Last active
January 28, 2025 15:41
-
-
Save agarzon/5554490 to your computer and use it in GitHub Desktop.
Revisions
-
agarzon revised this gist
May 2, 2019 . 1 changed file with 4 additions and 10 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,14 +4,14 @@ # The shell will strip multiple whitespace BLISTS=" b.barracudacentral.org bb.barracudacentral.org bl.deadbeef.com bl.mailspike.net bl.score.senderscore.com bl.spamcannibal.org bl.spamcop.net bl.spameatingmonkey.net blackholes.five-ten-sg.com blacklist.woody.ch bogons.cymru.com @@ -23,11 +23,9 @@ db.wpbl.info dnsbl-1.uceprotect.net dnsbl-2.uceprotect.net dnsbl-3.uceprotect.net dnsbl.inps.de dnsbl.sorbs.net drone.abuse.ch duinv.aupads.org dul.dnsbl.sorbs.net dul.ru @@ -62,23 +60,19 @@ residential.block.transip.nl ricn.dnsbl.net.au rmst.dnsbl.net.au sbl.spamhaus.org smtp.dnsbl.sorbs.net socks.dnsbl.sorbs.net spam.dnsbl.sorbs.net spam.rbl.msrbl.net spam.spamrats.com spamlist.or.kr spamrbl.imp.ch t3direct.dnsbl.net.au tor.dnsbl.sectoor.de torserver.tor.dnsbl.sectoor.de ubl.lashback.com ubl.unsubscore.com virbl.bit.nl virus.rbl.msrbl.net web.dnsbl.sorbs.net wormrbl.imp.ch -
May 10, 2013 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,141 @@ #!/bin/sh # Check if an IP address is listed on one of the following blacklists # The format is chosen to make it easy to add or delete # The shell will strip multiple whitespace BLISTS=" bl.score.senderscore.com bl.mailspike.net bl.spameatingmonkey.net b.barracudacentral.org bl.deadbeef.com bl.emailbasura.org bl.spamcannibal.org bl.spamcop.net blackholes.five-ten-sg.com blacklist.woody.ch bogons.cymru.com cbl.abuseat.org cdl.anti-spam.org.cn combined.abuse.ch combined.rbl.msrbl.net db.wpbl.info dnsbl-1.uceprotect.net dnsbl-2.uceprotect.net dnsbl-3.uceprotect.net dnsbl.ahbl.org dnsbl.inps.de dnsbl.sorbs.net drone.abuse.ch drone.abuse.ch duinv.aupads.org dul.dnsbl.sorbs.net dul.ru dyna.spamrats.com dynip.rothen.com http.dnsbl.sorbs.net images.rbl.msrbl.net ips.backscatterer.org ix.dnsbl.manitu.net korea.services.net misc.dnsbl.sorbs.net noptr.spamrats.com ohps.dnsbl.net.au omrs.dnsbl.net.au orvedb.aupads.org osps.dnsbl.net.au osrs.dnsbl.net.au owfs.dnsbl.net.au owps.dnsbl.net.au pbl.spamhaus.org phishing.rbl.msrbl.net probes.dnsbl.net.au proxy.bl.gweep.ca proxy.block.transip.nl psbl.surriel.com rbl.interserver.net rdts.dnsbl.net.au relays.bl.gweep.ca relays.bl.kundenserver.de relays.nether.net residential.block.transip.nl ricn.dnsbl.net.au rmst.dnsbl.net.au sbl.spamhaus.org short.rbl.jp smtp.dnsbl.sorbs.net socks.dnsbl.sorbs.net spam.abuse.ch spam.dnsbl.sorbs.net spam.rbl.msrbl.net spam.spamrats.com spamlist.or.kr spamrbl.imp.ch t3direct.dnsbl.net.au tor.ahbl.org tor.dnsbl.sectoor.de torserver.tor.dnsbl.sectoor.de ubl.lashback.com ubl.unsubscore.com virbl.bit.nl virus.rbl.jp virus.rbl.msrbl.net web.dnsbl.sorbs.net wormrbl.imp.ch xbl.spamhaus.org zen.spamhaus.org zombie.dnsbl.sorbs.net " # simple shell function to show an error message and exit # $0 : the name of shell script, $1 is the string passed as argument # >&2 : redirect/send the message to stderr ERROR() { echo $0 ERROR: $1 >&2 exit 2 } # -- Sanity check on parameters [ $# -ne 1 ] && ERROR 'Please specify a single IP address' # -- if the address consists of 4 groups of minimal 1, maximal digits, separated by '.' # -- reverse the order # -- if the address does not match these criteria the variable 'reverse will be empty' reverse=$(echo $1 | sed -ne "s~^\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)$~\4.\3.\2.\1~p") if [ "x${reverse}" = "x" ] ; then ERROR "IMHO '$1' doesn't look like a valid IP address" exit 1 fi # Assuming an IP address of 11.22.33.44 as parameter or argument # If the IP address in $0 passes our crude regular expression check, # the variable ${reverse} will contain 44.33.22.11 # In this case the test will be: # [ "x44.33.22.11" = "x" ] # This test will fail and the program will continue # An empty '${reverse}' means that shell argument $1 doesn't pass our simple IP address check # In that case the test will be: # [ "x" = "x" ] # This evaluates to true, so the script will call the ERROR function and quit # -- do a reverse ( address -> name) DNS lookup REVERSE_DNS=$(dig +short -x $1) echo IP $1 NAME ${REVERSE_DNS:----} # -- cycle through all the blacklists for BL in ${BLISTS} ; do # show the reversed IP and append the name of the blacklist printf "%-60s" " ${reverse}.${BL}." # use dig to lookup the name in the blacklist #echo "$(dig +short -t a ${reverse}.${BL}. | tr '\n' ' ')" LISTED="$(dig +short -t a ${reverse}.${BL}.)" echo ${LISTED:----} done