Date: 2017/06/02 01:11:09 UTC-07:00
Type: Denizen Script
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
## USE AT YOUR OWN RISK!
## DENIZEN AND THE CREATOR OF THIS SCRIPT WILL NOT TAKE RESPONSIBILITY OF ANY PROBLEMS THAT OCCURS!
# This script uses iphub's API to find out if a user comes from a malicious IP.
# The server will only attempt to ip-ban the target. This should not affect the user itself.
# You can read more about their project at http://iphub.info/
# Fair warnings:
# - You can not always expect this to work and be correct.
# - Using this on a larger scale server may require you to contact iphub with their email on their website.
# - The API used is the legacy of iphub. This may change.
# Config Data below - Please edit before use!
GeoIP_Data:
type: yaml data
config:
# If left default, the script won't work!
Email: fakemail@gmail.com
# This is more for the logs, if the IP does not go under this list, is it considered a suspected IP in the logs.
Country_Sides:
- "Denmark"
- "Greenland"
- "Faroe Islands"
- "Faroe_Islands"
# Origins you wish the check should ignore
Ignore_Origins:
- "AS31027_Nianet_A/S"
- "AS28717_Zen_Systems_A/S"
- "AS16245_Netgroup_A/S"
# If you can to ignore a specific IP
Ignore_IPs:
- "104.207.84.18"
# This list below is currently unused, no need to edit.
VPN_Origins:
- "IPVanish"
- "Bitpro"
- "Mudhook"
- "True Internet"
- "Creanova"
- "Leaseweb"
- "XServer"
- "Voxility"
- "Express"
- "AVAST"
- "Vargonen"
- "Ubiquity"
- "BrainStorm"
- "AltusHost"
- "HETZNER"
- "Equinix"
- "Portlane"
- "DataClub"
- "Selectel"
- "SoftLayer"
- "Anexia"
- "Iliad"
- "Dedicated"
- "Pure"
- "HMA"
- "Astrill"
- "Strong"
- "HideMyAss"
- "VPN"
- "Artnet"
- "EASYSPEEDY"
- "ONLINE SAS"
- "Powerhouse"
- "AltusHost"
- "ServerSpace"
- "Vodafone"
# End of config
################################################
## SCRIPT STUFF BELOW
################################################
GeoIP_Events:
type: world
debug: false
events:
on player join:
- wait 10t
- run GeoIP_Check_Task instantly context:<player>
# BC's data tracker.
on system time hourly:
- webget "http://stats.denizenscript.com/tracker?script=<s@GeoIP_Version.yaml_key[id]>&version=<s@GeoIP_Version.yaml_key[version]>"
GeoIP_Version:
type: version
name: GeoIP
id: 130
description: A script that uses iphub's API to find out if a user comes from a malicious IP.
version: 3
GeoIP_Check_Task:
type: task
definitions: target
script:
- if <s@GeoIP_Data.yaml_key[config.email]> == fakemail@gmail.com {
- queue clear
}
- if <def[target].is_online.not||true> {
# - narrate "Spilleren blev ikke fundet"
- queue clear
}
- define path "<def[target].ip.address||null>"
- if <def[path].contains[/]||false> {
- define ip <def[path].after[/].before[<&co>]||null>
}
else {
- define ip <def[path].before[<&co>]||null>
}
- if <def[ip]> == null {
- log "<def[target].name> (<def[IP]>) FAILED IP - <def[path]>" type:warning file:geoiplog.log
- queue clear
}
else if <def[ip]> == "" {
- log "<def[target].name> (<def[IP]>) FAILED IP - <def[path]>" type:warning file:geoiplog.log
- queue clear
}
- if <server.has_flag[<def[ip]>]> {
- queue clear
}
- ~webget "http://legacy.iphub.info/api.php?ip=<def[IP]>&showtype=2&email=<s@GeoIP_Data.yaml_key[config.email]>" save:page
- flag server <def[ip]>:<entry[page].result||null> duration:4h
- if <entry[page].result||null> == null {
- log "<def[target].name> (<def[IP]>) FAILED - <entry[page].result||null>" type:warning file:geoiplog.log
- queue clear
}
- define data <entry[page].result.split[<&sp>]||li@>
- if <def[data].size> != 6 {
- log "<def[target].name> (<def[IP]>) FAILED - <entry[page].result||null>" type:warning file:geoiplog.log
- queue clear
}
- define country "<def[data].get[3]>"
- define countryCode "<def[data].get[2]>"
- define city "<def[data].get[4]>"
- define origin "<def[data].get[5]>"
- define is_host "<def[data].get[6]>"
- define file "plugins/Denizen/data/geoIP/logs/<util.date.time.year>-<util.date.time.month>-<util.date.time.day>.log"
- if <s@GeoIP_Data.yaml_key[config.Ignore_Origins].contains[<def[origin]>]> {
- log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]> (Ignored)" type:info file:<def[file]>
}
else if <s@GeoIP_Data.yaml_key[config.Ignore_IPs].contains[<def[ip]>]> {
- log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]> (Ignored)" type:info file:<def[file]>
}
else if "<def[is_host]>" != 0 {
- execute as_server "banip -s <def[target].name> Auto-Ban VPN (<def[origin]>)"
- log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]> (VPN)" type:info file:<def[file]>
}
else if <s@GeoIP_Data.yaml_key[config.Country_Sides].contains[<def[country]>]> {
- log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]>" type:info file:<def[file]>
}
else {
- log "<def[target].name> (<def[IP]>) - <def[country]> (<def[countryCode]>) - <def[city]> - <def[origin]> (Suspected)" type:info file:<def[file]>
}