/// <summary>
/// Lookup an IP address on Project Honey Pot.
/// </summary>
/// <param name="address">IP address to query for</param>
/// <returns>The response from Project Honey Pot. Null probably means the address is clean.</returns>
//public static BlackListResponse LookupAddress(IPAddress address)
//{
// if (address == null) throw new ArgumentException("IP address cannot be null.");
// byte[] ipBytes = address.GetAddressBytes();
// IPAddress[] result = null;
// try
// {
// result = Dns.GetHostAddresses(string.Format("{0}.{1}.{2}.{3}.{4}.dnsbl.httpbl.org", BlackListResponse.AccessKey, ipBytes[3], ipBytes[2], ipBytes[1], ipBytes[0]));
// }
// catch (System.Net.Sockets.SocketException ex)
// {
// //Assume it was a valid address, therefore return nothing.
// return null;
// }
// if (result.Length == 0) return null;
// return new BlackListResponse(result[0]);
//}
/// <summary>
/// Lookup an IP address on Project Honey Pot.
/// </summary>
/// <param name="address">IP address to query for</param>
/// <returns>The response from Project Honey Pot. Null probably means the address is clean.</returns>
//public static BlackListResponse LookupAddress(string address)
//{
// try
// {
// if (address.Contains(","))
// {
// string[] arr = address.Split(',');
// address = arr[0];
// }
// if (Regex.IsMatch(address, "(?:\\d{1,3}\\.){3}\\d{1,3}"))
// return BlackListResponse.LookupAddress(IPAddress.Parse(address));
// else
// return null;
// }
// catch
// {
// return null;
// }
//}
/// <summary>
/// Returns the last response, if available.
/// </summary>
/// <returns>BlackList response object</returns>
public static BlacklistResponse GetLastBlacklistResponse()
{
System.Web.HttpContext context = System.Web.HttpContext.Current;
BlacklistResponse ret = null;
if (context.Request.QueryString["a"] != null && context.Request.QueryString["i"] != null)
{
ret = new BlacklistResponse();
ret.Init(IPAddress.Parse(context.Request.QueryString["a"]));
ret._Address = IPAddress.Parse(context.Request.QueryString["i"]);
//ret._LastActivity = new TimeSpan(int.Parse(context.Request.QueryString["la"]), 0, 0, 0);
//ret._ThreatScore = int.Parse(context.Request.QueryString["ts"]);
//ret._Type = (VistorType)int.Parse(context.Request.QueryString["t"]);
//ret._Address = IPAddress.Parse(context.Request.QueryString["a"]);
}
return(ret);
}
void context_BeginRequest(object source, EventArgs e)
{
HttpApplication app = (HttpApplication)source;
if (app.Request.Url.AbsolutePath == BlacklistConfig.GetConfig().BlockedUrl)
{
return;
}
if (BlacklistResponse.HasCookie())
{
return;
}
BlacklistResponse response = null;
if (BlacklistConfig.GetConfig().TestMode)
{
response = BlacklistResponse.Test();
}
else
{
response = new BlacklistResponse(app.Request.ServerVariables[BlacklistConfig.GetConfig().IPHeader]);
}
if (response.VisitorType == VisitorTypes.Unknown)
{
return;
}
if (BlacklistConfig.GetConfig().IgnoreSearchEngines&& response.VisitorType == VisitorTypes.SearchEngine)
{
return;
}
if (response.ThreatScore <= BlacklistConfig.GetConfig().Threshold)
{
return;
}
app.Response.Redirect(BlacklistConfig.GetConfig().BlockedUrl + response.ToQueryString() + "&l=" + app.Request.Url.ToString());
}