prosody-modules: mod_register_dnsbl_firewall_mark/mod_register_dnsbl_firewall

2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	1	local adns = require "net.adns";
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	2	local rbl = module:get_option_string("registration_rbl");
4015 de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	3	local rbl_message = module:get_option_string("registration_rbl_message");
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	4	local st = require "util.stanza";
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	5
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	6
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	7	local function cleanup_ip(ip)
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	8	if ip:sub(1,7):lower() == "::ffff:" then
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	9	return ip:sub(8);
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	10	end
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	11	return ip;
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	12	end
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	13
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	14	local function reverse(ip, suffix)
2139 42b095dab626 mod_register_dnsbl: Fix matching pattern (Thanks Ge0rG) Kim Alvefur <zash@zash.se> parents: 2116 diff changeset	15	local a,b,c,d = ip:match("^(%d+).(%d+).(%d+).(%d+)$");
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	16	if not a then return end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	17	return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	18	end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	19
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	20	module:hook("user-registered", function (event)
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	21	local session = event.session;
4015 de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	22	local ip = session and session.ip and cleanup_ip(session.ip);
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	23	local rbl_ip = ip and reverse(ip, rbl);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	24	if rbl_ip then
2899 589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall Kim Alvefur <zash@zash.se> parents: 2893 diff changeset	25	local registration_time = os.time();
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	26	local log = session.log;
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	27	adns.lookup(function (reply)
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	28	if reply and reply[1] then
2207 2dcc3079572c mod_register_dnsbl: Include more information in log message Kim Alvefur <zash@zash.se> parents: 2139 diff changeset	29	log("warn", "Account %s@%s registered from IP %s found in RBL (%s)", event.username, event.host or module.host, ip, reply[1].a);
2899 589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall Kim Alvefur <zash@zash.se> parents: 2893 diff changeset	30	local user = prosody.bare_sessions[event.username .. "@" .. module.host];
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall Kim Alvefur <zash@zash.se> parents: 2893 diff changeset	31	if user and user.firewall_marks then
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall Kim Alvefur <zash@zash.se> parents: 2893 diff changeset	32	user.firewall_marks.dnsbl_hit = registration_time;
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall Kim Alvefur <zash@zash.se> parents: 2893 diff changeset	33	else
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall Kim Alvefur <zash@zash.se> parents: 2893 diff changeset	34	module:open_store("firewall_marks", "map"):set(event.username, "dnsbl_hit", registration_time);
589cc51209f7 mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall Kim Alvefur <zash@zash.se> parents: 2893 diff changeset	35	end
4015 de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	36	if rbl_message then
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	37	module:log("debug", "Warning RBL registered user %s@%s", event.username, event.host);
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	38	event.ip = ip;
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	39	local rbl_stanza =
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	40	st.message({ to = event.username.."@"..event.host, from = event.host },
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	41	rbl_message:gsub("$(%w+)", event));
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	42	module:send(rbl_stanza);
de40686ae9c8 mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax Georg Lukas <georg@op-co.de> parents: 3997 diff changeset	43	end
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	44	end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	45	end, rbl_ip);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	46	end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	47	end);

author	Matthew Wild <mwild1@gmail.com>
	Fri, 23 Sep 2022 22:41:15 +0100
changeset 5058	62480053c87b
parent 4015	de40686ae9c8
permissions	-rw-r--r--