Add IP scoping data to entity.Entity and network.Connection

2025-09-15 09:19:48 +00:00 · 2021-03-20 22:07:17 +01:00 · 2021-03-20 22:07:17 +01:00 · 43cfba8445
commit 43cfba8445
parent eb22636c8e
10 changed files with 92 additions and 63 deletions
--- a/intel/entity.go
+++ b/intel/entity.go
@ -58,6 +58,9 @@ type Entity struct {
 	// set, IP has been resolved by following all CNAMEs.
 	IP net.IP

+	// IPScope holds the network scope of the IP.
+	IPScope netutils.IPScope
+
 	// Country holds the country the IP address (ASN) is
 	// located in.
 	Country string
@ -65,6 +68,9 @@ type Entity struct {
 	// ASN holds the autonomous system number of the IP.
 	ASN uint

+	// ASOrg holds the owner's name of the autonomous system.
+	ASOrg string
+
 	location *geoip.Location

 	// BlockedByLists holds list source IDs that
@ -95,6 +101,12 @@ func (e *Entity) Init() *Entity {
 	return e
 }

+// SetIP sets the IP address together with its network scope.
+func (e *Entity) SetIP(ip net.IP) {
+	e.IP = ip
+	e.IPScope = netutils.GetIPScope(ip)
+}
+
 // SetDstPort sets the destination port.
 func (e *Entity) SetDstPort(dstPort uint16) {
 	e.dstPort = dstPort
@ -229,6 +241,7 @@ func (e *Entity) getLocation(ctx context.Context) {
 		e.location = loc
 		e.Country = loc.Country.ISOCode
 		e.ASN = loc.AutonomousSystemNumber
+		e.ASOrg = loc.AutonomousSystemOrganization
 	})
 }

@ -422,7 +435,7 @@ func (e *Entity) getIPLists(ctx context.Context) {
 	}

 	// only load lists for IP addresses that are classified as global.
-	if netutils.ClassifyIP(ip) != netutils.Global {
+	if !e.IPScope.IsGlobal() {
 		return
 	}