Re: multi RBL monitor
On Sat, May 22, 2010 at 11:40:44AM +1000, Noel Butler wrote: On Fri, 2010-05-21 at 20:15 -0400, Jim Trocki wrote: On Sat, 22 May 2010, Noel Butler wrote: Hrmm, it is not there now thats why you cant find it. The original was from 2003, I dont know why it was pulled, ill find out. http://linux.kernel.org/pipermail/mon/2007-July/001645.html Not sure what happened to it in the repo. Maybe I fatfingered something. I know in the past some other things Ed has posted to the list haven't made it into the repo, so sorry for that. Ahh excellent, maybe it should be modified to give original credit to Tim Hanes as well? It's likely Tim's version I'm using, it's served us well anyway :) Looking back over past posts to the Mon list, I see that the script I just re-submitted to the list was inspired by Tim Hanes's work, but I had to do a total rewrite to use asynchronous I/O. Speaking of credit, I see my author line was edited out of the version Jim put into CVS. What's that about? -- Ed -- Ed Ravin | Warning - this email may contain rhetorical | devices, metaphors, analogies, typographical eravin@| errors, or just plain snarkiness. A sense of panix.com | humor may be required for proper interpretation. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Sat, 22 May 2010, Ed Ravin wrote: Looking back over past posts to the Mon list, I see that the script I just re-submitted to the list was inspired by Tim Hanes's work, but I had to do a total rewrite to use asynchronous I/O. Speaking of credit, I see my author line was edited out of the version Jim put into CVS. What's that about? I checked into CVS exactly what was in your post, so I don't have the answer to that. I've edited what's in there now to include proper attribution. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
There is an RBL monitor script on the website somewhere. if you can't find it let me know. On Thu, 2010-05-20 at 20:33 -0400, Nathan Gibbs wrote: Anybody already done this? If, so where can I find it? Thanks ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
* Ed Ravin wrote: On Thu, May 20, 2010 at 08:33:45PM -0400, Nathan Gibbs wrote: Anybody already done this? Yes, see attached. Note that it queries all the RBL lists in parallel, so if you run it with a big list and/or a lot of IPs to check,it can run out of file descriptors. If that happens, adjust the max number of FDs with ulimit -n or the like. OH, very nice! I won't have to reinvent the wheel. Also, learned a few tricks from reading your code. Thanks for the time saved education. If, so where can I find it? Argh, did I not upload it to the config section on Sourceforge? Do I still even remember how? I don't know, I thought I saw it on the websites ( sourceforge, or wiki ) at some point, but I couldn't find it when looking last night. Thanks -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
Hrmm, it is not there now thats why you cant find it. The original was from 2003, I dont know why it was pulled, ill find out. On Fri, 2010-05-21 at 12:27 -0400, Nathan Gibbs wrote: * Noel Butler wrote: There is an RBL monitor script on the website somewhere. if you can't find it let me know. No luck on either site. ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Sat, 22 May 2010, Noel Butler wrote: Hrmm, it is not there now thats why you cant find it. The original was from 2003, I dont know why it was pulled, ill find out. http://linux.kernel.org/pipermail/mon/2007-July/001645.html Not sure what happened to it in the repo. Maybe I fatfingered something. I know in the past some other things Ed has posted to the list haven't made it into the repo, so sorry for that. I just added it again, and it should show up in the read-only cvs repo on sourceforge shortly. It's in monitors/dnsbl, and I named it rbl.monitor for the sake of historical record :) ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Fri, 2010-05-21 at 20:15 -0400, Jim Trocki wrote: On Sat, 22 May 2010, Noel Butler wrote: Hrmm, it is not there now thats why you cant find it. The original was from 2003, I dont know why it was pulled, ill find out. http://linux.kernel.org/pipermail/mon/2007-July/001645.html Not sure what happened to it in the repo. Maybe I fatfingered something. I know in the past some other things Ed has posted to the list haven't made it into the repo, so sorry for that. Ahh excellent, maybe it should be modified to give original credit to Tim Hanes as well? It's likely Tim's version I'm using, it's served us well anyway :) I just added it again, and it should show up in the read-only cvs repo on sourceforge shortly. It's in monitors/dnsbl, and I named it rbl.monitor for the sake of historical record :) hehe good stuff, thanks attachment: stock_smiley-1.png___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
multi RBL monitor
Anybody already done this? If, so where can I find it? Thanks -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: multi RBL monitor
On Thu, May 20, 2010 at 08:33:45PM -0400, Nathan Gibbs wrote: Anybody already done this? Yes, see attached. Note that it queries all the RBL lists in parallel, so if you run it with a big list and/or a lot of IPs to check,it can run out of file descriptors. If that happens, adjust the max number of FDs with ulimit -n or the like. If, so where can I find it? Argh, did I not upload it to the config section on Sourceforge? Do I still even remember how? -- Ed #!/usr/bin/perl # rbl.monitor - check RBL blacklists for an IP address. Uses asynch I/O # to send all the requests simultaneously # Copyright (c) 2007, 2008 by Ed Ravin era...@panix.com. License is GNU. # Available to the public courtesy of Public Access Networks http://panix.com my $usage=\ Usage: rbl.monitor [options] hostname [...] Options [and default values]: --listfile list of RBL domains [preset list, see script] --rbllist comma separated list of RBL domains --timeout master timeout [60 seconds] --debug [off] ; use strict; use Net::DNS; use IO::Select; use Getopt::Long; my %opt; GetOptions(\%opt, listfile=s, rbllist=s, timeout=i, debug, ) or die $usage; my $listfile= $opt{listfile} || ; my $rbllist= $opt{rbllist} || ; my $selecttimeout = 5; my $timeout= ($opt{timeout} || 60) + ($selecttimeout * 2); my $debug= $opt{debug} || 0; # Default RBLs to check - just a few of the lists most likely to block mail # Sites with specific needs should customize via the command line my @rbls2check=( bl.spamcop.net, relays.mail-abuse.org, zen.spamhaus.org, dnsbl.sorbs.net, dnsbl-1.uceprotect.net, ); if ($listfile) { open(LIST, $listfile) || die $0: cannot open list file \$listfile\: $!\n; @rbls2check= grep !/^\s*#/, LIST; @rbls2check= grep !/^\s*$/, @rbls2check; map {chomp} @rbls2check; close LIST; die $0: no RBL names found in \$listfile\\n unless @rbls2check; } if ($rbllist) { @rbls2check= split(',', $rbllist); } print *** checking these RBLs:\n. join(\n , @rbls2check) . \n if $debug; my (@summary, @detail); my @sockets; my $res = Net::DNS::Resolver-new; my $sel = IO::Select-new(); my $starttime= time; my %revip2host; # gethostbyname is non-reentrant, so parse the hostnames to test up front foreach my $host (@ARGV) { my $hostdata= gethostbyname($host); if (!defined($hostdata)) { push @summary, $host; push @detail, $host: bad hostname; next; } my $revip= join(., reverse(unpack(C4, $hostdata))); $revip2host{$revip}= $host; } # start all the queries foreach my $revip (keys %revip2host) { foreach my $rbl (@rbls2check) { my $dnssock= $res-bgsend(join(., $revip, $rbl)); die $0: Net::DNS::Resolver::bgsend returns undef - too many open files?\n unless defined($dnssock); push @sockets, $dnssock; $sel-add($dnssock); } } MAINLOOP: while ($sel-handles 0) { my @ready = $sel-can_read($selecttimeout); if ( (time - $starttime) $timeout) { # waited too long? push @detail, TIMEOUT: . scalar($sel-handles) . responses still pending; last MAINLOOP; } foreach my $sock (@ready) { my ($authority, $ipaddress, $revip, $forwardip, $host); my $packet = $res-bgread($sock); foreach my $rr ($packet-answer) { if ($rr-type eq A) { $ipaddress= $rr-address; $authority= $rr-name; my $q= \$packet-question; my @qquads= split('\.',${$$q}{qname}); splice(@qquads, 4); $revip= join('.', @qquads); $forwardip= join('.', reverse(@qquads)); $host= $revip2host{$revip} || $forwardip; push @summary, $host unless grep /^$host$/, @summary; push @detail, $host: $authority: . $rr-address; } } $sel-remove($sock); } } print join( , (sort @summary)) if (@summary); print \n; print join(\n, (sort @detail)), \n if @detail; exit 1 if @summary; exit 0; ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon