Jump to content
Limestone de cara nova! ×
Portal do Host

Monitoramento De Ips Em Rbl


abobre
 Share

Recommended Posts

Boa tarde pessoal,

 

 Eu tenho um script desenvolvido em Perl que encontrei na internet para monitorar os nossos IPS nas RBLS, o script esta funcionando bem, porem gostaria de compartilhar com vocês esse script e sugerir algumas opções para uso, o que facilitaria o uso dele, sem interverção do usuários

 

Sugestões

 

Eu não entendo nada de Perl, se estiver falando besteira me descupem !

 

  • Seria ideal o script carregar uma lista de IPS apartir de um arquivo txt, exemplo meu_ips.txt
  • O script deve fazar a pesquisa do IP na RBL, caso encontre ele armazena isso, ou na memória, ou em arquivo txt e no termino da pesquisa ele envia um e-mail avisando os IPS que estãi listado nas RBLS, deve ser um e-mail só contendo um relatório, e caso seu IP esteja limpo nas RBLS, ele avisa via e-mail tambem !

Algum programador capacitado para implementar essas funções ?

 

#!/usr/bin/perl

# rbl.monitor - check RBL blacklists for an IP address.  Uses asynch I/O
# to send all the requests simultaneously

my $usage="\
Usage: rbl.monitor [options] hostname [...]

Options [and default values]:

    --listfile <list of RBL domains>                 [preset list, see script]
    --rbllist <comma separated list of RBL domains>
    --timeout  <master timeout>                      [60 seconds]
    --debug                                          [off]
";


use strict;

use Net::DNS;
use IO::Select;
use Getopt::Long;

my %opt;
GetOptions(\%opt,
        "listfile=s",
        "rbllist=s",
        "timeout=i",
        "debug",
) or die $usage;

my $listfile= $opt{listfile} || "";
my $rbllist= $opt{rbllist} || "";
my $selecttimeout = 5;
my $timeout= ($opt{timeout} || 60) + ($selecttimeout * 2);
my $debug= $opt{debug} || 0;


# Default RBLs to check - just a few of the lists most likely to block mail
# Sites with specific needs should customize via the command line
my @rbls2check=('b.barracudacentral.org', 'cbl.abuseat.org','dnsbl.invaluement.com','http.dnsbl.sorbs.net','misc.dnsbl.sorbs.net',
                'socks.dnsbl.sorbs.net','web.dnsbl.sorbs.net','dnsbl-1.uceprotect.net','dnsbl-3.uceprotect.net','sbl.spamhaus.org',
				'zen.spamhaus.org','psbl.surriel.com','dnsbl.njabl.org','rbl.spamlab.com','ircbl.ahbl.org','noptr.spamrats.com',
				'cbl.anti-spam.org.cn','dnsbl.inps.de','httpbl.abuse.ch','korea.services.net','virus.rbl.jp','wormrbl.imp.ch',
				'rbl.suresupport.com','ips.backscatterer.org','opm.tornevall.org','multi.surbl.org','tor.dan.me.uk',
				'relays.mail-abuse.org','rbl-plus.mail-abuse.org','access.redhawk.org','rbl.interserver.net', 'bogons.cymru.com',
				'bl.spamcop.net','dnsbl.sorbs.net','dul.dnsbl.sorbs.net','smtp.dnsbl.sorbs.net','spam.dnsbl.sorbs.net',
				'zombie.dnsbl.sorbs.net','dnsbl-2.uceprotect.net','pbl.spamhaus.org','xbl.spamhaus.org','bl.spamcannibal.org',
				'ubl.unsubscore.com','combined.njabl.org','dnsbl.ahbl.org','dyna.spamrats.com','spam.spamrats.com',
				'cdl.anti-spam.org.cn','drone.abuse.ch','dul.ru','short.rbl.jp','spamrbl.imp.ch','virbl.bit.nl',
				'dsn.rfc-ignorant.org','dsn.rfc-ignorant.org','netblock.pedantic.org','ix.dnsbl.manitu.net','rbl.efnetrbl.org',
				'blackholes.mail-abuse.org','dnsbl.dronebl.org','db.wpbl.info','query.senderbase.org','bl.emailbasura.org',
				'combined.rbl.msrbl.net','multi.uribl.com','black.uribl.com','cblless.anti-spam.org.cn',
				'cblplus.anti-spam.org.cn','blackholes.five-ten-sg.com','sorbs.dnsbl.net.au','rmst.dnsbl.net.au',
				'dnsbl.kempt.net','blacklist.woody.ch','rot.blackhole.cantv.net','virus.rbl.msrbl.net','phishing.rbl.msrbl.net',
				'images.rbl.msrbl.net','spam.rbl.msrbl.net','spamlist.or.kr','dnsbl.abuse.ch','bl.deadbeef.com','ricn.dnsbl.net.au',
				'forbidden.icm.edu.pl','probes.dnsbl.net.au','ubl.lashback.com','ksi.dnsbl.net.au','uribl.swinog.ch',
				'bsb.spamlookup.net','dob.sibl.support-intelligence.net','url.rbl.jp','dyndns.rbl.jp','omrs.dnsbl.net.au',
				'osrs.dnsbl.net.au','orvedb.aupads.org','relays.nether.net','relays.bl.gweep.ca','relays.bl.kundenserver.de',
				'dialups.mail-abuse.org','rdts.dnsbl.net.au','duinv.aupads.org','pool.dnsbl.solid.net','dynablock.sorbs.net',
				'residential.block.transip.nl','dynip.rothen.com','dul.blackhole.cantv.net','mail.people.it',
				'blacklist.sci.kun.nl','all.spamblock.unit.liu.se');

if ($listfile) {
        open(LIST, "< $listfile") ||
                die "$0: cannot open list file \"$listfile\": $!\n";
        @rbls2check= grep !/^\s*#/, <LIST>;
        @rbls2check= grep !/^\s*$/, @rbls2check;
        map {chomp} @rbls2check;
        close LIST;
        die "$0: no RBL names found in \"$listfile\"\n" unless @rbls2check;
}

if ($rbllist) {
        @rbls2check= split(',', $rbllist);
}

print "*** checking these RBLs:\n   " . join("\n   ", @rbls2check) . "\n"
        if $debug;

my (@summary, @detail);
my @sockets;


my $res  = Net::DNS::Resolver->new;
my $sel  = IO::Select->new();
my $starttime= time;

my %hostpart2host;

# gethostbyname is non-reentrant, so do all the queries up front
foreach my $host (@ARGV) {
        my $hostdata= gethostbyname($host);
        if (!defined($hostdata)) {
                push @summary, $host;
                push @detail, "$host: bad hostname";
                next;
        }
        my $hostpart= join(".", reverse(unpack("C4", $hostdata)));
        $hostpart2host{$hostpart}= $host;
}

# start all the queries
foreach my $hostpart (keys %hostpart2host) {
        foreach my $rbl (@rbls2check) {
                my $dnssock=  $res->bgsend(join(".", $hostpart, $rbl));
                push @sockets, $dnssock;
                $sel->add($dnssock);
        }
}

MAINLOOP:
while ($sel->handles > 0) {
        my @ready = $sel->can_read($selecttimeout);
        if ( (time - $starttime) > $timeout) { # waited too long?
                push @detail, "TIMEOUT: " . scalar($sel->handles) . " responses 
still pending";
                last MAINLOOP;
        }
        foreach my $sock (@ready) {
                my ($authority, $ipaddress, $hostpart, $host);
                my $packet = $res->bgread($sock);
                foreach my $rr ($packet->answer) {
                        if ($rr->type eq "A") {
                                $ipaddress= $rr->address;
                                $authority= $rr->name;
                                if ($authority=~ /^(\d+\.\d+\.\d+\.\d+)\./) {
                                        $hostpart= $1;
                                        $host= $hostpart2host{$hostpart};
                                } else { $host= "???" }
                                push @summary, $host
                                        unless grep /^$host$/, @summary;
                                push @detail, "$host: $authority: " . 
$rr->address;
                        }
                }
                $sel->remove($sock);
        }
}

print join(" ", (sort @summary)) if (@summary);
print "\n";

print join("\n", (sort @detail)), "\n"  if @detail;

 

Link to comment
Share on other sites


  • Replies 2
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Ele reporta da seguinte forma

 

root@srv [/scripts_andre/check-rbl]# perl rbl.pl 69.163.37.58
69.163.37.58
69.163.37.58: 58.37.163.69.dnsbl.sorbs.net: 127.0.0.10
69.163.37.58: 58.37.163.69.dul.dnsbl.sorbs.net: 127.0.0.10
69.163.37.58: 58.37.163.69.residential.block.transip.nl: 127.0.0.10
root@srv [/scripts_andre/check-rbl]#
 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.



×
×
  • Create New...

Important Information