mirror of
https://github.com/DarrenOfficial/dpaste.git
synced 2024-12-18 15:59:20 +11:00
Added a middleware to repel anonymous proxy and tor clients
This commit is contained in:
parent
4dfab6533a
commit
459e60a138
1 changed files with 54 additions and 0 deletions
54
dpaste/middleware.py
Normal file
54
dpaste/middleware.py
Normal file
|
@ -0,0 +1,54 @@
|
|||
import socket
|
||||
|
||||
tor_bl = (
|
||||
'{remote_addr}.{server_port}.{server_ip}'
|
||||
'.ip-port.exitlist.torproject.org')
|
||||
open_proxy_bl = ('{remote_addr}.dnsbl.proxybl.org')
|
||||
rev_ip = lambda ip: '.'.join(reversed(ip.split('.')))
|
||||
|
||||
|
||||
def in_blacklist(request, bl, ip=None):
|
||||
ip = ip or request.META['REMOTE_ADDR']
|
||||
try:
|
||||
server_ip = socket.gethostbyname(request.META['SERVER_NAME'])
|
||||
except socket.gaierror:
|
||||
return
|
||||
bl_name = bl.format(
|
||||
remote_addr=rev_ip(ip),
|
||||
server_port=request.META['SERVER_PORT'],
|
||||
server_ip=rev_ip(server_ip)
|
||||
)
|
||||
try:
|
||||
lookup = socket.gethostbyname(bl_name)
|
||||
except socket.gaierror as s:
|
||||
if s.errno == -5:
|
||||
return False
|
||||
return
|
||||
except Exception:
|
||||
return
|
||||
return lookup == '127.0.0.2'
|
||||
|
||||
|
||||
class SuspiciousIPMiddleware(object):
|
||||
|
||||
def process_request(self, request):
|
||||
|
||||
def check_tor():
|
||||
if not hasattr(request, '_is_tor_exit_node'):
|
||||
request._is_tor_exit_node = in_blacklist(request, tor_bl)
|
||||
return request._is_tor_exit_node
|
||||
|
||||
request.is_tor_exit_node = check_tor
|
||||
|
||||
def check_open_proxy():
|
||||
if not hasattr(request, '_is_open_proxy'):
|
||||
request._is_open_proxy = in_blacklist(
|
||||
request, open_proxy_bl)
|
||||
return request._is_open_proxy
|
||||
|
||||
request.is_open_proxy = check_open_proxy
|
||||
|
||||
def check_suspicious():
|
||||
return request.is_tor_exit_node() or request.is_open_proxy()
|
||||
|
||||
request.is_suspicious = check_suspicious
|
Loading…
Reference in a new issue