annotate mod_register_dnsbl_warn/mod_register_dnsbl_warn.lua @ 5160:8474a3b80200

mod_firewall: Fix 'is_admin' internal dependency rule #1797 (thanks diane) Looks like the boolean logic was inverted here. Instead, for now, simply check if is_admin is there. It is deprecated in trunk and was briefly removed before being brought back with a 'deprecated' warning as part of the new roles and permissions work. Making this dependency conditioned on the existence of the underlying function should make it work until it actually goes away for real.
author Kim Alvefur <zash@zash.se>
date Fri, 27 Jan 2023 23:06:25 +0100
parents 76036fa34055
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2112
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 local adns = require "net.adns";
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 local rbl = module:get_option_string("registration_rbl");
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local function reverse(ip, suffix)
3993
76036fa34055 mod_register_dnsbl_*: fix DS legacy ipv4 addresses, thx Zash
Georg Lukas <georg@op-co.de>
parents: 2889
diff changeset
5 if ip:sub(1,7):lower() == "::ffff:" then
76036fa34055 mod_register_dnsbl_*: fix DS legacy ipv4 addresses, thx Zash
Georg Lukas <georg@op-co.de>
parents: 2889
diff changeset
6 ip = ip:sub(8);
76036fa34055 mod_register_dnsbl_*: fix DS legacy ipv4 addresses, thx Zash
Georg Lukas <georg@op-co.de>
parents: 2889
diff changeset
7 end
2135
42b095dab626 mod_register_dnsbl: Fix matching pattern (Thanks Ge0rG)
Kim Alvefur <zash@zash.se>
parents: 2112
diff changeset
8 local a,b,c,d = ip:match("^(%d+).(%d+).(%d+).(%d+)$");
2112
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 if not a then return end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 -- TODO async
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 -- module:hook("user-registering", function (event) end);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 module:hook("user-registered", function (event)
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 local session = event.session;
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 local ip = session and session.ip;
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 local rbl_ip = ip and reverse(ip, rbl);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 if rbl_ip then
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 local log = session.log;
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 adns.lookup(function (reply)
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 if reply and reply[1] then
2203
2dcc3079572c mod_register_dnsbl: Include more information in log message
Kim Alvefur <zash@zash.se>
parents: 2135
diff changeset
24 log("warn", "Account %s@%s registered from IP %s found in RBL (%s)", event.username, event.host or module.host, ip, reply[1].a);
2112
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 end, rbl_ip);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 end);