private function severity($ip) { $rev = SblamURI::gethostbyaddr($ip); if (is_array($rev)) { warn($rev, "gethostbyaddr returned array!?"); $rev = reset($rev); } if (!$rev) { return 3; } if (preg_match('/(^|[.-])(vp[sn]|srv)[.\\d-]|(^|\\.)(colo|dedi?)[-.]|dedic|resell|serv(er|[.\\d-])|^ns\\d*\\.|^mail\\d*\\.|multicast|invalid|unknown/', $rev)) { return 2; } if (preg_match('/internetdsl\\.|static/', $rev) || preg_match('/^[^\\d]+$/', $rev) || strlen($rev) < 10) { return 1.5; } if (preg_match('/^nat[\\d.-]|cache|proxy|gprs[^a-z]|dynamic|\\.dhcp\\.|\\.sta\\.|ppp[\\d.-]|\\.dyn\\.|(^|[.-])adsl[.0-9-]/', $rev)) { return 0.8; } return 1; }
function testPost(ISblamPost $p) { // whitelist only direct connection (because other can be forged) and only when there aren't any objectionable hosts there $out = array(); $firstIP = true; $whitelisted = false; foreach ($p->getAuthorIPs() as $ip) { $rev = SblamURI::gethostbyaddr($ip); if (!$rev) { continue; } if (is_array($rev)) { warn($rev, 'gethostbyaddr returned array'); $rev = reset($rev); } // WTF? if (preg_match('!(?:\\.|^)(?:' . $this->isps . ')$!', $rev)) { $out[] = array(0.5, self::CERTAINITY_LOW, "Sent from blacklisted ISP ({$rev})"); } else { if ($firstIP && preg_match('!\\.(?:' . $this->whitelist . ')$!', $rev)) { $whitelisted = true; } else { if (preg_match('!\\.(?:' . $this->blacklist . ')$!', $rev)) { $out[] = array(0.35, self::CERTAINITY_LOW, "Sent from blacklisted TLD ({$rev})"); } } } $firstIP = false; } if (!count($out) && $whitelisted) { return array(-0.25, self::CERTAINITY_LOW, "Sent from whitelisted TLD ({$rev})"); } if (count($out)) { return $out; } }