You are here

Home » API reference » http:BL 5 » httpbl.module

function httpbl_dnslookup in http:BL 5

Same name and namespace in other branches
  1. 6.2 httpbl.module \httpbl_dnslookup()
  2. 6 httpbl.module \httpbl_dnslookup()
  3. 7 httpbl.module \httpbl_dnslookup()

Do http:BL DNS lookup

Parameters

string $ip:

string $key:

Return value

array

3 calls to httpbl_dnslookup()
httpbl_admin_settings_validate in ./httpbl.module
Form API callback to validate the httpbl settings form.
httpbl_blacklisted in ./httpbl.module
Check if an IP should be banned
httpbl_se in ./httpbl.module
Check if an IP is known to belong to a search engine

File

./httpbl.module, line 569
Implementation of http:BL for Drupal. It provides IP-based blacklisting through http:BL and allows linking to a honeypot.

Code

function httpbl_dnslookup($ip, $key = NULL) {

  // Thanks to J.Wesley2 at
  // http://www.projecthoneypot.org/board/read.php?f=10&i=1&t=1
  if (!($ip = httpbl_reverse_ip($ip))) {
    return FALSE;
  }
  if (!$key) {
    if (!($key = variable_get('httpbl_accesskey', NULL))) {
      return FALSE;
    }
  }
  $query = $key . '.' . $ip . '.dnsbl.httpbl.org.';
  $response = gethostbyname($query);
  if ($response == $query) {

    // if the domain does not resolve then it will be the same thing we passed to gethostbyname
    return FALSE;
  }
  $values = array();
  $values['raw'] = $response;
  $response = explode('.', $response);
  if ($response[0] != '127') {

    // if the first octet is not 127, the response should be considered invalid
    watchdog('httpbl', t('Lookup failed for %ip, response was %response', array(
      '%ip' => $ip,
      '%response' => $values['raw'],
    )), WATCHDOG_ERROR);
    return FALSE;
  }
  $values['last_activity'] = $response[1];
  $values['threat'] = $response[2];
  $values['type'] = $response[3];
  if ($response[3] == 0) {

    //if it's 0 then there's only one thing it can be
    $values['search_engine'] = TRUE;
  }
  if ($response[3] & 1) {

    //does it have the same bits as 1 set
    $values['suspicious'] = TRUE;
  }
  if ($response[3] & 2) {

    //does it have the same bits as 2 set
    $values['harvester'] = TRUE;
  }
  if ($response[3] & 4) {

    //does it have the same bits as 4 set
    $values['comment_spammer'] = TRUE;
  }
  return $values;
}