#!/bin/bash #guake -t #################################################################### # bl - BLACKLIST CHECK UNIX/LINUX UTILITY # # copyright: (c) 2014 Anders Aarvik # # author: Anders Aarvik (aarvik92@gmail.com) and contributors # # license: MIT licensed. See LICENSE # # description: I was just a bit tired of web interfaces # #################################################################### #### main #### main() { [ $# -ne 1 ] && error "Please specify a FQDN or IP as a parameter." fqdn=$(echo $1 | grep -P "(?=^.{5,254}$)(^(?:(?!\d+\.)[a-za-z0-9_\-]{1,63}\.?)+(?:[a-za-z]{2,})$)") if [[ $fqdn ]] ; then echo "You entered a domain: $1" domain=$(host $1 | head -n1 | awk '{print $4}') reverseit $domain "IP not valid or domain could not be resolved." else echo "You entered an IP: $1" reverseit $1 "IP not valid." fi loopthroughblacklists $1 } #### reverseit #### reverseit() { reverse=$(echo $1 | sed -ne "s~^\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)$~\4.\3.\2.\1~p") if [ "x${reverse}" = "x" ] ; then error $2 exit 1 fi } #### loopthroughblacklists #### loopthroughblacklists() { reverse_dns=$(dig +short -x $1) echo $1 name ${reverse_dns:----} for bl in ${blacklists} ; do printf $(env tz=utc date "+%y-%m-%d_%h:%m:%s_%z") printf "%-40s" " ${reverse}.${bl}." listed="$(dig +short -t a ${reverse}.${bl}.)" if [[ $listed ]]; then if [[ $listed == *"timed out"* ]]; then echo "[timed out]" | cecho YELLOW else echo "[blacklisted] (${listed})" | cecho LRED fi else echo "[not listed]" | cecho LGREEN fi done } #### error #### error() { echo $0 error: $1 >&2 exit 2 } #### cecho #### cecho(){ LGREEN="\033[1;32m" LRED="\033[1;31m" YELLOW="\033[1;33m" NORMAL="\033[m" color=\$${1:-NORMAL} echo -ne "$(eval echo ${color})" cat echo -ne "${NORMAL}" } #### blacklists - grabbed from http://multirbl.valli.org/ #### blacklists=" sbl.spamhaus.org xbl.spamhaus.org zen.spamhaus.org bl.spamcop.net b.barracudacentral.org cbl.anti-spam.org.cn cblplus.anti-spam.org.cn cblless.anti-spam.org.cn dnsbl-0.uceprotect.net dnsbl-1.uceprotect.net dnsbl-2.uceprotect.net dnsbl-2.uceprotect.net dnsbl-3.uceprotect.net 0spamurl.fusionzero.com uribl.zeustracker.abuse.ch uribl.abuse.ro l1.apews.org dnsbl.aspnet.hu bsb.empty.us bsb.spamlookup.net ex.dnsbl.org in.dnsbl.org dnsbl.othello.ch ubl.nszones.com uribl.pofon.foobar.hu dyndns.rbl.jp url.rbl.jp abuse.rfc-clueless.org bogusmx.rfc-clueless.org dsn.rfc-clueless.org elitist.rfc-clueless.org fulldom.rfc-clueless.org postmaster.rfc-clueless.org whois.rfc-clueless.org rhsbl.rymsho.ru rhsbl.scientificspam.net nomail.rhsbl.sorbs.net badconf.rhsbl.sorbs.net rhsbl.sorbs.net fresh.spameatingmonkey.net fresh10.spameatingmonkey.net fresh15.spameatingmonkey.net uribl.spameatingmonkey.net urired.spameatingmonkey.net multi.surbl.org uribl.swinog.ch dob.sibl.support-intelligence.net black.uribl.com grey.uribl.com multi.uribl.com red.uribl.com uri.blacklist.woody.ch rhsbl.zapbl.net hostkarma.junkemailfilter.com reputation-domain.rbl.scrolloutf1.com reputation-ns.rbl.scrolloutf1.com nobl.junkemailfilter.com iddb.isipp.com _vouch.dwl.spamhaus.org white.uribl.com list.anonwhois.net " ### initiate script ### main $1