[Summary view] [Print] [Text view]

   1  <?php if (!defined('BB2_CORE')) die('I said no cheating!');
   2  
   3  // Look up address on various blackhole lists.
   4  // These should not be used for GET requests under any circumstances!
   5  // FIXME: Note that this code is no longer in use
   6  function bb2_blackhole($package) {
   7      // Can't use IPv6 addresses yet
   8      if (@is_ipv6($package['ip'])) return false;
   9  
  10      // Workaround for "MySQL server has gone away"
  11      bb2_db_query("SET @@session.wait_timeout = 90");
  12  
  13      // Only conservative lists
  14      $bb2_blackhole_lists = array(
  15          "sbl-xbl.spamhaus.org",    // All around nasties
  16  //        "dnsbl.sorbs.net",    // Old useless data.
  17  //        "list.dsbl.org",    // Old useless data.
  18  //        "dnsbl.ioerror.us",    // Bad Behavior Blackhole
  19      );
  20      
  21      // Things that shouldn't be blocked, from aggregate lists
  22      $bb2_blackhole_exceptions = array(
  23          "sbl-xbl.spamhaus.org" => array("127.0.0.4"),    // CBL is problematic
  24          "dnsbl.sorbs.net" => array("127.0.0.10",),    // Dynamic IPs only
  25          "list.dsbl.org" => array(),
  26          "dnsbl.ioerror.us" => array(),
  27      );
  28  
  29      // Check the blackhole lists
  30      $ip = $package['ip'];
  31      $find = implode('.', array_reverse(explode('.', $ip)));
  32      foreach ($bb2_blackhole_lists as $dnsbl) {
  33          $result = gethostbynamel($find . "." . $dnsbl . ".");
  34          if (!empty($result)) {
  35              // Got a match and it isn't on the exception list
  36              $result = @array_diff($result, $bb2_blackhole_exceptions[$dnsbl]);
  37              if (!empty($result)) {
  38                  return '136673cd';
  39              }
  40          }
  41      }
  42      return false;
  43  }
  44  
  45  function bb2_httpbl($settings, $package) {
  46      // Can't use IPv6 addresses yet
  47      if (@is_ipv6($package['ip'])) return false;
  48  
  49      if (@!$settings['httpbl_key']) return false;
  50  
  51      // Workaround for "MySQL server has gone away"
  52      bb2_db_query("SET @@session.wait_timeout = 90");
  53  
  54      $find = implode('.', array_reverse(explode('.', $package['ip'])));
  55      $result = gethostbynamel($settings['httpbl_key'].".$find}.dnsbl.httpbl.org.");
  56      if (!empty($result)) {
  57          $ip = explode('.', $result[0]);
  58          if ($ip[0] == 127 && ($ip[3] & 7) && $ip[2] >= $settings['httpbl_threat'] && $ip[1] <= $settings['httpbl_maxage']) {
  59              return '2b021b1f';
  60          }
  61      }
  62      return false;
  63  }
  64  ?>