This is an automated email from the git hooks/post-receive script. s k u n n y k p u s h e d a c o m m i t t o b r a n c h o l d f o r u m in repository www/forum.xfce.org.
commit 35c4a05cff457b86ce4e2184018f19eaf59f0eec Author: Nick Schermer <n...@xfce.org> Date: Sun Feb 13 11:15:36 2011 +0100 Update to bad-behaviour 2.1.10. --- include/bad-behavior-fluxbb.php | 34 +++++++++-------- include/bad-behavior/banned.inc.php | 2 - include/bad-behavior/blackhole.inc.php | 5 ++- include/bad-behavior/blacklist.inc.php | 2 - include/bad-behavior/browser.inc.php | 2 - include/bad-behavior/cloudflare.inc.php | 2 - include/bad-behavior/common_tests.inc.php | 2 - include/bad-behavior/core.inc.php | 62 +++++++++++++++++++++++-------- include/bad-behavior/functions.inc.php | 3 +- include/bad-behavior/movabletype.inc.php | 2 - include/bad-behavior/post.inc.php | 4 +- include/bad-behavior/responses.inc.php | 1 - include/bad-behavior/screener.inc.php | 1 - include/bad-behavior/searchengine.inc.php | 2 - include/bad-behavior/whitelist.inc.php | 2 - 15 files changed, 71 insertions(+), 55 deletions(-) diff --git a/include/bad-behavior-fluxbb.php b/include/bad-behavior-fluxbb.php index a041590..8b33521 100644 --- a/include/bad-behavior-fluxbb.php +++ b/include/bad-behavior-fluxbb.php @@ -1,29 +1,30 @@ <?php /* -http://www.bad-behavior.ioerror.us/ - Bad Behavior - detects and blocks unwanted Web accesses -Copyright (C) 2005 Michael Hampton +Copyright (C) 2005,2006,2007,2008,2009,2010,2011 Michael Hampton + +Bad Behavior is free software; you can redistribute it and/or modify it under +the terms of the GNU Lesser General Public License as published by the Free +Software Foundation; either version 3 of the License, or (at your option) any +later version. -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. +This program is distributed in the hope that it will be useful, but WITHOUT ANY +WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A +PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. +You should have received a copy of the GNU Lesser General Public License along +with this program. If not, see <http://www.gnu.org/licenses/>. -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +Please report any problems to bad . bots AT ioerror DOT us +http://www.bad-behavior.ioerror.us/ */ // This file is the entry point for Bad Behavior. - if (!defined('PUN_ROOT')) exit; +############################################################################### +############################################################################### + define('BB2_CWD', dirname(__FILE__)); // Settings you can adjust for Bad Behavior. @@ -38,6 +39,9 @@ $bb2_settings_defaults = array( 'httpbl_threat' => '25', 'httpbl_maxage' => '30', 'offsite_forms' => false, + 'reverse_proxy' = false, + 'reverse_proxy_header' => 'X-Forwarded-For', + 'reverse_proxy_addresses' => array() ); // Bad Behavior callback functions. diff --git a/include/bad-behavior/banned.inc.php b/include/bad-behavior/banned.inc.php index a92178a..476a366 100644 --- a/include/bad-behavior/banned.inc.php +++ b/include/bad-behavior/banned.inc.php @@ -61,5 +61,3 @@ function bb2_log_denial($settings, $package, $key, $previous_key=false) if (!$settings['logging']) return; bb2_db_query(bb2_insert($settings, $package, $key)); } - -?> diff --git a/include/bad-behavior/blackhole.inc.php b/include/bad-behavior/blackhole.inc.php index f3bdff9..44e8d12 100644 --- a/include/bad-behavior/blackhole.inc.php +++ b/include/bad-behavior/blackhole.inc.php @@ -58,7 +58,10 @@ function bb2_httpbl($settings, $package) { if ($ip[0] == 127 && ($ip[3] & 7) && $ip[2] >= $settings['httpbl_threat'] && $ip[1] <= $settings['httpbl_maxage']) { return '2b021b1f'; } + // Check if search engine + if ($ip[3] == 0) { + return 1; + } } return false; } -?> diff --git a/include/bad-behavior/blacklist.inc.php b/include/bad-behavior/blacklist.inc.php index 2b1c666..8b2723c 100644 --- a/include/bad-behavior/blacklist.inc.php +++ b/include/bad-behavior/blacklist.inc.php @@ -125,5 +125,3 @@ function bb2_blacklist($package) { return FALSE; } - -?> diff --git a/include/bad-behavior/browser.inc.php b/include/bad-behavior/browser.inc.php index 773d6ef..b9c9aea 100644 --- a/include/bad-behavior/browser.inc.php +++ b/include/bad-behavior/browser.inc.php @@ -82,5 +82,3 @@ function bb2_safari($package) } return false; } - -?> diff --git a/include/bad-behavior/cloudflare.inc.php b/include/bad-behavior/cloudflare.inc.php index 99319f5..11f59ba 100644 --- a/include/bad-behavior/cloudflare.inc.php +++ b/include/bad-behavior/cloudflare.inc.php @@ -12,5 +12,3 @@ function bb2_cloudflare($package) # } return false; } - -?> diff --git a/include/bad-behavior/common_tests.inc.php b/include/bad-behavior/common_tests.inc.php index 2826ee5..abff3a3 100644 --- a/include/bad-behavior/common_tests.inc.php +++ b/include/bad-behavior/common_tests.inc.php @@ -146,5 +146,3 @@ function bb2_misc_headers($settings, $package) return false; } - -?> diff --git a/include/bad-behavior/core.inc.php b/include/bad-behavior/core.inc.php index 663e44b..43205d1 100644 --- a/include/bad-behavior/core.inc.php +++ b/include/bad-behavior/core.inc.php @@ -1,5 +1,5 @@ <?php if (!defined('BB2_CWD')) die("I said no cheating!"); -define('BB2_VERSION', "2.1.8"); +define('BB2_VERSION', "2.1.10"); // Bad Behavior entry point is bb2_start() // If you're reading this, you are probably lost. @@ -40,6 +40,19 @@ function bb2_approved($settings, $package) } } +// If this is reverse-proxied or load balanced, obtain the actual client IP +function bb2_reverse_proxy($settings, $headers_mixed) +{ + $addrs = array_reverse(preg_split("/[\s,]+/", $headers_mixed[$settings['reverse_proxy_header']])); + if (!empty($settings['reverse_proxy_addresses'])) { + foreach ($addrs as $addr) { + if (!match_cidr($addr, $settings['reverse_proxy_addresses'])) { + return $addr; + } + } + } + return $addrs[0]; +} // Let God sort 'em out! function bb2_start($settings) @@ -67,11 +80,15 @@ function bb2_start($settings) $request_uri = $_SERVER["REQUEST_URI"]; if (!$request_uri) $request_uri = $_SERVER['SCRIPT_NAME']; # IIS - # Nasty CloudFlare hack provided by butchs at simplemachines - $ip_temp = preg_replace("/^::ffff:/", "", (array_key_exists('Cf-Connecting-Ip', $headers_mixed)) ? $_SERVER['HTTP_CF_CONNECTING_IP'] : $_SERVER['REMOTE_ADDR']); - $cloudflare_ip = preg_replace("/^::ffff:/", "", $_SERVER['REMOTE_ADDR']); + if ($settings['reverse_proxy']) { + $headers['X-Bad-Behavior-Remote-Address'] = $_SERVER['REMOTE_ADDR']; + $headers_mixed['X-Bad-Behavior-Remote-Address'] = $_SERVER['REMOTE_ADDR']; + $ip = bb2_reverse_proxy($settings, $headers_mixed); + } else { + $ip = $_SERVER['REMOTE_ADDR']; + } - @$package = array('ip' => $ip_temp, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $_SERVER['REQUEST_METHOD'], 'request_uri' => $request_uri, 'server_protocol' => $_SERVER['SERVER_PROTOCOL'], 'request_entity' => $request_entity, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'is_browser' => false, 'cloudflare' => $cloudflare_ip); + @$package = array('ip' => $ip, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $_SERVER['REQUEST_METHOD'], 'request_uri' => $request_uri, 'server_protocol' => $_SERVER['SERVER_PROTOCOL'], 'request_entity' => $request_entity, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'is_browser' => false,); $result = bb2_screen($settings, $package); if ($result && !defined('BB2_TEST')) bb2_banned($settings, $package, $result); @@ -104,7 +121,10 @@ function bb2_screen($settings, $package) // Check the http:BL require_once(BB2_CORE . "/blackhole.inc.php"); - if ($r = bb2_httpbl($settings, $package)) return $r; + if ($r = bb2_httpbl($settings, $package)) { + if ($r == 1) return false; # whitelisted + return $r; + } // Check for common stuff require_once(BB2_CORE . "/common_tests.inc.php"); @@ -114,6 +134,26 @@ function bb2_screen($settings, $package) // Specific checks @$ua = $package['user_agent']; + // Search engine checks come first + if (stripos($ua, "bingbot") !== FALSE || stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) { + require_once(BB2_CORE . "/searchengine.inc.php"); + if ($r = bb2_msnbot($package)) { + if ($r == 1) return false; # whitelisted + return $r; + } + } elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE || stripos($ua, "Google Wireless") !== FALSE) { + require_once(BB2_CORE . "/searchengine.inc.php"); + if ($r = bb2_google($package)) { + if ($r == 1) return false; # whitelisted + return $r; + } + } elseif (stripos($ua, "Yahoo! Slurp") !== FALSE || stripos($ua, "Yahoo! SearchMonkey") !== FALSE) { + require_once(BB2_CORE . "/searchengine.inc.php"); + if ($r = bb2_yahoo($package)) { + if ($r == 1) return false; # whitelisted + return $r; + } + } // MSIE checks if (stripos($ua, "; MSIE") !== FALSE) { $package['is_browser'] = true; @@ -142,15 +182,6 @@ function bb2_screen($settings, $package) } elseif (stripos($ua, "MovableType") !== FALSE) { require_once(BB2_CORE . "/movabletype.inc.php"); if ($r = bb2_movabletype($package)) return $r; - } elseif (stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) { - require_once(BB2_CORE . "/searchengine.inc.php"); - if ($r = bb2_msnbot($package)) return $r; - } elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE || stripos($ua, "Google Wireless") !== FALSE) { - require_once(BB2_CORE . "/searchengine.inc.php"); - if ($r = bb2_google($package)) return $r; - } elseif (stripos($ua, "Yahoo! Slurp") !== FALSE || stripos($ua, "Yahoo! SearchMonkey") !== FALSE) { - require_once(BB2_CORE . "/searchengine.inc.php"); - if ($r = bb2_yahoo($package)) return $r; } elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) { $package['is_browser'] = true; require_once(BB2_CORE . "/browser.inc.php"); @@ -172,4 +203,3 @@ function bb2_screen($settings, $package) bb2_approved($settings, $package); return false; } -?> diff --git a/include/bad-behavior/functions.inc.php b/include/bad-behavior/functions.inc.php index 436cf6a..9833805 100644 --- a/include/bad-behavior/functions.inc.php +++ b/include/bad-behavior/functions.inc.php @@ -46,6 +46,7 @@ function match_cidr($addr, $cidr) { foreach ($cidr as $cidrlet) { if (match_cidr($addr, $cidrlet)) { $output = true; + break; } } } else { @@ -71,5 +72,3 @@ function bb2_load_headers() { } return $headers; } - -?> diff --git a/include/bad-behavior/movabletype.inc.php b/include/bad-behavior/movabletype.inc.php index b15fe9c..04c4625 100644 --- a/include/bad-behavior/movabletype.inc.php +++ b/include/bad-behavior/movabletype.inc.php @@ -10,5 +10,3 @@ function bb2_movabletype($package) } return false; } - -?> diff --git a/include/bad-behavior/post.inc.php b/include/bad-behavior/post.inc.php index e1d8ffa..39f7d34 100644 --- a/include/bad-behavior/post.inc.php +++ b/include/bad-behavior/post.inc.php @@ -54,7 +54,7 @@ function bb2_post($settings, $package) } // If Referer exists, it should refer to a page on our site - if ($settings['offsite_forms'] && array_key_exists('Referer', $package['headers_mixed']) && stripos($package['headers_mixed']['Referer'], $package['headers_mixed']['Host']) === FALSE) { + if (!$settings['offsite_forms'] && array_key_exists('Referer', $package['headers_mixed']) && stripos($package['headers_mixed']['Referer'], $package['headers_mixed']['Host']) === FALSE) { return "cd361abb"; } @@ -100,5 +100,3 @@ function bb2_post($settings, $package) return false; } - -?> diff --git a/include/bad-behavior/responses.inc.php b/include/bad-behavior/responses.inc.php index 48e9702..139641c 100644 --- a/include/bad-behavior/responses.inc.php +++ b/include/bad-behavior/responses.inc.php @@ -49,4 +49,3 @@ function bb2_get_response($key) { if (array_key_exists($key, $bb2_responses)) return $bb2_responses[$key]; return array('00000000'); } -?> diff --git a/include/bad-behavior/screener.inc.php b/include/bad-behavior/screener.inc.php index 55da198..8f5a624 100644 --- a/include/bad-behavior/screener.inc.php +++ b/include/bad-behavior/screener.inc.php @@ -60,4 +60,3 @@ function bb2_screener($settings, $package) bb2_screener_cookie($settings, $package, BB2_COOKIE, $cookie_value); bb2_screener_javascript($settings, $package, BB2_COOKIE, $cookie_value); } -?> diff --git a/include/bad-behavior/searchengine.inc.php b/include/bad-behavior/searchengine.inc.php index 582bf0f..9013dd7 100644 --- a/include/bad-behavior/searchengine.inc.php +++ b/include/bad-behavior/searchengine.inc.php @@ -43,5 +43,3 @@ function bb2_yahoo($package) # } return false; } - -?> diff --git a/include/bad-behavior/whitelist.inc.php b/include/bad-behavior/whitelist.inc.php index 6fa023f..ac35af6 100644 --- a/include/bad-behavior/whitelist.inc.php +++ b/include/bad-behavior/whitelist.inc.php @@ -26,5 +26,3 @@ function bb2_whitelist($package) } return false; } - -?> -- To stop receiving notification emails like this one, please contact the administrator of this repository. _______________________________________________ Xfce4-commits mailing list Xfce4-commits@xfce.org https://mail.xfce.org/mailman/listinfo/xfce4-commits