From f8de8b2dedec09d040a107af6bb82e31e4667c87 Mon Sep 17 00:00:00 2001 From: Dirk Koopman Date: Tue, 10 Jan 2023 12:30:16 +0000 Subject: [PATCH] release candidate Add readdir of /spider/local_host/badip.* files. Add a default /spider/data/baddx.issue file. Move PC[61]1 baddx check after the IP address check code. Add baddx callsign check to RBN --- Changes | 20 ++++++++++++++++++++ data/baddx.issue | 26 ++++++++++++++++++++++++++ perl/DXCIDR.pm | 21 +++++++++++++++++---- perl/DXProtHandle.pm | 22 +++++++++++----------- perl/RBN.pm | 8 ++++++++ 5 files changed, 82 insertions(+), 15 deletions(-) create mode 100644 data/baddx.issue diff --git a/Changes b/Changes index ab75b6b1..8b0bfa4e 100644 --- a/Changes +++ b/Changes @@ -1,8 +1,28 @@ +10Jan23======================================================================= +1. Add baddx on incoming callsign in RBN. +2. Search for all /spider/local_data/badip.* files to allow more control on + which IP addresses are detected. e.g. badip.torexit, badip.torrelay as well + as baddx.local. The suffixes, apart from .local (created by set/badip) are + completely arbitrary. You can use whichever suffix name you like. This is + a more useful arrangement for the ever increasing sources of "bad ip + addresses" that we need to deter. + + NOTE: all badip. are read only EXCEPT badip.local (which can be + altered in real time by the sysop using set/badip ...). + If one uses periodic crontab jobs to update any other badip. + files from web resources then don't forget to 'load/badip' afterwards. +3. Add a /spider/data/baddx.issue file which can be copied to (or used as a + basis to create) /spider/local_data/baddx 09Jan23======================================================================= 1. Finish implemention of DXCIDR ip address filtering. This works on both logins (treated the same as locked out - i.e. just disconnected) and also with PC61s where these sentences are just dropped. Also attempt to prevent any *following* PC11s with the same data getting through. + + YOU WILL NEED either 'cpanm Net::CIDR::Lite' or debian/ubuntu based distros + 'apt install libnet-cidr-lite-perl'. RedHat based systems will have similar + packages available. + 2. Recognise PC18s coming from CC Clusters more nicely. 04Jan23======================================================================= 1. Fillout DXCIDR, attach checks in PC61 and logins. Login that fail will diff --git a/data/baddx.issue b/data/baddx.issue new file mode 100644 index 00000000..c3b0d3ac --- /dev/null +++ b/data/baddx.issue @@ -0,0 +1,26 @@ +bless( { + ID10T => 1673336995, + name => 'baddx', + SALE => 1471525525, + F0OL => 1673336913, + PIRATE => 1471525604, + WANTED => 1471525604, + TEST => 1471525604, + EY0RE => 1673336913, + FO0L => 1673336913, + F0SALE => 1673337052, + N1L => 1673337039, + R0BOT => 1673336913, + FORSALE => 1471525525, + CUNT => 1672857612, + L1D => 1673336913, + ID1OT => 1168880653, + FROG => 1471525525, + WH0RE => 1673336913, + NOCALL => 1471525604, + TR0LL => 1673336913, + P1RATE => 1471525604, + NIL => 1471525604, + FERRARI => 1471525604, + DXTEST => 1471525604 +}, 'DXHash' ) diff --git a/perl/DXCIDR.pm b/perl/DXCIDR.pm index 88a26d5c..fdade7fc 100644 --- a/perl/DXCIDR.pm +++ b/perl/DXCIDR.pm @@ -202,10 +202,23 @@ sub reload { new(); - my $count = _load('base'); - $count += _load('local'); - - LogDbg('DXProt', "DXCIDR::reload $count ip addresses found (IPV4: $count4 IPV6: $count6)" ); + my $count = 0; + my $files = 0; + + LogDbg('DXProt', "DXCIDR::reload reload database" ); + + my $dir; + opendir($dir, $main::local_data); + while (my $fn = readdir $dir) { + next unless my ($suffix) = $fn =~ /^badip\.(\w+)$/; + my $c = _load($suffix); + LogDbg('DXProt', "DXCIDR::reload: $fn read containing $c ip addresses" ); + $count += $c; + $files++; + } + closedir $dir; + + LogDbg('DXProt', "DXCIDR::reload $count ip addresses found (IPV4: $count4 IPV6: $count6) in $files badip files" ); return $count; } diff --git a/perl/DXProtHandle.pm b/perl/DXProtHandle.pm index f1972b09..fc6e13ef 100644 --- a/perl/DXProtHandle.pm +++ b/perl/DXProtHandle.pm @@ -107,7 +107,7 @@ sub handle_10 return; } - # if this is a 'bad spotter' user then ignore it + my $nossid = $from; $nossid =~ s/-\d+$//; if ($badspotter->in($nossid)) { @@ -186,16 +186,6 @@ sub handle_11 return; } - # if this is a 'bad spotter' or an unknown user then ignore it. BUT if it's got an IP address then allow it through - my $nossid = $pc->[6]; - $nossid =~ s/-\d+$//; - if ($badspotter->in($nossid)) { - dbg($line) if isdbg('nologchan'); - dbg("PCPROT: Bad Spotter $pc->[6], dropped"); - return; - } - - # convert the date to a unix date my $d = cltounix($pc->[3], $pc->[4]); # bang out (and don't pass on) if date is invalid or the spot is too old (or too young) @@ -221,6 +211,8 @@ sub handle_11 return; } + my $nossid = $pc->[6]; + $nossid =~ s/-\d+$//; my @spot = Spot::prepare($pc->[1], $pc->[2], $d, $pc->[5], $nossid, $pc->[7], $pc->[8]); @@ -238,6 +230,13 @@ sub handle_11 } } + # is this is a 'bad spotter' or an unknown user then ignore it. + if ($badspotter->in($nossid)) { + dbg($line) if isdbg('nologchan'); + dbg("PCPROT: Bad Spotter $pc->[6], dropped"); + return; + } + # global spot filtering on INPUT if ($self->{inspotsfilter}) { my ($filter, $hops) = $self->{inspotsfilter}->it(@spot); @@ -247,6 +246,7 @@ sub handle_11 } } + # this is where we decide to delay PC11s in the hope that a PC61 will be along soon. my $key = join '|', @spot[0..2,4,7]; # not including text diff --git a/perl/RBN.pm b/perl/RBN.pm index 87cedaa7..e0d096b9 100644 --- a/perl/RBN.pm +++ b/perl/RBN.pm @@ -259,6 +259,14 @@ sub normal return; } + # is it 'baddx' + if ($DXProt::baddx->in($call)) { + dbg("RBN: Bad DX spot '$call', ignored"); + dbg($line) if isdbg('nologchan'); + return; + } + + # remove all extraneous crap from the origin - just leave the base callsign my $norigin = basecall($origin); unless ($norigin) { -- 2.43.0