annotate mod_register_dnsbl_firewall_mark/mod_register_dnsbl_firewall_mark.lua @ 2932:4bb3a4b726c9

mod_net_proxy: Fixed typo in example HAProxy configuration within README
author Pascal Mathis <mail@pascalmathis.com>
date Thu, 15 Mar 2018 23:44:35 +0100
parents 589cc51209f7
children 76036fa34055
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2112
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 local adns = require "net.adns";
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 local rbl = module:get_option_string("registration_rbl");
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local function reverse(ip, suffix)
2135
42b095dab626 mod_register_dnsbl: Fix matching pattern (Thanks Ge0rG)
Kim Alvefur <zash@zash.se>
parents: 2112
diff changeset
5 local a,b,c,d = ip:match("^(%d+).(%d+).(%d+).(%d+)$");
2112
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 if not a then return end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 module:hook("user-registered", function (event)
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 local session = event.session;
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 local ip = session and session.ip;
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 local rbl_ip = ip and reverse(ip, rbl);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 if rbl_ip then
2895
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents: 2889
diff changeset
15 local registration_time = os.time();
2112
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 local log = session.log;
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 adns.lookup(function (reply)
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 if reply and reply[1] then
2203
2dcc3079572c mod_register_dnsbl: Include more information in log message
Kim Alvefur <zash@zash.se>
parents: 2135
diff changeset
19 log("warn", "Account %s@%s registered from IP %s found in RBL (%s)", event.username, event.host or module.host, ip, reply[1].a);
2895
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents: 2889
diff changeset
20 local user = prosody.bare_sessions[event.username .. "@" .. module.host];
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents: 2889
diff changeset
21 if user and user.firewall_marks then
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents: 2889
diff changeset
22 user.firewall_marks.dnsbl_hit = registration_time;
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents: 2889
diff changeset
23 else
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents: 2889
diff changeset
24 module:open_store("firewall_marks", "map"):set(event.username, "dnsbl_hit", registration_time);
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents: 2889
diff changeset
25 end
2112
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 end, rbl_ip);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 end);