Good IP Range blocker?

[BlazeXxX]

OK I have tried every single ip range blockers, but non worked like charm for me

Is it possible to do a script or has someone got a script that blocks any ip rang we specify..
For example banning a big range like 215.112.0.0 - 215.112.255.255 or banning ranges like 215.112.0.0 - 216.125.255.255

And in a text file or something or in a profile or somehow.. I want to allow few ppl i trust as a good user to be in from that ip range, but whoever is not in that list, or doesn't have that profile... He shudn't be allowed in at all.. All the ops shud be notified with the nick the person is trying to get in, and their current ip..

Any Great help will be acceptable
I am beleiving someone wud help me out

[tezlo]

here you go..
only unregistered users get checked

-- easyranger
-- tezlo

ipRanges = {}

denyMsg = " You dont belong here."

function compute(ip)
	local s, e, a, b, c, d = strfind(ip, "^(%d+).(%d+).(%d+).(%d+)$")
	if s then return a*16777216 + b*65536 + c*256 + d end return 0
end

function checkrange(table, ip)
	return foreachi(table, function(id, tmp)
		if (%ip >= tmp[1]) and (%ip <= tmp[2]) then return tmp end
	end)
end

function load(name, data)
	ipRanges[name] = ipRanges[name] or {}
	gsub(data, "(%S+) %- (%S+)", function(s, e)
		s, e = compute(s), compute(e)
		tinsert(ipRanges[%name], { s, e })
	end)
end

function Main()
	local f = openfile("ranger.dat", "r") assert(f, "ranger.dat")
	local file = read(f, "*a") closefile(f)	gsub(file, "%[(%S+)%]([%c%d%s%-%.]+)", load)
end

function NewUserConnected(user)
	if user.iProfile ~= -1 then return end
	local ip, block = compute(user.sIP)
	for name, range in ipRanges do
		if checkrange(range, ip) then block = name break end
	end if block then
		SendToOps("Hub-Security", user.sName.." ["..user.sIP.."] disconnected because.. "..block)
		user:SendData(denyMsg) user:Disconnect()
	end
end

youll need ranger.dat looking something like this..

[BADBWOY]
215.112.0.0 - 215.112.255.255
215.114.0.0 - 215.116.255.255

[REALBADBWOY]
127.0.0.1 - 127.0.0.255
...

[BlazeXxX]

WoW Tezlo You are the man    Gonna test it, hope it works on my IceCube IV version

[BlazeXxX]

hmm Tezlo,
Here is wat i have in my ranger.dat file:
[RIAA]
220.255.0.0 - 220.255.255.255
215.114.0.0 - 215.116.255.255

[LP]
81.112.255.1 - 81.112.255.255

And I have copied the same script lines from the msg above and pasted it in a file called ranger.lua .

I tried with the person from that ip range, i mean the first ip range.. He is not registered in the hub and he can get in still ??

He reconnected, restart dc++ and everything.. but its letting him in ?? :S

There is no error in scripting editor also.. Any clue why its not working ?? Any help is appriciatable

[tezlo]

well it works for me.. did you restart scripts after changing ranger.dat ?

[BlazeXxX]

Yup.. I even restarted the hub :( No use...

Wen u adding the ip ranges, do u use anything like alt+0160 to make space or anything ? And can u check in the script u posted, that the lines are not muddled up together:

user:SendData(denyMsg) user:Disconnect()

like that or anything ? Will that kind of functinos work fine , cuz i seen only like this:

user:SendData(denyMsg)
user:Disconnect()

Maybe i am stupid :p

[tezlo]

spaces are just ordinary spaces #32
and linebreaks dont matter.. works either way

if youre running the hub on your puter..
leave the 127.0.0.1 - 127.0.0.255 range in the .dat file
and try connecting to localhost

works for me and others too..
ive no idea where the problem is :/

[BlazeXxX]

Hmm My hub isn't running on the same line as i am trying.. I only changed one ip range to my friend's ip range.. He can still come in, its not blocking him off ?

[tezlo]

and hes not a registered user by any chance ?

[BlazeXxX]

Nop.. He tried with abt 15 diff nicks that is not registered... and he can still get in..

Any idea ?

[tezlo]

two of them..
// either the ranges dont load
// or the guy's ip doesnt match any
// i dont really think there is anything wrong with the code ;)

anyway lets debug..
just change reportNick to yours and the script will let you know whats going on

ipRanges = {}

denyMsg = " You dont belong here."

reportNick = "tezlo"

function report(str)
	SendToNick(reportNick, ">> "..str)
end

function compute(ip)
	local s, e, a, b, c, d = strfind(ip, "^(%d+).(%d+).(%d+).(%d+)$")
	if s then return a*16777216 + b*65536 + c*256 + d end return 0
end

function checkrange(table, ip)
	return foreachi(table, function(id, tmp)
		if (%ip >= tmp[1]) and (%ip <= tmp[2]) then return tmp end
	end)
end

function load(name, data)
	report("loading "..name)
	ipRanges[name] = ipRanges[name] or {}
	gsub(data, "(%S+) %- (%S+)", function(s, e)
		report("\t"..s.." - "..e)
		s, e = compute(s), compute(e)
		tinsert(ipRanges[%name], { s, e })
	end)
end

function Main()
	local f = openfile("ranger.dat", "r") assert(f, "ranger.dat")
	local file = read(f, "*a") closefile(f)	gsub(file, "%[(%S+)%]([%c%d%s%-%.]+)", load)
end

function NewUserConnected(user)
	if user.iProfile ~= -1 then return end
	report(user.sName.." in ["..user.sIP.."]")
	local ip, block = compute(user.sIP)
	for name, range in ipRanges do
		if checkrange(range, ip) then block = name break end
	end if block then
		SendToOps("Hub-Security", user.sName.." ["..user.sIP.."] disconnected because.. "..block)
		report(user.sName.." out ["..block.."]")
		user:SendData(denyMsg) user:Disconnect()
	else report(user.sName.." OK") end
end

the problem should be obvious then
and it should look something like this..

>> loading LOCAL
>> 	127.0.0.1 - 127.0.0.255
>> loading LAN
>> 	192.168.0.0 - 192.168.255.255
>> booya in [127.0.0.1]
>> booya out [LOCAL]

[BlazeXxX]

OK thx Tezlo, Let me give it a try with few other ip ranges as well.. Will let you know if its working

[tezlo]

so.. you figured it out?

[BlazeXxX]

Nooooo Its not working

I am getting report from the bot saying:

>> loading RIAA
>>    82.150.0.0 - 82.151.255.255
>> loading LP
>>    192.168.0.0 - 192.168.255.255

But The person who is in the first range 82.150.0.0 - 82.151.255.255 is still able to login He is not registered/He is not OP.. I have no clue whats wrong

I dunno if its conflicting with any other scripts, but this is wat i have:

Ptokax IceCubeIV Build1
Security Admin 666
NickTaken bot by Skrollster
AntiAdvertiser
NewUser Welcoming Script

Thats all I have.. I tried with few other ranges, no seems to be working.. I tried KlownietKlowniet's IP range blocker.. And its working fine.. But His one checks on all users..

I want only unregged users gettin checked..

Pls help me out  

[raz]

hi blazeXxX, i have tried it on my ptokax test drive 4. with out any scripts and it works fine. i don't think the welcoming msg is going 2 effect or security admin, nicktaken bot and anti advertiser none of dem should effect the scripts. why don't you use Ptokax test drive 4 it is much better den Ptokax IceCubeIV Build1  and more updated. i might think it is cuz of this. post KlownietKlowniet's IP range blocker on here maybe some1 can change it so only unregged get blocked. or u can ask KlownietKlowniet 2 change it if he is around.

[tezlo]

ffs IceCube.. raz is right
profiles got implemented in TestDrive
so theres one thing you can do..

change
if user.iProfile ~= -1 then return end
to..
if user.bOperator then return end

and have only non-OPs checked
or leave the code and update to TestDrive

[BlazeXxX]

if user.iProfile ~= -1 then return end
to..
if user.bOperator then return end


Isn't IceCube IV has profiles like:

Unregged user : -1
Regged user: 0
OP: 1

etc.. ??? Because I am on linux and i cannot switch to TD versions as its killing the hub with over usage of wine server etc..

So pls someone make it work with IceCube Profiles pls .. I beg u all

[klownietklowniet]

Hehe... tezlo, NewUserConnected() doesn't check OPs, OpConnected() does that.... ;-)

The only solution I can think of is one tha is not so good. If you are using a tag in the begining of the regged users, you can check for that tag before checking for ip range. IceCude has no profiles as already stated, so there's not much you can do with that. Drawback is the if a user has that tag, even if he is not regged in the hub, he will not be checked for iprange...

[tezlo]

right..
no need to change anything
just delete that line :)

[BlazeXxX]

Hmm... Well, I have like 5 Diff prefix in my hub.. one is like [VIP], [Helper], [Queen], [KING] & [STAR]

Now anyone can use any of those Prefix wen they login.. So Any idea on how to overcome this? We do reg ppl with that nick only.. So if someone is having one of that prefix and not in the registered user's list.... Make the IP range bot check on them ??? Possible??  :rolleyes:

[klownietklowniet]

Not really. You can't check if they are regged in IceCude. Only if they are Operators, which is no help. One could parse the "RegisteredUsers.dat" file, and extract the regged users from there into a list. Then on login check if they are listed or not... Don't think there is any other solution. Offcourse you can keep all the regged users in another file with just a username and do the same as above. Problem is maintaining that list...

[DarkElf]

Try this...

<?php
-- Date: 09-06-2003 
-- 
-- code from klownietklowniet 
-- network: [ > DC - UniteD < ] 
-- 
-- Request by Skippy 
-- 
-- Block ip ranges. Key in table is the start of the range and the value is the end 

BotName = "ipRangeR" 


blockedips= 

{ 

-- start(key) = end of range(value) 

["62.36.0.0"] = "62.36.204.103" 
} 

function Main() 
frmHub:RegBot(BotName) 
end 

function NewUserConnected(curUser) 
if BlockedIp(curUser.sIP) == 1 then 
curUser:SendPM(BotName, "Your ip belongs to an ip range that is not allowed into this hubs!") 
curUser:SendPM(BotName, "You are beeing disconnected!") 
SendPmToOps(BotName, "User "..curUser.sName.." with ip "..curUser.sIP.." was disconnected by "..BotName.."!") 
curUser:Ban() 
end 

end 

------------------------------------------------------------------------------------ 
--// This function checks to see if users ip should be blocked from entering the hub 
------------------------------------------------------------------------------------ 

function BlockedIp(tmpip) 
local r1,g1,a1,b1,c1,d1 = strfind(tmpip, "(%d*).(%d*).(%d*).(%d*)") 
for s,e in blockedips do 
local r2,g2,a2,b2,c2,d2 = strfind(s, "(%d*).(%d*).(%d*).(%d*)") 
local r3,g3,a3,b3,c3,d3 = strfind(e, "(%d*).(%d*).(%d*).(%d*)") 
if a1 > a2 and a1 < a3 then 
return 1 
elseif a1==a2 and a1==a3 then 
if b1 > b2 and b1 < b3 then 
return 1 
elseif b1==b2 and b1==b3 then 
if c1 > c2 and c2 < c3 then 
return 1 
elseif c1==c2 and c1==c3 then 
if d1 > d2 and d1 < d3 then 
return 1 
else 
return 0 
end 
elseif c1==c2 then 
if d1 >d2 then 
return 1 
else 
return 0 
end 
elseif c1==c3 then 
if d1 <d3 then 
return 1 
else 
return 0 
end 
else 
return 0 
end 
elseif b1==b2 then 
if c1>c2 then 
return 1 
elseif c1==c2 then 
if d1 > d2 then 
return 1 
else 
return 0 
end 
else 
return 0 
end 
elseif b1==b3 then 
if c1<c3 then 
return 1 
elseif c1==c3 then 
if d1<d3 then 
return 1 
else 
return 0 
end 
else 
return 0 
end 
else 
return 0 
end 
elseif a1==a2 then 
if b1>b2 then 
return 1 
elseif b1==b2 then 
if c1>c2 then 
return 1 
elseif c1==c2 then 
if d1>c2 then 
return 1 
else 
return 0 
end 
else 
return 0 
end 
else 
return 0 
end 
elseif a1==a3 then 
if b1<b3 then 
return 1 
elseif b1==b3 then 
if c1<c3 then 
return 1 
elseif c1==c3 then 
if d1<d3 then 
return 1 
else 
return 0 
end 
else 
return 0 
end 
else 
return 0 
end 
else 
return 0 
end 
end 
end 

<?

[BlazeXxX]

DarkElf : Arghhh man, I got that script as well.. But as i said.. I don't want to ban a range and loose like 25 users..

Klownietklowniet: Is it possible that way? Like only allow the ppl who is in a .txt file or something.. I mean their nick...

so We ban a range like 82.121.0.0 - 82.125.0.0 and if one of the person is from that range, it checks the .txt file for the nick.. if its not found then disconnect? i think this idea is possible? Pls give it a try for me m8 :)

[klownietklowniet]

For which script? Think it should be possible, yes... I'll read them from a txt file you can create...

[BlazeXxX]

The one posted by Tezlo or new one that can handle unlimited of ip ranges adding and reading from a text file and allowing those usernames that is in that list from the ip range not to enter.