Nagios rbl checker

Ezzel a szkriptel a legismertebb rbl adatbázisokban ellenőrizhetjük a megadott ip jelenlétét.


#!/bin/sh
STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3
STATE_DEPENDENT=4

FOUND_ADRESS=0

DNSBLlist=`grep -v ^# <<!
bl.spamcop.net
cbl.abuseat.org
b.barracudacentral.org
dnsbl.sorbs.net
http.dnsbl.sorbs.net
dul.dnsbl.sorbs.net
misc.dnsbl.sorbs.net
smtp.dnsbl.sorbs.net
socks.dnsbl.sorbs.net
spam.dnsbl.sorbs.net
web.dnsbl.sorbs.net
zombie.dnsbl.sorbs.net
pbl.spamhaus.org
sbl.spamhaus.org
xbl.spamhaus.org
zen.spamhaus.org
images.rbl.msrbl.net
phishing.rbl.msrbl.net
combined.rbl.msrbl.net
phishing.rbl.msrbl.net
spam.rbl.msrbl.net
virus.rbl.msrbl.net
bl.spamcannibal.org
psbl.surriel.com
ubl.unsubscore.com
dnsbl.njabl.org
combined.njabl.org
rbl.spamlab.com
bl.deadbeef.com
dnsbl.ahbl.org
tor.ahbl.org
dyna.spamrats.com
noptr.spamrats.com
spam.spamrats.com
blackholes.five-ten-sg.com
bl.emailbasura.org
cdl.anti-spam.org.cn
dnsbl.cyberlogic.net
dnsbl.inps.de
drone.abuse.ch
spam.abuse.ch
dul.ru
korea.services.net
short.rbl.jp
virus.rbl.jp
spamrbl.imp.ch
wormrbl.imp.ch
virbl.bit.nl
rbl.suresupport.com
!`

# reverse IP address
convertIP()
{
 set `IFS=".";echo `
 echo 
}

usage()
{
 echo "Usage:  [-H] <host>] [-p]"
 echo "    -H  check Host "
 echo "    -p  print list of DNSBLs"
 exit 3
}

# Checks the IP with list of DNSBL servers
check()
{
  count=0;
  for i in $DNSBLlist
  do
    count=$(($count + 1))
    if nslookup $ip_arpa.$i | grep -q "127.0.0." ;
    then
      FOUND_ADRESS=$(($FOUND_ADRESS + 1))
      echo "DNSBL-Alarm: $ip is listed on $i"
    fi
  done
  if [ $FOUND_ADRESS -ge 1 ]
  then
    exit 1
  fi
  echo "OK - $ip not on $count DNSBLs"
  exit 0
}

case  in
  -I)
    if [ -z "" ]
    then
      echo "ip address missing"
      exit
    fi
    ip=
    ip_arpa=`convertIP $ip`
    check;;

  -p)
    for i in $DNSBLlist
    do
      echo $i
    done
    exit $STATE_WARNING
    exit;;

  --help)
    usage
    exit;;

  *)
    if [ -z "" ]
    then
      usage
    fi
    echo "unknown command: "
    exit;;
esac