[rbldnsd] Slightly OT: script to add to rbldnsd zone

Robin Lynn Frank rlfrank at paradigm-omega.com
Sat Jan 29 00:29:51 MSK 2005 

Michael Tokarev wrote:
> David Landgren wrote:
>
>> Robin Lynn Frank wrote:
>>
>>> I've been adapting a shell script we've been using to add such things as
>>> dictionary spam, unauthorized relay attempts, hits on spamtraps, etc to
>>> a postfix access map, so it can be used to add to a rbldnsd zone.
>
> []
>
>>> cat /var/tmp/rbldnsd_abuse.map /var/tmp/rbldnsd_abuse.map
>>> /var/lib/rbldns/abuse |\
>>>    sort -f | uniq -i \
>>>    > /var/tmp/rbldnsd_abuse.map
>>
>>
>> Something like:
>>
>> (
>>    echo ":127.0.0.4:DNSBL. Policy restrictions etc."
>>    sort -f /var/tmp/rbldnsd_abuse
>> ) | uniq -i > /var/tmp/rbldnsd_abuse.map
>>
>> perhaps?
>
>
> Please don't repeat the same mistake/bug, it is very important:
> you should use atomic rename when everything is ready, and never
> update the data file directly (except maybe in a few cases --
> also questionable but sometimes possible -- when you want to add
> a single line using >> shell construct).  Instead of
>   command > datafile
> use two-stage process:
>   command > datafile.tmp && mv -f datafile.tmp datafile
> This guarantees rbldnsd gets complete data file even if it will
> try to load data while it is being constructed.
>
As luck would have it, I was working on this when your mail arrived,
having recalled something I'd seen in the documentation.
> Uniq'ing entries isn't necessary - rbldnsd takes care of that
> automatically.  When you got new entry to add, you may just add
> it to the end of the file,
>   echo $ip >> datafile
> regardless whenever this entry already exists or not.  Ofcourse
> it's a good idea to purge old entries from time to time an trim
> the file by removing duplicates, in this case something like the
> above command will do the trick.  Btw, my `sort' command does just
> the right thing with the default : entry:
>  $ echo -e '3\n:\n2\n1' | sort -f
>  :
>  1
>  2
>  3
> Ie, it sorts : before all digits, so it becomes the first line as
> it should... ;)  Also, my `sort' utility has -u option, a shortcut
> for sort | uniq.
>

That will make life easier.  In fact, it cuts the script size in half.
Many thanks.


--
Robin Lynn Frank - Director of Operations - Paradigm-Omega, LLC
Website:   http://www.paradigm-omega.com/
RSS:       http://paradigm-omega.blogspot.com/atom.xml
Spamtraps: http://www.paradigm-omega.net/cgi-bin/custmail.cgi
=====================================================================
In a perfect world there would be no politicians.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 300 bytes
Desc: OpenPGP digital signature
Url : http://www.corpit.ru/pipermail/rbldnsd/attachments/20050128/92552ff2/signature.pgp

More information about the rbldnsd mailing list