我想编写一个php函数,它接受用户的ip地址,将其与已知的黑名单进行对比,并将用户从黑名单的ip地址重定向到默认的“Access Forbidden”页面。我只想允许从未列入黑名单的IP地址访问我的主页给用户。有人可以帮忙吗?这是我到目前为止所拥有的。
$ heroku run bash
$ python
$ import sys
$ sys.path
答案 0 :(得分:2)
真正的问题是需要多长时间。
做了一些修改以显示我的意思
平均时间60秒,这是在网站上等待很长时间
<?php
$ip=$_SERVER["REMOTE_ADDR"];
$tstart=time();
echo $ip."<BR>";
function flush_buffers()
{
ini_set('output_buffering','on');
//ini_set('zlib.output_compression', 0);
ini_set('implicit_flush',1);
ob_implicit_flush();
//echo ("<html><head><head><body>");
for($i=0;$i<20;$i++) {
// echo $i;
echo str_repeat(" ", 500);
ob_flush();
flush();
// sleep(1);
}
}
function dnsbllookup($ip)
{
$dnsbl_lookup=array(
"access.redhawk.org",
"b.barracudacentral.org",
"bl.csma.biz",
"bl.emailbasura.org",
"bl.spamcannibal.org",
"bl.spamcop.net",
"bl.technovision.dk",
"blackholes.five-ten-sg.com",
"blackholes.wirehub.net",
"blacklist.sci.kun.nl",
"block.dnsbl.sorbs.net",
"blocked.hilli.dk",
"bogons.cymru.com",
"cart00ney.surriel.com",
"cbl.abuseat.org",
"dev.null.dk",
"dialup.blacklist.jippg.org",
"dialups.mail-abuse.org",
"dialups.visi.com",
"dnsbl.ahbl.org",
"dnsbl.antispam.or.id",
"dnsbl.cyberlogic.net",
"dnsbl.kempt.net",
"dnsbl.njabl.org",
"dnsbl.sorbs.net",
"dnsbl-1.uceprotect.net",
"dnsbl-2.uceprotect.net",
"dnsbl-3.uceprotect.net",
"duinv.aupads.org",
"dul.dnsbl.sorbs.net",
"dul.ru",
"escalations.dnsbl.sorbs.net",
"hil.habeas.com",
"http.dnsbl.sorbs.net",
"intruders.docs.uu.se",
"ips.backscatterer.org",
"korea.services.net",
"mail-abuse.blacklist.jippg.org",
"misc.dnsbl.sorbs.net",
"msgid.bl.gweep.ca",
"new.dnsbl.sorbs.net",
"no-more-funn.moensted.dk",
"old.dnsbl.sorbs.net",
"pbl.spamhaus.org",
"zen.spamhaus.org",
"proxy.bl.gweep.ca",
"psbl.surriel.com",
"pss.spambusters.org.ar",
"rbl.schulte.org",
"rbl.snark.net",
"recent.dnsbl.sorbs.net",
"relays.bl.gweep.ca",
"relays.bl.kundenserver.de",
"relays.mail-abuse.org",
"relays.nether.net",
"rsbl.aupads.org",
"sbl.spamhaus.org",
"smtp.dnsbl.sorbs.net",
"socks.dnsbl.sorbs.net",
"spam.dnsbl.sorbs.net",
"spam.olsentech.net",
"spamguard.leadmon.net",
"spamsources.fabel.dk",
"tor.ahbl.org",
"web.dnsbl.sorbs.net",
"whois.rfc-ignorant.org",
"xbl.spamhaus.org",
"zen.spamhaus.org",
"zombie.dnsbl.sorbs.net",
"bl.tiopan.com",
"dnsbl.abuse.ch",
"tor.dnsbl.sectoor.de",
"ubl.unsubscore.com",
"cblless.anti-spam.org.cn",
"dnsbl.tornevall.org",
"dnsbl.anticaptcha.net",
"dnsbl.dronebl.org"
); // Add your preferred list of DNSBL's
$AllCount = count($dnsbl_lookup);
$BadCount = 0;
if($ip)
{
$reverse_ip = implode(".", array_reverse(explode(".", $ip)));
foreach($dnsbl_lookup as $host)
{
if(checkdnsrr($reverse_ip.".".$host.".", "A"))
{
echo "<span color='#339933'>Listed on ".$reverse_ip.'.'.$host."!</span><br/>";
flush_buffers();
$BadCount++;
}
else
{
// echo "Not listed on ".$reverse_ip.'.'.$host."!<br/>";
flush_buffers();
}
}
}
else
{
// echo "Empty ip!<br/>";
flush_buffers();
}
echo "This ip has ".$BadCount." bad listings of ".$AllCount."!<br/>";
flush_buffers();
if($BadCount==0)
{
// include("index.php");
echo "Not blacklisted ";
}
else
{
// include("default.htm");
echo "Blacklisted";
}
}
if(preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/",@$ip) == true)
{
dnsbllookup($ip);
}
$tend=time();
$tvar=$tend-$tstart;
echo "<BR> took $tvar seconds <br>";
?>
答案 1 :(得分:0)
在仔细考虑了上面不错但缓慢的解决方案之后,我想出了一个简化得多的不良IP清单,该清单仅返回TRUE(如果列入黑名单)或FALSE(如果未列入黑名单)。当然,它不像上面那样包罗万象,但是它似乎涵盖了我可以进行的所有测试,而且速度非常快。
取消标记顶部的$ UserIP值,以查看失败的一个或将自己的传递给(希望)看到的一个没有失败的。尽管我实际上没有计时,但它似乎加载很快,特别是因为所有的blocklist.de站点都只有原始IP且没有其他过滤条件。实际上,也许只有SpamHouse才能为大多数用户完成这项工作。
此代码的信誉者是James,他发布了另一个示例,我只是对其进行了简化,并且我消除了flush_buffers(),因为我认为不需要它。
function dnsblLookup($UserIP) {
//$UserIP = "216.145.14.142";
$dnsbl_lookup=array(
"blocklist.de/lists/ssh.txt",
"blocklist.de/lists/apache.txt",
"blocklist.de/lists/asterisk.txt",
"blocklist.de/lists/bots.txt",
"blocklist.de/lists/courierimap.txt",
"blocklist.de/lists/courierpop3.txt",
"blocklist.de/lists/email.txt",
"blocklist.de/lmostists/ftp.txt",
"blocklist.de/lists/imap.txt",
"blocklist.de/lists/pop3.txt",
"blocklist.de/lists/postfix.txt",
"blocklist.de/lists/proftpd.txt",
"blocklist.de/lists/sip.txt",
"ciarmy.com/list/ci-badguys.txt",
"sbl.spamhaus.org",
"xbl.spamhaus.org",
"zen.spamhaus.org"
);
$BadCount = 0;
if ($UserIP) :
$reverse_ip = implode(".", array_reverse(explode(".", $UserIP)));
foreach($dnsbl_lookup as $host) :
if (checkdnsrr($reverse_ip.".".$host.".", "A")) :
$BadCount++;
if ($BadCount > 0) :
break;
endif;
endif;
endforeach;
endif;
if ($BadCount == 0) :
return FALSE;
else :
return TRUE;
endif;
}