diff options
author | Aaron Ball <nullspoon@oper.io> | 2019-08-31 11:17:01 -0600 |
---|---|---|
committer | Aaron Ball <nullspoon@oper.io> | 2019-08-31 11:17:01 -0600 |
commit | 3936dbbec6fcba6515de4892ce5b222b937d3edd (patch) | |
tree | d1be831b2d43f42e752999b1d4786425a244bf4e | |
parent | fb043d38852321ff6df9b260a618aa5a69c28fcb (diff) | |
download | dnsbl-check-master.tar.gz dnsbl-check-master.tar.xz |
Now the script is configurable at runtime. A manifest file can be
specified, a summary only can be requested (count of matching lists
without details), and helptext was added.
-rwxr-xr-x | dnsbl-check.sh | 91 |
1 files changed, 66 insertions, 25 deletions
diff --git a/dnsbl-check.sh b/dnsbl-check.sh index 1a7c547..274c2f8 100755 --- a/dnsbl-check.sh +++ b/dnsbl-check.sh @@ -23,8 +23,6 @@ export CGREEN=$'\e[32m' export CRED=$'\e[31m' export CRESET=$'\e[0m' -export LIST=${LIST:-dnsbls.txt} - # is_ipv4: # Checks if the provided string is a valid IPv4 address. # @@ -43,34 +41,63 @@ is_ipv4() { } +usage() { + printf "Usage:\n %s [options] <ip>\n\n" "$(basename ${0})" + printf "Options:\n" + printf " -h,--help Print this help text\n" + printf " -m,--manifest Path to file containing DNSBL manifest\n" + printf " -s,--summary Print only number of lists IP was found on\n" +} + + +parseargs() { + local args=("${@}") + for (( i = 0; i < ${#args[@]}; i++ )); do + if [ "${args[$i]}" = '-h' ] || [ "${args[$i]}" = '-h' ]; then + usage + exit 0 + elif [ "${args[$i]}" = '-s' ] || [ "${args[$i]}" = '--summary' ]; then + _SUMMARY=1 + elif [ "${args[$i]}" = '-m' ] || [ "${args[$i]}" = '--manifest' ]; then + i=$(( i + 1 )) + _MANIFEST="${args[$i]}" + else + _IP="${args[$i]}" + fi + done + + if [ -z "${_IP}" ]; then + printf "IP address required\n" + return 1 + fi + + if [ $(is_ipv4 "${_IP}") = 0 ]; then + printf "Provided IP '%s' is not a valid IPv4 address\n" "${_IP}" + return 1 + fi +} + + # main: # Ye olde' main. # # @ip IP address to check for blacklist main() { - local ip="${1}" # IP address to check for blacklisting local rev # IP address, reversed for dns lookup (dig) local resp # Response from dns query local dnsbls # Array of dns blacklist endpoints local found # Number of times the ip was found in blacklists - if [ -z "${ip}" ]; then - printf "IP address required\n" - return 1 - fi + local _IP='' # IP to query DNSBLs for + local _SUMMARY=0 # Print only DNSBL count summary (number of lists + # blacklisting the ip) + local _MANIFEST='' # Manifest of DNSBLs to check - if [ ! -f "${LIST}" ]; then - printf "ERROR: DNSBL manifest '%s' not accessible.\n" "${LIST}" - printf "Please set LIST environment variable to file that exists\n" - return 1 - else - dnsbls=($(grep -v '^#' "${LIST}")) - fi + # Set defaults + _MANIFEST="dnsbls.txt" - if [ $(is_ipv4 "${ip}") = 0 ]; then - printf "Provided IP '%s' is not a valid IPv4 address\n" "${ip}" - return 1 - fi + # Parse cli args into arg variables + parseargs ${@} || return $? # If the terminal is not a char terminal (eg: someone is using less, more, # cat, etc), we don't want to print escape codes because they will get @@ -82,26 +109,40 @@ main() { fi # Reverse the ip address - rev=$(printf '%s.' "${ip}" | tac -s.) + rev=$(printf '%s.' "${_IP}" | tac -s.) # Some basic information - printf "Checking %s\n" "${ip}" - printf "Reverse DNS: %s\n\n" "$(dig @${NS} +short -x ${ip})" + if [ "${_SUMMARY}" -eq 0 ]; then + printf "Checking %s\n" "${_IP}" + printf "Reverse DNS: %s\n\n" "$(dig @${NS} +short -x ${_IP})" + fi + + if [ ! -f "${_MANIFEST}" ]; then + printf "ERROR: DNSBL manifest '%s' not accessible.\n" "${_MANIFEST}" + printf "Please set LIST environment variable to file that exists\n" + return 1 + else + dnsbls=($(grep -v '^#' "${_MANIFEST}")) + fi found=0 for bl in ${dnsbls[@]}; do # I can dig it resp="$(dig @${NS} +short -t a ${rev}${bl})" - printf "%-25s: " "${bl}" + [ "${_SUMMARY}" -eq 0 ] && printf "%-25s: " "${bl}" if [ -z "${resp}" ]; then - printf "%bNot found%b\n" "${CGREEN}" "${CRESET}" + [ "${_SUMMARY}" -eq 0 ] && printf "%bNot found%b\n" "${CGREEN}" "${CRESET}" else - printf "%bFound%b\n" "${CRED}" "${CRESET}" + [ "${_SUMMARY}" -eq 0 ] && printf "%bFound%b\n" "${CRED}" "${CRESET}" found=$((found + 1)) fi done - printf "\nFound %s on %d lists\n" "${ip}" "${found}" + if [ ${_SUMMARY} -eq 0 ]; then + printf "\nFound %s on %d lists\n" "${_IP}" "${found}" + else + printf "%d\n" "${found}" + fi } main ${@} |