Script that blocks certain IP's

hi folks,

need some help with a perl-script.
i manage a website with a guestbook written in perl.
so, my problem is that i get overfilled with fuc**** spam always from
the same 4,5 ip-adresses. i can't access the hosting server, so i
cannot block the ip's from there. i need to block them trough the
script. is that possible?
something like that (as one of the first lines in the script):

if ($ENV{'REMOTE_ADDR'} eq "192.168.1.1") then exit;

sorry, but i do not have a clue about perl.
thanks for any help
Dino

In article <f8ebbc.0401200513.1633e49b@posting.google.com>, Dino wrote:
>hi folks,
>
>need some help with a perl-script.
>i manage a website with a guestbook written in perl.
>so, my problem is that i get overfilled with fuc**** spam always from
>the same 4,5 ip-adresses. i can't access the hosting server, so i
>cannot block the ip's from there. i need to block them trough the
>script. is that possible?
>something like that (as one of the first lines in the script):
>
>if ($ENV{'REMOTE_ADDR'} eq "192.168.1.1") then exit;
>
>sorry, but i do not have a clue about perl.
>thanks for any help

I have a virtual firewall built into my universal CGI gateway product.  The
functionality you're looking for is all built into one function:

&validate_network;

That's it.  It checks a file built on rules:

# Block out an idiot.
192.168.1.1 deny /path/to/deny/message/for/idiot1

# Block a bunch of idiots.
192.168.3.* deny /path/to/other/deny/messagefor/this/group

# Unblock the ONLY idiot in that group
192.168.3.12 allow


Or...You can do nice things with intranets/extranets:


# Block the world.
*.*.*.* deny /path/to/world-deny-message

# Allow my private subnet.
192.168.4.* allow

# But -don't- let the accounting machine users at it!
192.168.4.17 alwaysdeny /message/for/accounting/idiots


What you want to do is certainly possible.  I can vouch for that.  My code
would cost you.  The product has the full source there, and you could only
use it on one machine for each license fee--even in modified form.  But
it'd run you $495/machine for my routine under license, basically.

If you're interested, contact me privately.  If not, good luck.

--
Vorxion - Member of The Vortexa Elite

"Dino" <no.sec@tin.it> wrote in message
news:f8ebbc.0401200513.1633e49b@posting.google.com...
> hi folks,
>
> need some help with a perl-script.
> i manage a website with a guestbook written in perl.
> so, my problem is that i get overfilled with fuc**** spam always from
> the same 4,5 ip-adresses. i can't access the hosting server, so i
> cannot block the ip's from there. i need to block them trough the
> script. is that possible?
> something like that (as one of the first lines in the script):
>
> if ($ENV{'REMOTE_ADDR'} eq "192.168.1.1") then exit;
>
> sorry, but i do not have a clue about perl.
> thanks for any help
> Dino

Dino, here is some code that will help you out. Just change the ips and
copy/paste into your guestbook script. Below the first path to perl line.

@ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");

foreach $ip (@ips){
if($ENV{'REMOTE_ADDR'} eq $ip){
exit;
}
}

Feel free to use it FREE.

In article <C_iPb.7453$bg1.1909@fed1read05>, spam......@sucks.com wrote:
>
>Dino, here is some code that will help you out. Just change the ips and
>copy/paste into your guestbook script. Below the first path to perl line.
>
>@ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");
>
>foreach $ip (@ips){
>if($ENV{'REMOTE_ADDR'} eq $ip){
>exit;
>}
>}
>
>Feel free to use it FREE.

Oh, yeah...if you want a cheapo hardwired version.  :)  I was thinking of
the full monty, probably because I've been using it.

--
Vorxion - Member of The Vortexa Elite

"......" <spam......@sucks.com> wrote in message news:<C_iPb.7453$bg1.1909@f
ed1read05>...

>
> Dino, here is some code that will help you out. Just change the ips and
> copy/paste into your guestbook script. Below the first path to perl line.
>
> @ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");
>
> foreach $ip (@ips){
> if($ENV{'REMOTE_ADDR'} eq $ip){
> exit;
> }
> }
>
> Feel free to use it FREE. << Thank You


But it did not work. I put your code just right under the declaration
of the variables, but nothin'....
Does it automatically invoke the REMOTE_ADDR from the apache server,
or do i need to "read" or $_GET the IP with a kind of sys-call?

i wrote also this:

@ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");

foreach $ip (@ips){
if($ENV{'REMOTE_ADDR'} eq $ip){
print "$ENV{'REMOTE_ADDR'}";    <<< to see if it gets the REMOTE_ADDR
}
}

but nothing happened. i could add an entry (with IP 1.1.1.1 for
example) without any problem.
i took the script from here: www.scriptarchive.com/guestbook.html

thanks anyway.

Dino

Dino (no.sec@tin.it) wrote:
: "......" <spam......@sucks.com> wrote in message news:<C_iPb.7453$bg1.1909
@fed1read05>...

: >
: > Dino, here is some code that will help you out. Just change the ips and
: > copy/paste into your guestbook script. Below the first path to perl line
.
: >
: > @ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");
: >
: > foreach $ip (@ips){
: > if($ENV{'REMOTE_ADDR'} eq $ip){
: > exit;
: > }
: > }
: >
: > Feel free to use it FREE. << Thank You


: But it did not work. I put your code just right under the declaration
: of the variables, but nothin'....
: Does it automatically invoke the REMOTE_ADDR from the apache server,
: or do i need to "read" or $_GET the IP with a kind of sys-call?

: i wrote also this:

:  @ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");
:
:  foreach $ip (@ips){
:  if($ENV{'REMOTE_ADDR'} eq $ip){
:  print "$ENV{'REMOTE_ADDR'}";    <<< to see if it gets the REMOTE_ADD
R
:  }
:  }

The code you have above will only test the addresses shown, 1.1.1.1
2.2.2.2 etc.

Those example addresses will never normally appear in real life.

I would add the following to the top of your script (temporarily) so you
can see what is going on.

my @ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");
print "Content-type: text/plain\r\n\r\n<br>"; # just in case
print "[\$ENV{'REMOTE_ADDR'}] is [$ENV{'REMOTE_ADDR'}] \n<
br>\n";
foreach my $ip (@ips){
print "\$ip is $ip, $ENV{'REMOTE_ADDR'} eq $ip gives "
, $ENV{'REMOTE_ADDR'} eq $ip , "\n <br> \n";
}

> The code you have above will only test the addresses shown, 1.1.1.1
> 2.2.2.2 etc.
>
> Those example addresses will never normally appear in real life.
>
> I would add the following to the top of your script (temporarily) so you
> can see what is going on.
>
> my @ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");
> print "Content-type: text/plain\r\n\r\n<br>"; # just in case
> print "[\$ENV{'REMOTE_ADDR'}] is [$ENV{'REMOTE_ADDR'}] \
n<br>\n";
> foreach my $ip (@ips){
> print "\$ip is $ip, $ENV{'REMOTE_ADDR'} eq $ip gives "
>       , $ENV{'REMOTE_ADDR'} eq $ip , "\n <br> \n";
> }

we're getting closer...
i took your code and look what happens, after i filled in something,
click on the "submit" button and the guestbook-script gets executed
(this is the first part of the output on the reloaded page):

<br>[$ENV{'REMOTE_ADDR'}] is [xxx.xxx.xxx.xxx]
<br>
$ip is 1.1.1.1, xxx.xxx.xxx.xxx eq 1.1.1.1 gives
<br>
$ip is 2.2.2.2, xxx.xxx.xxx.xxx eq 2.2.2.2 gives
<br>
Content-type: text/html
.....


So, the $ENV{'REMOTE_ADDR'} gives me back xxx.xxx.xxx.xxx, which is
the IP of the server the site is in! i do not need that IP, but the IP
of the guest who is actually logged and tryin' to sign in. why does
REMOTE_ADDR not get back the guest's IP from  apache webserver? is
REMOTE_ADDR the wrong call?

thanks
Dino

In article <f8ebbc.0401220034.43e3eefe@posting.google.com>, Dino wrote: 
>
>we're getting closer...
>i took your code and look what happens, after i filled in something,
>click on the "submit" button and the guestbook-script gets executed
>(this is the first part of the output on the reloaded page):
>
><br>[$ENV{'REMOTE_ADDR'}] is [xxx.xxx.xxx.xxx]
><br>
>$ip is 1.1.1.1, xxx.xxx.xxx.xxx eq 1.1.1.1 gives
> <br>
>$ip is 2.2.2.2, xxx.xxx.xxx.xxx eq 2.2.2.2 gives
> <br>
>Content-type: text/html
>.....
>
>
>So, the $ENV{'REMOTE_ADDR'} gives me back xxx.xxx.xxx.xxx, which is
>the IP of the server the site is in! i do not need that IP, but the IP
>of the guest who is actually logged and tryin' to sign in. why does
>REMOTE_ADDR not get back the guest's IP from  apache webserver? is
>REMOTE_ADDR the wrong call?

REMOTE_ADDR gives you the IP# of the machine making the request.  If you're
testing from the same machine that the web server is -on-, you would get
the same address.  There is nothing wrong with REMOTE_ADDR.  I use it every
day without issue.  Of course, I actually know what I'm doing.

While this display has moderate amusement value in watching someone try
to implement the -simplest- hardwired, static kind of access control, I
have seen no mention of reimbursement, offered or requested.  I feel it's
outside the scope of this newsgroup.

In light of that, please hire someone to do it correctly for you, take it
to private email, or take it to another newsgroup more appropriate to your
pursestring cinching.  Some of us are actually here to supplement our
income.

'freelance' ne 'free'

No offense to Dino for helping.  In fact, great job, kudos, and all that
lot.  Your patience is exemplary.  But this is getting to be like trying to
watch a paraplegic juggle bowling balls, and none of us are making a dime
off of the user.  Hence, it's a waste of the time and resources of every
consultant/programmer here to watch the inept throttle it to death with no
clue about what they're doing, and no willingness to contract anyone to do
it for them.

My $0.03 (ajusted for inflation).

And the OP can save any flame they might have.  I've heard the same sob
story before from every person wanting something for nothing, claiming
ignorance as an excuse, and wondering in bewilderment what happened to
human charity.  You've been shown some already.  It's time to fork over to
-someone- to get it done right, or stop wasting our time.  Pick one.

--
Vorxion - Member of The Vortexa Elite

vorxion@knockingshopofthemind.com (Vorxion) wrote in message news:<400fe59f$1_1@news.iglou.
com>...
> In article <f8ebbc.0401220034.43e3eefe@posting.google.com>, Dino wrote: 
>..... 
>
> REMOTE_ADDR gives you the IP# of the machine making the request.  If you'r
e
> testing from the same machine that the web server is -on-, you would get
> the same address.  There is nothing wrong with REMOTE_ADDR.  I use it ever
y
> day without issue.  Of course, I actually know what I'm doing.

no, i'm not testing from the same machine

> While this display has moderate amusement value in watching someone try
> to implement the -simplest- hardwired, static kind of access control, I
> have seen no mention of reimbursement, offered or requested.  I feel it's
> outside the scope of this newsgroup.
>
> In light of that, please hire someone to do it correctly for you, take it
> to private email, or take it to another newsgroup more appropriate to your
> pursestring cinching.  Some of us are actually here to supplement our
> income.
>
> 'freelance' ne 'free'
>
> No offense to Dino for helping.  In fact, great job, kudos, and all that
> lot.  Your patience is exemplary.  But this is getting to be like trying t
o
> watch a paraplegic juggle bowling balls, and none of us are making a dime
> off of the user.  Hence, it's a waste of the time and resources of every
> consultant/programmer here to watch the inept throttle it to death with no
> clue about what they're doing, and no willingness to contract anyone to do
> it for them.
>
> My $0.03 (ajusted for inflation).
>

Sorry if i'm no expert in perl. As i can see from other post from you,
you seem to be one. But, if you don't want supply any info to me or
others, then just keep your mouth closed and do not tip any letter on
your keyboard. i wouldn't mind. in all that years on usenet i never
heard that i have to pay a cent for asking some questions and
hopefully get some answers.

bah...sorry, for sure i'm not gonna waste your time again



> And the OP can save any flame they might have.  I've heard the same sob
> story before from every person wanting something for nothing, claiming
> ignorance as an excuse, and wondering in bewilderment what happened to
> human charity.  You've been shown some already.  It's time to fork over to
> -someone- to get it done right, or stop wasting our time.  Pick one.

c ya

In article <f8ebbc.0401222352.2966e53c@posting.google.com>, Dino wrote: 
>
>no, i'm not testing from the same machine

Then you must be using REMOTE_ADDR incorrectly.  Those are really the only
two conclusions one can draw.

>Sorry if i'm no expert in perl. As i can see from other post from you,
>you seem to be one. But, if you don't want supply any info to me or
>others, then just keep your mouth closed and do not tip any letter on
>your keyboard. i wouldn't mind. in all that years on usenet i never
>heard that i have to pay a cent for asking some questions and
>hopefully get some answers.

I did supply info.  I was willing to supply working code.  You didn't want
to pay for it.  Your loss.  *shrug*

You're free to ask questions here--don't expect free answers.  I reiterate:
'freelance' ne 'free'   ...If you can't grasp that, you have bigger
problems than broken code.

>bah...sorry, for sure i'm not gonna waste your time again

Yes, you really shouldn't waste what you're not willing to pay for.  :)

 
>
>c ya

The sensible course of action.

--
Vorxion - Member of The Vortexa Elite