4 files changed, 108 insertions, 0 deletions
diff --git a/contrib/README.TXT b/contrib/README.TXT
index 6544e59..7543a5a 100644
--- a/contrib/README.TXT
+++ b/contrib/README.TXT
@@ -55,3 +55,5 @@ fetchlog-0.94.tar.gz   - C program: The fetchlog utility displays the last new m
                         remote logfiles. The README shows how to setup fetchlog for Nagios.
                         (Alexander Haderer)
+check_icmp-0.8.tar.gz   - C program: check_icmp is an alternative to check_ping that doesn't require the ping
+                        utility or any other executable.
diff --git a/contrib/rblcheck-dns b/contrib/rblcheck-dns
new file mode 100755
index 0000000..5e96195
--- /dev/null
+++ b/contrib/rblcheck-dns
@@ -0,0 +1,69 @@
+#!/usr/bin/perl
+# Multi-RBL Query tool, developer Vikram <vr@udel.edu>
+use strict;
+use Socket;
+my $suspect = $ARGV[1];
+die "Syntax: $0 -H <ip address>\n" unless $suspect;
+my @rblservers=qw[
+        3y.spam.mrs.kithrup.com
+        block.blars.org
+        bl.redhatgate.com
+        blackholes.five-ten-sg.com
+        blackholes.intersil.net
+        blackholes.mail-abuse.org
+        blackholes.wirehub.net
+        blacklist.spambag.org
+        dev.null.dk
+        dews.qmail.org  
+        dialup.blacklist.jippg.org
+        dialups.mail-abuse.org
+        dnsbl.njabl.org
+        dul.maps.vix.com
+        dul.orca.bc.ca
+        dynablock.wirehub.net
+        formmail.relays.monkeys.com
+        ipwhois.rfc-ignorant.org
+        list.dsbl.org
+        multihop.dsbl.org
+        okrelays.nthelp.com     
+        pm0-no-more.compu.net
+        proxies.relays.monkeys.com
+        rbl-plus.mail-abuse.org
+        rbl.maps.vix.com
+        rbl.spam.org.tr
+        relays.mail-abuse.org
+        relays.nthelp.com
+        relays.ordb.org
+        relays.radparker.com
+        relays.visi.com
+        sbl.spamhaus.org
+        spamguard.leadmon.net
+        spammers.v6net.org
+        spamsources.fabel.dk
+        spews.org
+        unconfirmed.dsbl.org
+        xbl.selwerd.cx
+];
+my $spam = 0;
+foreach ( @rblservers ) {
+        my @s = split('\.',$suspect);
+        my $req = "$s[3].$s[2].$s[1].$s[0].".$_;
+        my ($name,$aliases,$addrtype,$length,@addrs) = gethostbyname($req);
+        next unless (@addrs);
+        my $result = inet_ntoa($addrs[0]);
+        #next unless (substr($result, 7) eq '127.0.0');
+        print "$suspect is listed in the following RBLS: " if ( $spam == 0 );
+        print $_, " ";
+        $spam = 1;
+}
+print "$suspect is not listed in any RBLS" if ( $spam == 0 );
+print "\n";
+exit( $spam );
diff --git a/contrib/rblcheck-web b/contrib/rblcheck-web
new file mode 100755
index 0000000..eb4fcde
--- /dev/null
+++ b/contrib/rblcheck-web
@@ -0,0 +1,37 @@
+#!/usr/bin/perl
+# Multi-RBL Query tool, developer Vikram <vr@udel.edu>
+use IO::Socket::INET;
+die "Syntax: $0 -H <ip address>\n" unless $ARGV[1];
+$soc = new IO::Socket::INET->new(PeerPort=>80,
+Proto=>'tcp',
+PeerAddr=>"rbls.org") or die("Cannot connect to CERT");
+                                                                                                    
+$ip = $ARGV[1]; 
+$uri = '/?q='.$ip;
+$soc->send("GET $uri HTTP/1.1\nHost: rbls.org\n\n");
+@buff = <$soc>;
+delete @buff[0..7];     
+$len = @buff;
+$alert = 0;
+for( $i=0;$i<$len;$i++ ) {
+        next unless( defined $buff[$i] );
+        chomp($buff[$i]);
+        #print "$buff[$i]\n";
+        if ( $buff[$i] eq "<tr bgcolor=#ffc0c0>" ) {
+                $rbl = substr($buff[$i+1], 5, index($buff[$i], "</tr>") - 5);
+                next if ( index($rbl, '.') == -1 );
+                print "$ip is listed in the following RBLS: " if ( $alert == 0 );
+                print "$rbl ";
+                $alert = 1;
+        }       
+}
+print "$ip is not listed in any RBLS" if ( $alert == 0 );
+print "\n";
+exit($alert);
diff --git a/contrib/tarballs/check_icmp-0.8.tar.gz b/contrib/tarballs/check_icmp-0.8.tar.gz
new file mode 100644
index 0000000..2ee5db0
--- /dev/null
+++ b/contrib/tarballs/check_icmp-0.8.tar.gz
Binary files differ

diff --git a/contrib/README.TXT b/contrib/README.TXT index 6544e59..7543a5a 100644 --- a/contrib/README.TXT +++ b/contrib/README.TXT
@@ -55,3 +55,5 @@ fetchlog-0.94.tar.gz - C program: The fetchlog utility displays the last new m
55	remote logfiles. The README shows how to setup fetchlog for Nagios.	55	remote logfiles. The README shows how to setup fetchlog for Nagios.
56	(Alexander Haderer)	56	(Alexander Haderer)
57		57
		58	check_icmp-0.8.tar.gz - C program: check_icmp is an alternative to check_ping that doesn't require the ping
		59	utility or any other executable.


diff --git a/contrib/rblcheck-dns b/contrib/rblcheck-dns new file mode 100755 index 0000000..5e96195 --- /dev/null +++ b/contrib/rblcheck-dns
@@ -0,0 +1,69 @@
		1	#!/usr/bin/perl
		2	# Multi-RBL Query tool, developer Vikram <vr@udel.edu>
		3	use strict;
		4	use Socket;
		5	my $suspect = $ARGV[1];
		6
		7	die "Syntax: $0 -H <ip address>\n" unless $suspect;
		8
		9	my @rblservers=qw[
		10	3y.spam.mrs.kithrup.com
		11	block.blars.org
		12	bl.redhatgate.com
		13	blackholes.five-ten-sg.com
		14	blackholes.intersil.net
		15	blackholes.mail-abuse.org
		16	blackholes.wirehub.net
		17	blacklist.spambag.org
		18	dev.null.dk
		19	dews.qmail.org
		20	dialup.blacklist.jippg.org
		21	dialups.mail-abuse.org
		22	dnsbl.njabl.org
		23	dul.maps.vix.com
		24	dul.orca.bc.ca
		25	dynablock.wirehub.net
		26	formmail.relays.monkeys.com
		27	ipwhois.rfc-ignorant.org
		28	list.dsbl.org
		29	multihop.dsbl.org
		30	okrelays.nthelp.com
		31	pm0-no-more.compu.net
		32	proxies.relays.monkeys.com
		33	rbl-plus.mail-abuse.org
		34	rbl.maps.vix.com
		35	rbl.spam.org.tr
		36	relays.mail-abuse.org
		37	relays.nthelp.com
		38	relays.ordb.org
		39	relays.radparker.com
		40	relays.visi.com
		41	sbl.spamhaus.org
		42	spamguard.leadmon.net
		43	spammers.v6net.org
		44	spamsources.fabel.dk
		45	spews.org
		46	unconfirmed.dsbl.org
		47	xbl.selwerd.cx
		48	];
		49
		50
		51	my $spam = 0;
		52	foreach ( @rblservers ) {
		53	my @s = split('\.',$suspect);
		54	my $req = "$s[3].$s[2].$s[1].$s[0].".$_;
		55
		56	my ($name,$aliases,$addrtype,$length,@addrs) = gethostbyname($req);
		57	next unless (@addrs);
		58
		59	my $result = inet_ntoa($addrs[0]);
		60	#next unless (substr($result, 7) eq '127.0.0');
		61
		62	print "$suspect is listed in the following RBLS: " if ( $spam == 0 );
		63	print $_, " ";
		64	$spam = 1;
		65	}
		66
		67	print "$suspect is not listed in any RBLS" if ( $spam == 0 );
		68	print "\n";
		69	exit( $spam );


diff --git a/contrib/rblcheck-web b/contrib/rblcheck-web new file mode 100755 index 0000000..eb4fcde --- /dev/null +++ b/contrib/rblcheck-web
@@ -0,0 +1,37 @@
		1	#!/usr/bin/perl
		2	# Multi-RBL Query tool, developer Vikram <vr@udel.edu>
		3	use IO::Socket::INET;
		4
		5	die "Syntax: $0 -H <ip address>\n" unless $ARGV[1];
		6
		7	$soc = new IO::Socket::INET->new(PeerPort=>80,
		8	Proto=>'tcp',
		9	PeerAddr=>"rbls.org") or die("Cannot connect to CERT");
		10
		11	$ip = $ARGV[1];
		12	$uri = '/?q='.$ip;
		13
		14	$soc->send("GET $uri HTTP/1.1\nHost: rbls.org\n\n");
		15	@buff = <$soc>;
		16	delete @buff[0..7];
		17	$len = @buff;
		18
		19	$alert = 0;
		20
		21
		22	for( $i=0;$i<$len;$i++ ) {
		23	next unless( defined $buff[$i] );
		24	chomp($buff[$i]);
		25	#print "$buff[$i]\n";
		26
		27	if ( $buff[$i] eq "<tr bgcolor=#ffc0c0>" ) {
		28	$rbl = substr($buff[$i+1], 5, index($buff[$i], "</tr>") - 5);
		29	next if ( index($rbl, '.') == -1 );
		30	print "$ip is listed in the following RBLS: " if ( $alert == 0 );
		31	print "$rbl ";
		32	$alert = 1;
		33	}
		34	}
		35	print "$ip is not listed in any RBLS" if ( $alert == 0 );
		36	print "\n";
		37	exit($alert);


diff --git a/contrib/tarballs/check_icmp-0.8.tar.gz b/contrib/tarballs/check_icmp-0.8.tar.gz new file mode 100644 index 0000000..2ee5db0 --- /dev/null +++ b/contrib/tarballs/check_icmp-0.8.tar.gz
Binary files differ