DNS Blacklist
Warning! This is the old Hercules bugtracker archive, and may not reflect the current state of Hercules. The current bugtracker is on GitHub Issues.
Issue information
Issue ID
#6862
Status
Fixed
Severity
None
Started
Hercules Elf Bot
Nov 5, 2012 23:57
Last Post
Hercules Elf Bot
Nov 9, 2012 8:49
Confirmation
Hercules Elf Bot - Nov 5, 2012 23:57
Originally posted by [b]Brian[/b]
[svn=trunk/conf/login_athena.conf]
[code]// DNS Blacklist Blocking
// If enabled, each incoming connection will be tested against the blacklists
// on the specified dnsbl_servers (comma-separated list)
use_dnsbl: no
dnsbl_servers: dnsbl.deltaanime.net[/code]
I am unsure if this DeltaAnime service still exists.
- couldn't find any website/documentation saying it's still up
- or we could find a blacklisted IP that resolves (23.42.168.192.dnsbl.deltaanime.net)
We should find a public alternative(s) and list that as the default DNSBL domain.
[svn=trunk/conf/login_athena.conf]
[code]// DNS Blacklist Blocking
// If enabled, each incoming connection will be tested against the blacklists
// on the specified dnsbl_servers (comma-separated list)
use_dnsbl: no
dnsbl_servers: dnsbl.deltaanime.net[/code]
I am unsure if this DeltaAnime service still exists.
- couldn't find any website/documentation saying it's still up
- or we could find a blacklisted IP that resolves (23.42.168.192.dnsbl.deltaanime.net)
We should find a public alternative(s) and list that as the default DNSBL domain.
This post has been edited by Brian on Nov 6, 2012 7:25
Hercules Elf Bot - Nov 6, 2012 1:19
Originally posted by [b]EvilPuncker[/b]
or we should just remove it as I don't think anyone use that, and move it to a diff in download section
or we should just remove it as I don't think anyone use that, and move it to a diff in download section
Hercules Elf Bot - Nov 6, 2012 19:23
Originally posted by [b]Ind[/b]
i think the description mismatches the actual function, see:
[code]
// DNS Blacklist check
if( login_config.use_dnsbl )
{
char r_ip[16];
char ip_dnsbl[256];
char* dnsbl_serv;
bool matched = false;
uint8* sin_addr = (uint8*)&session[sd->fd]->client_addr;
sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]);
for( dnsbl_serv = strtok(login_config.dnsbl_servs,","); !matched && dnsbl_serv != NULL; dnsbl_serv = strtok(NULL,",") )
{
sprintf(ip_dnsbl, "%s.%s", r_ip, dnsbl_serv);
if( host2ip(ip_dnsbl) )
matched = true;
}
if( matched )
{
ShowInfo("DNSBL: (%s) Blacklisted. User Kicked.\n", r_ip);
return 3;
}
}[/code]
it merely checks if the user's hostname matches a blacklisted one e.g. mine is myip.sp-dsl-something.co.uk, it checks if it any-ip.sp-dsl-something.co.uk is blacklisted (or at least i think thats it)
i think the description mismatches the actual function, see:
[code]
// DNS Blacklist check
if( login_config.use_dnsbl )
{
char r_ip[16];
char ip_dnsbl[256];
char* dnsbl_serv;
bool matched = false;
uint8* sin_addr = (uint8*)&session[sd->fd]->client_addr;
sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]);
for( dnsbl_serv = strtok(login_config.dnsbl_servs,","); !matched && dnsbl_serv != NULL; dnsbl_serv = strtok(NULL,",") )
{
sprintf(ip_dnsbl, "%s.%s", r_ip, dnsbl_serv);
if( host2ip(ip_dnsbl) )
matched = true;
}
if( matched )
{
ShowInfo("DNSBL: (%s) Blacklisted. User Kicked.\n", r_ip);
return 3;
}
}[/code]
it merely checks if the user's hostname matches a blacklisted one e.g. mine is myip.sp-dsl-something.co.uk, it checks if it any-ip.sp-dsl-something.co.uk is blacklisted (or at least i think thats it)
Hercules Elf Bot - Nov 7, 2012 2:46
Originally posted by [b]malufett[/b]
@Ind
+1 yes it is
@Ind
+1 yes it is
Hercules Elf Bot - Nov 7, 2012 18:05
Originally posted by [b]Brian[/b]
Not quite.
Blacklist is a list of IPs to block. There are several ways for clients to do lookups:[list]
[*]periodically download a full list of blacklisted IPs and the client checks if IP is in list
[*]do a HTTP request (ex: blacklist.deltaanime.net/check.php?ip=12.34.56.78)
[/list]
Or the "DNS Blacklist" lookup method:
- append the client IP to the domain: 12.34.56.78.dnsbl.deltaanime.net
- Look up this name in the DNS as a domain name ("A" record).
- This will return either an address, indicating that the client is listed; or an "NXDOMAIN" ("No such domain") code, indicating that the client is not.
I'm not sure if rAthena's DNSBL lookup does [url="http://en.wikipedia.org/wiki/DNSBL#DNSBL_queries"]step #1[/url] (reverse the order of octets) ?
[code]uint8* sin_addr = (uint8*)&session[sd->fd]->client_addr;
sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]);[/code]
Not quite.
Blacklist is a list of IPs to block. There are several ways for clients to do lookups:[list]
[*]periodically download a full list of blacklisted IPs and the client checks if IP is in list
[*]do a HTTP request (ex: blacklist.deltaanime.net/check.php?ip=12.34.56.78)
[/list]
Or the "DNS Blacklist" lookup method:
- append the client IP to the domain: 12.34.56.78.dnsbl.deltaanime.net
- Look up this name in the DNS as a domain name ("A" record).
- This will return either an address, indicating that the client is listed; or an "NXDOMAIN" ("No such domain") code, indicating that the client is not.
I'm not sure if rAthena's DNSBL lookup does [url="http://en.wikipedia.org/wiki/DNSBL#DNSBL_queries"]step #1[/url] (reverse the order of octets) ?
[code]uint8* sin_addr = (uint8*)&session[sd->fd]->client_addr;
sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]);[/code]
This post has been edited by Brian on Nov 7, 2012 18:05
Hercules Elf Bot - Nov 9, 2012 8:49
Originally posted by [b]Brian[/b]
Updating status to: [b]Fixed[/b] in [rev=16887].
Updating status to: [b]Fixed[/b] in [rev=16887].