dnsbl blacklist query not working on Linux server

Question

I'm having a problem is that if I run my this script on local wampserver then it show the correct result if it already blacklisted but if I run on my server etc... /usr/bin/php path-to-phpscript.php then it shows that this ip is blacklisted in all bls names which is not correct.

<?php

$bls = array("b.barracudacentral.org",
"bl.score.senderscore.com",
"pbl.spamhaus.org",
"sbl.spamhaus.org",
"xbl.spamhaus.org",
"zen.spamhaus.org",
"dbl.spamhaus.org",
"sbl-xbl.spamhaus.org",
);


$ip = '62.213.183.192';

if ( isset($ip)) {

if ( filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) || false === filter_var($ip, FILTER_VALIDATE_URL)) {

    if (false === filter_var($ip, FILTER_VALIDATE_URL  )) { 
        $iptosplit = gethostbyname($ip);
    }
    else {
        $iptosplit = $ip;
    }
    $splitip = explode (".", $iptosplit);
    $iptolookup = "$splitip[3].$splitip[2].$splitip[1].$splitip[0]";
    $counter=1;
    $blList = array();
    foreach ( $bls as $rbl ) {
        //echo "<tr>";
        $rbllookup = $iptolookup.".".$rbl;
        $lookup = gethostbyname($rbllookup);

        if ( $lookup != $rbllookup || $lookup == $ip) {
            $qtxtresult = dns_get_record("$rbllookup", DNS_TXT);
            if ( ! isset($qtxtresult[0]['txt']) ) {
                $qtxtresult[0]['txt'] = "";
            }
            $blList[$counter]=$ip.' is listed in ('.$rbl.')';
            echo '...........Listed in -'.$rbl.'<br />';                
        }
        echo str_repeat(" ", 24), "\n";

        $counter++;
    }
}
}
?>

Answer 1

This code has been included into a source snippet of dnsbl.tornevall.org (Downloadable through https://dnsbl.tornevall.org/download/) and returns an array if the ip is blacklisted. It also supports ipv6. If it is blacklisted, $result[3] has a positive value which is a bitmask, and the bitmask value depends on that type of blacklist-type the ip has been marked as.

In this example I'm using a random ip I know is blacklisted in the domain. Unfortunately, the script does not support TXT-lookups, but this script is also very basic if you only need something that prevents connections from blacklisted ip-addresses.

function rblresolve ($ip = '', $rbldomain = '')
{
        if (!$ip) {return false;}                       // No data should return nothing
        if (!$rbldomain) {return false;}        // No rbl = ignore

        // Old function (during betatesting we want to keep those rows so we can fall back if something fails)
        // $returnthis = explode('.', gethostbyname(implode('.', array_reverse(explode('.', $ip))) . '.' . $rbldomain));           // Not ipv6-compatible!
        // if (implode(".", $returnthis) != implode('.', array_reverse(explode('.', $ip))) . '.' . $rbldomain) {return $returnthis;} else {return false;}

        // New ipv6-compatible function
        $returnthis = (long2ip(ip2long($ip)) != "0.0.0.0" ? explode('.', gethostbyname(implode('.', array_reverse(explode('.', $ip))) . '.' . $rbldomain)) : explode(".", gethostbyname(v6arpa($ip) . "." . $rbldomain)));
        // 127-bug-checking
            if (implode(".", $returnthis) != (long2ip(ip2long($ip)) != "0.0.0.0" ? implode('.', array_reverse(explode('.', $ip))) . '.' . $rbldomain : v6arpa($ip) . "." . $rbldomain)) {return $returnthis;} else {return false;}
}

function v6arpa($ip)
{
        $unpack = unpack('H*hex', inet_pton($ip));
        $hex = $unpack['hex'];
        return implode('', array_reverse(str_split($hex)));
}

$result = rblresolve("117.197.11.203", "dnsbl.tornevall.org");
print_r($result);

Returning:

Array
(
    [0] => 127
    [1] => 0
    [2] => 0
    [3] => 67

)