Script that blocks certain IP's

[Dino]

hi folks,

need some help with a perl-script.
i manage a website with a guestbook written in perl.
so, my problem is that i get overfilled with fuc**** spam always from
the same 4,5 ip-adresses. i can't access the hosting server, so i
cannot block the ip's from there. i need to block them trough the
script. is that possible?
something like that (as one of the first lines in the script):

if ($ENV{'REMOTE_ADDR'} eq "192.168.1.1") then exit;

sorry, but i do not have a clue about perl.
thanks for any help
Dino

 

[Paul Lalli]

hi folks,

need some help with a perl-script.
i manage a website with a guestbook written in perl.
so, my problem is that i get overfilled with fuc**** spam always from
the same 4,5 ip-adresses. i can't access the hosting server, so i
cannot block the ip's from there. i need to block them trough the
script. is that possible?
something like that (as one of the first lines in the script):

if ($ENV{'REMOTE_ADDR'} eq "192.168.1.1") then exit;

sorry, but i do not have a clue about perl.
thanks for any help
Dino

It certainly looks like you're on the right track. Did you actually try
what you wrote? The syntax isn't quite right, but definately the right
idea:

if ($ENV{'REMOTE_ADDR'} eq "192.168.1.1"){
print "Your IP is not allowed\n";
exit;
}

print "Welcome to my guestbook\n";
#the rest of your script.



Now you said there are 4 or 5 IPs you want to block, so you might want to
store them all hardcoded in, and check any of them:
[untested:]


@bad_ips = qw/192.168.1.1 192.168.1.2 192.168.1.3 192.168.1.4/;

if (grep "$ENV{'REMOTE_ADDR'} eq $_", @bad_ips){
print "Your IP is not allowed\n";
exit;
}
#rest of your script


Paul Lalli

 

[Richard Gration]

hi folks,
need some help with a perl-script.
i manage a website with a guestbook written in perl. so, my problem is
that i get overfilled with fuc**** spam always from the same 4,5
ip-adresses. i can't access the hosting server, so i cannot block the
ip's from there. i need to block them trough the script. is that
possible?
something like that (as one of the first lines in the script):

if ($ENV{'REMOTE_ADDR'} eq "192.168.1.1") then exit;

Not quite:

if ($ENV{REMOTE_ADDR} eq '192.168.1.1') { exit }

or nicer:

exit if ($ENV{REMOTE_ADDR} eq '192.168.1.1');

Your quoting would work but I rearranged them according to what I think
is pretty / correct ;-) (assuming perl5)

Rich

 

[Gunnar Hjalmarsson]

exit if ($ENV{REMOTE_ADDR} eq '192.168.1.1');

Your quoting would work but I rearranged them according to what I
think is pretty / correct ;-) (assuming perl5)

---------------------------------^^^^^^^^^^^^^^

Single quotes is not a perl5 thing, is it?

 

[Richard Gration]

No, but IIRC, bareword hash keys are ... ?

Rich

 

[Gunnar Hjalmarsson]

No, but IIRC, bareword hash keys are ... ?

Aha, didn't realize you were referring to _those_ quotes.

 

[Richard Gration]

Aha, didn't realize you were referring to _those_ quotes.

LOL

I *almost* didn't do it but I have an irrational hatred of quoted hash
keys. They cause my eyes to stutter when I'm parsing code ... well,
perhaps it's rational hatred then ;-)

R

 

[Dino]

exit if ($ENV{REMOTE_ADDR} eq '192.168.1.1'); Your quoting would
hi guys,

first thanks for the quick response.
But, none of your versions did work.
with this versions:

if ($ENV{REMOTE_ADDR} eq '192.168.1.1') { exit }
exit if ($ENV{REMOTE_ADDR} eq '192.168.1.1');

nothing happens. I (the "blocked" IP) can fill in the guestbook
everything i want to.

and this version:

@bad_ips = qw/192.168.1.1 192.168.1.2 192.168.1.3 192.168.1.4/;
if (grep "$ENV{'REMOTE_ADDR'} eq $_", @bad_ips){
print "Your IP is not allowed\n";
exit;
}

gives me an internal server error. Maybe i'm making a think-mistake.
When i fill a text in the form of the guestbook and click on the
submit-button, the guestbook perl-script in the cgi-bin folder is
executed, am i right?
when i put this line : if ($ENV{REMOTE_ADDR} eq '192.168.1.1') { exit
} on the top of the script, does it check the REMOTE_ADDR from the
apache server? Because i got the feeling that the $ENV{REMOTE_ADDR} is
empty.
What more info can i supply ?

Dino

 

[Dino]

P.S.

you can find the script here:

http://www.scriptarchive.com/guestbook.html

it's quite an old script...

 

[Tore Aursand]

first thanks for the quick response.
But, none of your versions did work.
with this versions:

if ($ENV{REMOTE_ADDR} eq '192.168.1.1') { exit }
exit if ($ENV{REMOTE_ADDR} eq '192.168.1.1');

nothing happens. I (the "blocked" IP) can fill in the guestbook
everything i want to.

Then your IP address _isn't_ "192.168.1.1". If you match against your
real IP address, the code above will work.

It will work bad, however; I guess the web server will respond with an
internal server, and that's not very nice. Consider writing some useful
output to the client instead. I would also have stored the blocked IP
addresses in a hash.

 

[Tintin]

P.S.

you can find the script here:

http://www.scriptarchive.com/guestbook.html

it's quite an old script...

.....and *very* poorly written, not maintained, not supported.

Head on over to http://nms-cgi.sourceforge.net/ for a well written,
supported and maintained version.

 

[gnari]

[snipped how exiting if $ENV{REMOTE_ADDR} eq '192.168.1.1') fails]

when i put this line : if ($ENV{REMOTE_ADDR} eq '192.168.1.1') { exit
} on the top of the script, does it check the REMOTE_ADDR from the
apache server? Because i got the feeling that the $ENV{REMOTE_ADDR} is
empty.
What more info can i supply ?

well, you could just print out the contents of %ENV

just put somewhere in the script, preferably just after the
HTML <BODY> tag has been printed:
for my $k (keys %ENV) {print "ENV [$k]=[$ENV{$k}]<br>\n";}

gnari

 

[Alan J. Flavell]

just put somewhere in the script, preferably just after the
HTML <BODY> tag has been printed:
for my $k (keys %ENV) {print "ENV [$k]=[$ENV{$k}]<br>\n";}

Which is going to produce some exciting results if the resulting
strings contain markup!!

I'd apply CGI::escapeHTML() to what's going to be printed
(except for the <br>, natch; although personally I would
put the result in a <pre> element and then use \n between
the lines, but I guess that's just a matter of taste really).

cheers

 

[gnari]

just put somewhere in the script, preferably just after the
HTML <BODY> tag has been printed:
for my $k (keys %ENV) {print "ENV [$k]=[$ENV{$k}]<br>\n";}

Which is going to produce some exciting results if the resulting
strings contain markup!!

I'd apply CGI::escapeHTML() to what's going to be printed
(except for the <br>, natch; although personally I would
put the result in a <pre> element and then use \n between
the lines, but I guess that's just a matter of taste really).

sure, but this was only supposed to be a run once, see what we
got here and then rollback to previous version kind of test,
just to get the idea of what kind of beasts lurk in %ENV.

I would be really surprised there is there is any markup there,
specially as he would be doing the test request himself.

anyways I was just prompting the OP to do some elementary
debugging himself, before just telling us that it does not work.

gnari.

 

[Dino]

"Alan J. Flavell" <[email protected]> wrote in message

sure, but this was only supposed to be a run once, see what we
got here and then rollback to previous version kind of test,
just to get the idea of what kind of beasts lurk in %ENV.

I would be really surprised there is there is any markup there,
specially as he would be doing the test request himself.

anyways I was just prompting the OP to do some elementary
debugging himself, before just telling us that it does not work.

gnari.

hi guys, thanks for the response.
The $ENV{REMOTE_ADDR} gives me back the IP-adress of the webserver
that is hosting my website, and not the adress of the user logged into
the site. Why? i thought that REMOTE_ADDR or REMOTE_HOST should give
me back the logged user'S IP, not that from the webserver...what am i
missing?

 

[Dino]

hi guys,

id did that:

my @ips = ("1.1.1.1","2.2.2.2","3.3.3.3","4.4.4.4","5.5.5.5");
print "Content-type: text/plain\r\n\r\n<br>"; # just in case
print "[\$ENV{'REMOTE_ADDR'}] is [$ENV{'REMOTE_ADDR'}] \n<br>\n";
foreach my $ip (@ips){
print "\$ip is $ip, $ENV{'REMOTE_ADDR'} eq $ip gives "
, $ENV{'REMOTE_ADDR'} eq $ip , "\n <br> \n";
}


after i click on the "submit" button and the guestbook-script gets
executed
(this is the first part of the output on the reloaded page):

<br>[$ENV{'REMOTE_ADDR'}] is [xxx.xxx.xxx.xxx]
<br>
$ip is 1.1.1.1, xxx.xxx.xxx.xxx eq 1.1.1.1 gives
<br>
$ip is 2.2.2.2, xxx.xxx.xxx.xxx eq 2.2.2.2 gives
<br>
Content-type: text/html
......


So, the $ENV{'REMOTE_ADDR'} gives me back xxx.xxx.xxx.xxx, which is
the IP of the server the site is in!

i do not need that IP, but the IP of the guest who is actually logged
and tryin' to sign in. why does
REMOTE_ADDR not get back the guest's IP from apache webserver? is
REMOTE_ADDR the wrong call?

thanks
Dino

p.s. of course, i'm not testing from the same machine the site is in

 

[ko]

Dino wrote:

[snip]

So, the $ENV{'REMOTE_ADDR'} gives me back xxx.xxx.xxx.xxx, which is
the IP of the server the site is in!

This doesn't have anything to do with Perl, but if what you say is true
then $ENV{REMOTE_ADDR} is probably the IP of a reverse proxy. Ask your
ISP to confirm...

HTH -keith

 

[Alan J. Flavell]

Which is going to produce some exciting results if the resulting
strings contain markup!!

I'd apply CGI::escapeHTML() to what's going to be printed

[...]
sure, but this was only supposed to be a run once, see what we
got here and then rollback to previous version kind of test,
just to get the idea of what kind of beasts lurk in %ENV.

Alright, and point taken; but when there's a right and a wrong way,
and they differ by very little, I'm afraid I'm going to favour doing
it the right way even in such simple cases, rather than deliberately
doing it the wrong way and hoping that under the restrictions of the
specific problem it won't matter. Best to start off in the right way,
rather than starting out wrong and later having to un-learn old
habits, IMHO. I've seen too many examples of scripts that were trying
to display e.g <img src="..."> - e.g in a specimen of HTML markup -
and succeeded only in displaying a broken-image placeholder, due to
forgetting to "entify" the data.

Of course an alternative approach if you only want to see the
environment report is to have the script send Content-type: text/plain
rather than text/html.

I would be really surprised there is there is any markup there,

Nevertheless, I would not want to learn a broken way of doing things
on the pretext that it saves a little bit of typing, just in order to
have to un-learn it later.

cheers