1 | #!/usr/bin/perl
|
---|
2 | # Export DNSBL data
|
---|
3 | # 2009/05/26 kdeugau@deepnet.cx
|
---|
4 | # need to stub it out so it can use a module to actually write zone
|
---|
5 | # data for different NS software
|
---|
6 | # completed 2008/08/14
|
---|
7 |
|
---|
8 | use strict;
|
---|
9 | use warnings;
|
---|
10 | use DBI;
|
---|
11 |
|
---|
12 | use DNSBL;
|
---|
13 |
|
---|
14 | my $dnsbl = new DNSBL;
|
---|
15 |
|
---|
16 | # default DB info - all other settings should be loaded from the DB.
|
---|
17 | my $dbhost = "localhost";
|
---|
18 | my $dbname = "dnsbl";
|
---|
19 | my $dbuser = "dnsbl";
|
---|
20 | my $dbpass = "spambgone";
|
---|
21 |
|
---|
22 | die "Need config argument\n" if !$ARGV[0];
|
---|
23 | my $cfgname = shift @ARGV;
|
---|
24 |
|
---|
25 | # Load a config ref containing DB host, name, user, and pass info based on
|
---|
26 | # from the server name + full script web path. This allows us to host
|
---|
27 | # multiple instances without having to duplicate the code.
|
---|
28 | # This file is a Perl fragment to be processed inline.
|
---|
29 | if (-e "/etc/dnsbl/$cfgname.conf") {
|
---|
30 | my $cfg = `cat /etc/dnsbl/$cfgname.conf`;
|
---|
31 | ($cfg) = ($cfg =~ /^(.+)$/s); # avoid warnings, failures, and general nastiness with taint mode
|
---|
32 | eval $cfg;
|
---|
33 | }
|
---|
34 |
|
---|
35 | my $dbh = $dnsbl->connect($dbhost, $dbname, $dbuser, $dbpass);
|
---|
36 |
|
---|
37 | my %config;
|
---|
38 | my $sth = $dbh->prepare("SELECT key,value FROM misc");
|
---|
39 | $sth->execute;
|
---|
40 | while (my ($key,$value) = $sth->fetchrow_array) {
|
---|
41 | $config{$key} = $value;
|
---|
42 | }
|
---|
43 |
|
---|
44 | my %iplist;
|
---|
45 | my $ipref = \%iplist;
|
---|
46 |
|
---|
47 | my $mode = $ARGV[0] || 'tiny';
|
---|
48 |
|
---|
49 | $dnsbl->initexport;
|
---|
50 | #$dnsbl->export($ipref,$mode,1,'50.22.0.0/15');
|
---|
51 | $dnsbl->export($ipref,$mode);
|
---|
52 |
|
---|
53 | ##fixme - mode should pick actual output, not just export mode
|
---|
54 | if ($mode eq 'cidr') {
|
---|
55 | # SOA, NS records. Maybe dnscache needs them?
|
---|
56 | print "\$SOA 900 ".($config{blzone} ? $config{blzone} : 'company').".dnsbl systems.company.com 0 1200 600 600 900\n".
|
---|
57 | "\$NS 3600 127.0.0.1\n".
|
---|
58 | "\$TTL 900\n";
|
---|
59 |
|
---|
60 | # more or less raw CIDR block-and-IP info. rbldnsd format for convenience.
|
---|
61 | foreach (sort ipcmp keys %iplist) {
|
---|
62 | my $out = "$_:127.0.0.$iplist{$_}:".
|
---|
63 | ($iplist{$_} & 2 ?
|
---|
64 | ($config{iplisted} ? $config{iplisted} : '$ relayed a reported spam') :
|
---|
65 | ($config{blocklisted} ? $config{blocklisted} : 'Netblock listed on one or more criteria')
|
---|
66 | )."\n";
|
---|
67 | $out =~ s/:ENTITY:/$_/;
|
---|
68 | print $out;
|
---|
69 | }
|
---|
70 | } else {
|
---|
71 | foreach (sort ipcmp keys %iplist) {
|
---|
72 | my ($o1,$o2,$o3,$o4) = (/^(\d+)\.([\d*]+)(?:\.([\d*]+)(?:\.([\d*]+))?)?$/);
|
---|
73 | print "+".(defined($o4) ? "$o4." : '').(defined($o3) ? "$o3." : '').(defined($o2) ? "$o2." : '').
|
---|
74 | "$o1.spamhosts.company.com:127.0.0.$iplist{$_}:900:::\n";
|
---|
75 | }
|
---|
76 | }
|
---|
77 |
|
---|
78 | exit 0;
|
---|
79 |
|
---|
80 | # IP address comparison sub
|
---|
81 | sub ipcmp {
|
---|
82 | my ($a1,$a2,$a3,$a4,$a5) = ($a =~ /^(\d+)\.([\d*]+)(?:\.([\d*]+)(?:\.([\d*]+))?)?(?:\/(\d+))?$/);
|
---|
83 | my ($b1,$b2,$b3,$b4,$b5) = ($b =~ /^(\d+)\.([\d*]+)(?:\.([\d*]+)(?:\.([\d*]+))?)?(?:\/(\d+))?$/);
|
---|
84 | # le sigh. knew it wasn't going to be simple...
|
---|
85 | $b2 = -1 if $b2 && $b2 eq '*';
|
---|
86 | $b3 = -1 if $b3 && $b3 eq '*';
|
---|
87 | $b4 = -1 if $b4 && $b4 eq '*';
|
---|
88 | $b5 = 128 if !defined($b5);
|
---|
89 | $a2 = -1 if $a2 && $a2 eq '*';
|
---|
90 | $a3 = -1 if $a3 && $a3 eq '*';
|
---|
91 | $a4 = -1 if $a4 && $a4 eq '*';
|
---|
92 | $a5 = 128 if !defined($a5);
|
---|
93 | return 1 if $a1 > $b1;
|
---|
94 | return -1 if $a1 < $b1;
|
---|
95 | return 1 if $a2 > $b2;
|
---|
96 | return -1 if $a2 < $b2;
|
---|
97 | return 1 if $a3 > $b3;
|
---|
98 | return -1 if $a3 < $b3;
|
---|
99 | return 1 if $a4 > $b4;
|
---|
100 | return -1 if $a4 < $b4;
|
---|
101 | return 1 if $a5 > $b5;
|
---|
102 | return -1 if $a5 < $b5;
|
---|
103 | return 0;
|
---|
104 | }
|
---|