1 | #!/usr/bin/perl
|
---|
2 | # Export DNSBL data
|
---|
3 | ##
|
---|
4 | # $Id: export-dnsbl 53 2014-12-09 22:19:35Z kdeugau $
|
---|
5 | # Copyright 2009-2011 Kris Deugau <kdeugau@deepnet.cx>
|
---|
6 | #
|
---|
7 | # This program is free software: you can redistribute it and/or modify
|
---|
8 | # it under the terms of the GNU General Public License as published by
|
---|
9 | # the Free Software Foundation, either version 3 of the License, or
|
---|
10 | # (at your option) any later version.
|
---|
11 | #
|
---|
12 | # This program is distributed in the hope that it will be useful,
|
---|
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
15 | # GNU General Public License for more details.
|
---|
16 | #
|
---|
17 | # You should have received a copy of the GNU General Public License
|
---|
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>.
|
---|
19 | ##
|
---|
20 |
|
---|
21 | use strict;
|
---|
22 | use warnings;
|
---|
23 | use DBI;
|
---|
24 |
|
---|
25 | use DNSBL;
|
---|
26 |
|
---|
27 | my $dnsbl = new DNSBL;
|
---|
28 |
|
---|
29 | # default DB info - all other settings should be loaded from the DB.
|
---|
30 | my $dbhost = "localhost";
|
---|
31 | my $dbname = "dnsbl";
|
---|
32 | my $dbuser = "dnsbl";
|
---|
33 | my $dbpass = "spambgone";
|
---|
34 |
|
---|
35 | die "Need config argument\n" if !$ARGV[0];
|
---|
36 | my $cfgname = shift @ARGV;
|
---|
37 |
|
---|
38 | # Load a config ref containing DB host, name, user, and pass info based on
|
---|
39 | # from the server name + full script web path. This allows us to host
|
---|
40 | # multiple instances without having to duplicate the code.
|
---|
41 | # This file is a Perl fragment to be processed inline.
|
---|
42 | if (-e "/etc/dnsbl/$cfgname.conf") {
|
---|
43 | my $cfg = `cat /etc/dnsbl/$cfgname.conf`;
|
---|
44 | ($cfg) = ($cfg =~ /^(.+)$/s); # avoid warnings, failures, and general nastiness with taint mode
|
---|
45 | eval $cfg;
|
---|
46 | }
|
---|
47 |
|
---|
48 | my $dbh = $dnsbl->connect($dbhost, $dbname, $dbuser, $dbpass);
|
---|
49 |
|
---|
50 | my %config;
|
---|
51 | my $sth = $dbh->prepare("SELECT key,value FROM misc");
|
---|
52 | $sth->execute;
|
---|
53 | while (my ($key,$value) = $sth->fetchrow_array) {
|
---|
54 | $config{$key} = $value;
|
---|
55 | }
|
---|
56 |
|
---|
57 | my %iplist;
|
---|
58 | my $ipref = \%iplist;
|
---|
59 |
|
---|
60 | my $mode = $ARGV[0] || 'tiny';
|
---|
61 |
|
---|
62 | $dnsbl->initexport;
|
---|
63 | #$dnsbl->export($ipref,$mode,1,'50.22.0.0/15');
|
---|
64 | $dnsbl->export($ipref,$mode);
|
---|
65 |
|
---|
66 | ##fixme - mode should pick actual output, not just export mode
|
---|
67 | if ($mode eq 'cidr') {
|
---|
68 | # SOA, NS records. Maybe dnscache needs them?
|
---|
69 | print "\$SOA 900 ".($config{blzone} ? $config{blzone} : 'company.dnsbl')." ".
|
---|
70 | ($config{bladmin} ? $config{bladmin} : 'systems.company.com')." 0 1200 600 600 900\n".
|
---|
71 | "\$NS 3600 127.0.0.1\n".
|
---|
72 | "\$TTL ".($config{ttl} ? $config{ttl} : '900')."\n";
|
---|
73 |
|
---|
74 | # more or less raw CIDR block-and-IP info. rbldnsd format for convenience.
|
---|
75 | foreach (sort ipcmp keys %iplist) {
|
---|
76 | my $entry;
|
---|
77 | if ($iplist{$_} >= 256) {
|
---|
78 | if ($iplist{$_} >= 65536) {
|
---|
79 | $entry .= int($iplist{$_}/65536).".";
|
---|
80 | $iplist{$_} = $iplist{$_} % 65536;
|
---|
81 | } else {
|
---|
82 | $entry .= "0.";
|
---|
83 | }
|
---|
84 | $entry .= int($iplist{$_}/256).".";
|
---|
85 | $iplist{$_} = $iplist{$_} % 256;
|
---|
86 | } else {
|
---|
87 | $entry .= "0.0.";
|
---|
88 | }
|
---|
89 | $entry .= $iplist{$_};
|
---|
90 | my $out = "$_:127.$entry:".
|
---|
91 | ($iplist{$_} & 2 ?
|
---|
92 | ($config{iplisted} ? $config{iplisted} : '$ relayed a reported spam') :
|
---|
93 | ($config{blocklisted} ? $config{blocklisted} : 'Netblock listed on one or more criteria')
|
---|
94 | )."\n";
|
---|
95 | $out =~ s/:ENTITY:/$_/;
|
---|
96 | print $out;
|
---|
97 | }
|
---|
98 | } else {
|
---|
99 | # default "mode"; tinyDNS data format
|
---|
100 | foreach (sort ipcmp keys %iplist) {
|
---|
101 | my $entry;
|
---|
102 | if ($iplist{$_} > 256) {
|
---|
103 | if ($iplist{$_} > 65536) {
|
---|
104 | $entry .= int($iplist{$_}/65536).".";
|
---|
105 | $iplist{$_} = $iplist{$_} % 65536;
|
---|
106 | } else {
|
---|
107 | $entry .= "0.";
|
---|
108 | }
|
---|
109 | $entry .= int($iplist{$_}/256).".";
|
---|
110 | $iplist{$_} = $iplist{$_} % 256;
|
---|
111 | } else {
|
---|
112 | $entry .= "0.0.";
|
---|
113 | }
|
---|
114 | $entry .= $iplist{$_};
|
---|
115 | my ($o1,$o2,$o3,$o4) = (/^(\d+)\.([\d*]+)(?:\.([\d*]+)(?:\.([\d*]+))?)?$/);
|
---|
116 | print "+".(defined($o4) ? "$o4." : '').(defined($o3) ? "$o3." : '').(defined($o2) ? "$o2." : '').
|
---|
117 | "$o1.".($config{blzone} ? $config{blzone} : 'spamhosts.company.dnsbl').":127.0.0.$entry:".
|
---|
118 | ($config{ttl} ? $config{ttl} : '900').":::\n";
|
---|
119 | }
|
---|
120 | }
|
---|
121 |
|
---|
122 | exit 0;
|
---|
123 |
|
---|
124 | # IP address comparison sub
|
---|
125 | sub ipcmp {
|
---|
126 | my ($a1,$a2,$a3,$a4,$a5) = ($a =~ /^(\d+)\.([\d*]+)(?:\.([\d*]+)(?:\.([\d*]+))?)?(?:\/(\d+))?$/);
|
---|
127 | my ($b1,$b2,$b3,$b4,$b5) = ($b =~ /^(\d+)\.([\d*]+)(?:\.([\d*]+)(?:\.([\d*]+))?)?(?:\/(\d+))?$/);
|
---|
128 | # le sigh. knew it wasn't going to be simple...
|
---|
129 | $b2 = -1 if $b2 && $b2 eq '*';
|
---|
130 | $b3 = -1 if $b3 && $b3 eq '*';
|
---|
131 | $b4 = -1 if $b4 && $b4 eq '*';
|
---|
132 | $b5 = 128 if !defined($b5);
|
---|
133 | $a2 = -1 if $a2 && $a2 eq '*';
|
---|
134 | $a3 = -1 if $a3 && $a3 eq '*';
|
---|
135 | $a4 = -1 if $a4 && $a4 eq '*';
|
---|
136 | $a5 = 128 if !defined($a5);
|
---|
137 | return 1 if $a1 > $b1;
|
---|
138 | return -1 if $a1 < $b1;
|
---|
139 | return 1 if $a2 > $b2;
|
---|
140 | return -1 if $a2 < $b2;
|
---|
141 | return 1 if $a3 > $b3;
|
---|
142 | return -1 if $a3 < $b3;
|
---|
143 | return 1 if $a4 > $b4;
|
---|
144 | return -1 if $a4 < $b4;
|
---|
145 | return 1 if $a5 > $b5;
|
---|
146 | return -1 if $a5 < $b5;
|
---|
147 | return 0;
|
---|
148 | }
|
---|