Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- local function reverse_resolve(ip, ns, retrans, timeout)
- local r, err = resolver:new{
- nameservers = ns,
- retrans = retrans, -- 5 retransmissions on receive timeout
- timeout = timeout, -- 1 sec
- }
- if not r then
- ngx.log(ngx.ERR, "failed to instantiate the resolver: ".. err .. ", client_ip: " .. ip)
- return
- end
- local answers, err = r:reverse_query(ip)
- if not answers then
- ngx.log(ngx.ERR, "failed to query the DNS server: " .. err .. ", client_ip: " .. ip)
- return
- end
- if answers.errcode then
- ngx.log(ngx.ERR, "server returned error code: " .. answers.errcode ..
- ": " .. answers.errstr .. ", client_ip: " .. ip)
- return
- end
- if not answers[1] or not answers[1].ptrdname then
- ngx.log(ngx.ERR, "ptrdname entry not exist, client_ip: " .. ip)
- return
- end
- local ip_host = answers[1].ptrdname
- ip_host = string.gsub(ip_host, "google.com", "googlebot.com") -- bring to single form
- local suff = string.sub(ip_host, -13)
- if suff == "googlebot.com" then
- return true
- end
- return nil, "not googlebot"
- end
- local function is_googlebot(ip, ns, retrans, timeout)
- local res = string.find(string.lower(ngx.var.http_user_agent or ""), "googlebot")
- if not res then
- -- not found googlebot in user agent
- return nil, "not googlebot"
- end
- return reverse_resolve(ip, ns, retrans, timeout)
- end
- local function has_referer()
- local referer = ngx.var.http_referer or ""
- if referer == "" then
- return
- end
- return referer
- end
- local function diff_ms(start)
- return math.ceil(ngx.now() - start)
- end
- --local remote_addr = ngx.var.proxy_add_x_forwarded_for
- local remote_addr = ngx.var.http_cf_connecting_ip or "127.0.0.1"
- --local remote_addr = ngx.var.arg_ip or "127.0.0.1" --TEST
- local diff = -1
- local wl, err = redis_get_wl(red, remote_addr)
- if not wl or wl == ngx.null then
- -- redis error or not found in WL
- local bl, err = redis_get_bl(red, remote_addr)
- if not bl or bl == ngx.null then
- --redis error or not found in BL
- local start_at = ngx.now()
- local ip2loc = ip2location.new(ip2loc_db, ip2location.IP2LOCATION_FILE_IO)
- local proxy, iso = is_proxy(ip2loc, remote_addr)
- ip2loc:close()
- local diff = diff_ms(start_at)
- --local proxy = "1"
- if not proxy or proxy == "DCH" then
- -- seems to be not proxy or DCH(googlebot fall here)
- local googlebot, err = is_googlebot(remote_addr, resolver_ns, resolver_retrans, resolver_timeout)
- if not googlebot and proxy == "DCH" then
- redis_add_bl(red, remote_addr, bl_proxy_ttl)
- redis_set_keepalive(red, redis_pool_size, redis_pool_timeout)
- ngx.log(ngx.NOTICE, "BL: proxy: " .. proxy .. ", iso_code: " .. iso .. ", ttl: " .. bl_proxy_ttl .. ", client_ip: " .. remote_addr .. ", p.t: " .. diff)
- return ngx.exit(ngx.HTTP_NOT_FOUND)
- end
- if not googlebot then
- -- not googlebot
- local referer = has_referer()
- if not referer then
- -- no referer 404 add to BL
- redis_add_bl(red, remote_addr, bl_ttl)
- redis_set_keepalive(red, redis_pool_size, redis_pool_timeout)
- ngx.log(ngx.NOTICE, "BL: no referer, ttl: " .. bl_ttl .. ", client_ip: " .. remote_addr .. ", p.t: " .. diff)
- return ngx.exit(ngx.HTTP_NOT_FOUND)
- end
- -- has referer add to WL
- redis_add_wl(red, remote_addr, wl_ttl)
- redis_set_keepalive(red, redis_pool_size, redis_pool_timeout)
- ngx.log(ngx.NOTICE, "WL: has referer, ttl: " .. wl_ttl .. ", client_ip: " .. remote_addr .. ", p.t: " .. diff)
- return
- end
- -- googlebot here add to WL
- redis_add_wl(red, remote_addr, wl_googlebot_ttl)
- redis_set_keepalive(red, redis_pool_size, redis_pool_timeout)
- ngx.log(ngx.NOTICE, "WL: googlebot detected, ttl: " .. wl_googlebot_ttl .. ", client_ip: " .. remote_addr .. ", p.t: " .. diff)
- return
- end
- -- seems to be proxy 404 add to BL
- redis_add_bl(red, remote_addr, bl_proxy_ttl)
- redis_set_keepalive(red, redis_pool_size, redis_pool_timeout)
- ngx.log(ngx.NOTICE, "BL: proxy: " .. proxy .. ", iso_code: " .. iso .. ", ttl: " .. bl_proxy_ttl .. ", client_ip: " .. remote_addr .. ", p.t: " .. diff)
- return ngx.exit(ngx.HTTP_NOT_FOUND)
- end
- -- exist in BL send 404
- redis_set_keepalive(red, redis_pool_size, redis_pool_timeout)
- ngx.log(ngx.NOTICE, "BL" .. ", client_ip: " .. remote_addr .. ", p.t: " .. diff)
- return ngx.exit(ngx.HTTP_NOT_FOUND)
- end
- ngx.log(ngx.NOTICE, "WL" .. ", client_ip: " .. remote_addr .. ", p.t: " .. diff)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement