#!/bin/sh # ORBS # AUTHOR: Chuck Geigner # PURPOSE: # * Checks IP and FQDN addresses against the ORDB db. # * Can list addresses that come up positive. # * Maintains a list of annotated entries. # * Allows admin to manually add entries and block whole domains if neccessary. VER="2.7.4 Beta" # Version 2.7.4 - added -R -D -ok options & IP partial listing possibilities, 2.7.4 # updated syntax to match "access.db" deny/relay notation 2.7.3 # added a check to the _lookup function that tests for domain-exist # but-no-(A)-record-defined condition. 2.7.2 # fixed an anomoly in -u that disallowed certail valid inputs. 2.7.1 # put all lookups into _lookup module. Rewrote parts of _checker and # -a|-an option to use _lookup. _checker is nice and slim. 2.7.0 # fixed a bug in the -u check that misevaluated some inputs 2.6.2 # fixed a bug in the -a check that prevented IP from passing to the checker # 2.6.1 # can resolve name to IP, lookup IP in ordb, list fqdn in $BLOCKLIST 2.6.0 # totally massive ip and fqdn identifying routines added + OOB checks # many portions rewritten to capitalize on the new routines (2.5.3) # can descram "spammerized" decimal IP representation (-u) 2.4.0 # can also auto-add descrammed IP's to blocklist (-ua) 2.4.0 # SWITCHED SERVICE TO ORDB.ORG. due to the demise of the orbs.org # server 2.3.0 # The checking was getting hairy, so I put the checker in a mod 2.0.0 # can add whole domain to list while noting offending host name (-rn & -sn) # can run in quiet mode (no input from stdin req.) [-q] 1.4.0 # can zero out (reset) the existing block list. 1.4.0 # can show all current listings (list). 1.3.0 # can configure output file name now. 1.3.0 # can run ORDB check without updating block list (-k). 1.2.0 # can output version and help info (-v & -h) 1.1.0 # can manually add "spammer," "open relay" and dialup to $BLOCKLIST 1.1.0 # # Coming: # FEATURE: DUL lookup # # FEATURE: -rm Remove a listing # -rc Remove a listing containing $STRING # -rh Remove the head of the operator at $IPADDR # -?n look for hostname existence before listing raw IP (add to -u esp.) # # NOTE: Alternate servers: # orbz.gst-group.co.uk # ordb.org SERVICE="relays.ordb.org" # BUG report: # $ orbs -a premium-search-engine-ranking.com # /home/ctgeign/bin/orbs[322]: test: 0403-004 Specify a parameter with this command. # target: premium-search-engine-ranking.com has IP addr # /home/ctgeign/bin/orbs[346]: Q1: 0403-009 The specified number is not valid for this command. # /home/ctgeign/bin/orbs[350]: Q1: 0403-009 The specified number is not valid for this command. # q4= q3= q2= q1= # premium-search-engine-ranking.com is not listed in ORDB USAGE="USAGE: orbs [[list|reset] | -[a|an|d|D|h|k|ok|r|R|rn|s|sn|u|ua|v]] [-q]" BLOCKLIST="$HOME/blocklist" UPDATEFILE="/etc/mail/deny.txt" USAGE2="\n\"list\" lists existing entries in the blocklist: $BLOCKLIST\n\ \"reset\" resets the blocklist to NULL\n\ -a looks up the ip of an fqdn, checks it against ORDB, and lists the fqdn\n\ in $BLOCKLIST\n\ -ak just like option \"-a\" except it just checks. No listing occurs.\n\ -an looks up just like -a, if positive it subtracts the machine name and\n\ adds the result to $BLOCKLIST.\n\ -d adds the IP or FQDN to $BLOCKLIST with the status of foreign dialup\n\ -D Discard all mail from target.\n\ -h prints out this help message\n\ -k runs the IP against ORDB without adding findings to $BLOCKLIST\n\ -ok Mail from target can pass through the Blocklist explicitly\n\ -q enables quiet mode for scripted use\n\ -r adds the IP or FQDN to $BLOCKLIST with the status of \"open relay\"\n\ -R Generic 571 \"REJECT\" assigned to target.\n\ -rn subtracts the machine name and adds the result to $BLOCKLIST\n\ -s adds the IP or FQDN to $BLOCKLIST with the status of \"spammer\"\n\ -sn subtracts the machine name and adds the result to $BLOCKLIST\n\ -u unscrambles decimal "spammered" address to dotted decimal,\n\ -ua unscrambles, then adds to $BLOCKLIST with the status of \"spammer\"\n\ -v prints out the version info\n" VERSTR="\nORBS version $VER\n(copyleft) Chuck Geigner, 2001\n" QUIET=0 TARGET="0.0.0.0" SPAMARAMA="550 Blocked: Spam-a-rama! HAND" MXMSG="550 Blocked: Foreign dialup/cable/dsl" UNDEFINED="552 Undefined error, quitting." SPAMMSG="550 Blocked: UCE Violation" RELAYMSG="550 Blocked: Open Relay" CONFRELAY="550 Blocked: Confirmed Open Relay" DENY="REJECT" # General deny w/ generic 5.7.1 mesg DISCARD="DISCARD" # Accept, then quietly discard the mesg OK="OK" # Accept from, even when other rules forbid it RELAYFOR="RELAY" # Accept and relay from (implicit "OK" as well) ################################################################################### # # MODULE NAME: _lookup # PURPOSE: performs an Internet nameserver lookup on the given input value # INPUT: $TARGET, either ip or fqdn # OUTPUT: either IP->FQDN FQDN->IP conversions OR "fail" if lookup is not # successful. # ################################################################################### _lookup() { LOOKUPRESULT="fail" # we will default to failure nslookup $TARGET > /tmp/orbs1.tmp 2> /tmp/orbs.tmp CHECK1=`grep -c "Server failed" /tmp/orbs.tmp` CHECK2=`grep -c "Non-existent" /tmp/orbs.tmp` CHECK3=`grep -c "No address" /tmp/orbs.tmp` CHECK4=`grep -c "Addresses:" /tmp/orbs.tmp` CHECK5=`grep -c "Address:" /tmp/orbs.tmp` if [ $CHECK3 -gt 0 -o $CHECK5 -le 1 ]; then echo "No (A) records found. Domain exists though." return $LOOKUPRESULT fi if [ $CHECK4 -gt 0 ]; then echo "Multiple addresses for $TARGET" grep "Addresses:" /tmp/orbs.tmp return $LOOKUPRESULT fi if [ $CHECK1 -gt 0 -o $CHECK2 -gt 0 ]; then return $LOOKUPRESULT elif [ $CHECK1 -eq 0 -a $CHECK2 -eq 0 ]; then grep "Address" /tmp/orbs1.tmp | sed -n 2p > /tmp/orbs2.tmp LOOKUPRESULT=`cut -d: -f 2 /tmp/orbs2.tmp | sed 's/^[ ]*//'` return $LOOKUPRESULT # ---- lookup can return [blank] - yikes! # ADDED MOD: CHECK5 ctg # $ nslookup insuranceboard.org # Server: athene.mlb.ilstu.edu # Address: 138.87.11.9 # # Name: insuranceboard.org # # $ # # ---- lookup can return multiple IP addresses delimited by commas # ADDED MOD: CHECK4 ctg # Name: relay.planetinternet.be # Addresses: 194.119.232.24, 195.95.34.5, 195.95.30.146 # # ---- WEIRD return below: ---- # ADDED MOD CHECK3 ctg # $ nslookup americanlongdistance.net # Server: athene.mlb.ilstu.edu # Address: 138.87.11.9 # # Name: americanlongdistance.net # # $ nslookup americanlongdistance.net # Server: athene.mlb.ilstu.edu # Address: 138.87.11.9 # # *** No address (A) records available for americanlongdistance.net # # ---- NORMAL output ---- # Server: athene.mlb.ilstu.edu # Address: 138.87.11.9 # # Name: mail.fcg.net # Address: 208.0.56.10 else echo "nslookup results undefined. Quitting." rm -f /tmp/orbs*.tmp exit fi } ################################################################################### # # MODULE NAME: _checker # PURPOSE: checks a given IP against the ORDB # INPUT: 4 individual decimal dotted IP quads, Q1-Q4. # OUTPUT: affirmation of ORDB status returned (1-yes, 0-no) # ################################################################################### _checker() { YN=0 echo "q4=$Q4 q3=$Q3 q2=$Q2 q1=$Q1" #test echo nslookup $Q4.$Q3.$Q2.$Q1.$SERVICE 2> /dev/null > /tmp/orbs.tmp YN=`grep -c '127.0.0' /tmp/orbs.tmp` rm /tmp/orbs*.tmp return $YN } ################################################################################### if [ $# -lt 1 ]; then echo $USAGE exit fi # orbs reset ####################################################### # Reset the block list to zero entries ############################# if [ $1 = "reset" ]; then if [ -f $BLOCKLIST ]; then rm -f $BLOCKLIST fi echo "Orbs block list: RESET" exit fi # orbs list ######################################################## # List the contents of the block list ############################## if [ $1 = "list" ]; then if [ -f $BLOCKLIST ]; then printf "Block list as of %s %s %s %s - \n" `date|cut -c 1-16`; cat $BLOCKLIST else echo "no block list on file in $HOME" fi exit fi # Check to see if flags are set #################################### ARG1="nflag" echo $1 > /tmp/orbs.tmp FLAG1=`cut -c 1 /tmp/orbs.tmp` if [ $FLAG1 = "-" ]; then ARG1="flag" fi # Check for correct usage, set $TARGET and check in the -q flag if set if [ $# -gt 2 -a $ARG1 = "flag" ]; then # isolates "orbs -x 0.0.0.0 -q" calls if [ $# -gt 3 ]; then # NOTE if args > 2, arg 3 MUST be "-q" echo $USAGE rm -f /tmp/orbs*.tmp exit elif [ $3 != "-q" ]; then echo $USAGE rm -f /tmp/orbs*.tmp exit else QUIET=1 fi TARGET=$2 elif [ $# -gt 1 -a $ARG1 = "nflag" ]; then # isolates "orbs 0.0.0.0 -q" calls if [ $# -gt 2 ]; then echo $USAGE rm -f /tmp/orbs*.tmp exit elif [ $2 != "-q" ]; then echo $USAGE rm -f /tmp/orbs*.tmp exit else QUIET=1 fi TARGET=$1 elif [ $# -eq 2 -a $ARG1 = "flag" ]; then # isolates "orbs -x 0.0.0.0" calls TARGET=$2 elif [ $# -eq 1 -a $ARG1 = "flag" ]; then # isolates "orbs -v" and "orbs -h" calls TARGET="flag" # no target needs defined elif [ $# -eq 1 -a $ARG1 = "nflag" ]; then # isolates regular "orbs 0.0.0.0" calls TARGET=$1 else # everything else is undefined, exit. echo "Error. Target undefined!" echo $USAGE rm -f /tmp/orbs*.tmp exit fi echo $TARGET > /tmp/orbs.tmp LASTFIELD=`sed s/[.]/\ /g /tmp/orbs.tmp|wc -w` if [ $LASTFIELD -le 1 ]; then if [ $1 = "-u" -o $1 = "--unscramble" -o $1 = "-ua" ]; then TARGETTYPE="scramdec" elif [ $TARGET = "flag" ]; then TARGETTYPE="notarget" else echo "Error. Target must be dotted decimal IP or in \"machine.example.com\" form." rm -f /tmp/orbs*.tmp exit fi elif [ $LASTFIELD -ge 2 -a $LASTFIELD -le 256 ]; then cut -d . -f $LASTFIELD /tmp/orbs.tmp > /tmp/orbs1.tmp TLD=`cat /tmp/orbs1.tmp` IPCHK=`grep -c '[0-9]' /tmp/orbs1.tmp` DNCHK=`grep -c '[a-zA-Z]' /tmp/orbs1.tmp` if [ "$1" = "-R" -o "$1" = "-D" -o "$1" = "-ok" ]; then TARGETTYPE="partial-ok" elif [ $IPCHK -eq 1 -a $DNCHK -eq 0 -a $LASTFIELD -eq 4 ]; then TARGETTYPE="ip" elif [ $IPCHK -eq 0 -a $DNCHK -eq 1 ]; then TARGETTYPE="fqdn" else echo "Error. One of two things is wrong:" echo "1) $TLD is not a valid top level domain -OR-" echo "2) $TARGET is not a valid IP address." rm -f /tmp/orbs*.tmp exit fi else echo "Error. Target cannot have greater than 253 subdomains." echo "...Exiting." rm -f /tmp/orbs*.tmp exit fi rm -f /tmp/orbs*.tmp # Check to see if IP is valid (remember to exclude FQDN and -u|-ua calls) if [ $TARGETTYPE = "ip" ]; then echo $TARGET > /tmp/orbs1.tmp Q1=`cut -d . -f 1 /tmp/orbs1.tmp` Q2=`cut -d . -f 2 /tmp/orbs1.tmp` Q3=`cut -d . -f 3 /tmp/orbs1.tmp` Q4=`cut -d . -f 4 /tmp/orbs1.tmp` if [ Q1 -ge 256 -o Q2 -ge 256 -o Q3 -ge 256 -o Q4 -ge 256 ]; then echo "Invalid IP address given [$TARGET]. Exiting." rm -f /tmp/orbs*.tmp exit; elif [ Q1 -lt 0 -o Q2 -lt 0 -o Q3 -lt 0 -o Q4 -lt 0 ]; then echo "Invalid IP address given [$TARGET]. Exiting." rm -f /tmp/orbs*.tmp exit; fi fi # Check to see if our query target exists already in our list # NOTE FIXABLE PROBLEM: # Problems may arise when searching, subdomain.dom.com will be found # when searching for dom.com and a listing is indicated even though # only a partial exists. # ANOTHER: when "-rn" and "-sn" flags are used, we should be subtracting # a field before searching the list for dups. # TMPCHK=0 if [ -f $BLOCKLIST ]; then TMPCHK=`grep -c $TARGET $BLOCKLIST` #<<<<< this needs finessed. -ctg if [ $TMPCHK -gt 0 ]; then echo "$TARGET already exists in: $HOME/blocklist" echo "Exiting." rm -f /tmp/orbs.tmp exit elif [ $TMPCHK -lt 0 ]; then echo "Script error. Negative return. See admin (001)" rm -f /tmp/orbs.tmp exit fi fi if [ $ARG1 = "flag" ]; then case $1 in # orbs [-a|-ak|-an] hostname [-q] ######################################### # [-a] Resolve hostname to IP, then check against orbs -a|-ak|-an) if [ $# -lt 2 -o $TARGETTYPE != "fqdn" ]; then echo "You need to enter a FQDN after the -a or -ak option flags." echo "Example: \"orbs -a machine.example.com\" ...Exiting." exit fi _lookup if [ $LOOKUPRESULT = "fail" ]; then echo "Forward lookup failed because no DNS reponding." echo "I can't continue the check with no IP address." if [ $QUIET -eq 0 -a $1 != "-ak" ]; then printf "Shall I list $TARGET anyway? (y/n)" read LISTIT if [ $LISTIT = "yes" -o $LISTIT = "y" -o $LISTIT = "Y" ]; then echo "$TARGET $DENY" >> $BLOCKLIST echo $TARGET added to $BLOCKLIST fi fi rm -f /tmp/orbs*.tmp exit else #success! send IP to the checker. echo "target: $TARGET has IP addr $LOOKUPRESULT" #------test # Check to see if IP is valid echo $LOOKUPRESULT > /tmp/orbs3.tmp Q1=`cut -d . -f 1 /tmp/orbs3.tmp` Q2=`cut -d . -f 2 /tmp/orbs3.tmp` Q3=`cut -d . -f 3 /tmp/orbs3.tmp` Q4=`cut -d . -f 4 /tmp/orbs3.tmp` if [ Q1 -gt 255 -o Q2 -gt 255 -o Q3 -gt 255 -o Q4 -gt 255 ]; then echo "Invalid IP address given [$TARGET]. Exiting." rm -f /tmp/orbs*.tmp exit; elif [ Q1 -lt 0 -o Q2 -lt 0 -o Q3 -lt 0 -o Q4 -lt 0 ]; then echo "Invalid IP address given [$TARGET]. Exiting." rm -f /tmp/orbs*.tmp exit; fi _checker if [ $YN -gt 0 -a $1 = "-ak" ]; then echo "$TARGET is listed as an open relay in ORDB" elif [ $YN -gt 0 -a $1 = "-a" ]; then echo "$TARGET $CONFRELAY" >> $BLOCKLIST echo "$TARGET added to $BLOCKLIST with a status of \"confirmed open relay\"" elif [ $YN -gt 0 -a $1 = "-an" ]; then orbs -rn $TARGET else echo "$TARGET is not listed in ORDB" fi fi rm -f /tmp/orbs*.tmp exit;; # [-D] Discard all mail from target -D) if [ $# -lt 2 ]; then echo "You need to enter an IP, partial, or DN after the -D option flag." echo "Example: \"orbs -D discardme.com \" ...Exiting." exit fi TARGET=$2 echo "$TARGET $DISCARD" >> $BLOCKLIST echo "$TARGET added to $BLOCKLIST with discard directive." exit;; # [-h] Be helpful -h|--help) echo "$USAGE";echo $USAGE2;exit;; # [-k] Run a check only, do not list finding in blocklist -k) if [ $# -lt 2 -o $TARGETTYPE != "ip" ]; then echo "You need to enter an IP number after the -k option flag." echo "Example: \"orbs -s 192.168.0.1\" ...Exiting" exit fi TARGET=$2; _checker if [ $YN -gt 0 ]; then echo "$TARGET is listed as an open relay in ORDB" else echo "$TARGET is not listed in ORDB" fi exit;; # [-ok] Pass target through blocklist -ok) if [ $# -lt 2 ]; then echo "You need to enter an IP, partial, or DN after the -ok option flag." echo "Example: \"orbs -ok letmepass.com \" ...Exiting." exit fi TARGET=$2 echo "$TARGET $OK" >> $BLOCKLIST echo "$TARGET added to $BLOCKLIST as allowed." exit;; # [-v] Print out the current version of this program -v|--version|--ver) echo $VERSTR;exit;; # orbs -s [0.0.0.0 | machine.example.com] ############################### # [-s] Write entry directly to the block list with "spammer" status. -s|--spammeradd) if [ $# -lt 2 ]; then echo "You need to enter an IP or FQDN after the -s option flag." echo "Example: \"orbs -s 192.168.0.1\" ...Exiting" exit fi TARGET=$2 echo "$TARGET $SPAMMSG" >> $BLOCKLIST echo "$TARGET added to $BLOCKLIST with a status of \"spammer\"" exit;; # orbs -r [0.0.0.0 | machine.example.com] ############################### # [-r] Write entry directly to the block list with "open relay" status. -r|--relayadd|-rn|-sn) if [ $# -lt 2 ]; then echo "You need to enter an IP or FQDN after the -r option flag." echo "Example: \"orbs -s 192.168.0.1\" ...Exiting" exit fi # [-rn] Block domain as relay-laden & save machine name in output # [-sn] Block domain as spam haven & save machine name in output if [ $1 = "-rn" -o $1 = "-sn" ]; then if [ $TARGETTYPE != "fqdn" ]; then echo "You need to enter a FQDN after the -rn or -sn option flags." echo "Example: \"orbs -a machine.example.com\" ...Exiting." exit fi if [ $LASTFIELD -le 2 ]; then echo "This will cause the blocking of a top-level domain" echo "If that is really your intent, you will have to change" echo "$BLOCKLIST manually. Exiting." exit fi echo $2 > /tmp/orbs.tmp F1=`cut -d . -f 1 /tmp/orbs.tmp` F2=`cut -d . -f 2- /tmp/orbs.tmp` if [ $1 = "-rn" ]; then echo "$F2 550 Blocked: Promiscuous Relay ($F1.)" >> $BLOCKLIST echo "$F2 added to $BLOCKLIST with a status of \"Promiscuous Relay\"" echo "I noted the relay source as \"$F1.\"" else echo "$F2 550 Blocked: UCE Violation ($F1.)" >> $BLOCKLIST echo "$F2 added to $BLOCKLIST with a status of \"spammers\"" echo "I noted the spam source as \"$F1.\"" fi else TARGET=$2 echo "$TARGET $RELAYMSG" >> $BLOCKLIST echo "$TARGET added to $BLOCKLIST with a status of \"open relay\"" fi rm -f /tmp/orbs.tmp exit;; # [-R] REJECT target -R) if [ $# -lt 2 ]; then echo "You need to enter an IP, partial, or DN after the -R option flag." echo "Example: \"orbs -R rejectme.com \" ...Exiting." exit fi TARGET=$2 echo "$TARGET $DENY" >> $BLOCKLIST echo "$TARGET added to $BLOCKLIST as a rejected source." exit;; # orbs -d [0.0.0.0 | machine.example.com] ############################### # [-d] Write entry directly to the block list with foreign dialup status. -d|--dialupadd) if [ $# -lt 2 ]; then echo "You need to enter an IP or FQDN after the -d option flag." echo "Example: \"orbs -d dial.example.com\" ...Exiting." exit fi TARGET=$2 echo "$TARGET $MXMSG" >> $BLOCKLIST echo "$TARGET added to $BLOCKLIST with a status of foreign dialup" exit;; ######################################################################### # orbs -q entered syntactically wrong by user - error out message. -q) echo "The \"-q\" flag is misplaced.\n$USAGE";exit;; # orbs -u 0000000000 #################################################### # [-u] unscramble weird decimal ip representation, [-ua] add to $BLOCKLIST -u|--unscramble|-ua) if [ $# -lt 2 -o $TARGETTYPE != "scramdec" ]; then echo "You need to enter a decimal number to decode with the -u option." echo "Example: \"orbs -un 1071396130\" ...Exiting." exit; fi EVAL=`expr $2 \<= 0` if [ $EVAL -eq 1 ]; then echo "The input number is negative! No such thing as a negative IP address." echo "(At least in this plane of reality.) Nice try." echo "...Exiting." exit; fi EVAL=`expr $2 : '[0-9]*'` echo "eval=$EVAL" # The 10 digit limitation is not necessarily so. I saw a 11 digit scram # today and found the browser converts it, ignoring # fixed the most significant hex digit. ie.: # 11401062249 --> 2A78E6769 # (drop the 2) A78E6769 --> 167.142.103.105 # The plot thickens: today I saw this: # $ orbs -u 0000010100010000102000110010245255525 # eval=37 # evalhex=...26... # d1=DD d2=6F d3=11 d4=65 # That mess translates to: 221.111.17.101 # SAM SPADE sez: # 0000010100010000102000110010245255525 is just another way of # writing the IP address 66.149.91.85 # Chee... again: today I saw a 9 digit scram: 203575265 # fixed OK, got it. I can have a 9 digit: # 203575265 --> C224FE1 # (add leading 0) --> 0C 22 4F E1 --> 12.34.79.225 if [ $EVAL -lt 9 ]; then echo "The input value is invalid. It should have 9+ numerals" echo "Base 10 only also, no hex values or letters." echo "...Exiting." exit; fi # PRACTICE NUMBERS >>>>>>>>>>>>>>>>>>>>>> 1071396130 11401062249 echo "10i16o$2pq" > /tmp/dctmp dc /tmp/dctmp > /tmp/dctmp2 EVALHEX=`cat /tmp/dctmp2` EVALHEX=`expr $EVALHEX : '[0-9A-F]*'` #<-- this rtns num of digits in EVALHEX if [ $EVALHEX -eq 7 ]; then #<-- valid hex can be 7 digit. In this cat /tmp/dctmp2 > /tmp/dctmp3 # case we pad it with a leading "0" sed 's/^/0/' /tmp/dctmp3 > /tmp/dctmp2 EVALHEX=8 fi POS1=`expr $EVALHEX - 7`;POS2=`expr $EVALHEX - 6` # POS3=`expr $EVALHEX - 5`;POS4=`expr $EVALHEX - 4` # get the 8 least signif. digits POS5=`expr $EVALHEX - 3`;POS6=`expr $EVALHEX - 2` # POS7=`expr $EVALHEX - 1` # D1=`cut -c $POS1-$POS2 /tmp/dctmp2` #1-2 D2=`cut -c $POS3-$POS4 /tmp/dctmp2` #3-4 D3=`cut -c $POS5-$POS6 /tmp/dctmp2` #5-6 D4=`cut -c $POS7-$EVALHEX /tmp/dctmp2` #7-8 echo "d1=$D1 d2=$D2 d3=$D3 d4=$D4" echo "ibase=A\nibase=16\nobase=A\n$D1\nquit" > /tmp/bctmp1 echo "ibase=A\nibase=16\nobase=A\n$D2\nquit" > /tmp/bctmp2 echo "ibase=A\nibase=16\nobase=A\n$D3\nquit" > /tmp/bctmp3 echo "ibase=A\nibase=16\nobase=A\n$D4\nquit" > /tmp/bctmp4 TARGET=`bc /tmp/bctmp1`"."`bc /tmp/bctmp2`"."`bc /tmp/bctmp3`"."`bc /tmp/bctmp4` if [ $1 = "-ua" ];then TMPCHK=0 if [ -f $BLOCKLIST ]; then TMPCHK=`grep -c $TARGET $BLOCKLIST` if [ $TMPCHK -gt 0 ]; then echo "$TARGET already exists in: $HOME/blocklist" echo "...Exiting." rm -f /tmp/orbs.tmp rm -f /tmp/dctmp* rm -f /tmp/bctmp* exit elif [ $TMPCHK -lt 0 ]; then echo "Script error. Negative return. See admin (001)" rm -f /tmp/orbs.tmp rm -f /tmp/dctmp* rm -f /tmp/bctmp* exit fi fi echo "$TARGET $SPAMMSG" >> $BLOCKLIST echo "$TARGET added to $BLOCKLIST with a status of \"spammer\"" else echo "That mess translates to: $TARGET" fi rm -f /tmp/dctmp* rm -f /tmp/bctmp* exit;; *) echo "Unhandled flag \"$1\" (ERR 02)" echo $USAGE exit;; esac fi if [ $TARGETTYPE = "ip" ]; then _checker if [ $YN -gt 0 ]; then echo "$TARGET $CONFRELAY" >> $BLOCKLIST echo "$TARGET added to block list ($BLOCKLIST)." else echo "$TARGET is not listed in ORDB" fi else echo "$TARGET is not a valid IP address. If you wish to run a FQDN," echo "please see the -a options when looking at the help (orbs -h)." fi exit