Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
DNSBL/Open Proxy-Blocking Details »»
DNSBL/Open Proxy-Blocking
Version: 2.0.8, by TMM-TT TMM-TT is offline
Developer Last Online: May 2019 Show Printable Version Email this Page

Version: 3.5.x Rating:
Released: 09-14-2005 Last Update: 09-19-2008 Installs: 279
DB Changes Uses Plugins
 
No support by the author.

History

I've had some problems with abuse via open proxies for a time ago, and when we were banning abusers, they always found a new proxy to use and register new accounts with. Since this forum was a large type we could'nt just ban e-mails etc just like that, because this was leading to a very large amount of other banned users too.

At IRC, in the other hand, we had Open Proxy Monitors, that was banning everything that was blacklisted in some DNSBL-databases. No spammers had a chance to get in there as long they were listed in such database.

This is a plugin that blocks blacklisted hosts from some different DNSBL's. It uses the global_start-hook, a very simple handler for blocking proxies, and a vBphrase called OPM_Deny.


April 2006

The source has been rewritten a bit. The proxychecker is now using a cache that, by default, stores all ip's in a database for 6 hours. It scans some DNSBL's and can be configured to block proxies from bitmasks (defined in the plugin) which makes it a little bit more reliable, because it does'nt block everything it see).

Configuration is made from the plugin (hopefully there will be a nice admin interface in the future). Exceptions (ip's that can pass through this system even if it is a proxy) are also handled differently now.

// CHANGES
//
// 2008-09-20 (2.0.8)
//
// * Changed the routines for how to handle inclusion/exclusions
// * Splitted up plugins for 3.5/3.6 and 3.7
//
// 2007-08-05
//
// * Fixed reported bug, based on resolved hosts ending with 127
// * Changed database-tables to get rid of (hopefully) duplicate keys
// * Added resolver-function
// * Added two new block-methods available at the efnet-rbl
//
// 2006-06-28 (2.0.6/Another fix)
//
// * Proxyinclusions/exclusions didn't work properly
//
// 2006-06-28 (2.0.5/Fix only)
//
// * Fixed a bug in the $block-array that affected some of the blocking results
//
// 2006-06-28 (2.0.4)
//
// * opm.tornevall.org has a new entry for anonymizers, added support for this
// * Default value on "block everything detected" in plugin changed to "no"
//
// 2006-06-26 (2.0.3)
//
// * Created options for admincp (removed plugin-configuration)
// * Fixed a bit-bug for njabl
// * Plugin is now a function (rbl_livecheck) for external lookups
// * Added options for "only block on newuser-registrations"
//
// 2006-06-22 (2.0.3 RC)
//
// * The monitor is now a function
// * Added small compatibility with other plugins (with return)
//
// 2006-05-13
//
// * sorbs zones added (no bitmasking)
// * opm.blitzed.org removed
// * time() changed to TIMENOW
//
// 2006-04-21
// ==========
//
// * proxyinclusions
// quickly add own hosts that should be treated as a proxy
//


How does it work with other vBulletins?

This filter actually works with both 3.5 and 3.6, but for now, they will be separate versions, but for 3.5 and 3.6 you should look here and for 3.7 you should look here.


How to use the compatibility thing

If you have a plugin that you want to use together with the proxy monitor (only returns a value if a an ip-address is registered as a proxy or not) you can call the function rbl_livecheck like this (example):

PHP Code:
global $rblInstalled;

if (
$rblInstalled) {
$remoteIsProxy rbl_livecheck(1$_SERVER['REMOTE_ADDR']);

//
// .. your code here ..
//


Report bugs if you find them...



Don't forget to install it

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #42  
Old 10-12-2005, 02:12 PM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I think one major thing that needs to be addressed is a low "timeout", incase a RBL becomes un-responsive. I've been so busy I haven't had a chance to look into that yet, but I know there is a PHP variable somewhere. Also there might be a better method than using the gethostbyname function, not sure.
Reply With Quote
  #43  
Old 10-12-2005, 09:25 PM
NuclioN's Avatar
NuclioN NuclioN is offline
 
Join Date: Aug 2002
Posts: 955
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

We've installed this as a product now and hope it's working. Are there things to do after the install such as update a blacklist somewhere?
Reply With Quote
  #44  
Old 10-12-2005, 09:47 PM
ImportPassion ImportPassion is offline
 
Join Date: Mar 2002
Location: Gilbert, AZ
Posts: 605
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i had to disable this. It was causing major lag on my site.
Reply With Quote
  #45  
Old 10-12-2005, 09:59 PM
webspider webspider is offline
 
Join Date: Jun 2003
Location: Canada
Posts: 175
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I was not having a lag at all but I did find a high ratio of false positives.
Reply With Quote
  #46  
Old 10-13-2005, 01:20 AM
C_P's Avatar
C_P C_P is offline
 
Join Date: Sep 2004
Posts: 262
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by webspider
I was not having a lag at all but I did find a high ratio of false positives.
DITTO here.
Reply With Quote
  #47  
Old 10-13-2005, 02:46 PM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Which list were the false positives coming from? I usualy found most were coming from CBL, which I disabled that code in mine. There were IPs that were last checked / listed many, many months ago. Which you would *think* would get de-listed over time, but they wern't.

Perhaps the actual checking code should be a shutdown query, as to not lag the end-user. Then the regular check against the session table can be where it currently is.
Reply With Quote
  #48  
Old 10-13-2005, 02:52 PM
ImportPassion ImportPassion is offline
 
Join Date: Mar 2002
Location: Gilbert, AZ
Posts: 605
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

is there a way to just do this for new users registering?
Reply With Quote
  #49  
Old 10-13-2005, 03:44 PM
C_P's Avatar
C_P C_P is offline
 
Join Date: Sep 2004
Posts: 262
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by eoc_Jason
Which list were the false positives coming from? I usualy found most were coming from CBL, which I disabled that code in mine. There were IPs that were last checked / listed many, many months ago. Which you would *think* would get de-listed over time, but they wern't.

Perhaps the actual checking code should be a shutdown query, as to not lag the end-user. Then the regular check against the session table can be where it currently is.
eoc_Jason I used your plug in and not the one in first thread.
It rejected connections from "GoBigWest" and "Dialup.cc". Both ISPs use Level3 numbers.

Rejected IPs were

IP Address: 4.250.177.131
Hostname: dialup-4.250.177.131.Dial1.Weehawken1.Level3.net

IP Address: 4.250.138.133
Hostname: dialup-4.250.138.133.Dial1.Weehawken1.Level3.net

The Spamhaus website said that the IP's weren't listed, but other whois sites were able to correctly identify them as Level3.
Reply With Quote
  #50  
Old 10-16-2005, 11:07 PM
skydancer's Avatar
skydancer skydancer is offline
 
Join Date: Oct 2002
Location: Netherlands
Posts: 7
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by 7thgenCivic.Com
is there a way to just do this for new users registering?
Yes, just edit the plugin and add at the top:

if (THIS_SCRIPT=='register') {

and at the bottom:

}
Reply With Quote
  #51  
Old 10-17-2005, 01:27 AM
cnutter cnutter is offline
 
Join Date: Jan 2005
Posts: 50
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by skydancer
Yes, just edit the plugin and add at the top:

if (THIS_SCRIPT=='register') {

and at the bottom:

}

Skydance so it should look like this if we only one it to check users as they register on a site?
Code:
if (THIS_SCRIPT=='register') { 

if ($vbulletin->session->vars['OPM'] == 0) { 
    OPM_proxy_check(IPADDRESS); 
} 

if ($vbulletin->session->vars['OPM'] == 2) { 
    // parse some global templates 
    eval('$gobutton = "' . fetch_template('gobutton') . '";'); 
    eval('$spacer_open = "' . fetch_template('spacer_open') . '";'); 
    eval('$spacer_close = "' . fetch_template('spacer_close') . '";'); 
    eval('$headinclude = "' . fetch_template('headinclude') . '";'); 
    eval('$header = "' . fetch_template('header') . '";'); 
    eval('$footer = "' . fetch_template('footer') . '";'); 

    eval(standard_error(fetch_error('OPM_Deny',IPADDRESS))); 
} 


function OPM_proxy_check($OPMremote) { 
    global $vbulletin, $db; 

    $cleaned['sessionhash'] = "'" . $db->escape_string($vbulletin->session->vars['dbsessionhash']) . "'"; 

    $OPMlist = array( 
        "xbl.spamhaus.org" => array(4,5,6) 
        ); 


    $OPMreverse = implode('.',array_reverse(explode('.',$OPMremote))); 

    foreach ($OPMlist as $OPMhost => $OPMcodes) { 
        $OPMresult = explode('.',gethostbyname($OPMreverse.".".$OPMhost)); 

        if($OPMresult[0] = 127 && in_array($OPMresult[3],$OPMcodes)) { 
            $db->query_write(" 
                UPDATE " . TABLE_PREFIX . "session 
                SET OPM = 2 
                WHERE " . TABLE_PREFIX . "sessionhash = $cleaned[sessionhash] 
                LIMIT 1 
            "); 
            $vbulletin->session->vars['OPM'] = 2; 
            break; 
        } 
    } 

    if ($vbulletin->session->vars['OPM'] == 0) { 
        // This IP is okay for this session 
        $db->query_write(" 
            UPDATE " . TABLE_PREFIX . "session 
            SET OPM = 1 
            WHERE " . TABLE_PREFIX . "sessionhash = $cleaned[sessionhash] 
            LIMIT 1 
        "); 
    } 

    return; 
} 
}
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:20 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05645 seconds
  • Memory Usage 2,325KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (1)bbcode_php
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete