Difference between revisions of "Spam/IP Blocks"

From C4 Wiki
Jump to: navigation, search
(add more information about ip range blocks)
(whois2iprange.pl example)
Line 19: Line 19:
 
== whois2iprange.pl example ==
 
== whois2iprange.pl example ==
  
  % ./whois2iprange.pl -b http://localhost/ 219.132.1.1
+
  % ./whois2iprange.pl -b 'http://localhost/index.php?title=Special:Blockip' 219.132.1.1
  http://localhost/&wpBlockExpiry=infinite&ip=202.96.128.0/18&wpBlockOther=Spam%20CHINANET-GD
+
  http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=202.96.128.0/18&wpBlockOther=Spam%20CHINANET-GD
  http://localhost/&wpBlockExpiry=infinite&ip=202.103.128.0/18&wpBlockOther=Spam%20CHINANET-GD
+
  http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=202.103.128.0/18&wpBlockOther=Spam%20CHINANET-GD
  http://localhost/&wpBlockExpiry=infinite&ip=202.104.0.0/16&wpBlockOther=Spam%20CHINANET-GD
+
  http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=202.104.0.0/16&wpBlockOther=Spam%20CHINANET-GD
http://localhost/&wpBlockExpiry=infinite&ip=202.105.0.0/16&wpBlockOther=Spam%20CHINANET-GD
+
  http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=202.105.0.0/16&wpBlockOther=Spam%20CHINANET-GD
  http://localhost/&wpBlockExpiry=infinite&ip=218.13.0.0/16&wpBlockOther=Spam%20CHINANET-GD
 
http://localhost/&wpBlockExpiry=infinite&ip=218.14.0.0/16&wpBlockOther=Spam%20CHINANET-GD
 
 
  ...
 
  ...
  http://localhost/&wpBlockExpiry=infinite&ip=61.146.0.0/16&wpBlockOther=Spam%20CHINANET-GD
+
  http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=61.146.0.0/16&wpBlockOther=Spam%20CHINANET-GD
 
 
 
  % ./whois2iprange.pl -s 125.33.182.119
 
  % ./whois2iprange.pl -s 125.33.182.119
 
  INSERT INTO ipblocks VALUES ('','202.106.0.0/16', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'CA6A0000', 'CA6AFFFF',0,0);
 
  INSERT INTO ipblocks VALUES ('','202.106.0.0/16', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'CA6A0000', 'CA6AFFFF',0,0);
Line 34: Line 31:
 
  INSERT INTO ipblocks VALUES ('','211.144.0.0/20', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'D3900000', 'D3900FFF',0,0);
 
  INSERT INTO ipblocks VALUES ('','211.144.0.0/20', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'D3900000', 'D3900FFF',0,0);
 
  INSERT INTO ipblocks VALUES ('','211.144.16.0/20', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'D3901000', 'D3901FFF',0,0);
 
  INSERT INTO ipblocks VALUES ('','211.144.16.0/20', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'D3901000', 'D3901FFF',0,0);
INSERT INTO ipblocks VALUES ('','218.244.32.0/19', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'DAF42000', 'DAF43FFF',0,0);
 
INSERT INTO ipblocks VALUES ('','219.232.0.0/19', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'DBE80000', 'DBE81FFF',0,0);
 
 
  ...
 
  ...
 
  INSERT INTO ipblocks VALUES ('','202.130.224.0/19', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'CA82E000', 'CA82FFFF',0,0);
 
  INSERT INTO ipblocks VALUES ('','202.130.224.0/19', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'CA82E000', 'CA82FFFF',0,0);
 
[[Category:Infos]]
 
[[Category:Infos]]

Revision as of 13:56, 19 July 2007

IP Blocks

Mediawikis IP range blocks are quite effictive against spam.

The script at http://w8n.koeln.ccc.de/trac/projects/browser/whois2iprange.pl was written to address two issues with ip blocks in mediawiki:

  • You can not block ranges bigger than /16
  • Especially chinese spammers operate from very large netblocks

whois2iprange.pl

Retrieves all the net blocks from whois, converts them to 16bit netmasks and prints links to mediawikis ip block form. You may have to use the '-b' option from the command line to point to your mediawikis Special:Blockip page. If you have access to mediawikis sql database you should use the '-s' option to output sql statements.

For the script to run, you need to have sipcalc installed. Furthermore the following perl modules are required:

  • Net::Netmask
  • Net::XWhois

whois2iprange.pl example

% ./whois2iprange.pl -b 'http://localhost/index.php?title=Special:Blockip' 219.132.1.1
http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=202.96.128.0/18&wpBlockOther=Spam%20CHINANET-GD
http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=202.103.128.0/18&wpBlockOther=Spam%20CHINANET-GD
http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=202.104.0.0/16&wpBlockOther=Spam%20CHINANET-GD
http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=202.105.0.0/16&wpBlockOther=Spam%20CHINANET-GD
...
http://localhost/index.php?title=Special:Blockip&wpBlockExpiry=infinite&ip=61.146.0.0/16&wpBlockOther=Spam%20CHINANET-GD
% ./whois2iprange.pl -s 125.33.182.119
INSERT INTO ipblocks VALUES (,'202.106.0.0/16', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'CA6A0000', 'CA6AFFFF',0,0);
INSERT INTO ipblocks VALUES (,'211.154.192.0/18', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'D39AC000', 'D39AFFFF',0,0);
INSERT INTO ipblocks VALUES (,'211.144.0.0/20', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'D3900000', 'D3900FFF',0,0);
INSERT INTO ipblocks VALUES (,'211.144.16.0/20', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'D3901000', 'D3901FFF',0,0);
...
INSERT INTO ipblocks VALUES (,'202.130.224.0/19', 0, 1, 'SPAMMER CNCGROUP-BJ','20070719143737',0,1,1,'infinity', 'CA82E000', 'CA82FFFF',0,0);