Last modified: 2006-12-27 23:54:32 UTC
User blocked: Your user account or IP address have been blocked by SORBS DNSBL; IP is listed as an SORBS DNSBL open proxy. You may contact SORBS DNSBL or one of the other administrators... your IP address is 66.102.74.xxx... Server configuration is: MW1.9-svn (current as of yesterday), recently upgraded from MW1.8alpha one standalone dedicated server, Fedora5, using both memcached and squid on same localhost (127.0.0.1) Apache's bound to 127.0.0.1:80, Squid is bound to :80 on one of the datacentre's external static IP's So, enable SORBS on MW1.9 and suddenly it won't let me edit any page from my dynamic IP address. This is happening only on wikis that I've upgraded to MW1.9alpha and then only if I try to edit any page on these sites from a dynamic IP connection (PPPoE in my case). It broke as soon as I upgraded to 1.9 If I edit by running lynx on a shell account on the server, everything works fine and any edit appears in recentchanges as the server's external static IP. It just doesn't want to let me edit from a dynamic IP. Turning off $wgEnableSorbs makes the error go away, evidently. I'd tried looking up my own address on SORBS' site and it reports the block as a dynamic IP range (ADSL or dialup) but not as anything else particularly nasty. And no, I'm not seeing this on MW1.8, just on the new upgrade.
*** Bug 8402 has been marked as a duplicate of this bug. ***
I don't get any matches testing with a few random IPs in the range you gave. Please give an exact IP address to test.
My current IP is (client) 66.102.73.140 I can edit unless $wgEnableSorbs = true; is present, using today's MW 1.9 SVN version.
SORBS has many false positives, probably more than the number of true positives. You shouldn't use it unless you don't mind blocking those people. This is not a bug in MediaWiki, it is either a configuration problem on your wiki (i.e. the fact that you have SORBS enabled), or a problem with the SORBS delisting policy, depending on the way you look at it. Please address complaints about SORBS itself to http://www.sorbs.net/ .
SORBS lookup directly on the http://www.sorbs.net website claims that this address is not an open proxy.
I don't get a match using the MW code either: $ php maintenance/eval.php > return $wgEnableSorbs; bool(true) > return $wgSorbsUrl; http.dnsbl.sorbs.net > return $wgUser->inSorbsBlacklist( '66.102.73.140' ); bool(false) Can you confirm? Also try the lookup manually: $ host 140.73.102.66.http.dnsbl.sorbs.net Host 140.73.102.66.http.dnsbl.sorbs.net not found: 3(NXDOMAIN) Previous versions of MW did the lookup with a hardcoded "http.dnsbl.sorbs.net.", so also try with the extra . at the end: $ host 140.73.102.66.http.dnsbl.sorbs.net. Host 140.73.102.66.http.dnsbl.sorbs.net not found: 3(NXDOMAIN)
$ php maintenance/eval.php PHP Warning: posix_isatty(): cannot seek on a pipe in /var/www/html/fr/install-utils.inc on line 66 > return $wgEnableSorbs bool(true) > return $wgSorbsUrl http.dnsbl.sorbs.net > return $wgUser->inSorbsBlacklist('66.102.73.140') bool(true) $ host 140.73.102.66.http.dnsbl.sorbs.net Host 140.73.102.66.http.dnsbl.sorbs.net not found: 3(NXDOMAIN) $ host 140.73.102.66.http.dnsbl.sorbs.net. Host 140.73.102.66.http.dnsbl.sorbs.net not found: 3(NXDOMAIN) (version is MediaWiki: 1.9alpha, PHP: 5.1.6 (apache2handler), MySQL: 5.0.22)
I'm looking at "includes/User.php" line 898 of 2519: $ipList = gethostbynamel( $host ); on call, $host was '140.73.102.66.http.dnsbl.sorbs.net' on return, $ipList[0] becomes '209.139.209.130' - which is the address of the wiki server. $ php maintenance/eval.php > return gethostbynamel('73.65.102.66.http.dnsbl.sorbs.net') array(1) { [0]=> string(15) "209.139.209.130" }
$ php maintenance/eval.php PHP Warning: posix_isatty(): cannot seek on a pipe in /var/www/html/fr/install-utils.inc on line 66 > return gethostbynamel('140.73.102.66.http.dnsbl.sorbs.net') array(1) { [0]=> string(15) "209.139.209.130" }
Sounds like you've got a weirdly broken local DNS or something. Check /etc/resolv.conf and /etc/hosts...? Also check if adding the . on the end changes the result.
Ah, so the trailing . on .sorbs.net. is necessary, according to http://ca.php.net/gethostbynamel "User Contributed Notes - gethostbynamel - info at methfessel-computers.de - 29-Sep-2006 06:27 The solution is simple. Just add a . (point) to the end of the URL for correct name resolving. Without this point PHP thinks it's a subdomain of your local domain and so returns the "local-IP"." > return gethostbynamel('140.73.102.66.http.dnsbl.sorbs.net.') bool(false) Therefore, in "includes/DefaultSettings.php" line 2075 of 2343, just change from: $wgSorbsUrl = 'http.dnsbl.sorbs.net'; back to: $wgSorbsUrl = 'http.dnsbl.sorbs.net.'; and all is well.
Ah I see, looks like your local domain has a wildcard of some sort, so the negative lookups fall back to the localdomain and always come up with a positive result. :) Fixed in r18616.
