Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
DNSBL/Open Proxy-Blocking Details »
DNSBL/Open Proxy-Blocking
Mod Version: 2.0.8, by TMM-TT (Member) TMM-TT is offline
Developer Last Online: May 2019 I like it Show Printable Version Email this Page

This modification is in the archives.
vB Version: 3.5.x Rating: (9 votes - 4.78 average) Installs: 279
Released: 15 Sep 2005 Last Update: 20 Sep 2008 Downloads: 370
Not Supported DB Changes Uses Plugins  

History

I've had some problems with abuse via open proxies for a time ago, and when we were banning abusers, they always found a new proxy to use and register new accounts with. Since this forum was a large type we could'nt just ban e-mails etc just like that, because this was leading to a very large amount of other banned users too.

At IRC, in the other hand, we had Open Proxy Monitors, that was banning everything that was blacklisted in some DNSBL-databases. No spammers had a chance to get in there as long they were listed in such database.

This is a plugin that blocks blacklisted hosts from some different DNSBL's. It uses the global_start-hook, a very simple handler for blocking proxies, and a vBphrase called OPM_Deny.


April 2006

The source has been rewritten a bit. The proxychecker is now using a cache that, by default, stores all ip's in a database for 6 hours. It scans some DNSBL's and can be configured to block proxies from bitmasks (defined in the plugin) which makes it a little bit more reliable, because it does'nt block everything it see).

Configuration is made from the plugin (hopefully there will be a nice admin interface in the future). Exceptions (ip's that can pass through this system even if it is a proxy) are also handled differently now.

// CHANGES
//
// 2008-09-20 (2.0.8)
//
// * Changed the routines for how to handle inclusion/exclusions
// * Splitted up plugins for 3.5/3.6 and 3.7
//
// 2007-08-05
//
// * Fixed reported bug, based on resolved hosts ending with 127
// * Changed database-tables to get rid of (hopefully) duplicate keys
// * Added resolver-function
// * Added two new block-methods available at the efnet-rbl
//
// 2006-06-28 (2.0.6/Another fix)
//
// * Proxyinclusions/exclusions didn't work properly
//
// 2006-06-28 (2.0.5/Fix only)
//
// * Fixed a bug in the $block-array that affected some of the blocking results
//
// 2006-06-28 (2.0.4)
//
// * opm.tornevall.org has a new entry for anonymizers, added support for this
// * Default value on "block everything detected" in plugin changed to "no"
//
// 2006-06-26 (2.0.3)
//
// * Created options for admincp (removed plugin-configuration)
// * Fixed a bit-bug for njabl
// * Plugin is now a function (rbl_livecheck) for external lookups
// * Added options for "only block on newuser-registrations"
//
// 2006-06-22 (2.0.3 RC)
//
// * The monitor is now a function
// * Added small compatibility with other plugins (with return)
//
// 2006-05-13
//
// * sorbs zones added (no bitmasking)
// * opm.blitzed.org removed
// * time() changed to TIMENOW
//
// 2006-04-21
// ==========
//
// * proxyinclusions
// quickly add own hosts that should be treated as a proxy
//


How does it work with other vBulletins?

This filter actually works with both 3.5 and 3.6, but for now, they will be separate versions, but for 3.5 and 3.6 you should look here and for 3.7 you should look here.


How to use the compatibility thing

If you have a plugin that you want to use together with the proxy monitor (only returns a value if a an ip-address is registered as a proxy or not) you can call the function rbl_livecheck like this (example):


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Report bugs if you find them...



Don't forget to install it

Download Now

Only licensed members can download files, Click Here for more information.

Addons

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Add-On Releases DNSBL, RBL - Open Proxy monitoring/blocking TMM-TT vBulletin 3.7 Add-ons 26 03 Feb 2011 19:43
Mini Mods Blocking Proxy Scams Hostboard vBulletin 3.7 Add-ons 10 26 Jun 2008 02:12

  #151  
Old 05 Aug 2007, 20:31
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Real name: Tomas
Just updated my own forum with this one, that hopefully gets rid of a resolver-problem. Please report bugs, if you find them.


// 2007-08-05
//
// * Fixed reported bug, based on resolved hosts ending with 127
// * Changed database-tables to get rid of (hopefully) duplicate keys
// * Added resolver-function
// * Added two new block-methods available at the efnet-rbl

Administered from admin -> options -> DNSBL/Open Proxy monitoring

If you still have problems with duplicate keys, try reinstall the new version from scratch. I've removed the keying, to see if it works better without it. I think I should take care of some other problems reported here too, like the exclusion-part, so admins also can exclude domains (not just IP's) from the checking.. At least try, since I guess extra resolving takes extra time..

Last edited by TMM-TT; 05 Aug 2007 at 21:06.
Reply With Quote
  #152  
Old 02 Nov 2007, 06:46
dfiedler dfiedler is offline
 
Join Date: Jun 2002
Just installed this and it looked fine but...

...then grandly attempted to demonstrate it to my wife by looking up "free web proxy" on Google and connecting with the first thing I saw, which turned out to be a network of web-based proxies at http://www.privax.us

Not only wasn't it blocked by this plugin, but I copy/pasted the entire list of their proxy sites into the proper place in the Admin Control Panel, and it still wasn't blocked!

I am no longer sure this thing is even working...how can I check?

Thanks in advance.
Reply With Quote
  #153  
Old 02 Nov 2007, 07:03
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Real name: Tomas
I don't know how other proxy-blockers works, but webproxies are added manually into the dnsbl at tornevall.org (at least for the moment).

You can test ip's by adding them into this url: http://dnsbl.tornevall.org/scan.php?ip=XXXX (where XXXX is the IP)

Like this: http://dnsbl.tornevall.org/scan.php?ip=149.9.0.58

Edit: It seems that all those sites listed at privax is using the same exit...

Last edited by TMM-TT; 02 Nov 2007 at 08:29. Reason: Privax notice
Reply With Quote
  #154  
Old 02 Nov 2007, 10:12
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Real name: Tomas
Originally Posted by dfiedler View Post
Not only wasn't it blocked by this plugin, but I copy/pasted the entire list of their proxy sites into the proper place in the Admin Control Panel, and it still wasn't blocked!
I saw that I missed explaining this part so I'll do that too

If you want to block hosts based on webproxys you must add the exit-ip into the controlpanel. Some proxies have different "exits" compared to the website you're testing from.

Anyway, I've added some anonymous webproxies into the dnsbl now, so if you want to test some of them, I think you can do that now.
Reply With Quote
  #155  
Old 02 Nov 2007, 10:29
dfiedler dfiedler is offline
 
Join Date: Jun 2002
Originally Posted by TMM-TT View Post
I saw that I missed explaining this part so I'll do that too

If you want to block hosts based on webproxys you must add the exit-ip into the controlpanel. Some proxies have different "exits" compared to the website you're testing from.

Anyway, I've added some anonymous webproxies into the dnsbl now, so if you want to test some of them, I think you can do that now.
I'm not sure what you mean by "exits", but I did see that the first proxy listed used an address like w2.hidemyass.com when browsing so that's what I put in the control panel.

Anyway thanks for the fast response!
Reply With Quote
  #156  
Old 19 Dec 2007, 18:22
Emarkay Emarkay is offline
 
Join Date: Nov 2007
Outstanding! Works great.

Any way we can edit the error message? I tried looking around but couldn't come up with how to do it.
Reply With Quote
  #157  
Old 19 Dec 2007, 19:24
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Real name: Tomas
Originally Posted by Emarkay View Post
Outstanding! Works great.

Any way we can edit the error message? I tried looking around but couldn't come up with how to do it.
Fun to hear that!

The error message is a global phrase called OPM_Deny.
Reply With Quote
  #158  
Old 07 Aug 2008, 08:41
bulbasnore bulbasnore is offline
 
Join Date: Dec 2004
installed

worked on http://hidemyass.com
Reply With Quote
  #159  
Old 07 Aug 2008, 18:53
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Real name: Tomas
Originally Posted by bulbasnore View Post
installed

worked on http://hidemyass.com
The ip I got from that site when I tried to use it, was added to Tornevall DNSBL at 2007-11-02. Maybe you have the wrong settings for the plugin?

You should enable the option "opm.tornevall.org: Block anonymizers".
Reply With Quote
  #160  
Old 08 Aug 2008, 09:15
Killy01 Killy01 is offline
 
Join Date: Jul 2008
Thanks for this, good modification should help stop people spamming on proxies.

Cheers

Killy
Reply With Quote
  #161  
Old 09 Aug 2008, 06:16
bulbasnore bulbasnore is offline
 
Join Date: Dec 2004
it works

Originally Posted by TMM-TT View Post
The ip I got from that site when I tried to use it, was added to Tornevall DNSBL at 2007-11-02. Maybe you have the wrong settings for the plugin?

You should enable the option "opm.tornevall.org: Block anonymizers".
I was saying it worked! Its good!

Thanks for your response. If I want to whitelist a network, can I do it with a CIDR mask?

8.7.68.0/22

Like that?
Reply With Quote
  #162  
Old 09 Aug 2008, 13:35
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Real name: Tomas
Originally Posted by bulbasnore View Post
I was saying it worked! Its good!

Thanks for your response. If I want to whitelist a network, can I do it with a CIDR mask?

8.7.68.0/22

Like that?
I have been thinking of that before, so that may be released in the next version if I can make it work


Edit:

Originally Posted by bulbasnore
Originally Posted by bulbasnore View Post
I was saying it worked! Its good!
NOW I saw that...!

Last edited by TMM-TT; 09 Aug 2008 at 20:02.
Reply With Quote
  #163  
Old 19 Sep 2008, 20:05
aleclee aleclee is offline
 
Join Date: Apr 2005
Real name: Alec Lee
I'm having a false positive problem on my forum where a lot of the blocked IPs only turn up as open relays on http://dnsbl.tornevall.org/scan.php

I'd like to allow them to access my site. I have checked all the "no" boxes involving relays and have also limited my blacklist hosts to opm.tornevall.org. Finally, I've added their Class B subnet (e.g., 123.231.*) to the "Exclude from monitor" list.

What else do I need to do to get these folks back up on my board?

thanks!
Reply With Quote
  #164  
Old 20 Sep 2008, 08:35
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Real name: Tomas
I'll make the exclusion-system more sensitive. I haven't fixed the subnetting/CIDR-checking yet, but at least I will do something about the wildcarding. There will be a 2.0.8-release in a moment
Reply With Quote
  #165  
Old 20 Sep 2008, 09:03
TMM-TT's Avatar
TMM-TT TMM-TT is offline
 
Join Date: Jun 2005
Real name: Tomas
Done!

And there's a specific version for 3.7 now, since I don't like changing the xml-content for every release.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 13:05.

Layout Options | Width: Wide Color: