/** * isBlacklistedDns is a generic function to provide extensibility * for easily checking DNS based blacklists. It has three arguments: * host: The IP address of the host you wish to check. * suffix: The DNS suffix for the DNSBL service. * pos_resp: An array containing responses that should be considered * a positive match. If not provided, will assume that ANY * successful DNS resolution against the DNSBL should be * considered a positive match. * * For example: * isBlacklistedDns('1.2.3.4', 'dnsbl.com') * Returns true if 4.3.2.1.dnsbl.com returns any DNS resolution. * isBlacklistedDns('1.2.3.4', 'dnsbl.com', 2) * Returns true if 4.3.2.1.dnsbl.com contains '127.0.0.2' in its * response. * isBlacklistedDns('1.2.3.4', 'dnsbl.com', array(2, 3)) * Returns true if 4.3.2.1.dnsbl.com contains either 127.0.0.2 or * 127.0.0.3 in its response. */ function isBlacklistedDns($host, $dns_suffix, $pos_responses = -1) { // Don't waste time checking private class IPs. if (isPrivateIp($host)) { return false; } $start_ts = microtime(true); /** * DNS blacklists work by storing records for ipaddr.dnsbl.com, * but with DNS all octets are reversed. So to check if 1.2.3.4 * is blacklisted in a DNSBL, we need to query for the hostname * 4.3.2.1.dnsbl.com. */ $octets = explode('.', $host); $reverse_octets = implode('.', array_reverse($octets)); $lookup_addr = $reverse_octets . '.' . $dns_suffix . '.'; debugf('DNSBL checking %s', $lookup_addr); $dns_result = @dns_get_record($lookup_addr, DNS_A); if (count($dns_result) > 0) { $dns_result = $dns_result[0]['ip']; $resolved = true; } else { $dns_result = $lookup_addr; $resolved = false; } $end_ts = microtime(true); debugf('DNSBL check time elapsed: %0.4f seconds (%s = %s)', $end_ts - $start_ts, $lookup_addr, $dns_result); // If it didn't resolve, don't check anything if (!$resolved) { return false; } // Check for any successful resolution if ($resolved && $pos_responses == -1 || empty($pos_responses)) { return true; } // Check for a match against the provided string if (is_string($pos_responses) && !empty($pos_responses) && $dns_result == '127.0.0.' . $pos_responses) { return true; } // Check for a match within the provided array if (is_array($pos_responses)) { foreach ($pos_responses as $tmp_match) { $tmp_match = '127.0.0.' . $tmp_match; if ($tmp_match == $dns_result) { return true; } } } // All checks failed; host tested negative. return false; }
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ $is_new_user = $num_args > 4; if ($is_new_user) { $gline_host = $user->getGlineHost(); $gline_ip = $user->getGlineIp(); $gline_set = false; foreach ($this->glines as $gline_key => $gline) { if (!$gline->isExpired() && ($gline->matches($gline_host) || $gline->matches($gline_ip))) { $this->enforceGline($gline); $gline_set = true; } } if (defined('CLONE_GLINE') && CLONE_GLINE == true && !$gline_set && $this->getCloneCount($user->getIp()) > CLONE_MAX && !isPrivateIp($user->getIp())) { $gline_mask = '*@' . $user->getIp(); $gline_secs = convertDuration(CLONE_DURATION); $new_gl = $this->addGline($gline_mask, $gline_secs, time(), CLONE_REASON); $this->enforceGline($new_gl); $gline_set = true; } if (defined('TOR_GLINE') && TOR_GLINE == true && !$gline_set && $this->isTorHost($user->getIp())) { $gline_mask = '*@' . $user->getIp(); $gline_secs = convertDuration(TOR_DURATION); $new_gl = $this->addGline($gline_mask, $gline_secs, time(), TOR_REASON); $this->enforceGline($new_gl); $gline_set = true; } if (defined('COMP_GLINE') && COMP_GLINE == true && !$gline_set && $this->isCompromisedHost($user->getIp())) { $gline_mask = '*@' . $user->getIp();