On Mon, 9 Jun 2014, Philip Prindeville wrote:
On Jun 9, 2014, at 3:36 PM, John Hardin <jhar...@impsec.org> wrote:
On Mon, 9 Jun 2014, Axb wrote:
On 06/09/2014 10:46 PM, Philip Prindeville wrote:
I’d like to add a plugin (and eventually share it once the bugs are
out) that uses either Net::CIDR::Lite to allow manual entry of
IP-based blacklists for known offending address blocks, or else using
the Geo::IP module to blacklist based on the country or ISP.
Is there a prototype Plugin that I could use for doing
parsing/looking up the URI’s hostname? Since I’m using a local
database without network access, it could happen synchronously…
The standard SA URIBL.pm ?
put your data in a local NS instance (rbldnsd, bind, whatever you prefer)
Second URIBL.pm.
For small sites it would be nice if it supported specifying a netblock
explicitly in the rule. If you're only doing a few that would be easier than
setting up a zone or rbldnsd. You might look at extending URIBL.pm to do that.
I’m happy to try doing that, since I know Perl and need this… I’m just
lacking on the expertise about doing SA modules… Anyone want to walk me
through it?
Ths URIBL module is already there. If you know Perl it should be fairly
easy to look at the existing code and add a variant where it accepts a
netblock spec instead of a URIBL hostname and does the IP comparison to
that rather than performing a DNS query...
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Gun Control laws cannot reduce violent crime, because gun control
laws focus obsessively on a tool a criminal might use to commit a
crime rather than the criminal himself and his act of violence.
-----------------------------------------------------------------------
739 days since the first successful private support mission to ISS (SpaceX)
