Blame
Date:
Sun Jan 29 05:00:28 2023 UTC
Message:
Daily backup
01
2023-01-22
jrmu
version=pmwiki-2.2.130 ordered=1 urlencoded=1
02
2023-01-22
jrmu
agent=Mozilla/5.0 (Windows NT 5.1; rv:68.0) Gecko/20100101 Goanna/4.8 Firefox/68.0 Mypal/29.3.0
03
2023-01-22
jrmu
author=mkf
04
2023-01-22
jrmu
charset=UTF-8
05
2023-01-22
jrmu
csum=wiki-ish.
06
2023-01-22
jrmu
ctime=1627956120
07
2023-01-22
jrmu
host=198.251.81.133
08
2023-01-22
jrmu
name=Rbldnsd.Install
09
2023-01-22
jrmu
rev=2
10
2023-01-22
jrmu
targets=
11
2023-01-22
jrmu
text=(:title Install Rbldnsd:)%0a%0arbldnsd is a lightweight realtime dns-based banlist daemon. its commonly used to block email spammers and irc spam bots%0a%0a!! installation%0a%0arbldnsd is in ports, its easiest to download it from there%0a%0a[@%0a$ doas pkg_add rbldnsd%0a@]%0a%0a!!! making a user%0alets make a user for rbldnsd to chroot into%0a%0a[@%0a$ doas useradd -m -d /home/rbl rbl%0a@]%0a%0a!!! zonefiles%0a%0a[@%0a# su rbl%0a$ cd%0a$ mkdir zones%0a$ vi zones/naughty%0a@]%0a%0arbldnsd zonefiles are a bit different than @@bind@@ or @@nsd@@ zonefiles, read the [[https://rbldnsd.io/documentation/rbldnsd.8.html|manpage]] or the [[https://rbldnsd.io/documentation/|website's shortened documentation]] for how they are written. below is a simple example.%0a%0a[@%0a# just a normal ip%0a37.15.183.105%0a# custom A response%0a41.60.76.102 :5%0a# make a TXT record%0a45.48.17.20 this sent naughty spam%0a# custom A response and TXT record%0a45.83.40.14 :7: this is an infected host%0a@]%0a%0a!!!rc.d service%0a%0a/etc/rc.d/rbldnsd:%0a[@%0a%0a#!/bin/ksh%0a%0adaemon="/usr/local/sbin/rbldnsd -ve -b 2602:fccf:1:1017::6 -u rbl:rbl -r /home/rbl -w zones dnsbl.example.org:ip4set:naughty"%0a%0a. /etc/rc.d/rc.subr%0a%0apexp="rbldnsd .*"%0arc_cmd $1%0a@]%0a%0alets enable it to start on boot and turn it on%0a%0a[@%0a$ doas rcctl enable rbldnsd%0a$ doas rcctl start rbldnsd%0a@]%0a%0a!!!debugging%0aif it fails, you can run the command from the @@daemon=@@ line as root and it should give you more verbose output. remember to @@rcctl restart rbldnsd@@ to make sure the rc.d file works after%0a%0a!!! delegate dns to it%0anote that you would also put an @@A@@ record if you made rbldnsd listen on ipv4 too%0a%0a[@%0ans1.dnsbl 3600 IN AAAA 2602:fccf:1:1017::6%0adnsbl 3600 IN NS ns1.dnsbl%0a@]%0a%0a!! test if it works%0aassuming you have @@41.60.76.102@@ listed from the above example zone,%0areverse the octets and dig it!%0a%0a[@%0adig 102.76.60.41.dnsbl.example.org A%0a@]%0a%0a!! finding ips to list%0a%0a!!! scraping proxy lists%0asometimes you can find websites listing proxy ips with [[https://www.google.com/search?q=46.166.142.214+proxy|google]]%0a%0a!!! using an api%0awebsites like [[https://shodan.io|shodan]] let you search for ips meeting certain criteria like a certain port open with a socks proxy etc%0a%0a!!! portscanning%0anote that this is frowned upon by many hosting providers, so make sure%0ayou have permission, eg a Linode Researcher account, or else your host might ban you%0a%0a!! this section is probably a bad idea%0a%0a!!! globbing in the rc file%0asince rbldnsd does not support globbing its zonefile names, you can do it with its rc%0afile, so you do not have to manually edit it every time you make more zones.%0a%0a[@%0a#!/bin/ksh%0acd /home/rbl/zones%0adaemon="/usr/local/sbin/rbldnsd -ve -b 2602:fccf:1:1017::6 -u rbl:rbl -r /home/rbl -w zones dnsbl.example.org:ip4set:$(echo ipv4* | tr [[:space:]] ,) dnsbl.example.org:ip6trie:$(echo ipv6* | tr [[:space:]] ,) dnsbl.example.org:combined:$(echo combined* | tr [[:space:]] ,)"%0a%0a. /etc/rc.d/rc.subr%0a%0apexp="rbldnsd .*"%0a%0arc_cmd $1%0a@]
12
2023-01-22
jrmu
time=1629662299
13
2023-01-22
jrmu
title=Install Rbldnsd
14
2023-01-22
jrmu
author:1629662299=mkf
15
2023-01-22
jrmu
csum:1629662299=wiki-ish.
16
2023-01-22
jrmu
diff:1629662299:1627956120:=10c10%0a%3c $ doas pkg_add rbldnsd%0a---%0a> # pkg_add rbldnsd%0a17c17%0a%3c $ doas useradd -m -d /home/rbl rbl%0a---%0a> # useradd -m -d /home/rbl rbl%0a20,21c20,22%0a%3c !!! zonefiles%0a%3c %0a---%0a> !!! editing the zonefiles%0a> lets make some zones!%0a> %0a42,44c43,45%0a%3c !!!rc.d service%0a%3c %0a%3c /etc/rc.d/rbldnsd:%0a---%0a> !!! setup the rc.d service%0a> time to make the rc.d script!%0a> %0a46c47,48%0a%3c %0a---%0a> # vi /etc/rc.d/rbldnsd%0a> %0a49,50c51,52%0a%3c daemon="/usr/local/sbin/rbldnsd -ve -b 2602:fccf:1:1017::6 -u rbl:rbl -r /home/rbl -w zones dnsbl.example.org:ip4set:naughty"%0a%3c %0a---%0a> daemon="/usr/local/sbin/rbldnsd -ve -b 2602:fccf:1:1017::6 -u rbl:rbl -r /home/rbl -w zones dnsbl.xfnw.coconut.ircnow.org:ip4set:naughty"%0a> %0a53a56%0a> %0a60,61c63,64%0a%3c $ doas rcctl enable rbldnsd%0a%3c $ doas rcctl start rbldnsd%0a---%0a> # rcctl enable rbldnsd%0a> # rcctl start rbldnsd%0a64c67%0a%3c !!!debugging%0a---%0a> !!! debugging it%0a80c83%0a%3c dig 102.76.60.41.dnsbl.example.org A%0a---%0a> dig 102.76.60.41.dnsbl.xfnw.coconut.ircnow.org A%0a102a106%0a> %0a104c108%0a%3c daemon="/usr/local/sbin/rbldnsd -ve -b 2602:fccf:1:1017::6 -u rbl:rbl -r /home/rbl -w zones dnsbl.example.org:ip4set:$(echo ipv4* | tr [[:space:]] ,) dnsbl.example.org:ip6trie:$(echo ipv6* | tr [[:space:]] ,) dnsbl.example.org:combined:$(echo combined* | tr [[:space:]] ,)"%0a---%0a> daemon="/usr/local/sbin/rbldnsd -ve -b 2602:fccf:1:1017::6 -u rbl:rbl -r /home/rbl -w zones dnsbl.xfnw.coconut.ircnow.org:ip4set:$(echo ipv4* | tr [[:space:]] ,) dnsbl.xfnw.coconut.ircnow.org:ip6trie:$(echo ipv6* | tr [[:space:]] ,) dnsbl.xfnw.coconut.ircnow.org:combined:$(echo combined* | tr [[:space:]] ,)"%0a
17
2023-01-22
jrmu
host:1629662299=198.251.81.133
18
2023-01-22
jrmu
author:1627956120=xfnw
19
2023-01-22
jrmu
csum:1627956120=create page
20
2023-01-22
jrmu
diff:1627956120:1627956120:=1,115d0%0a%3c (:title Install Rbldnsd:)%0a%3c %0a%3c rbldnsd is a lightweight realtime dns-based banlist daemon. its commonly used to block email spammers and irc spam bots%0a%3c %0a%3c !! installation%0a%3c %0a%3c rbldnsd is in ports, its easiest to download it from there%0a%3c %0a%3c [@%0a%3c # pkg_add rbldnsd%0a%3c @]%0a%3c %0a%3c !!! making a user%0a%3c lets make a user for rbldnsd to chroot into%0a%3c %0a%3c [@%0a%3c # useradd -m -d /home/rbl rbl%0a%3c @]%0a%3c %0a%3c !!! editing the zonefiles%0a%3c lets make some zones!%0a%3c %0a%3c [@%0a%3c # su rbl%0a%3c $ cd%0a%3c $ mkdir zones%0a%3c $ vi zones/naughty%0a%3c @]%0a%3c %0a%3c rbldnsd zonefiles are a bit different than @@bind@@ or @@nsd@@ zonefiles, read the [[https://rbldnsd.io/documentation/rbldnsd.8.html|manpage]] or the [[https://rbldnsd.io/documentation/|website's shortened documentation]] for how they are written. below is a simple example.%0a%3c %0a%3c [@%0a%3c # just a normal ip%0a%3c 37.15.183.105%0a%3c # custom A response%0a%3c 41.60.76.102 :5%0a%3c # make a TXT record%0a%3c 45.48.17.20 this sent naughty spam%0a%3c # custom A response and TXT record%0a%3c 45.83.40.14 :7: this is an infected host%0a%3c @]%0a%3c %0a%3c !!! setup the rc.d service%0a%3c time to make the rc.d script!%0a%3c %0a%3c [@%0a%3c # vi /etc/rc.d/rbldnsd%0a%3c %0a%3c #!/bin/ksh%0a%3c %0a%3c daemon="/usr/local/sbin/rbldnsd -ve -b 2602:fccf:1:1017::6 -u rbl:rbl -r /home/rbl -w zones dnsbl.xfnw.coconut.ircnow.org:ip4set:naughty"%0a%3c %0a%3c . /etc/rc.d/rc.subr%0a%3c %0a%3c pexp="rbldnsd .*"%0a%3c %0a%3c rc_cmd $1%0a%3c @]%0a%3c %0a%3c lets enable it to start on boot and turn it on%0a%3c %0a%3c [@%0a%3c # rcctl enable rbldnsd%0a%3c # rcctl start rbldnsd%0a%3c @]%0a%3c %0a%3c !!! debugging it%0a%3c if it fails, you can run the command from the @@daemon=@@ line as root and it should give you more verbose output. remember to @@rcctl restart rbldnsd@@ to make sure the rc.d file works after%0a%3c %0a%3c !!! delegate dns to it%0a%3c note that you would also put an @@A@@ record if you made rbldnsd listen on ipv4 too%0a%3c %0a%3c [@%0a%3c ns1.dnsbl 3600 IN AAAA 2602:fccf:1:1017::6%0a%3c dnsbl 3600 IN NS ns1.dnsbl%0a%3c @]%0a%3c %0a%3c !! test if it works%0a%3c assuming you have @@41.60.76.102@@ listed from the above example zone,%0a%3c reverse the octets and dig it!%0a%3c %0a%3c [@%0a%3c dig 102.76.60.41.dnsbl.xfnw.coconut.ircnow.org A%0a%3c @]%0a%3c %0a%3c !! finding ips to list%0a%3c %0a%3c !!! scraping proxy lists%0a%3c sometimes you can find websites listing proxy ips with [[https://www.google.com/search?q=46.166.142.214+proxy|google]]%0a%3c %0a%3c !!! using an api%0a%3c websites like [[https://shodan.io|shodan]] let you search for ips meeting certain criteria like a certain port open with a socks proxy etc%0a%3c %0a%3c !!! portscanning%0a%3c note that this is frowned upon by many hosting providers, so make sure%0a%3c you have permission, eg a Linode Researcher account, or else your host might ban you%0a%3c %0a%3c !! this section is probably a bad idea%0a%3c %0a%3c !!! globbing in the rc file%0a%3c since rbldnsd does not support globbing its zonefile names, you can do it with its rc%0a%3c file, so you do not have to manually edit it every time you make more zones.%0a%3c %0a%3c [@%0a%3c #!/bin/ksh%0a%3c %0a%3c cd /home/rbl/zones%0a%3c daemon="/usr/local/sbin/rbldnsd -ve -b 2602:fccf:1:1017::6 -u rbl:rbl -r /home/rbl -w zones dnsbl.xfnw.coconut.ircnow.org:ip4set:$(echo ipv4* | tr [[:space:]] ,) dnsbl.xfnw.coconut.ircnow.org:ip6trie:$(echo ipv6* | tr [[:space:]] ,) dnsbl.xfnw.coconut.ircnow.org:combined:$(echo combined* | tr [[:space:]] ,)"%0a%3c %0a%3c . /etc/rc.d/rc.subr%0a%3c %0a%3c pexp="rbldnsd .*"%0a%3c %0a%3c rc_cmd $1%0a%3c @]%0a\ No newline at end of file%0a
21
2023-01-22
jrmu
host:1627956120=96.231.99.178
IRCNow