BlacklistCheck

Blacklist Check

Overview

This plugin is designed to use public DNS Blacklist servers to check incoming connections and disallow anyone using a known public proxy from being able to connect. The list of DNSBL servers used is configurable.

Features

  • Stop grief before they even connect
  • Increased security
  • (v0.2) Whitelist known IP addresses to always allow connections
  • (v0.3) Whitelist entire IP subnets
  • (v0.5) Choose to block the connection until the address may be verified, or allow the connection and kick if they are blacklisted

Configuration

Plugin Configuration

  • DNSBLServers (v0.1) A list of DNS servers that will resolve blacklisted IP addresses
  • Whitelist (v0.2) A list of IP addresses that will always be allowed in and will not be checked against the DNSBL servers. NOTE: As of v0.3 these addresses must be in CIDR notation. For example to enter a single IP address use "127.0.0.1/32" to allow an entire class C subnet use "192.168.1.0/24". Please be sure to update the config file when upgrading from v0.2.
  • Debug (v0.3) (Boolean) [Default: false] A directive to have the plugin print more information to the console
  • LogDisconnects (v0.4) (Boolean) [Default: true] A directive to have the plugin output connection refusals to the console
  • DelayCheck (v0.5) (Boolean) [Default: false] A directive to have the plugin allow the connection, then thread the DNS lookups. This option is not recommended, as there will be a period of time when they will be connected to the server until the DNS lookup returns. It will, however, not delay the connection process.
  • DisconnectMessage (v0.5) (String) [Default: "Connected from a publicly blacklisted server!"] The configurable message to send along with the disconnect / kick.
  • LogToFile (v0.6) (Boolean) [Default: true] A directive to have the system log to the BlacklistCheck.log file in the plugin's directory for debug and disconnect messages.

Installation

  • To install the plugin, simply place the jar in the plugins directory

Bugs / Known Limitations

  • The default server list contains 8 DNS servers, checking each one takes time. Increasing this list will cause client timeout errors (without the DelayCheck configuration directive)
  • The client will be disconnected if even one DNS server returns a result for the address

Future Plans

  • Try to incorporate any additional user requests.

See Also

DNSBL is a common practice to block spammers and other unwanted traffic. For a full description about how DNSBL operates, a list of available public DNSBL servers, and other information, use Google.


Comments

  • To post a comment, please or register a new account.
Posts Quoted:
Reply
Clear All Quotes

About This Project

  • Project ID
    37361
  • Created
    Mar 8, 2012
  • Last Released File
    Apr 19, 2012
  • Total Downloads
    5,644
  • License

Categories

Members

Recent Files