Spam/IP Blocks
< Spam
Revision as of 17:21, 11 July 2007 by Mario Manno (talk | contribs)
IP Blocks
IP Blocks haben sich als einigermassen effektiv gegen Spammer erwiesen.
Folgendes Skript erleichtert die Einrichtung von IP Range Blocks.
#!/usr/bin/perl -w # Description: generate mediawiki iprange (/16) block entries for whois netnames # Usage: use POSIX qw(strftime); use File::Basename; use Getopt::Std; use Net::Netmask; use Net::XWhois; sub usage () { print "usage: " . basename($0) ." [-s][-u id][-h][-v] ip\n -s output sql statements -u id user id for sql statements -v verbose -h help\n"; print "i.e.:\n"; print " ". basename($0) ." 221.219.118.4\n"; print " ". basename($0) ." -s -u 2 221.219.118.4\n"; exit 0; } sub output ($$$$) { my $netname = shift; my $inet = shift; my $sql = shift; my $user = shift; if (not $sql) { print "http://wiki.koeln.ccc.de/index.php?title=Special:Blockip&ip=$inet\n"; } else { my $start = strftime "%Y%m%d%H%M%S", localtime; print "INSERT INTO ipblocks VALUES (,'$inet', 0, $user, 'SPAMMER $netname','$start',0,); \n"; } } sub range2cidr16 ($) { my @range = split (' - ', shift); # get cidr notation my @blocks = range2cidrlist($range[0], $range[1]); my @cidrs16; foreach my $b (@blocks) { my $cidr = sprintf "%s/%s",$b->base, $b->bits; print STDERR "got cidr: $cidr\n" if $opts{'v'}; # break down to /16 blocks if ($b->bits < 16) { foreach (`sipcalc -s 16 $cidr`) { if (m/^Network\s*-\s([\.\d]+)\s*-\s([\.\d]+)$/o) { my @blocks2 = range2cidrlist($1, $2); foreach (@blocks2) { push @cidrs16, "$_"; print STDERR "block $cidr broken down to: $_\n" if $opts{'v'}; } } } } else { push @cidrs16, $cidr; } } return \@cidrs16; } my %opts; getopts('hvsu:', \%opts); usage () if ($opts{'h'}); my $sql = $opts{'s'} ? 1 : 0; my $user; if ($opts{'u'}) { $user = $opts{'u'}; $sql = 1; } else { $user = 1; } my $whois; my $netname; if ($ARGV[0]) { my $ip = $ARGV[0]; print STDERR "fetching netname for: $ip\n" if $opts{'v'}; $whois = new Net::XWhois Domain => "$ip"; $netname = $whois->netname; unless ($netname) { print STDERR "netname not found for ip: $ip \n"; exit 0; } print STDERR "fetching inetnum for netname: $netname\n" if $opts{'v'}; $whois->lookup(Domain => "$netname"); if ($whois->inetnum) { foreach my $inet ($whois->inetnum) { # break down to /16 blocks foreach (@{range2cidr16($inet)}) { print STDERR "found block: $_\n" if $opts{'v'}; output($netname, $_, $sql, $user); } } } else { print STDERR "inetnum(s) not found for: $netname\n"; } } else { usage(); }
Benutzen:
perl ~/whois2iprange.pl ip
Leider funktioniert dieses Script nur bei IP-Ranges, die in der RIPE verzeichnet sind.
--ScottyTM 03:46, 24 Oct 2005 (CEST)
Zum Beispiel: whois -h whois.apnic.net ip.address | perl ~/whois2iprange.pl
Problem ist: nicht jedes whois info enthaelt einen netname --MM 21:44, 10 July 2007 (CEST)