| 1 | <?php if (!defined('BB2_CORE')) die('I said no cheating!'); |
| 2 | |
| 3 | // Look up address on various blackhole lists. |
| 4 | // These cannot be used for GET requests under any circumstances! |
| 5 | function bb2_blackhole($package) { |
| 6 | // Only conservative lists |
| 7 | $bb2_blackhole_lists = array( |
| 8 | "sbl-xbl.spamhaus.org", // All around nasties |
| 9 | // "dnsbl.sorbs.net", // Old useless data. |
| 10 | // "list.dsbl.org", // Old useless data. |
| 11 | // "dnsbl.ioerror.us", // Bad Behavior Blackhole |
| 12 | ); |
| 13 | |
| 14 | // Things that shouldn't be blocked, from aggregate lists |
| 15 | $bb2_blackhole_exceptions = array( |
| 16 | "sbl-xbl.spamhaus.org" => array("127.0.0.4"), // CBL is problematic |
| 17 | "dnsbl.sorbs.net" => array("127.0.0.10",), // Dynamic IPs only |
| 18 | "list.dsbl.org" => array(), |
| 19 | "dnsbl.ioerror.us" => array(), |
| 20 | ); |
| 21 | |
| 22 | // Check the blackhole lists |
| 23 | $ip = $package['ip']; |
| 24 | $find = implode('.', array_reverse(explode('.', $ip))); |
| 25 | foreach ($bb2_blackhole_lists as $dnsbl) { |
| 26 | $result = gethostbynamel($find . "." . $dnsbl . "."); |
| 27 | if (!empty($result)) { |
| 28 | // Got a match and it isn't on the exception list |
| 29 | $result = @array_diff($result, $bb2_blackhole_exceptions[$dnsbl]); |
| 30 | if (!empty($result)) { |
| 31 | return '136673cd'; |
| 32 | } |
| 33 | } |
| 34 | } |
| 35 | return false; |
| 36 | } |
| 37 | |
| 38 | function bb2_httpbl($settings, $package) { |
| 39 | if (!$settings['httpbl_key']) return false; |
| 40 | |
| 41 | $find = implode('.', array_reverse(explode('.', $package['ip']))); |
| 42 | $result = gethostbynamel($settings['httpbl_key'].".${find}.dnsbl.httpbl.org."); |
| 43 | if (!empty($result)) { |
| 44 | $ip = explode('.', $result[0]); |
| 45 | if ($ip[0] == 127 && ($ip[3] & 7) && $ip[2] >= $settings['httpbl_threat'] && $ip[1] >= $settings['httpbl_maxage']) { |
| 46 | return '2b021b1f'; |
| 47 | } |
| 48 | } |
| 49 | return false; |
| 50 | } |
| 51 | ?> |
| 52 | |
