Paste #42322: Edit of P#42320 GeoIP (VPN Blocker)

Date: 2017/06/02 01:11:09 UTC-07:00
Type: Denizen Script

View Raw Paste Download This Paste
Copy Link


## USE AT YOUR OWN RISK! 
## DENIZEN AND THE CREATOR OF THIS SCRIPT WILL NOT TAKE RESPONSIBILITY OF ANY PROBLEMS THAT OCCURS!

# This script uses iphub's API to find out if a user comes from a malicious IP.
# The server will only attempt to ip-ban the target. This should not affect the user itself.
# You can read more about their project at http://iphub.info/

# Fair warnings: 
# - You can not always expect this to work and be correct.
# - Using this on a larger scale server may require you to contact iphub with their email on their website.
# - The API used is the legacy of iphub. This may change.

# Config Data below - Please edit before use!

GeoIP_Data:
    type: yaml data
    config:
        # If left default, the script won't work!
        Email: fakemail@gmail.com
        # This is more for the logs, if the IP does not go under this list, is it considered a suspected IP in the logs.
        Country_Sides:
        - "Denmark"
        - "Greenland"
        - "Faroe Islands"
        - "Faroe_Islands"
        # Origins you wish the check should ignore
        Ignore_Origins:
        - "AS31027_Nianet_A/S"
        - "AS28717_Zen_Systems_A/S"
        - "AS16245_Netgroup_A/S"
        # If you can to ignore a specific IP
        Ignore_IPs:
        - "104.207.84.18"
        # This list below is currently unused, no need to edit.
        VPN_Origins:
        - "IPVanish"
        - "Bitpro"
        - "Mudhook"
        - "True Internet"
        - "Creanova"
        - "Leaseweb"
        - "XServer"
        - "Voxility"
        - "Express"
        - "AVAST"
        - "Vargonen"
        - "Ubiquity"
        - "BrainStorm"
        - "AltusHost"
        - "HETZNER"
        - "Equinix"
        - "Portlane"
        - "DataClub"
        - "Selectel"
        - "SoftLayer"
        - "Anexia"
        - "Iliad"
        - "Dedicated"
        - "Pure"
        - "HMA"
        - "Astrill"
        - "Strong"
        - "HideMyAss"
        - "VPN"
        - "Artnet"
        - "EASYSPEEDY"
        - "ONLINE SAS"
        - "Powerhouse"
        - "AltusHost"
        - "ServerSpace"
        - "Vodafone"

# End of config

################################################
## SCRIPT STUFF BELOW
################################################

GeoIP_Events:
    type: world
    debug: false
    events:
        on player join:
        - wait 10t
        - run GeoIP_Check_Task instantly context:<player>
        # BC's data tracker.
        on system time hourly: 
        - webget "http://stats.denizenscript.com/tracker?script=<s@GeoIP_Version.yaml_key[id]>&version=<s@GeoIP_Version.yaml_key[version]>" 

GeoIP_Version:
    type: version
    name: GeoIP
    id: 130
    description: A script that uses iphub's API to find out if a user comes from a malicious IP.
    version: 3


GeoIP_Check_Task:
    type: task
    definitions: target
    script:
    - if <s@GeoIP_Data.yaml_key[config.email]> == fakemail@gmail.com {
        - queue clear
    }
    - if <def[target].is_online.not||true> {
        # - narrate "Spilleren blev ikke fundet"
        - queue clear
    }
    - define path "<def[target].ip.address||null>"
    - if <def[path].contains[/]||false> {
        - define ip <def[path].after[/].before[<&co>]||null>
    }
    else {
        - define ip <def[path].before[<&co>]||null>
    }
    - if <def[ip]> == null {
        - log "<def[target].name> (<def[IP]>) FAILED IP - <def[path]>" type:warning file:geoiplog.log
        - queue clear
    }
    else if <def[ip]> == "" {
        - log "<def[target].name> (<def[IP]>) FAILED IP - <def[path]>" type:warning file:geoiplog.log
        - queue clear
    }
    - if <server.has_flag[<def[ip]>]> {
        - queue clear
    }
    - ~webget "http://legacy.iphub.info/api.php?ip=<def[IP]>&showtype=2&email=<s@GeoIP_Data.yaml_key[config.email]>" save:page
    - flag server <def[ip]>:<entry[page].result||null> duration:4h
    - if <entry[page].result||null> == null {
        - log "<def[target].name> (<def[IP]>) FAILED - <entry[page].result||null>" type:warning file:geoiplog.log
        - queue clear
    }
    - define data <entry[page].result.split[<&sp>]||li@>
    - if <def[data].size> != 6 {
        - log "<def[target].name> (<def[IP]>) FAILED - <entry[page].result||null>" type:warning file:geoiplog.log
        - queue clear
    }
    - define country "<def[data].get[3]>"
    - define countryCode "<def[data].get[2]>"
    - define city "<def[data].get[4]>"
    - define origin "<def[data].get[5]>"
    - define is_host "<def[data].get[6]>"
    - define file "plugins/Denizen/data/geoIP/logs/<util.date.time.year>-<util.date.time.month>-<util.date.time.day>.log"
    - if <s@GeoIP_Data.yaml_key[config.Ignore_Origins].contains[<def[origin]>]> {
        - log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]> (Ignored)" type:info file:<def[file]>
    }
    else if <s@GeoIP_Data.yaml_key[config.Ignore_IPs].contains[<def[ip]>]> {
        - log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]> (Ignored)" type:info file:<def[file]>
    }
    else if "<def[is_host]>" != 0 {
        - execute as_server "banip -s <def[target].name> Auto-Ban VPN (<def[origin]>)"
        - log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]> (VPN)" type:info file:<def[file]>
    }
    else if <s@GeoIP_Data.yaml_key[config.Country_Sides].contains[<def[country]>]> {
        - log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]>" type:info file:<def[file]>
    }
    else {
        - log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]> (Suspected)" type:info file:<def[file]>
    }