Discuss mailing list

[Amunak <amunak AT amunak.net>]

I think you are spot on, Jeff. And good work on the tools.

I think that for transparency it should be enough to provide a page listing (or at least publicly allowing look up) of blocked domains. And/or perhaps even a page that would allow you to compare unfiltered and filtered results.

We could even add a special, "known in advance" blocked domains (like <category>.example.free and such), automatically test all servers for what they return for those domains and display the status of what server blocks which category of domains without the need of anyone managing this information manually. The results of this test should be displayed on the server list page.

Amunak

Dne 04.08.2017 v 23:33 Jeff Taylor napsal(a):

Another update on the filter code, I'm essentially done.  It works the same as other API pages in that you need to specify your username and authentication code in the URL.  I'm building up some test entries now, feel free to submit bogus data since this is currently not being used by anyone.

To submit an entry: https://api.opennicproject.org/ip/blacklist/?user=<user>&auth=<auth>&cat=<category>&<domain>
Here <domain> must be a valid domain with an IP address.  Note that <category> will be a simple code.  At the moment I have SBL and ADULT entries.  Return values will confirm the domain names accepted with + (added) or # (updated) in front of them.

To delete an entry, add a hyphen (-) before the domain name.  So something like -grep.geek would work.  Return value will be the domain name with a hyphen in front of it.

To retrieve named.conf file entries, go to https://api.opennicproject.org/acl/filter/?user=<user>&auth=<auth>&cat=<category>+<category>&path=<path/to/db.file>&ext=<0|1|false|true>
Categories should match known values.  You can include multiple categories by separating them with a plus (+) mark.  <path> is where you put the zone file that returns 127.0.0.1 (I called it db.blacklisted in my earlier email).  <ext> determines if an extension is included on the file names.  The extension would match the category, and the default is to include these.

As an example, if I used this criteria: &cat=sbl+adult&path=rbl
I would get these results:

zone "grep.geek" {type master; file "rbl/db.opennic_filter.adult";};
zone "letit2.bit" {type master; file "rbl/db.opennic_filter.sbl";};
zone "tehnomix.bit" {type master; file "rbl/db.opennic_filter.sbl";};

Note that in this case the path is relative to my BIND9 zone files, and you can see the category type echoed in the file extension. This would allow you to have different results for the different categories.

So the tool is essentially working now.  Whether or not it gets used remains to be seen but at least the capability is there.

--------
You are a member of the OpenNIC Discuss list. 
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org