Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
DNSBL/Open Proxy-Blocking Details »»
DNSBL/Open Proxy-Blocking
Version: 2.0.8, by TMM-TT TMM-TT is offline
Developer Last Online: May 2019 Show Printable Version Email this Page

Version: 3.5.x Rating:
Released: 09-14-2005 Last Update: 09-19-2008 Installs: 279
DB Changes Uses Plugins
 
No support by the author.

History

I've had some problems with abuse via open proxies for a time ago, and when we were banning abusers, they always found a new proxy to use and register new accounts with. Since this forum was a large type we could'nt just ban e-mails etc just like that, because this was leading to a very large amount of other banned users too.

At IRC, in the other hand, we had Open Proxy Monitors, that was banning everything that was blacklisted in some DNSBL-databases. No spammers had a chance to get in there as long they were listed in such database.

This is a plugin that blocks blacklisted hosts from some different DNSBL's. It uses the global_start-hook, a very simple handler for blocking proxies, and a vBphrase called OPM_Deny.


April 2006

The source has been rewritten a bit. The proxychecker is now using a cache that, by default, stores all ip's in a database for 6 hours. It scans some DNSBL's and can be configured to block proxies from bitmasks (defined in the plugin) which makes it a little bit more reliable, because it does'nt block everything it see).

Configuration is made from the plugin (hopefully there will be a nice admin interface in the future). Exceptions (ip's that can pass through this system even if it is a proxy) are also handled differently now.

// CHANGES
//
// 2008-09-20 (2.0.8)
//
// * Changed the routines for how to handle inclusion/exclusions
// * Splitted up plugins for 3.5/3.6 and 3.7
//
// 2007-08-05
//
// * Fixed reported bug, based on resolved hosts ending with 127
// * Changed database-tables to get rid of (hopefully) duplicate keys
// * Added resolver-function
// * Added two new block-methods available at the efnet-rbl
//
// 2006-06-28 (2.0.6/Another fix)
//
// * Proxyinclusions/exclusions didn't work properly
//
// 2006-06-28 (2.0.5/Fix only)
//
// * Fixed a bug in the $block-array that affected some of the blocking results
//
// 2006-06-28 (2.0.4)
//
// * opm.tornevall.org has a new entry for anonymizers, added support for this
// * Default value on "block everything detected" in plugin changed to "no"
//
// 2006-06-26 (2.0.3)
//
// * Created options for admincp (removed plugin-configuration)
// * Fixed a bit-bug for njabl
// * Plugin is now a function (rbl_livecheck) for external lookups
// * Added options for "only block on newuser-registrations"
//
// 2006-06-22 (2.0.3 RC)
//
// * The monitor is now a function
// * Added small compatibility with other plugins (with return)
//
// 2006-05-13
//
// * sorbs zones added (no bitmasking)
// * opm.blitzed.org removed
// * time() changed to TIMENOW
//
// 2006-04-21
// ==========
//
// * proxyinclusions
// quickly add own hosts that should be treated as a proxy
//


How does it work with other vBulletins?

This filter actually works with both 3.5 and 3.6, but for now, they will be separate versions, but for 3.5 and 3.6 you should look here and for 3.7 you should look here.


How to use the compatibility thing

If you have a plugin that you want to use together with the proxy monitor (only returns a value if a an ip-address is registered as a proxy or not) you can call the function rbl_livecheck like this (example):

PHP Code:
global $rblInstalled;

if (
$rblInstalled) {
$remoteIsProxy rbl_livecheck(1$_SERVER['REMOTE_ADDR']);

//
// .. your code here ..
//


Report bugs if you find them...



Don't forget to install it

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #22  
Old 10-02-2005, 12:58 PM
webspider webspider is offline
 
Join Date: Jun 2003
Location: Canada
Posts: 175
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

For those that are interested there is a nice php script that can be added to VB to block proxies. It will write to a mysql table and check the table first for banned addresses. For you coders maybe this script here can be reworked to add these features.

http://phprbl.init1.nl/
Reply With Quote
  #23  
Old 10-02-2005, 01:24 PM
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Location: Sweden
Posts: 212
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by webspider
For those that are interested there is a nice php script that can be added to VB to block proxies. It will write to a mysql table and check the table first for banned addresses. For you coders maybe this script here can be reworked to add these features.

http://phprbl.init1.nl/
That's the way the resolver for opm.tornevall.org works. The only problem is the cache-part for me. Does the url help in a similar way?
Reply With Quote
  #24  
Old 10-02-2005, 01:32 PM
Jenta Jenta is offline
 
Join Date: Dec 2004
Posts: 377
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It's still a question of querying that data only on session (1 time) instead of global (every page load)

There's no longer a session.php. It's in class_core.php I think
I browsed the new code and came away muttering to myself...but ima noob :ermm:
Reply With Quote
  #25  
Old 10-05-2005, 02:59 PM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I would think the best thing to do would add an extra column in the session table to do a hash of the "host" column, so you know when it changes that you need to re-check the IP.

Then add another (bool) column to store if it's an open proxy or not.

Find a hook in the session management to add in the necessary check / storing code, and you should be good to go.

Then each time a page is requested all it has to do is a quick MD5 of the current IP against the stored IP, if it's the same and it's okay, then nothing new, if it changes then make a new RBL request and go from there.

Session is a HEAP table, so it will go fast, and also clear out over time.

I could knock this out in an afternoon (assuming there are hooks in place, otherwise it would require a couple lines of manual file editing).

Easy as pie.
Reply With Quote
  #26  
Old 10-05-2005, 07:08 PM
SmartGnome's Avatar
SmartGnome SmartGnome is offline
 
Join Date: Mar 2003
Location: Amsterdam
Posts: 128
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well TMM I install it just to try. The idea is super, but my knowhow is a little to low for helping you out.

This option should be standard in the boardsoft a lot of us have problems with abusers who are changing proxy's within the hour.

I aplaud you TMM

Ad
Reply With Quote
  #27  
Old 10-06-2005, 03:23 PM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well, since there has been no reply about my concept, I'll go ahead and code a session based one like I stated above.
Reply With Quote
  #28  
Old 10-06-2005, 03:31 PM
webspider webspider is offline
 
Join Date: Jun 2003
Location: Canada
Posts: 175
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by eoc_Jason
Well, since there has been no reply about my concept, I'll go ahead and code a session based one like I stated above.
Your concept is good. For my purposes though I found a better solution. I hacked a couple scripts to 1) check the IP against a banned table first if not found then check the rbl servers 2) if found in the rbl servers write the blocked IP's into my .htaccess file blocking the user completely 3) customized my 403 page to display the service they are blacklisted on and provide removal instructions.

Anyone wanting the script can PM me. It would be nice if someone that was a good coder (not me) went through it refined and optimized it.
Reply With Quote
  #29  
Old 10-06-2005, 07:50 PM
SmartGnome's Avatar
SmartGnome SmartGnome is offline
 
Join Date: Mar 2003
Location: Amsterdam
Posts: 128
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by eoc_Jason
Well, since there has been no reply about my concept, I'll go ahead and code a session based one like I stated above.
Thank you for that... I have not much knowhow about this, so if you can do it then it's great.

Ad
Reply With Quote
  #30  
Old 10-06-2005, 08:14 PM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm about 99% done. All I had to do actually was add a single column to the session table labeled "OPM".

The code is flexible enough that you can add more RBL's and choose the reponse code(s) you want to blacklist. (Since not all return the same 127.0.0.x code, or the last number can have different meanings).

Yes, I could of added an additional blacklist table, however I wanted to do this quick and easy, and also this is just a realtime blackhole, not a permanent one. Though your hack (webspider) does sound worthwhile. I actually have only had to block a couple users via my firewall that were severly abusing the forum.

Anyhow, once I get that last little kink worked out, I'll post the code in this thread.
Reply With Quote
  #31  
Old 10-06-2005, 08:44 PM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Alright, I've finished the code... My last problem was that the templates were not showing up, the issue came because the global_start hook occurs before the header & footer templates are fetched, so I had to add them in manually.

There's 3 simple steps to implementing this.

1 DB addition
1 Phrase addition
1 XML file to import

I guess this could of been a "product" or whatever to automate the DB & Phrase, but I haven't had a chance to mess with that yet, and I don't plan on supporting this, so please don't ask.

The code is simple enough, I think a person could figure out how to add additional RBLs.

Anyhow, I'm not trying to step on the original author's toes with this hack, this is just a slightly different alternative that only checks (and saves) once per session (instead of every request).
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:32 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05739 seconds
  • Memory Usage 2,322KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_php
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete