####Set here who can use the !bip commandset badip(flags) "mn|-"####Pl

1. ###
2. #Set here who can use the !bip command
3. set badip(flags) "mn|-"
4.  
5. ###
6. #Please supply a valid mail (it is required on check)
7. set badip(check_mail) "gline@peoplechat.org"
8.  
9. ###
10. #Set here the exceptions filename (located in eggdrop directory)
11. set badip(file) "badip_excepts.txt"
12.  
13. ###
14. #Please choose verification type for IP's (1 - strict (will catch more ip's) ; 0 - medium)
15. set badip(level) "1"
16.  
17. ###
18. #Except hostmasks (it will not be scanned)
19. set badip(except_hostmasks) {
20. "*.undernet.org"
21. }
22.  
23. ############################## Channel act #################################
24. ###
25. #If channel has +badip_remove choose here for what to act ? (0 - VPN/Proxy ; 1 - BadIP ; 2 - all)
26. set badip(act_for) "2"
27.  
28. ###
29. #BAN METHOD
30. #Reason
31. set badip(act_ban_reason) "We dont appreciate VPN/Proxy or badIP's here ! :-) \[Country: %country%\]"
32.  
33. #Time (minutes)
34. set badip(act_ban_time) "60"
35.  
36. ###
37. #Default ban type
38. #1 - *!*@$host
39. #2 - *!$ident@$host
40. #3 - $user!$ident@$host
41. #4 - $user!*@*
42. #5 - *!$ident@*
43. set badip(act_ban_type) "1"
44. #
45. ###
46.  
47. ############################# OnConnect act ###############################
48.  
49. ###
50. #If you want the bot to check for VPN/Proxy/Bad IP on connect (must be Oper)
51. #and GLINE as method, set here 1, If not set 0
52.  
53. set badip(act_onconnect) "1"
54.  
55. ###
56. #GLINE DETAILS
57.  
58. # Gline command
59. set badip(act_gline_cmd) "zline *@%hostname% 30d No VPN/Proxy or badIP on our server."
60. #
61. ###
62.  
63. ###########################################################################
64.  
65. ###
66. # CMD FLOOD PROTECTION
67. #Set the number of minute(s) to ignore flooders, 0 to disable flood protection
68. ###
69. set badip(ignore_prot) "1"
70.  
71. ###
72. # CMD FLOOD PROTECTION
73. #Set the number of requests within specifide number of seconds to trigger flood protection.
74. # By default, 3:10, which allows for upto 3 queries in 10 seconds. 3 or more quries in 10 seconds would cuase
75. # the forth and later queries to be ignored for the amount of time specifide above.
76. ###
77. set badip(flood_prot) "3:5"
78.  
79. ############################################################################
80.  
81. setudef flag badip
82. setudef flag badip_remove
83.  
84. package require http
85.  
86. bind join - * badip:join
87. bind pub $badip(flags) !bip badip:cmd
88. bind raw - NOTICE badip:onconnect
89.  
90. if {![file exists $badip(file)]} {
91. set file [open $badip(file) w]
92. close $file
93. }
94.  
95. ###
96. proc badip:cmd {nick host hand chan arg} {
97. global badip
98. if {![channel get $chan badip]} {
99. return
100. }
101. set who [lindex [split $arg] 0]
102. set except [lindex [split $arg] 1]
103. set flood_protect [badip:flood:prot $chan $host]
104. if {$flood_protect == "1"} {
105. return
106. }
107.  
108. switch $who {
109. +except {
110. if {$except == ""} {
111. putserv "NOTICE $nick :-= BadIP =- Please specify a hostname/ip."
112. return
113. }
114. set find [badip:except_exists $except]
115. if {$find > -1} {
116. putserv "NOTICE $nick :-= BadIP =- \002$except\002 already exists as exception"
117. return
118. }
119. set file [open $badip(file) a]
120. puts $file $except
121. close $file
122. putserv "NOTICE $nick :-= BadIP =- Added \002$except\002 as exception"
123. }
124. -except {
125. if {$except == ""} {
126. putserv "NOTICE $nick :-= BadIP =- Please specify a hostname/ip."
127. return
128. }
129. set find [badip:except_exists $except]
130. if {$find < 0} {
131. putserv "NOTICE $nick :-= BadIP =- \002$except\002 doesn't exist as exception"
132. return
133. }
134. badip:except:remove $except
135. putserv "NOTICE $nick :-= BadIP =- Removed \002$except\002 from exception list"
136. }
137. default {
138. if {$who == ""} {
139. putserv "NOTICE $nick :-= BadIP =- Please specify a \002nickname/host/ip\002"
140. return
141. }
142.  
143. if {![regexp {:|\.} $who]} {
144. putserv "USERHOST :$who"
145. set ::badipchan $chan
146. set ::badip_search $who
147. set ::badip_check ""
148. set ::badip_from $nick
149. bind RAW - 302 badip:for:nick
150. return
151. }
152. set hostname [badip:valid_ip $who]
153. if {$hostname == 0} {
154. putserv "PRIVMSG $chan :-= BadIP =- can't get dns for $who."
155. return
156. }
157. set status_get [badip:check $hostname]
158. if {$status_get == 0} {
159. putserv "PRIVMSG $chan :-= BadIP =- Could not contact source. Try again later."
160. return
161. }
162. set status1 [lindex $status_get 0]
163. set status2 [lindex $status_get 1]
164. set country [lindex $status_get 2]
165. putserv "PRIVMSG $chan :-= BadIP =- \002IP\002: $hostname ; \002VPN/Proxy\002: $status1 ; \002BadIP\002: $status2 ; \002Country\002: $country"
166. }
167. }
168. }
169.  
170. ###
171. proc badip:except:remove {host} {
172. global badip
173. set file [open $badip(file) r]
174. set timestamp [clock format [clock seconds] -format {%Y%m%d%H%M%S}]
175. set temp "${badip(file)}.$timestamp"
176. set tempwrite [open $temp w]
177. while {[gets $file line] != -1} {
178. if {[string equal -nocase $host $line]} {
179. continue
180. } else {
181. puts $tempwrite $line
182. }
183. }
184. close $tempwrite
185. close $file
186. file rename -force $temp $badip(file)
187. }
188.  
189. ###
190. proc badip:except_exists {host} {
191. global badip
192. set found_it -1
193. set file [open $badip(file) r]
194. set data [read -nonewline $file]
195. close $file
196. set split_data [split $data "\n"]
197. foreach line $split_data {
198. if {[string match -nocase $line $host]} {
199. set found_it 0
200. break
201. }
202. }
203. return $found_it
204. }
205.  
206. ###
207. proc badip:onconnect {from key text} {
208. global badip
209. if {$badip(act_onconnect) == 0} {return}
210. if {[regexp {Client connecting: (.*?) \((.*?)\) \[(.*?)\]} $text string a b c]} {
211. set ip $c
212. } elseif {[regexp {CONNECT: Client connecting on port (.*?) \(class (.*?)\): (.*?) \((.*?)\)} $text string a b c]} {
213. set ip $c
214. }
215. if {[info exists ip]} {
216. set found_it 0
217. set except [badip:except_exists $ip]
218. if {$except > -1} {return}
219. set status_get [badip:check $ip]
220. if {$status_get == 0} {
221. return
222. }
223. set status1 [lindex $status_get 0]
224. set status2 [lindex $status_get 1]
225. set country [lindex $status_get 2]
226. switch $badip(act_for) {
227. 0 {
228. if {![string equal -nocase "OK" $status1]} {
229. set found_it 1
230. }
231. }
232. 1 {
233. if {![string equal -nocase "OK" $status2]} {
234. set found_it 1
235. }
236. }
237. 2 {
238. if {![string equal -nocase "OK" $status1] || ![string equal -nocase "OK" $status2]} {
239. set found_it 1
240. }
241. }
242. }
243. if {$found_it == 1} {
244. set replace(%hostname%) $ip
245. set replace(%country%) $country
246. set gline_cmd [string map [array get replace] $badip(act_gline_cmd)]
247. putserv "$gline_cmd"
248. }
249. }
250. }
251.  
252. ###
253. proc badip:for:nick { from keyword arguments } {
254. global badip
255. set ip $::badip_search
256. set chan $::badipchan
257. set check $::badip_check
258. set from $::badip_from
259. set hosts [lindex [split $arguments] 1]
260. set hostname [lindex [split $hosts "="] 1]
261. regsub {^[-+]} $hostname "" mask
262. set nickname [lindex [split $hosts "="] 0]
263. regsub {^:} $nickname "" nick
264. if {$nick == ""} {
265. putserv "PRIVMSG $chan :-= BadIP =- $ip is not online"
266. unbind RAW - 302 badip:for:nick
267. unset ::badip_check
268. unset ::badipchan
269. unset ::badip_search
270. unset ::badip_from
271. return
272. }
273. set hostname [lindex [split $mask @] 1]
274. set except_host [badip:except_mask $hostname]
275. if {$except_host == 1} {
276. putserv "NOTICE $chan :-= BadIP =- $hostname is an excepted mask."
277. unbind RAW - 302 badip:for:nick
278. unset ::badip_check
279. unset ::badipchan
280. unset ::badip_search
281. unset ::badip_from
282. return
283. }
284. set hostname [badip:valid_ip $hostname]
285. if {$hostname == 0} {
286. putserv "NOTICE $from :-= BadIP =- Error: can't get dns for $hostname."
287. unbind RAW - 302 badip:for:nick
288. unset ::badip_check
289. unset ::badipchan
290. unset ::badip_search
291. unset ::badip_from
292. return
293. }
294. set status_get [badip:check $hostname]
295. if {$status_get == 0} {
296. putserv "PRIVMSG $chan :-= BadIP =- Could not contact source. Try again later."
297. return
298. }
299. set status1 [lindex $status_get 0]
300. set status2 [lindex $status_get 1]
301. set country [lindex $status_get 2]
302. putserv "PRIVMSG $chan :-= BadIP =- \002Nick\002: $nick ; \002IP\002: $hostname ; \002VPN/Proxy\002: $status1 ; \002BadIP\002: $status2 ; \002Country\002: $country"
303.  
304. unbind RAW - 302 badip:for:nick
305. unset ::badip_check
306. unset ::badipchan
307. unset ::badip_search
308. unset ::badip_from
309. }
310.  
311. ###
312. proc badip:except_mask {hostname} {
313. global badip
314. set except_host 0
315. foreach h $badip(except_hostmasks) {
316. if {[string match -nocase $h $hostname]} {
317. set except_host 1
318. break
319. }
320. }
321. return $except_host
322. }
323.  
324. ###
325. proc badip:check {hostname} {
326. global badip
327. set check_badip [badip:process $hostname]
328. if {$check_badip == 0} { return 0}
329. set status [lindex $check_badip 0]
330. set message [lindex $check_badip 3]
331. set result [lindex $check_badip 1]
332. set badip_status [lindex $check_badip 2]
333. set country [lindex $check_badip 4]
334. if {$status == "error"} {
335. return 0
336. }
337. set status1 "OK"
338. set status2 "OK"
339. if {$result > "0.995" && $badip_status == 1} {
340. set status1 "\00304FOUND\003"
341. set status2 "\00304FOUND\003"
342. } elseif {$result == 1} {
343. set status1 "\00304FOUND\003"
344. } elseif {$badip_status == 1} {
345. set status2 "\00304FOUND\003"
346. }
347. return [list $status1 $status2 $country]
348. }
349.  
350. ###
351. proc badip:join {nick host hand chan} {
352. global badip
353. if {![channel get $chan badip_remove]} {
354. return
355. }
356. set shost [lindex [split $host @] 1]
357. set except [badip:except_exists $shost]
358. if {$except > -1} {return}
359. set hostname [badip:valid_ip $shost]
360. if {$hostname == 0} {
361. return
362. }
363. set status_get [badip:check $hostname]
364. if {$status_get == 0} {return 0}
365. set status1 [lindex $status_get 0]
366. set status2 [lindex $status_get 1]
367. set country [lindex $status_get 2]
368. set replace(%country%) $country
369. set replace(%hostname%) $shost
370. set found_it 0
371. switch $badip(act_for) {
372. 0 {
373. if {![string equal -nocase "OK" $status1]} {
374. set found_it 1
375. }
376. }
377. 1 {
378. if {![string equal -nocase "OK" $status2]} {
379. set found_it 1
380. }
381. }
382. 2 {
383. if {![string equal -nocase "OK" $status1] || ![string equal -nocase "OK" $status2]} {
384. set found_it 1
385. }
386. }
387. }
388. if {$found_it == 1} {
389. set reason [string map [array get replace] $badip(act_ban_reason)]
390. set bhostname [badip:host_return $badip(act_ban_type) $nick $host]
391. newchanban $chan $bhostname $badip(act_ban_time) $reason
392. }
393. }
394.  
395. ###
396. proc badip:process {ip} {
397. global badip
398. set status ""
399. set message ""
400. set country ""
401. set result 0
402. set badip_status 0
403. set data [badip:data $ip]
404. if {$data == 0} {return 0}
405. regexp {"status":"(.*?)"} $data -> status
406. regexp {"result":"(.*?)"} $data -> result
407. regexp {"BadIP":"(.*?)"} $data -> badip_status
408. regexp {"Country":"(.*?)"} $data -> country
409. regexp {"message":"(.*?)"} $data -> message
410. return [list $status $result $badip_status $message $country]
411. }
412.  
413. ###
414. proc badip:data {ip} {
415. global badip
416. set contact [::http::formatQuery contact $badip(check_mail)]
417. if {$badip(level) == 1} {
418. set flags "b"
419. } else {
420. set flags "m"
421. }
422. set link "http://check.getipintel.net/check.php?ip=${ip}&${contact}&format=json&flags=${flags}&oflags=b,c"
423. ::http::config -useragent "lynx"
424. set ipq [::http::geturl $link -timeout 10000]
425. set status [::http::status $ipq]
426. if {$status != "ok"} { return 0}
427. set data [::http::data $ipq]
428. ::http::cleanup $ipq
429. return $data
430. }
431.  
432. ###
433. proc badip:flood:prot {chan host} {
434. global badip
435. set number [scan $badip(flood_prot) %\[^:\]]
436. set timer [scan $badip(flood_prot) %*\[^:\]:%s]
437. if {[info exists badip(flood:$host:$chan:act)]} {
438. return 1
439. }
440. foreach tmr [utimers] {
441. if {[string match "*badip:remove:flood $host $chan*" [join [lindex $tmr 1]]]} {
442. killutimer [lindex $tmr 2]
443. }
444. }
445. if {![info exists badip(flood:$host:$chan)]} {
446. set badip(flood:$host:$chan) 0
447. }
448. incr badip(flood:$host:$chan)
449. utimer $timer [list badip:remove:flood $host $chan]
450. if {$badip(flood:$host:$chan) > $number} {
451. set badip(flood:$host:$chan:act) 1
452. utimer [expr $badip(ignore_prot) * 60] [list badip:expire:flood $host $chan]
453. return 1
454. } else {
455. return 0
456. }
457. }
458.  
459.  
460. ###
461. proc badip:remove:flood {host chan} {
462. global badip
463. if {[info exists badip(flood:$host:$chan)]} {
464. unset badip(flood:$host:$chan)
465. }
466. }
467.  
468. ###
469. proc badip:expire:flood {host chan} {
470. global badip
471. if {[info exists badip(flood:$host:$chan:act)]} {
472. unset badip(flood:$host:$chan:act)
473. }
474. }
475.  
476. ###
477. proc badip:valid_ip {hostname} {
478. global badip
479. set check_ipv4 [regexp {^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$} $hostname]
480. set check_ipv6 [regexp {^([0-9A-Fa-f]{0,4}:){2,7}([0-9A-Fa-f]{1,4}$|((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4})$} $hostname]
481. if {$check_ipv4 == "0" && $check_ipv6 == "0"} {
482. set dns_hostname [badip:getdns $hostname]
483. if {[lindex $dns_hostname 0] != ""} {
484. set hostname [lindex [lindex $dns_hostname 0] 0]
485. } elseif {[lindex $dns_hostname 1] != ""} {
486. set hostname [lindex [lindex $dns_hostname 1] 0]
487. } else {
488. return 0
489. }
490. }
491. return $hostname
492. }
493.  
494.  
495. set badip(projectName) "BadIP.tcl"
496. set badip(author) "BLaCkShaDoW"
497. set badip(website) "wWw.TCLScriptS.NeT"
498. set badip(version) "v1.0"
499.  
500. ###
501. proc badip:getdns {ip} {
502. global badip
503. set ipv4 ""
504. set ipv6 ""
505. set gethost [catch {exec host $ip 2>/dev/null} results]
506. set res [lrange [split $results] 0 end]
507. set inc 0
508. set llength [llength $res]
509. for {set i 0} { $i <= $llength} { incr i } {
510. set word [lindex $res $i]
511. if {[string match -nocase "IPv6" $word]} {
512. lappend ipv6 [join [lindex $res [expr $i + 2]]]
513. }
514. if {[string match -nocase "*address*" $word] && ![string match -nocase "IPv6" [lindex $res [expr $i - 1]]]} {
515. lappend ipv4 [join [lindex $res [expr $i + 1]]]
516. }
517. }
518. if {$ipv4 == "" && $ipv6 == ""} {
519. return 0
520. }
521. return [list $ipv4 $ipv6]
522. }
523.  
524. ###
525. proc badip:host_return {type user host} {
526. global badip
527. set ident [lindex [split $host "@"] 0]
528. set uhost [lindex [split $host @] 1]
529. switch $type {
530. 1 {
531. return "*!*@$uhost"
532. }
533. 2 {
534. return "*!$ident@$uhost"
535. }
536. 3 {
537. return "$user!$ident@$uhost"
538. }
539. 4 {
540. return "$user!*@*"
541. }
542. 5 {
543. return "*!$ident@*"
544. }
545. }
546. }
547.  
548. putlog "\002$badip(projectName) $badip(version)\002 coded by $badip(author) ($badip(website)): Loaded."
549.  
550. ##############
551. ##########################################################
552. ## END #
553. ##########################################################