<?php
-/**
- * Proxy Detector v0.1
+/*
+ * Proxy Detector v0.1 with brisk customizations
* copyrights by: Daantje Eeltink (me@daantje.nl)
* http://www.daantje.nl
*
*
* License:
* GPL v2 licence. (http://www.gnu.org/copyleft/gpl.txt)
- *
- * Support:
- * If you like this class and find it usefull, please donate one or two
- * coins to my PayPal account me@daantje.nl
- *
- * Todo:
- * Add open proxy black list scan.
*/
class proxy_detector {
- /**
- * CONSTRUCTOR
- * Set defaults...
- */
- function proxy_detector(){
- $this->config = array();
- $this->lastLog = "";
-
- //set default headers
- $this->scan_headers = array(
- 'HTTP_VIA',
- 'HTTP_X_FORWARDED_FOR',
- 'HTTP_FORWARDED_FOR',
- 'HTTP_X_FORWARDED',
- 'HTTP_FORWARDED',
- 'HTTP_CLIENT_IP',
- 'HTTP_FORWARDED_FOR_IP',
- 'VIA',
- 'X_FORWARDED_FOR',
- 'FORWARDED_FOR',
- 'X_FORWARDED',
- 'FORWARDED',
- 'CLIENT_IP',
- 'FORWARDED_FOR_IP',
- 'HTTP_PROXY_CONNECTION'
- );
- }
+ /**
+ * CONSTRUCTOR
+ * Set defaults...
+ */
+ function proxy_detector(){
+ }
- /*
- function exists_in_rbl($remote)
- verify if an host is into a proxy black list or not
- */
- function exists_in_rbl($remote) {
- $rbls = array('http.dnsbl.sorbs.net', 'misc.dnsbl.sorbs.net');
- // $remote = $_SERVER['REMOTE_ADDR'];
- // $remote = '213.134.170.206';
- // $remote = '64.34.166.71';
+ /*
+ function exists_in_rbl($remote)
+ verify if an host is into a proxy black list or not
+ */
+ function exists_in_rbl($remote) {
+ $rbls = array('http.dnsbl.sorbs.net', 'misc.dnsbl.sorbs.net');
- if (preg_match("/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/",
- $remote, $matches)) {
- foreach ($rbls as $rbl) {
- $rblhost = $matches[4] . "." . $matches[3] . "." .
- $matches[2] . "." . $matches[1] . "." . $rbl;
+ if (preg_match("/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/",
+ $remote, $matches)) {
+ foreach ($rbls as $rbl) {
+ $rblhost = $matches[4] . "." . $matches[3] . "." .
+ $matches[2] . "." . $matches[1] . "." . $rbl;
- $resolved = gethostbyname($rblhost);
- // echo "RBL ".$rblhost."<br>";
- if ($resolved != $rblhost) {
- return TRUE;
- }
- }
- }
- return FALSE;
- }
-
- /**
- * VOID setHeader( STRING $trigger )
- * Set new header trigger...
- */
- function setHeader($trigger){
- $this->scan_headers[] = $trigger;
- }
-
-
- /**
- * ARRAY $triggers = getHeaders( VOID )
- * Get all triggers in one array
- */
- function getHeaders(){
- return $this->scan_headers;
- }
-
-
- /**
- * VOID setConfig( STRING $key, STRING $value)
- * Set config line...
- */
- function setConfig($key,$value){
- $this->config[$key] = $value;
- }
-
-
- /**
- * MIXED $config = getConfig( [STRING $key] )
- * Get all config in one array, or only one config value as a string.
- */
- function getConfig($key=''){
- if($key)
- return $this->config[$key];
- else
- return $this->config;
- }
-
-
- /**
- * STRING $log = getLog( VOID )
- * Get last logged information. Only works AFTER calling detect()!
- */
- function getLog(){
- return $this->lastLog;
- }
-
-
- /**
- * BOOL $proxy = detect( $addr )
- * Start detection and return TRUE if a proxy server is detected...
- */
- function detect($addr){
- GLOBAL $G_proxy_white_list;
- $log = "";
-
- foreach($G_proxy_white_list as $authproxy) {
- if ($addr == $authproxy)
- return (FALSE);
+ $resolved = gethostbyname($rblhost);
+ // echo "RBL ".$rblhost."<br>";
+ if ($resolved != $rblhost) {
+ return TRUE;
+ }
+ }
+ }
+ return FALSE;
}
- if ($this->exists_in_rbl($addr) == TRUE)
- return (TRUE);
-
-// //scan all headers
-// foreach($this->scan_headers as $i){
-// //proxy detected? lets log...
-// if($_SERVER[$i])
-// $log.= "trigger $i: ".$_SERVER[$i]."\n";
-// }
+ /**
+ * BOOL $proxy = detect( $addr )
+ * Start detection and return TRUE if a proxy server is detected...
+ */
+ function detect($addr){
+ GLOBAL $G_proxy_white_list;
- //let's do something...
- if($log){
- $log = $this->lastLog = date("Y-m-d H:i:s")."\nDetected proxy server: ".gethostbyaddr($addr)." ({$addr})\n".$log;
+ foreach($G_proxy_white_list as $authproxy) {
+ if ($addr == $authproxy)
+ return (FALSE);
+ }
- //mail message
- if($this->getConfig('MAIL_ALERT_TO'))
- mail($this->getConfig('MAIL_ALERT_TO'),"Proxy detected at {$addr}",$log);
+ if ($this->exists_in_rbl($addr) == TRUE)
+ return (TRUE);
- //write to file
- $f = $this->getConfig('LOG_FILE');
- if($f){
- if(is_writable($f)){
- $fp = fopen($f,'a');
- fwrite($fp,"$log\n");
- fclose($fp);
- }else{
- die("<strong>Fatal Error:</strong> Couldn't write to file: '<strong>$f</strong>'<br>Please check if the path exists and is writable for the webserver or php...");
- }
- }
-
- //done
- return TRUE;
+ //nope, no proxy was logged...
+ return FALSE;
}
-
- //nope, no proxy was logged...
- return FALSE;
- }
}
//init class
function is_proxy($addr)
{
- /* FIXME: test to verify reasons of poor multitasking performances */
- return (FALSE);
- /* FIXME: end */
-
- $proxy = new proxy_detector();
+ $proxy = new proxy_detector();
- //start detect
- if($proxy->detect($addr)) {
- //returned TRUE, lets die...
- echo "<br><br><div style=\"text-align:center;\"><h1>Accesso attaverso proxy non consentito.</h1><br><br>";
- echo "Se state utilizzando un proxy privato e volete che sia autorizzato mandate il suo indirizzo IP (".$addr.") e il suo proprietario all'indirizzo di posta elettronica <a href=\"mailto:brisk@alternativeoutput.it\">brisk@alternativeoutput.it</a><br><br></div>";
-
- //parse logged info
- echo nl2br($proxy->getLog());
-
- //some credits...
- // echo "<hr><strong>proxy detector v0.1</strong> - ©2006 <a href=\"http://www.daantje.nl\" target=\"_blank\">daantje.nl</a>";
-
- //and do nothing anymore! (but not in my example)
- return (TRUE);
- }
- else
- return (FALSE);
+ //start detect
+ return ($proxy->detect($addr));
}
?>
projects / brisk.git / commitdiff