author | Matthew Wild <mwild1@gmail.com> |
Tue, 27 Sep 2022 18:23:42 +0100 | |
changeset 5064 | bc491065c221 |
parent 4015 | de40686ae9c8 |
permissions | -rw-r--r-- |
2116
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
local adns = require "net.adns"; |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
local rbl = module:get_option_string("registration_rbl"); |
4015
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
3 |
local rbl_message = module:get_option_string("registration_rbl_message"); |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
4 |
local st = require "util.stanza"; |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
5 |
|
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
6 |
|
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
7 |
local function cleanup_ip(ip) |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
8 |
if ip:sub(1,7):lower() == "::ffff:" then |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
9 |
return ip:sub(8); |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
10 |
end |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
11 |
return ip; |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
12 |
end |
2116
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
|
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
local function reverse(ip, suffix) |
2139
42b095dab626
mod_register_dnsbl: Fix matching pattern (Thanks Ge0rG)
Kim Alvefur <zash@zash.se>
parents:
2116
diff
changeset
|
15 |
local a,b,c,d = ip:match("^(%d+).(%d+).(%d+).(%d+)$"); |
2116
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
if not a then return end |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix); |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
end |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
|
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
module:hook("user-registered", function (event) |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 |
local session = event.session; |
4015
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
22 |
local ip = session and session.ip and cleanup_ip(session.ip); |
2116
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
local rbl_ip = ip and reverse(ip, rbl); |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 |
if rbl_ip then |
2899
589cc51209f7
mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents:
2893
diff
changeset
|
25 |
local registration_time = os.time(); |
2116
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 |
local log = session.log; |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 |
adns.lookup(function (reply) |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 |
if reply and reply[1] then |
2207
2dcc3079572c
mod_register_dnsbl: Include more information in log message
Kim Alvefur <zash@zash.se>
parents:
2139
diff
changeset
|
29 |
log("warn", "Account %s@%s registered from IP %s found in RBL (%s)", event.username, event.host or module.host, ip, reply[1].a); |
2899
589cc51209f7
mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents:
2893
diff
changeset
|
30 |
local user = prosody.bare_sessions[event.username .. "@" .. module.host]; |
589cc51209f7
mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents:
2893
diff
changeset
|
31 |
if user and user.firewall_marks then |
589cc51209f7
mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents:
2893
diff
changeset
|
32 |
user.firewall_marks.dnsbl_hit = registration_time; |
589cc51209f7
mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents:
2893
diff
changeset
|
33 |
else |
589cc51209f7
mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents:
2893
diff
changeset
|
34 |
module:open_store("firewall_marks", "map"):set(event.username, "dnsbl_hit", registration_time); |
589cc51209f7
mod_register_dnsbl_firewall_mark: Another copy of DNSBL module, this time creating "user marks" for mod_firewall
Kim Alvefur <zash@zash.se>
parents:
2893
diff
changeset
|
35 |
end |
4015
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
36 |
if rbl_message then |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
37 |
module:log("debug", "Warning RBL registered user %s@%s", event.username, event.host); |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
38 |
event.ip = ip; |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
39 |
local rbl_stanza = |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
40 |
st.message({ to = event.username.."@"..event.host, from = event.host }, |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
41 |
rbl_message:gsub("$(%w+)", event)); |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
42 |
module:send(rbl_stanza); |
de40686ae9c8
mod_register_dnsbl_firewall_mark: introduce optional registration_rbl_message with mod_welcome inspired syntax
Georg Lukas <georg@op-co.de>
parents:
3997
diff
changeset
|
43 |
end |
2116
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
end |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 |
end, rbl_ip); |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
end |
0890c4860f14
mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
end); |