int16_t> data;
auto player = [&]() { int ourcounter=0;
vector<int16_t> data; data.reserve(44100);
int ourcounter=0; while(counter >= 0) {
data.reserve(44100); data.clear();
while(counter >= 0) { if(ourcounter < counter) {
data.clear(); for(int n=0; n < 250; ++n) {
if(ourcounter < counter) { int16_t val = 20000 * sin((n/44100.0) * tcptr->freq * 2 * M_PI);
for(int n=0; n < 250; ++n) { int16_t lval = tcptr->balance * val;
int16_t val = 20000 * sin((n/44100.0) * 500 * 2 * M_PI); int16_t rval = (1.0-tcptr->balance) * val;
data.push_back(val);
} data.push_back(lval);
ourcounter++; data.push_back(rval);
if(counter - ourcounter > 1000)
ourcounter = counter;
} }
else { ourcounter++;
for(int n=0; n < 150; ++n) { if(counter - ourcounter > 1000)
data.push_back(0); ourcounter = counter;
}
}
audio_object_write(ao, &data[0], data.size() * sizeof(decltype(data)::value_type));
// audio_object_flush(ao);
} }
}; else {
for(int n=0; n < 150; ++n) {
data.push_back(0);
data.push_back(0);
}
}
audio_object_write(ao, &data[0], data.size() * sizeof(decltype(data)::value_type));
// audio_object_flush(ao);
}
}
std::thread athread(player);
int main(int argc, char** argv)
{
toml::table conftbl, trackertbl;
try
{
trackertbl = toml::parse_file("trackers.conf");
conftbl = toml::parse_file("teller.conf");
// std::cout << tbl << "\n";
}
catch (const toml::parse_error& err)
{
std::cerr << "Parsing failed:\n" << err << "\n";
return 1;
}
map<string, TrackerConf> trackerdb;
auto tellerarr = conftbl.as_table();
for(const auto& t : *tellerarr) {
auto& entry = trackerdb[(string)t.first];
entry.balance = conftbl[t.first]["balance"].value_or(0.5);
entry.freq = conftbl[t.first]["freq"].value_or(500);
cout <<"Want to play sound for tracker "<<t.first<<", balance= "<<entry.balance<<" frequency = "<<entry.freq<<endl;
}
LPMWrapper trackspos, tracksneg;
auto tarr = trackertbl.as_table();
for(const auto& t : *tarr) {
cout<<"Defining tracker "<<t.first<<endl;
if(trackerdb.count((string)t.first)==0) {
cout<<"Skipping tracker "<<t.first<<", user doesn't want it"<<endl;
continue;
}
auto trackerptr = &trackerdb[(string)t.first];
auto track = trackertbl[t.first]["positive"].as_array();
if(track) {
track->for_each([&trackspos, &trackerptr](auto&& el) {
if constexpr (toml::is_string<decltype(el)>) {
trackspos.insert(*el, (void*)trackerptr);
}
});
}
else {
cout<<"Not array?"<<endl;
}
track = trackertbl[t.first]["negative"].as_array();
if(track) {
track->for_each([&tracksneg, &trackerptr](auto&& el) {
if constexpr (toml::is_string<decltype(el)>) {
tracksneg.insert(*el, (void*)trackerptr);
}
});
}
else {
cout<<"Negative "<<t.first<<" not array?"<<endl;
}
}
for(const auto& t : trackerdb) {
std::thread athread(playerThread, &t.second);
athread.detach();
}
string line; string line;
while(getline(cin, line)) { while(getline(cin, line)) {
counter++;
/*
22:42:25.323984 IP 13.81.0.219.29601 > 10.0.0.3.32902: tcp 1186
22:42:25.323997 IP 10.0.0.3.32902 > 13.81.0.219.29601: tcp 0
22:42:25.327216 b0:95:75:c3:68:92 > ff:ff:ff:ff:ff:ff, RRCP-0x25 query
*/
auto pos = line.find('>');
if(pos == string::npos)
continue;
auto pos2 = line.find('.', pos);
if(pos2 == string::npos) continue;
pos2 = line.find('.', pos2+1);
if(pos2 == string::npos) continue;
pos2 = line.find('.', pos2+1);
if(pos2 == string::npos) continue;
pos2 = line.find_first_of(".:", pos2+1);
if(pos2 == string::npos) continue;
line.resize(pos2);
string ip=line.substr(pos+2, pos2 - pos - 2);
// cout<<&line.at(pos+2)<<endl;
if(tracksneg.lookup(&line.at(pos+2))) {
cout<<ip<<" negative match"<<endl;
}
else if(auto fptr = trackspos.lookup(&line.at(pos+2))) {
cout<<ip<<" match!"<<endl;
((TrackerConf*)fptr)->counter++;
}
} }
counter = -1;
athread.join();
sleep(1); sleep(1);
} }

783
trackers.conf Normal file
View File

@ -0,0 +1,783 @@
[google]
positive= ["8.8.4.0/24",
"8.8.8.0/24",
"8.34.208.0/20",
"8.35.192.0/20",
"23.236.48.0/20",
"23.251.128.0/19",
"34.0.0.0/15",
"34.2.0.0/16",
"34.3.0.0/23",
"34.3.3.0/24",
"34.3.4.0/24",
"34.3.8.0/21",
"34.3.16.0/20",
"34.3.32.0/19",
"34.3.64.0/18",
"34.3.128.0/17",
"34.4.0.0/14",
"34.8.0.0/13",
"34.16.0.0/12",
"34.32.0.0/11",
"34.64.0.0/10",
"34.128.0.0/10",
"35.184.0.0/13",
"35.192.0.0/14",
"35.196.0.0/15",
"35.198.0.0/16",
"35.199.0.0/17",
"35.199.128.0/18",
"35.200.0.0/13",
"35.208.0.0/12",
"35.224.0.0/12",
"35.240.0.0/13",
"64.15.112.0/20",
"64.233.160.0/19",
"66.22.228.0/23",
"66.102.0.0/20",
"66.249.64.0/19",
"70.32.128.0/19",
"72.14.192.0/18",
"74.114.24.0/21",
"74.125.0.0/16",
"104.154.0.0/15",
"104.196.0.0/14",
"104.237.160.0/19",
"107.167.160.0/19",
"107.178.192.0/18",
"108.59.80.0/20",
"108.170.192.0/18",
"108.177.0.0/17",
"130.211.0.0/16",
"136.112.0.0/12",
"142.250.0.0/15",
"146.148.0.0/17",
"162.216.148.0/22",
"162.222.176.0/21",
"172.110.32.0/21",
"172.217.0.0/16",
"172.253.0.0/16",
"173.194.0.0/16",
"173.255.112.0/20",
"192.158.28.0/22",
"192.178.0.0/15",
"193.186.4.0/24",
"199.36.154.0/23",
"199.36.156.0/24",
"199.192.112.0/22",
"199.223.232.0/21",
"207.223.160.0/20",
"208.65.152.0/22",
"208.68.108.0/22",
"208.81.188.0/22",
"208.117.224.0/19",
"209.85.128.0/17",
"216.58.192.0/19",
"216.73.80.0/20",
"216.239.32.0/19"]
negative=["34.80.0.0/15",
"34.137.0.0/16",
"35.185.128.0/19",
"35.185.160.0/20",
"35.187.144.0/20",
"35.189.160.0/19",
"35.194.128.0/17",
"35.201.128.0/17",
"35.206.192.0/18",
"35.220.32.0/21",
"35.221.128.0/17",
"35.229.128.0/17",
"35.234.0.0/18",
"35.235.16.0/20",
"35.236.128.0/18",
"35.242.32.0/21",
"104.155.192.0/19",
"104.155.224.0/20",
"104.199.128.0/18",
"104.199.192.0/19",
"104.199.224.0/20",
"104.199.242.0/23",
"104.199.244.0/22",
"104.199.248.0/21",
"107.167.176.0/20",
"130.211.240.0/20",
"34.92.0.0/16",
"34.96.128.0/17",
"34.104.88.0/21",
"34.124.24.0/21",
"34.150.0.0/17",
"35.215.128.0/18",
"35.220.27.0/24",
"35.220.128.0/17",
"35.241.64.0/18",
"35.242.27.0/24",
"35.243.8.0/21",
"34.84.0.0/16",
"34.85.0.0/17",
"34.104.62.0/23",
"34.104.128.0/17",
"34.127.190.0/23",
"34.146.0.0/16",
"34.157.64.0/20",
"34.157.164.0/22",
"34.157.192.0/20",
"35.187.192.0/19",
"35.189.128.0/19",
"35.190.224.0/20",
"35.194.96.0/19",
"35.200.0.0/17",
"35.213.0.0/17",
"35.220.56.0/22",
"35.221.64.0/18",
"35.230.240.0/20",
"35.242.56.0/22",
"35.243.64.0/18",
"104.198.80.0/20",
"104.198.112.0/20",
"34.97.0.0/16",
"34.104.49.0/24",
"34.127.177.0/24",
"35.217.128.0/17",
"35.220.45.0/24",
"35.242.45.0/24",
"35.243.56.0/21",
"34.64.32.0/19",
"34.64.64.0/22",
"34.64.68.0/22",
"34.64.72.0/21",
"34.64.80.0/20",
"34.64.96.0/19",
"34.64.128.0/22",
"34.64.132.0/22",
"34.64.136.0/21",
"34.64.144.0/20",
"34.64.160.0/19",
"34.64.192.0/18",
"35.216.0.0/17",
"34.93.0.0/16",
"34.100.128.0/17",
"34.104.108.0/23",
"34.124.44.0/23",
"34.157.87.0/24",
"34.157.215.0/24",
"35.200.128.0/17",
"35.201.41.0/24",
"35.207.192.0/18",
"35.220.42.0/24",
"35.234.208.0/20",
"35.242.42.0/24",
"35.244.0.0/18",
"34.104.120.0/23",
"34.124.56.0/23",
"34.126.208.0/20",
"34.131.0.0/16",
"34.87.0.0/17",
"34.87.128.0/18",
"34.104.58.0/23",
"34.104.106.0/23",
"34.124.42.0/23",
"34.124.128.0/17",
"34.126.64.0/18",
"34.126.128.0/18",
"34.142.128.0/17",
"34.143.128.0/17",
"34.157.82.0/23",
"34.157.88.0/23",
"34.157.210.0/23",
"35.185.176.0/20",
"35.186.144.0/20",
"35.187.224.0/19",
"35.197.128.0/19",
"35.198.192.0/18",
"35.213.128.0/18",
"35.220.24.0/23",
"35.234.192.0/20",
"35.240.128.0/17",
"35.242.24.0/23",
"35.247.128.0/18",
"34.101.18.0/24",
"34.101.20.0/22",
"34.101.24.0/22",
"34.101.32.0/19",
"34.101.64.0/18",
"34.101.128.0/17",
"34.128.64.0/18",
"35.219.0.0/17",
"34.87.192.0/18",
"34.104.104.0/23",
"34.116.64.0/18",
"34.124.40.0/23",
"34.151.64.0/18",
"34.151.128.0/18",
"35.189.0.0/18",
"35.197.160.0/19",
"35.201.0.0/19",
"35.213.192.0/18",
"35.220.41.0/24",
"35.234.224.0/20",
"35.242.41.0/24",
"35.244.64.0/18",
"34.104.122.0/23",
"34.124.58.0/23",
"34.126.192.0/20",
"34.129.0.0/16",
"34.104.116.0/22",
"34.116.128.0/17",
"34.118.0.0/17",
"34.124.52.0/22",
"34.88.0.0/16",
"34.104.96.0/21",
"34.124.32.0/21",
"35.203.232.0/21",
"35.217.0.0/18",
"35.220.26.0/24",
"35.228.0.0/16",
"35.242.26.0/24",
"34.157.44.0/23",
"34.157.172.0/23",
"34.164.0.0/16",
"34.175.0.0/16",
"8.34.208.0/23",
"8.34.211.0/24",
"8.34.220.0/22",
"23.251.128.0/20",
"34.76.0.0/14",
"34.118.254.0/23",
"34.140.0.0/16",
"35.187.0.0/17",
"35.187.160.0/19",
"35.189.192.0/18",
"35.190.192.0/19",
"35.195.0.0/16",
"35.205.0.0/16",
"35.206.128.0/18",
"35.210.0.0/16",
"35.220.96.0/19",
"35.233.0.0/17",
"35.240.0.0/17",
"35.241.128.0/17",
"35.242.64.0/19",
"104.155.0.0/17",
"104.199.0.0/18",
"104.199.66.0/23",
"104.199.68.0/22",
"104.199.72.0/21",
"104.199.80.0/20",
"104.199.96.0/20",
"130.211.48.0/20",
"130.211.64.0/19",
"130.211.96.0/20",
"146.148.2.0/23",
"146.148.4.0/22",
"146.148.8.0/21",
"146.148.16.0/20",
"146.148.112.0/20",
"192.158.28.0/22",
"34.89.0.0/17",
"34.105.128.0/17",
"34.127.186.0/23",
"34.142.0.0/17",
"34.147.128.0/17",
"34.157.36.0/22",
"34.157.40.0/22",
"34.157.168.0/22",
"35.189.64.0/18",
"35.197.192.0/18",
"35.203.210.0/23",
"35.203.212.0/22",
"35.203.216.0/22",
"35.214.0.0/17",
"35.220.20.0/22",
"35.230.128.0/19",
"35.234.128.0/19",
"35.235.48.0/20",
"35.242.20.0/22",
"35.242.128.0/18",
"35.246.0.0/17",
"34.89.128.0/17",
"34.104.112.0/23",
"34.107.0.0/17",
"34.118.244.0/22",
"34.124.48.0/23",
"34.141.0.0/17",
"34.157.48.0/20",
"34.157.176.0/20",
"34.159.0.0/16",
"35.198.64.0/18",
"35.198.128.0/18",
"35.207.64.0/18",
"35.207.128.0/18",
"35.220.18.0/23",
"35.234.64.0/18",
"35.235.32.0/20",
"35.242.18.0/23",
"35.242.192.0/18",
"35.246.128.0/17",
"34.90.0.0/15",
"34.104.126.0/23",
"34.124.62.0/23",
"34.141.128.0/17",
"34.147.0.0/17",
"34.157.80.0/23",
"34.157.92.0/22",
"34.157.208.0/23",
"34.157.220.0/22",
"35.204.0.0/16",
"35.214.128.0/17",
"35.220.16.0/23",
"35.234.160.0/20",
"35.242.16.0/23",
"34.65.0.0/16",
"34.104.110.0/23",
"34.124.46.0/23",
"35.216.128.0/17",
"35.220.44.0/24",
"35.235.216.0/21",
"35.242.44.0/24",
"34.154.0.0/16",
"34.157.8.0/23",
"34.157.136.0/23",
"35.219.224.0/19",
"34.155.0.0/16",
"34.157.12.0/22",
"34.157.140.0/22",
"34.163.0.0/16",
"34.95.64.0/18",
"34.96.64.0/18",
"34.98.64.0/18",
"34.102.128.0/17",
"34.104.27.0/24",
"34.107.128.0/17",
"34.110.128.0/17",
"34.111.0.0/16",
"34.116.0.0/21",
"34.117.0.0/16",
"34.120.0.0/16",
"34.128.128.0/18",
"34.144.192.0/18",
"34.149.0.0/16",
"34.160.0.0/16",
"35.186.192.0/18",
"35.190.0.0/18",
"35.190.64.0/19",
"35.190.112.0/20",
"35.201.64.0/18",
"35.227.192.0/18",
"35.241.0.0/18",
"35.244.128.0/17",
"107.178.240.0/20",
"130.211.4.0/22",
"130.211.8.0/21",
"130.211.16.0/20",
"130.211.32.0/20",
"34.95.0.0/18",
"34.104.76.0/22",
"34.118.128.0/18",
"34.124.12.0/22",
"34.152.0.0/18",
"35.203.0.0/17",
"35.215.0.0/18",
"35.220.43.0/24",
"35.234.240.0/20",
"35.242.43.0/24",
"34.104.114.0/23",
"34.124.50.0/23",
"34.124.112.0/20",
"34.130.0.0/16",
"34.95.128.0/17",
"34.104.80.0/21",
"34.124.16.0/21",
"34.151.0.0/18",
"34.151.192.0/18",
"35.198.0.0/18",
"35.199.64.0/18",
"35.215.192.0/18",
"35.220.40.0/24",
"35.235.0.0/20",
"35.242.40.0/24",
"35.247.192.0/18",
"34.104.50.0/23",
"34.127.178.0/23",
"34.176.0.0/16",
"8.34.210.0/24",
"8.34.212.0/22",
"8.34.216.0/22",
"8.35.192.0/21",
"23.236.48.0/20",
"23.251.144.0/20",
"34.16.0.0/17",
"34.66.0.0/15",
"34.68.0.0/14",
"34.72.0.0/16",
"34.118.200.0/21",
"34.121.0.0/16",
"34.122.0.0/15",
"34.132.0.0/14",
"34.136.0.0/16",
"34.157.84.0/23",
"34.157.96.0/20",
"34.157.212.0/23",
"34.157.224.0/20",
"34.170.0.0/15",
"34.172.0.0/15",
"35.184.0.0/16",
"35.188.0.0/17",
"35.188.128.0/18",
"35.188.192.0/19",
"35.192.0.0/15",
"35.194.0.0/18",
"35.202.0.0/16",
"35.206.64.0/18",
"35.208.0.0/15",
"35.220.64.0/19",
"35.222.0.0/15",
"35.224.0.0/15",
"35.226.0.0/16",
"35.232.0.0/16",
"35.238.0.0/15",
"35.242.96.0/19",
"104.154.16.0/20",
"104.154.32.0/19",
"104.154.64.0/19",
"104.154.96.0/20",
"104.154.113.0/24",
"104.154.114.0/23",
"104.154.116.0/22",
"104.154.120.0/23",
"104.154.128.0/17",
"104.155.128.0/18",
"104.197.0.0/16",
"104.198.16.0/20",
"104.198.32.0/19",
"104.198.64.0/20",
"104.198.128.0/17",
"107.178.208.0/20",
"108.59.80.0/21",
"130.211.112.0/20",
"130.211.128.0/18",
"130.211.192.0/19",
"130.211.224.0/20",
"146.148.32.0/19",
"146.148.64.0/19",
"146.148.96.0/20",
"162.222.176.0/21",
"173.255.112.0/21",
"199.192.115.0/24",
"199.223.232.0/22",
"199.223.236.0/24",
"35.186.0.0/17",
"35.186.128.0/20",
"35.206.32.0/19",
"35.220.46.0/24",
"35.242.46.0/24",
"107.167.160.0/20",
"108.59.88.0/21",
"173.255.120.0/21",
"34.73.0.0/16",
"34.74.0.0/15",
"34.98.128.0/21",
"34.118.250.0/23",
"34.138.0.0/15",
"34.148.0.0/16",
"35.185.0.0/17",
"35.190.128.0/18",
"35.196.0.0/16",
"35.207.0.0/18",
"35.211.0.0/16",
"35.220.0.0/20",
"35.227.0.0/17",
"35.229.16.0/20",
"35.229.32.0/19",
"35.229.64.0/18",
"35.231.0.0/16",
"35.237.0.0/16",
"35.242.0.0/20",
"35.243.128.0/17",
"104.196.0.0/18",
"104.196.65.0/24",
"104.196.66.0/23",
"104.196.68.0/22",
"104.196.96.0/19",
"104.196.128.0/18",
"104.196.192.0/19",
"162.216.148.0/22",
"34.85.128.0/17",
"34.86.0.0/16",
"34.104.60.0/23",
"34.104.124.0/23",
"34.118.252.0/23",
"34.124.60.0/23",
"34.127.188.0/23",
"34.145.128.0/17",
"34.150.128.0/17",
"34.157.0.0/21",
"34.157.16.0/20",
"34.157.128.0/21",
"34.157.144.0/20",
"35.186.160.0/19",
"35.188.224.0/19",
"35.194.64.0/19",
"35.199.0.0/18",
"35.212.0.0/17",
"35.220.60.0/22",
"35.221.0.0/18",
"35.230.160.0/19",
"35.234.176.0/20",
"35.236.192.0/18",
"35.242.60.0/22",
"35.243.40.0/21",
"35.245.0.0/16",
"34.157.32.0/22",
"34.157.160.0/22",
"34.162.0.0/16",
"34.104.56.0/23",
"34.127.184.0/23",
"34.161.0.0/16",
"35.206.10.0/23",
"34.157.46.0/23",
"34.157.174.0/23",
"34.174.0.0/16",
"34.82.0.0/15",
"34.105.0.0/17",
"34.118.192.0/21",
"34.127.0.0/17",
"34.145.0.0/17",
"34.157.112.0/21",
"34.157.240.0/21",
"34.168.0.0/15",
"35.185.192.0/18",
"35.197.0.0/17",
"35.199.144.0/20",
"35.199.160.0/19",
"35.203.128.0/18",
"35.212.128.0/17",
"35.220.48.0/21",
"35.227.128.0/18",
"35.230.0.0/17",
"35.233.128.0/17",
"35.242.48.0/21",
"35.243.32.0/21",
"35.247.0.0/17",
"104.196.224.0/19",
"104.198.0.0/20",
"104.198.96.0/20",
"104.199.112.0/20",
"34.94.0.0/16",
"34.102.0.0/17",
"34.104.64.0/21",
"34.108.0.0/16",
"34.118.248.0/23",
"34.124.0.0/21",
"35.215.64.0/18",
"35.220.47.0/24",
"35.235.64.0/18",
"35.236.0.0/17",
"35.242.47.0/24",
"35.243.0.0/21",
"34.104.52.0/24",
"34.106.0.0/16",
"34.127.180.0/24",
"35.217.64.0/18",
"35.220.31.0/24",
"35.242.31.0/24",
"34.104.72.0/22",
"34.118.240.0/22",
"34.124.8.0/22",
"34.125.0.0/16",
"35.219.128.0/18"]
[facebook]
positive=["31.13.24.0/21",
"31.13.64.0/19",
"31.13.64.0/24",
"31.13.69.0/24",
"31.13.70.0/24",
"31.13.71.0/24",
"31.13.72.0/24",
"31.13.73.0/24",
"31.13.75.0/24",
"31.13.76.0/24",
"31.13.77.0/24",
"31.13.78.0/24",
"31.13.79.0/24",
"31.13.80.0/24",
"66.220.144.0/20",
"66.220.144.0/21",
"66.220.149.11/16",
"66.220.152.0/21",
"66.220.158.11/16",
"66.220.159.0/24",
"69.63.176.0/21",
"69.63.176.0/24",
"69.63.184.0/21",
"69.171.224.0/19",
"69.171.224.0/20",
"69.171.224.37/16",
"69.171.229.11/16",
"69.171.239.0/24",
"69.171.240.0/20",
"69.171.242.11/16",
"69.171.255.0/24",
"74.119.76.0/22",
"173.252.64.0/19",
"173.252.70.0/24",
"173.252.96.0/19",
"204.15.20.0/22",
"157.240.0.0/16",
"31.13.24.0/21",
"31.13.64.0/18",
"31.13.65.0/24",
"31.13.66.0/24",
"31.13.67.0/24",
"31.13.68.0/24",
"31.13.69.0/24",
"31.13.70.0/24",
"31.13.71.0/24",
"31.13.72.0/24",
"31.13.73.0/24",
"31.13.74.0/24",
"31.13.75.0/24",
"31.13.76.0/24",
"31.13.77.0/24",
"31.13.78.0/24",
"31.13.79.0/24",
"31.13.80.0/24",
"31.13.81.0/24",
"31.13.82.0/24",
"31.13.83.0/24",
"31.13.84.0/24",
"31.13.85.0/24",
"31.13.86.0/24",
"31.13.87.0/24",
"31.13.88.0/24",
"31.13.89.0/24",
"31.13.92.0/24",
"31.13.93.0/24",
"31.13.94.0/24",
"31.13.95.0/24",
"31.13.96.0/19",
"45.64.40.0/22",
"66.220.144.0/20",
"66.220.144.0/21",
"66.220.152.0/21",
"69.63.176.0/20",
"69.63.176.0/21",
"69.63.184.0/21",
"69.171.224.0/19",
"69.171.224.0/20",
"69.171.240.0/20",
"69.171.250.0/24",
"74.119.76.0/22",
"102.132.96.0/20",
"102.132.96.0/24",
"102.132.99.0/24",
"102.132.100.0/24",
"102.132.101.0/24",
"103.4.96.0/22",
"103.161.130.0/23",
"103.161.130.0/24",
"103.161.131.0/24",
"129.134.0.0/17",
"129.134.25.0/24",
"129.134.26.0/24",
"129.134.27.0/24",
"129.134.28.0/24",
"129.134.29.0/24",
"129.134.30.0/23",
"129.134.30.0/24",
"129.134.31.0/24",
"129.134.160.0/24",
"157.240.0.0/17",
"157.240.1.0/24",
"157.240.2.0/24",
"157.240.3.0/24",
"157.240.6.0/24",
"157.240.7.0/24",
"157.240.8.0/24",
"157.240.9.0/24",
"157.240.10.0/24",
"157.240.11.0/24",
"157.240.12.0/24",
"157.240.13.0/24",
"157.240.14.0/24",
"157.240.15.0/24",
"157.240.16.0/24",
"157.240.17.0/24",
"157.240.18.0/24",
"157.240.19.0/24",
"157.240.20.0/24",
"157.240.21.0/24",
"157.240.22.0/24",
"157.240.23.0/24",
"157.240.24.0/24",
"157.240.25.0/24",
"157.240.26.0/24",
"157.240.27.0/24",
"157.240.28.0/24",
"157.240.30.0/24",
"157.240.192.0/18",
"157.240.192.0/24",
"157.240.194.0/24",
"157.240.195.0/24",
"157.240.196.0/24",
"157.240.197.0/24",
"157.240.198.0/24",
"157.240.199.0/24",
"157.240.200.0/24",
"157.240.201.0/24",
"157.240.203.0/24",
"157.240.204.0/24",
"157.240.205.0/24",
"157.240.206.0/24",
"157.240.208.0/24",
"157.240.209.0/24",
"157.240.210.0/24",
"157.240.211.0/24",
"157.240.212.0/24",
"157.240.213.0/24",
"157.240.214.0/24",
"157.240.215.0/24",
"157.240.216.0/24",
"157.240.217.0/24",
"157.240.218.0/24",
"157.240.221.0/24",
"157.240.222.0/24",
"157.240.223.0/24",
"157.240.225.0/24",
"157.240.226.0/24",
"157.240.227.0/24",
"157.240.229.0/24",
"157.240.231.0/24",
"157.240.232.0/24",
"157.240.233.0/24",
"157.240.234.0/24",
"157.240.235.0/24",
"157.240.236.0/24",
"157.240.237.0/24",
"157.240.238.0/24",
"157.240.239.0/24",
"157.240.240.0/24",
"157.240.241.0/24",
"157.240.242.0/24",
"157.240.243.0/24",
"157.240.244.0/24",
"157.240.245.0/24",
"157.240.247.0/24",
"157.240.249.0/24",
"173.252.64.0/19",
"173.252.88.0/21",
"173.252.96.0/19",
"179.60.192.0/22",
"179.60.192.0/24",
"179.60.193.0/24",
"179.60.194.0/24",
"179.60.195.0/24",
"185.60.216.0/22",
"185.60.216.0/24",
"185.60.217.0/24",
"185.60.218.0/24",
"185.89.218.0/23",
"185.89.218.0/24",
"185.89.219.0/24",
"204.15.20.0/22"]