Re: multi RBL monitor
On Sat, 22 May 2010, Ed Ravin wrote: Looking back over past posts to the Mon list, I see that the script I just re-submitted to the list was inspired by Tim Hanes's work, but I had to do a total rewrite to use asynchronous I/O. Speaking of credit, I see my author line was edited out of the version Jim put into CVS. What's that about? I checked into CVS exactly what was in your post, so I don't have the answer to that. I've edited what's in there now to include proper attribution. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Sat, May 22, 2010 at 11:40:44AM +1000, Noel Butler wrote: > On Fri, 2010-05-21 at 20:15 -0400, Jim Trocki wrote: > > > On Sat, 22 May 2010, Noel Butler wrote: > > > > > Hrmm, it is not there now thats why you cant find it. The original was > > > from 2003, I dont know why it was pulled, ill find out. > > > > http://linux.kernel.org/pipermail/mon/2007-July/001645.html > > > > Not sure what happened to it in the repo. Maybe I fatfingered something. > > I know in the past some other things Ed has posted to the list haven't > > made it into the repo, so sorry for that. > > > > > Ahh excellent, maybe it should be modified to give original credit to > Tim Hanes as well? > It's likely Tim's version I'm using, it's served us well anyway :) Looking back over past posts to the Mon list, I see that the script I just re-submitted to the list was inspired by Tim Hanes's work, but I had to do a total rewrite to use asynchronous I/O. Speaking of credit, I see my author line was edited out of the version Jim put into CVS. What's that about? -- Ed -- Ed Ravin | Warning - this email may contain rhetorical | devices, metaphors, analogies, typographical eravin@| errors, or just plain snarkiness. A sense of panix.com | humor may be required for proper interpretation. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Fri, 2010-05-21 at 20:15 -0400, Jim Trocki wrote: > On Sat, 22 May 2010, Noel Butler wrote: > > > Hrmm, it is not there now thats why you cant find it. The original was > > from 2003, I dont know why it was pulled, ill find out. > > http://linux.kernel.org/pipermail/mon/2007-July/001645.html > > Not sure what happened to it in the repo. Maybe I fatfingered something. > I know in the past some other things Ed has posted to the list haven't > made it into the repo, so sorry for that. > Ahh excellent, maybe it should be modified to give original credit to Tim Hanes as well? It's likely Tim's version I'm using, it's served us well anyway :) > I just added it again, and it should show up in the read-only cvs repo on > sourceforge shortly. It's in monitors/dnsbl, and I named it rbl.monitor > for the sake of historical record :) hehe good stuff, thanks <>___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Sat, 22 May 2010, Noel Butler wrote: Hrmm, it is not there now thats why you cant find it. The original was from 2003, I dont know why it was pulled, ill find out. http://linux.kernel.org/pipermail/mon/2007-July/001645.html Not sure what happened to it in the repo. Maybe I fatfingered something. I know in the past some other things Ed has posted to the list haven't made it into the repo, so sorry for that. I just added it again, and it should show up in the read-only cvs repo on sourceforge shortly. It's in monitors/dnsbl, and I named it rbl.monitor for the sake of historical record :) ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
Hrmm, it is not there now thats why you cant find it. The original was from 2003, I dont know why it was pulled, ill find out. On Fri, 2010-05-21 at 12:27 -0400, Nathan Gibbs wrote: > * Noel Butler wrote: > > There is an RBL monitor script on the website somewhere. if you can't > > find it let me know. > > > > > No luck on either site. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
* Ed Ravin wrote: > On Thu, May 20, 2010 at 08:33:45PM -0400, Nathan Gibbs wrote: >> Anybody already done this? > > Yes, see attached. Note that it queries all the RBL lists in parallel, > so if you run it with a big list and/or a lot of IPs to check,it can run > out of file descriptors. If that happens, adjust the max number of FDs > with "ulimit -n" or the like. > OH, very nice! I won't have to reinvent the wheel. Also, learned a few tricks from reading your code. Thanks for the time saved & education. >> If, so where can I find it? > > Argh, did I not upload it to the config section on Sourceforge? Do I > still even remember how? > I don't know, I thought I saw it on the websites ( sourceforge, or wiki ) at some point, but I couldn't find it when looking last night. Thanks -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Fri, May 21, 2010 at 2:33 AM, Nathan Gibbs wrote: > Anybody already done this? > If, so where can I find it? Hi, someone on spamassassin ml posts this command line script: http://www.localside.net/scripts/ HTH, -f ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
There is an RBL monitor script on the website somewhere. if you can't find it let me know. On Thu, 2010-05-20 at 20:33 -0400, Nathan Gibbs wrote: > Anybody already done this? > If, so where can I find it? > > Thanks > > ___ > mon mailing list > mon@linux.kernel.org > http://linux.kernel.org/mailman/listinfo/mon ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Thu, May 20, 2010 at 08:33:45PM -0400, Nathan Gibbs wrote:
> Anybody already done this?
Yes, see attached. Note that it queries all the RBL lists in parallel,
so if you run it with a big list and/or a lot of IPs to check,it can run
out of file descriptors. If that happens, adjust the max number of FDs
with "ulimit -n" or the like.
> If, so where can I find it?
Argh, did I not upload it to the config section on Sourceforge? Do I
still even remember how?
-- Ed
#!/usr/bin/perl
# rbl.monitor - check RBL blacklists for an IP address. Uses asynch I/O
# to send all the requests simultaneously
# Copyright (c) 2007, 2008 by Ed Ravin . License is GNU.
# Available to the public courtesy of Public Access Networks http://panix.com
my $usage="\
Usage: rbl.monitor [options] hostname [...]
Options [and default values]:
--listfile [preset list, see script]
--rbllist
--timeout[60 seconds]
--debug [off]
";
use strict;
use Net::DNS;
use IO::Select;
use Getopt::Long;
my %opt;
GetOptions(\%opt,
"listfile=s",
"rbllist=s",
"timeout=i",
"debug",
) or die $usage;
my $listfile= $opt{listfile} || "";
my $rbllist= $opt{rbllist} || "";
my $selecttimeout = 5;
my $timeout= ($opt{timeout} || 60) + ($selecttimeout * 2);
my $debug= $opt{debug} || 0;
# Default RBLs to check - just a few of the lists most likely to block mail
# Sites with specific needs should customize via the command line
my @rbls2check=(
"bl.spamcop.net",
"relays.mail-abuse.org",
"zen.spamhaus.org",
"dnsbl.sorbs.net",
"dnsbl-1.uceprotect.net",
);
if ($listfile) {
open(LIST, "< $listfile") ||
die "$0: cannot open list file \"$listfile\": $!\n";
@rbls2check= grep !/^\s*#/, ;
@rbls2check= grep !/^\s*$/, @rbls2check;
map {chomp} @rbls2check;
close LIST;
die "$0: no RBL names found in \"$listfile\"\n" unless @rbls2check;
}
if ($rbllist) {
@rbls2check= split(',', $rbllist);
}
print "*** checking these RBLs:\n " . join("\n ", @rbls2check) . "\n"
if $debug;
my (@summary, @detail);
my @sockets;
my $res = Net::DNS::Resolver->new;
my $sel = IO::Select->new();
my $starttime= time;
my %revip2host;
# gethostbyname is non-reentrant, so parse the hostnames to test up front
foreach my $host (@ARGV) {
my $hostdata= gethostbyname($host);
if (!defined($hostdata)) {
push @summary, $host;
push @detail, "$host: bad hostname";
next;
}
my $revip= join(".", reverse(unpack("C4", $hostdata)));
$revip2host{$revip}= $host;
}
# start all the queries
foreach my $revip (keys %revip2host) {
foreach my $rbl (@rbls2check) {
my $dnssock= $res->bgsend(join(".", $revip, $rbl));
die "$0: Net::DNS::Resolver::bgsend returns undef - too many
open files?\n"
unless defined($dnssock);
push @sockets, $dnssock;
$sel->add($dnssock);
}
}
MAINLOOP:
while ($sel->handles > 0) {
my @ready = $sel->can_read($selecttimeout);
if ( (time - $starttime) > $timeout) { # waited too long?
push @detail, "TIMEOUT: " . scalar($sel->handles) . " responses
still pending";
last MAINLOOP;
}
foreach my $sock (@ready) {
my ($authority, $ipaddress, $revip, $forwardip, $host);
my $packet = $res->bgread($sock);
foreach my $rr ($packet->answer) {
if ($rr->type eq "A") {
$ipaddress= $rr->address;
$authority= $rr->name;
my $q= \$packet->question;
my @qquads= split('\.',${$$q}{qname});
splice(@qquads, 4);
$revip= join('.', @qquads);
$forwardip= join('.', reverse(@qquads));
$host= $revip2host{$revip} || $forwardip;
push @summary, $host
unless grep /^$host$/, @summary;
push @detail, "$host: $authority: " .
$rr->address;
}
}
$sel->remove($sock);
}
}
print join(" ", (sort @summary)) if (@summary);
print "\n";
print join("\n", (sort @detail)), "\n" if @detail;
exit 1 if @summary;
exit 0;
___
mon mailing list
mon@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/mon
multi RBL monitor
Anybody already done this? If, so where can I find it? Thanks -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
