Class: Splam::Rules::Httpbl
- Inherits:
-
Splam::Rule
- Object
- Splam::Rule
- Splam::Rules::Httpbl
- Defined in:
- lib/splam/rules/httpbl.rb
Overview
Liberally copied from github.com/bpalmen/httpbl/blob/master/lib/httpbl.rb
Constant Summary collapse
- SystemTimer =
Timeout
Class Attribute Summary collapse
-
.api_key ⇒ Object
Returns the value of attribute api_key.
Attributes inherited from Splam::Rule
#body, #reasons, #score, #suite, #weight
Class Method Summary collapse
Instance Method Summary collapse
Methods inherited from Splam::Rule
#add_score, inherited, #initialize, #line_safe?, #name, run
Constructor Details
This class inherits a constructor from Splam::Rule
Class Attribute Details
.api_key ⇒ Object
Returns the value of attribute api_key.
14 15 16 |
# File 'lib/splam/rules/httpbl.rb', line 14 def api_key @api_key end |
Class Method Details
.check_blacklist(ip) ⇒ Object
28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/splam/rules/httpbl.rb', line 28 def self.check_blacklist(ip) # @cache = REDIS if defined?(REDIS) # result = @cache && @cache["ip.#{ip}"] # result ||= resolve(ip) # if @cache # @cache.set "ip.#{ip}", result if @cache # @cache.expire "ip.#{ip}", 1.week # end result = resolve(ip) response = result.split(".").collect!(&:to_i) # responses: # a, b, c, d # a = 127 if success # b = days since last activity # c = threat score, 0..255 (0 is not threat) # d = type of visitor raise "Bad httpbl request format!" if response[0] != 127 return response[3] > 0 || response[2] > 100 end |
.resolve(ip) ⇒ Object
49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'lib/splam/rules/httpbl.rb', line 49 def self.resolve(ip) query = "#{@@api_key}.#{ip.split('.').reverse.join('.')}.dnsbl.httpbl.org" SystemTimer::timeout(0.5) do begin Resolv::DNS.new.getaddress(query).to_s rescue Resolv::ResolvError "127.0.0.0" end end rescue Errno::ECONNREFUSED # derp end |
Instance Method Details
#run ⇒ Object
17 18 19 20 21 22 23 24 25 26 |
# File 'lib/splam/rules/httpbl.rb', line 17 def run return unless @request # no ip available return unless @request[:remote_ip] # no ip available ip = @request[:remote_ip] if result = self.class.check_blacklist(ip) add_score 250, "IP address (#{ip}) appears in ProjectHoneypot blacklist. (#{result.inspect})" end end |