[Nagiosplug-checkins] nagiosplug/contrib rblcheck-dns,NONE,1.1 rblcheck-web,NONE,1.1 README.TXT,1.2,1.3

Stanley Hopcroft stanleyhopcroft at users.sourceforge.net
Sun Nov 28 21:08:12 CET 2004 

Update of /cvsroot/nagiosplug/nagiosplug/contrib
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv2465

Modified Files:
	README.TXT 
Added Files:
	rblcheck-dns rblcheck-web 
Log Message:


--- NEW FILE: rblcheck-web ---
#!/usr/bin/perl
# Multi-RBL Query tool, developer Vikram <vr at udel.edu>
use IO::Socket::INET;

die "Syntax: $0 -H <ip address>\n" unless $ARGV[1];

$soc = new IO::Socket::INET->new(PeerPort=>80,
Proto=>'tcp',
PeerAddr=>"rbls.org") or die("Cannot connect to CERT");
                                                                                                    
$ip = $ARGV[1];	
$uri = '/?q='.$ip;

$soc->send("GET $uri HTTP/1.1\nHost: rbls.org\n\n");
@buff = <$soc>;
delete @buff[0..7];	
$len = @buff;

$alert = 0;


for( $i=0;$i<$len;$i++ ) {
	next unless( defined $buff[$i] );
	chomp($buff[$i]);
	#print "$buff[$i]\n";

	if ( $buff[$i] eq "<tr bgcolor=#ffc0c0>" ) {
		$rbl = substr($buff[$i+1], 5, index($buff[$i], "</tr>") - 5);
		next if ( index($rbl, '.') == -1 );
		print "$ip is listed in the following RBLS: " if ( $alert == 0 );
		print "$rbl ";
		$alert = 1;
	} 	
}
print "$ip is not listed in any RBLS" if ( $alert == 0 );
print "\n";
exit($alert);

--- NEW FILE: rblcheck-dns ---
#!/usr/bin/perl
# Multi-RBL Query tool, developer Vikram <vr at udel.edu>
use strict;
use Socket;
my $suspect = $ARGV[1];

die "Syntax: $0 -H <ip address>\n" unless $suspect;

my @rblservers=qw[
	3y.spam.mrs.kithrup.com
	block.blars.org
	bl.redhatgate.com
	blackholes.five-ten-sg.com
	blackholes.intersil.net
	blackholes.mail-abuse.org
	blackholes.wirehub.net
	blacklist.spambag.org
	dev.null.dk
	dews.qmail.org	
	dialup.blacklist.jippg.org
	dialups.mail-abuse.org
	dnsbl.njabl.org
	dul.maps.vix.com
	dul.orca.bc.ca
	dynablock.wirehub.net
	formmail.relays.monkeys.com
	ipwhois.rfc-ignorant.org
	list.dsbl.org
	multihop.dsbl.org
	okrelays.nthelp.com	
	pm0-no-more.compu.net
	proxies.relays.monkeys.com
	rbl-plus.mail-abuse.org
	rbl.maps.vix.com
	rbl.spam.org.tr
	relays.mail-abuse.org
	relays.nthelp.com
	relays.ordb.org
	relays.radparker.com
	relays.visi.com
	sbl.spamhaus.org
	spamguard.leadmon.net
	spammers.v6net.org
	spamsources.fabel.dk
	spews.org
	unconfirmed.dsbl.org
	xbl.selwerd.cx
];


my $spam = 0;
foreach ( @rblservers ) {
	my @s = split('\.',$suspect);
	my $req = "$s[3].$s[2].$s[1].$s[0].".$_;

	my ($name,$aliases,$addrtype,$length, at addrs) = gethostbyname($req);
	next unless (@addrs);

        my $result = inet_ntoa($addrs[0]);
	#next unless (substr($result, 7) eq '127.0.0');

	print "$suspect is listed in the following RBLS: " if ( $spam == 0 );
	print $_, " ";
	$spam = 1;
}

print "$suspect is not listed in any RBLS" if ( $spam == 0 );
print "\n";
exit( $spam );

Index: README.TXT
===================================================================
RCS file: /cvsroot/nagiosplug/nagiosplug/contrib/README.TXT,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- README.TXT	25 Nov 2004 04:49:17 -0000	1.2
+++ README.TXT	29 Nov 2004 05:07:19 -0000	1.3
@@ -55,3 +55,5 @@
                          remote logfiles. The README shows how to setup fetchlog for Nagios.
                          (Alexander Haderer)
 
+check_icmp-0.8.tar.gz	- C program: check_icmp is an alternative to check_ping that doesn't require the ping
+			utility or any other executable.

More information about the Commits mailing list