Software /
code /
prosody-modules
Annotate
mod_register_dnsbl/mod_register_dnsbl.lua @ 3340:6081cbfd1220
mod_http_upload: Abort and throw error in case of failure to iterate over users
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 27 Sep 2018 20:03:10 +0200 |
parent | 2892:bf9fc41bf7ad |
child | 4118:82482e7e92cb |
rev | line source |
---|---|
2112
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 local adns = require "net.adns"; |
2890
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
2 local async = require "util.async"; |
2891
84670bac7348
mod_register_dnsbl: Use util.net for IP address parsing
Kim Alvefur <zash@zash.se>
parents:
2890
diff
changeset
|
3 local inet_pton = require "util.net".pton; |
2892
bf9fc41bf7ad
mod_register_dnsbl: Add support for IPv6 DNSBL
Kim Alvefur <zash@zash.se>
parents:
2891
diff
changeset
|
4 local to_hex = require "util.hex".to; |
2890
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
5 |
2112
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 local rbl = module:get_option_string("registration_rbl"); |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 local function reverse(ip, suffix) |
2891
84670bac7348
mod_register_dnsbl: Use util.net for IP address parsing
Kim Alvefur <zash@zash.se>
parents:
2890
diff
changeset
|
9 local n, err = inet_pton(ip); |
84670bac7348
mod_register_dnsbl: Use util.net for IP address parsing
Kim Alvefur <zash@zash.se>
parents:
2890
diff
changeset
|
10 if not n then return n, err end |
84670bac7348
mod_register_dnsbl: Use util.net for IP address parsing
Kim Alvefur <zash@zash.se>
parents:
2890
diff
changeset
|
11 if #n == 4 then |
84670bac7348
mod_register_dnsbl: Use util.net for IP address parsing
Kim Alvefur <zash@zash.se>
parents:
2890
diff
changeset
|
12 local a,b,c,d = n:byte(1,4); |
84670bac7348
mod_register_dnsbl: Use util.net for IP address parsing
Kim Alvefur <zash@zash.se>
parents:
2890
diff
changeset
|
13 return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix); |
2892
bf9fc41bf7ad
mod_register_dnsbl: Add support for IPv6 DNSBL
Kim Alvefur <zash@zash.se>
parents:
2891
diff
changeset
|
14 elseif #n == 16 then |
bf9fc41bf7ad
mod_register_dnsbl: Add support for IPv6 DNSBL
Kim Alvefur <zash@zash.se>
parents:
2891
diff
changeset
|
15 return to_hex(n):reverse():gsub("%x", "%1.") .. suffix; |
2891
84670bac7348
mod_register_dnsbl: Use util.net for IP address parsing
Kim Alvefur <zash@zash.se>
parents:
2890
diff
changeset
|
16 end |
2112
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 end |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
2890
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
19 module:hook("user-registering", function (event) |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
20 local session, ip = event.session, event.ip; |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
21 if not ip then |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
22 session.log("debug", "Unable to check DNSBL when IP is unknown"); |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
23 return; |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
24 end |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
25 local rbl_ip, err = reverse(ip, rbl); |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
26 if not rbl_ip then |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
27 session.log("debug", "Unable to check DNSBL for ip %s: %s", ip, err); |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
28 return; |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
29 end |
2112
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 |
2890
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
31 local wait, done = async.waiter(); |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
32 adns.lookup(function (reply) |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
33 if reply and reply[1] and reply[1].a then |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
34 session.log("debug", "DNSBL response: %s IN A %s", rbl_ip, reply[1].a); |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
35 session.log("info", "Blocking %s from registering %s (dnsbl hit)", ip, event.username); |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
36 event.allowed = false; |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
37 event.reason = "Blocked by DNSBL"; |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
38 end |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
39 done(); |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
40 end, rbl_ip); |
6412595e2046
mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
Kim Alvefur <zash@zash.se>
parents:
2203
diff
changeset
|
41 wait(); |
2112
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 end); |