I have a honeypot that collects the IP addresses of the offenders. It in turn sends the data to a BGP server and distributes that list to all of the company and customer routers. I wanted a way to visualize the current number of blocked IP addresses. The router sends the information to the Photon with the API utilizing the Particle.function feature.
Photon Code:
#include <Adafruit_SSD1306.h>
#include <string.h>
#define OLED_RESET D4
Adafruit_SSD1306 oled(OLED_RESET);
String strData;
void setup() {
Particle.function("oled",dataDisplay);
oled.begin(SSD1306_SWITCHCAPVCC, 0x3C); // initialize with the I2C addr 0x3D (for the 128x64)
oled.clearDisplay();
oled.display();
}
void loop() {
}
int dataDisplay(String command) {
strData = String(command);
oled.clearDisplay();
oled.setTextSize(2);
oled.setTextColor(WHITE);
oled.setCursor(0,0);
oled.print("Blackholed");
oled.setTextSize(4);
oled.setCursor(0,25);
oled.print(strData);
oled.setTextColor(BLACK, WHITE);
oled.display();
}
Mikrotik Code: (ROS 6.39 or newer)
:local bgpPrefixCount [/routing bgp peer get [find] prefix-count];
:global lastbgpPrefixCount;
# Check to see if lastbgpPrefixCount variable is null and if so set to 1
:if ($lastbgpPrefixCount~"^\$") do={
:set lastbgpPrefixCount 1;
} else {
:log info "BGP Prefix is not NULL"
}
:if ($bgpPrefixCount != $lastbgpPrefixCount) do={
:log info message="$bgpPrefixCount";
/tool fetch mode=https keep-result=no http-method=post url=https://api.particle.io/v1/devices/YourDeviceID/oled http-data="access_token=YourAccessToken¶ms=$bgpPrefixCount"
:set lastbgpPrefixCount $bgpPrefixCount;
:log info message="BGP Prefix Count Updated"
} else={
:log info message="BGP Prefix Count Unchanged";
}