Re: multi RBL monitor
On Sat, 22 May 2010, Ed Ravin wrote: Looking back over past posts to the Mon list, I see that the script I just re-submitted to the list was inspired by Tim Hanes's work, but I had to do a total rewrite to use asynchronous I/O. Speaking of credit, I see my author line was edited out of the version Jim put into CVS. What's that about? I checked into CVS exactly what was in your post, so I don't have the answer to that. I've edited what's in there now to include proper attribution. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Sat, May 22, 2010 at 11:40:44AM +1000, Noel Butler wrote: > On Fri, 2010-05-21 at 20:15 -0400, Jim Trocki wrote: > > > On Sat, 22 May 2010, Noel Butler wrote: > > > > > Hrmm, it is not there now thats why you cant find it. The original was > > > from 2003, I dont know why it was pulled, ill find out. > > > > http://linux.kernel.org/pipermail/mon/2007-July/001645.html > > > > Not sure what happened to it in the repo. Maybe I fatfingered something. > > I know in the past some other things Ed has posted to the list haven't > > made it into the repo, so sorry for that. > > > > > Ahh excellent, maybe it should be modified to give original credit to > Tim Hanes as well? > It's likely Tim's version I'm using, it's served us well anyway :) Looking back over past posts to the Mon list, I see that the script I just re-submitted to the list was inspired by Tim Hanes's work, but I had to do a total rewrite to use asynchronous I/O. Speaking of credit, I see my author line was edited out of the version Jim put into CVS. What's that about? -- Ed -- Ed Ravin | Warning - this email may contain rhetorical | devices, metaphors, analogies, typographical eravin@| errors, or just plain snarkiness. A sense of panix.com | humor may be required for proper interpretation. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Fri, 2010-05-21 at 20:15 -0400, Jim Trocki wrote: > On Sat, 22 May 2010, Noel Butler wrote: > > > Hrmm, it is not there now thats why you cant find it. The original was > > from 2003, I dont know why it was pulled, ill find out. > > http://linux.kernel.org/pipermail/mon/2007-July/001645.html > > Not sure what happened to it in the repo. Maybe I fatfingered something. > I know in the past some other things Ed has posted to the list haven't > made it into the repo, so sorry for that. > Ahh excellent, maybe it should be modified to give original credit to Tim Hanes as well? It's likely Tim's version I'm using, it's served us well anyway :) > I just added it again, and it should show up in the read-only cvs repo on > sourceforge shortly. It's in monitors/dnsbl, and I named it rbl.monitor > for the sake of historical record :) hehe good stuff, thanks <>___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Sat, 22 May 2010, Noel Butler wrote: Hrmm, it is not there now thats why you cant find it. The original was from 2003, I dont know why it was pulled, ill find out. http://linux.kernel.org/pipermail/mon/2007-July/001645.html Not sure what happened to it in the repo. Maybe I fatfingered something. I know in the past some other things Ed has posted to the list haven't made it into the repo, so sorry for that. I just added it again, and it should show up in the read-only cvs repo on sourceforge shortly. It's in monitors/dnsbl, and I named it rbl.monitor for the sake of historical record :) ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
Hrmm, it is not there now thats why you cant find it. The original was from 2003, I dont know why it was pulled, ill find out. On Fri, 2010-05-21 at 12:27 -0400, Nathan Gibbs wrote: > * Noel Butler wrote: > > There is an RBL monitor script on the website somewhere. if you can't > > find it let me know. > > > > > No luck on either site. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
* Ed Ravin wrote: > On Thu, May 20, 2010 at 08:33:45PM -0400, Nathan Gibbs wrote: >> Anybody already done this? > > Yes, see attached. Note that it queries all the RBL lists in parallel, > so if you run it with a big list and/or a lot of IPs to check,it can run > out of file descriptors. If that happens, adjust the max number of FDs > with "ulimit -n" or the like. > OH, very nice! I won't have to reinvent the wheel. Also, learned a few tricks from reading your code. Thanks for the time saved & education. >> If, so where can I find it? > > Argh, did I not upload it to the config section on Sourceforge? Do I > still even remember how? > I don't know, I thought I saw it on the websites ( sourceforge, or wiki ) at some point, but I couldn't find it when looking last night. Thanks -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Fri, May 21, 2010 at 2:33 AM, Nathan Gibbs wrote: > Anybody already done this? > If, so where can I find it? Hi, someone on spamassassin ml posts this command line script: http://www.localside.net/scripts/ HTH, -f ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
There is an RBL monitor script on the website somewhere. if you can't find it let me know. On Thu, 2010-05-20 at 20:33 -0400, Nathan Gibbs wrote: > Anybody already done this? > If, so where can I find it? > > Thanks > > ___ > mon mailing list > mon@linux.kernel.org > http://linux.kernel.org/mailman/listinfo/mon ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Thu, May 20, 2010 at 08:33:45PM -0400, Nathan Gibbs wrote: > Anybody already done this? Yes, see attached. Note that it queries all the RBL lists in parallel, so if you run it with a big list and/or a lot of IPs to check,it can run out of file descriptors. If that happens, adjust the max number of FDs with "ulimit -n" or the like. > If, so where can I find it? Argh, did I not upload it to the config section on Sourceforge? Do I still even remember how? -- Ed #!/usr/bin/perl # rbl.monitor - check RBL blacklists for an IP address. Uses asynch I/O # to send all the requests simultaneously # Copyright (c) 2007, 2008 by Ed Ravin . License is GNU. # Available to the public courtesy of Public Access Networks http://panix.com my $usage="\ Usage: rbl.monitor [options] hostname [...] Options [and default values]: --listfile [preset list, see script] --rbllist --timeout[60 seconds] --debug [off] "; use strict; use Net::DNS; use IO::Select; use Getopt::Long; my %opt; GetOptions(\%opt, "listfile=s", "rbllist=s", "timeout=i", "debug", ) or die $usage; my $listfile= $opt{listfile} || ""; my $rbllist= $opt{rbllist} || ""; my $selecttimeout = 5; my $timeout= ($opt{timeout} || 60) + ($selecttimeout * 2); my $debug= $opt{debug} || 0; # Default RBLs to check - just a few of the lists most likely to block mail # Sites with specific needs should customize via the command line my @rbls2check=( "bl.spamcop.net", "relays.mail-abuse.org", "zen.spamhaus.org", "dnsbl.sorbs.net", "dnsbl-1.uceprotect.net", ); if ($listfile) { open(LIST, "< $listfile") || die "$0: cannot open list file \"$listfile\": $!\n"; @rbls2check= grep !/^\s*#/, ; @rbls2check= grep !/^\s*$/, @rbls2check; map {chomp} @rbls2check; close LIST; die "$0: no RBL names found in \"$listfile\"\n" unless @rbls2check; } if ($rbllist) { @rbls2check= split(',', $rbllist); } print "*** checking these RBLs:\n " . join("\n ", @rbls2check) . "\n" if $debug; my (@summary, @detail); my @sockets; my $res = Net::DNS::Resolver->new; my $sel = IO::Select->new(); my $starttime= time; my %revip2host; # gethostbyname is non-reentrant, so parse the hostnames to test up front foreach my $host (@ARGV) { my $hostdata= gethostbyname($host); if (!defined($hostdata)) { push @summary, $host; push @detail, "$host: bad hostname"; next; } my $revip= join(".", reverse(unpack("C4", $hostdata))); $revip2host{$revip}= $host; } # start all the queries foreach my $revip (keys %revip2host) { foreach my $rbl (@rbls2check) { my $dnssock= $res->bgsend(join(".", $revip, $rbl)); die "$0: Net::DNS::Resolver::bgsend returns undef - too many open files?\n" unless defined($dnssock); push @sockets, $dnssock; $sel->add($dnssock); } } MAINLOOP: while ($sel->handles > 0) { my @ready = $sel->can_read($selecttimeout); if ( (time - $starttime) > $timeout) { # waited too long? push @detail, "TIMEOUT: " . scalar($sel->handles) . " responses still pending"; last MAINLOOP; } foreach my $sock (@ready) { my ($authority, $ipaddress, $revip, $forwardip, $host); my $packet = $res->bgread($sock); foreach my $rr ($packet->answer) { if ($rr->type eq "A") { $ipaddress= $rr->address; $authority= $rr->name; my $q= \$packet->question; my @qquads= split('\.',${$$q}{qname}); splice(@qquads, 4); $revip= join('.', @qquads); $forwardip= join('.', reverse(@qquads)); $host= $revip2host{$revip} || $forwardip; push @summary, $host unless grep /^$host$/, @summary; push @detail, "$host: $authority: " . $rr->address; } } $sel->remove($sock); } } print join(" ", (sort @summary)) if (@summary); print "\n"; print join("\n", (sort @detail)), "\n" if @detail; exit 1 if @summary; exit 0; ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
multi RBL monitor
Anybody already done this? If, so where can I find it? Thanks -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon