search

IntellexApps / blcheck

Test a mail server against blacklists.
173 stars 68 forks source link

Running it through ip block #4

Open pavs opened 8 years ago

pavs commented 8 years ago

I have couple of /22 ip block. Would it be possible to modify it to support ip block and then dump a summary?

IntellexApps commented 8 years ago

Maybe it would be a better option to create an additional script that will iterate over a list, which will generate summary? We might create it and add it to the repository, what do you think?

pavs commented 8 years ago

I think that would be awesome. I gave it a shot, but bash fu isn't that great.

Created a ip.txt files with each ip for each line.

Made a script (auto.sh) to run through the ip list like this:

while read ip ; do
    ./blacklist.sh $ip
done < block.txt

It does what it should but I can't seem figure out how to print out the summary. I tried this:

./auto.sh > 12_temp.txt
grep -q 'Blacklisted:[ \t]*0$' 12_temp.txt || cat 12_temp.txt >> 12.txt
rm -f 12_temp.txt

But it doesn't seem to work, The idea was to isolate the ips that scanned positive on a blacklist.

pavs commented 8 years ago

ooh I think I found the solution.

New Script:

pavs@octopus:/var/www/html/test$ cat auto2.sh

while read ip ; do
        ./blacklist.sh -p $ip > result.txt
grep 'Blacklisted:[ \t]*0$' result.txt 
done < block.txt

Had two ip on the block.txt, one blacklisted one non blacklisted. Only the blacklisted one got written to txt file. Result:

pavs@octopus:/var/www/html/test$ sudo sh -x auto2.sh
+ read ip
+ ./blacklist.sh -p <non-blacklisted-ip>
+ grep Blacklisted:[ \t]*0$ result.txt
Blacklisted:   0
+ read ip
+ ./blacklist.sh -p <blacklisted-ip>
+ grep Blacklisted:[ \t]*0$ result.txt
+ read ip
pavs@octopus:/var/www/html/test$ cat result.txt
Warning: PTR lookup failed
b.barracudacentral.org : 127.0.0.2
bb.barracudacentral.org : 127.0.0.2
black.junkemailfilter.com : 127.0.0.2
dnsbl.justspam.org : 127.0.0.2
hostkarma.junkemailfilter.com : 127.0.0.2

----------------------------------------------------------
Results for <blacklistedip>

Tested:        117
Passed:        112
Invalid:       0
Blacklisted:   5
----------------------------------------------------------

I have 2500+ ips, if I run tem though one script, with an avg of 90 seconds per ip it will take a little more than 2 day (+6 hours), so I think I will break down the ips in to smaller section and run them through cron job.

Let me know what you think or if I could make it better.

hunsheridan commented 8 years ago

Hmmm... Starting to think about implementing Thread support... may give it a go in the weekend unless a better solution appears...

lunarsoap5 commented 6 years ago

When I try to run the program, I keep getting told that there is no DNS record found for any IP addresses. Any idea why this is happening?