Darren/dpaste
1
0
Fork 0
mirror of https://github.com/DarrenOfficial/dpaste.git synced 2024-11-15 08:02:54 +11:00
Code Issues Projects Releases Packages Wiki Activity

Added a middleware to repel anonymous proxy and tor clients

Browse source
This commit is contained in:
Martin Mahner 2014-12-12 21:02:25 +00:00
parent 4dfab6533a
commit 459e60a138
1 changed files with 54 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
dpaste/middleware.py Normal file
View file

@ -0,0 +1,54 @@
import socket
tor_bl = (
'{remote_addr}.{server_port}.{server_ip}'
'.ip-port.exitlist.torproject.org')
open_proxy_bl = ('{remote_addr}.dnsbl.proxybl.org')
rev_ip = lambda ip: '.'.join(reversed(ip.split('.')))
def in_blacklist(request, bl, ip=None):
ip = ip or request.META['REMOTE_ADDR']
try:
server_ip = socket.gethostbyname(request.META['SERVER_NAME'])
except socket.gaierror:
return
bl_name = bl.format(
remote_addr=rev_ip(ip),
server_port=request.META['SERVER_PORT'],
server_ip=rev_ip(server_ip)
)
try:
lookup = socket.gethostbyname(bl_name)
except socket.gaierror as s:
if s.errno == -5:
return False
return
except Exception:
return
return lookup == '127.0.0.2'
class SuspiciousIPMiddleware(object):
def process_request(self, request):
def check_tor():
if not hasattr(request, '_is_tor_exit_node'):
request._is_tor_exit_node = in_blacklist(request, tor_bl)
return request._is_tor_exit_node
request.is_tor_exit_node = check_tor
def check_open_proxy():
if not hasattr(request, '_is_open_proxy'):
request._is_open_proxy = in_blacklist(
request, open_proxy_bl)
return request._is_open_proxy
request.is_open_proxy = check_open_proxy
def check_suspicious():
return request.is_tor_exit_node() or request.is_open_proxy()
request.is_suspicious = check_suspicious