Check-in by ben on 2025-07-06 02:08:13

Check-in by ben on 2025-07-06 02:08:13

Add feature to default deny, granting access only to client IP
addresses in pass list. Pre-populate pass.tsv with known
tildeverse plus a few known pubnix and friendly IP addresses.

INSERTED DELETED
4 1 config.m4
1 0 make.sh
68 0 pass.tsv
39 0 src/cgi.awk
3 0 src/config.awk
115 1 TOTAL over 5 changed files

Index: config.m4
==================================================================
--- config.m4
+++ config.m4
@@ -1,8 +1,8 @@
dnl Set configuration variables
dnl
-define(__PHAROS_VERSION__, 12)dnl
+define(__PHAROS_VERSION__, 13)dnl
dnl
define(__AGENT__, Lynx/2.9.0dev.10 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/1.1.1w)dnl
define(__API_ENDPOINT__, http://archive.org)dnl
define(__API_SSL_ENDPOINT__, https://archive.org)dnl
define(__AWK_EXT__, 0)dnl
@@ -17,17 +17,20 @@
define(__CMD_RM__, rm)dnl
define(__CMD_SQLITE__, /usr/bin/sqlite3)dnl
define(__CMD_STRINGS__, /bin/busybox strings)dnl
define(__CMD_WEBDUMP__, /usr/local/bin/webdump)dnl
define(__CMD_XARGS__, /usr/bin/xargs)dnl
+define(__CONTACT__, [email protected])dnl
define(__GEOMYIDAE_VERSION__, 0.96)dnl
define(__MAX_BIN_SIZE__, 10)dnl
define(__MAX_TXT_SIZE__, 1)dnl
+define(__PASS_ENABLED__, 0)dnl
+define(__PASS_LIST__, /home/user/pharos/pass.tsv)dnl
define(__SERVER__, server)dnl
define(__PORT__, port)dnl
dnl
dnl Set up M4 to work with AWK code
dnl
define(m4_substr, defn(substr))dnl
undefine(substr)dnl
changecom(`/*', `*/')dnl
define(incl,`ifdef(paste,paste($1),undivert($1))')dnl

Index: make.sh
==================================================================
--- make.sh
+++ make.sh
@@ -36,6 +36,7 @@
# WEIRD
build $SRC ${SRC}/raw/index.cgi.m4 ${DESTDIR}/debug/index.cgi
build $SRC ${SRC}/raw/index.cgi.m4 ${DESTDIR}/text/index.cgi
build $SRC ${SRC}/download/index.dcgi.m4 ${DESTDIR}/direct/index.dcgi
build $SRC ${SRC}/raw/index.cgi.m4 ${DESTDIR}/links/index.dcgi
+cp pass.tsv ${DESTDIR}/pass.tsv
exit 0

ADDED pass.tsv
Index: pass.tsv
==================================================================
--- /dev/null
+++ pass.tsv
@@ -0,0 +1,68 @@
+#IP name notes
+#2a01:4f8:191:63af::3 de3-apache2.meulie.net www proxy crawled a lot https://gopherproxy.meulie.net/statistics/
+5.161.108.85 vern.cc https://tilde.wiki/Known_tildes
+23.133.40.12 tilde.town tildeverse.org
+45.33.66.185 rawtext.club https://tilde.wiki/Known_tildes
+45.58.42.71 rw.rs tildeverse.org
+46.225.38.51 vps-d19ace40.vps.ovh.net friendly
+54.38.176.219 tilde.green tildeverse.org
+54.68.197.142 nyx.nyx.net pubnix
+54.149.138.40 hackers.cool https://tilde.wiki/Known_tildes
+64.190.63.222 pebble.ink https://tilde.wiki/Known_tildes
+63.155.6.201 63-155-6-201.eugn.qwest.net friendly
+85.214.104.232 tilde.fun https://tilde.wiki/Known_tildes
+88.198.101.33 r-36.net friendly
+89.163.145.170 envs.net https://tilde.wiki/Known_tildes
+95.179.178.246 tilde.guru tildeverse.org
+95.216.6.12 tilde.pink tildeverse.org
+104.238.186.103 cosmic.voyage tildeverse.org
+116.202.128.144 freeshell.de pubnix
+129.146.136.128 tylde.karx.xyz https://tilde.wiki/Known_tildes
+138.197.211.90 skylab.org https://tilde.wiki/Known_tildes
+142.44.150.184 tilde.club tildeverse.org
+142.44.150.185 thunix.net tildeverse.org
+149.210.185.89 codemadness.org www proxy
+157.90.196.56 fr.tild3.org https://tilde.wiki/Known_tildes
+159.69.146.152 tilde.institute tildeverse.org
+159.196.9.199 gopher.mills.io www proxy
+159.203.148.233 squiggle.city https://tilde.wiki/Known_tildes
+165.227.127.54 ctrl-c.club tildeverse.org
+166.84.1.8 shell.panix.com pubnix
+166.84.1.9 shell.panix.com pubnix
+166.84.1.10 shell.panix.com pubnix
+172.66.40.245 crime.team https://tilde.wiki/Known_tildes
+172.66.43.11 crime.team https://tilde.wiki/Known_tildes
+173.32.203.226 piepi.art https://tilde.wiki/Known_tildes
+185.179.143.92 xinu.me https://tilde.wiki/Known_tildes
+192.9.177.29 aussies.space tildeverse.org
+192.80.49.36 ampm.floodgap.com www proxy
+198.50.210.248 tilde.team tildeverse.org
+205.166.94.16 sdf.org pubnix
+205.166.94.4 tty.sdf.org pubnix
+205.166.94.9 tty.sdf.org pubnix
+207.246.69.54 texto-plano.xyz tildeverse.org
+209.50.56.120 remotes.club https://tilde.wiki/Known_tildes
+209.97.187.90 dimension.sh https://tilde.wiki/Known_tildes
+213.108.110.40 tilde.pt https://tilde.wiki/Known_tildes
+2001:41d0:303:5ddb:: tilde.green tildeverse.org
+2001:41d0:304:200::83e5 vps-d19ace40.vps.ovh.net friendly
+2001:4ba0:ffa4:180::2 envs.net https://tilde.wiki/Known_tildes
+2600:3c00::f03c:92ff:fe97:26fd gopher.zcrayfish.soy www proxy
+2602:f72c:0:400::be50:77ed tilde.town tildeverse.org
+2604:a880:2:d0::493a:b001 skylab.org https://tilde.wiki/Known_tildes
+2604:a880:800:a1::14ff:9001 squiccle.city https://tilde.wiki/Known_tildes
+2605:7380:1000:1310:202e:aff:fe0a:3ccb remotes.club https://tilde.wiki/Known_tildes
+2606:4700:3108::ac42:28f5 crime.team https://tilde.wiki/Known_tildes
+2606:4700:3108::ac42:2b0b crime.team https://tilde.wiki/Known_tildes
+2607:5300:60:4f58::248 tilde.team tildeverse.org & www proxy
+2607:5300:203:31b6::115 tilde.club tildeverse.org
+2607:5300:203:31b6::185 thunix.net tildeverse.org
+2a01:238:43f9:7700:2bc8:48bf:b264:3fc1 tilde.fun https://tilde.wiki/Known_tildes
+2a01:4f8:222:19a::3 r-36.net friendly
+2a01:4f8:231:482b::2 freeshell.de pubnix
+2a01:4f8:252:3e22::56 fr.tild3.org https://tilde.wiki/Known_tildes
+2a01:4f9:2a:65b::4 tilde.pink tildeverse.org
+2a01:4ff:f0:4fb3::1 vern.cc https://tilde.wiki/Known_tildes
+2a03:6000:6e65:627::37 fugu.contractcoder.biz friendly
+2a03:b0c0:1:e0::38a:c001 dimension.sh https://tilde.wiki/Known_tildes
+2a05:f480:1400:a93:5400:3ff:fe7b:d45d tilde.guru tildeverse.org

Index: src/cgi.awk
==================================================================
--- src/cgi.awk
+++ src/cgi.awk
@@ -1,6 +1,45 @@
+function block_msg(ip) {
+ print "Access Denied"
+ print "============="
+ print ""
+ print "This service only allows access from vetted client IP addresses."
+ print "The intent is to thwart abusive bots and crawlers."
+ print ""
+ print "To gain access:"
+ print ""
+ print "* Email your client IP address (" ip ") to:"
+ print " " contact
+ print ""
+ print "* Include the word \"friendly\" in your message."
+ print ""
+ print "Service admin will reply when granted."
+ return
+}
+
function cgi_init( ip) {
+ ip = ENVIRON["REMOTE_ADDR"]
+ if (pass_enabled) {
+ # default deny access except client IP addresses in pass list
+ blocked = 1
+ while ((getline < pass_list) > 0) {
+ if (match(/^#/, $0)) {
+ # ignore comments
+ continue
+ }
+ if (ip == $1) {
+ blocked = 0
+ break
+ }
+ }
+ close(pass_list)
+ if (blocked) {
+ block_msg(ip)
+ exit(0)
+ }
+ }
+
search = ARGV[1]
arguments = ARGV[2]
traversal = ARGV[5]
selector = ARGV[6]

Index: src/config.awk
==================================================================
--- src/config.awk
+++ src/config.awk
@@ -13,12 +13,15 @@
cmd_rm = "__CMD_RM__"
cmd_sqlite = "__CMD_SQLITE__"
cmd_strings = "__CMD_STRINGS__"
cmd_webdump = "__CMD_WEBDUMP__"
cmd_xargs = "__CMD_XARGS__"
+ contact = "__CONTACT__"
geomyidae_version = __GEOMYIDAE_VERSION__
max_bin_size = __MAX_BIN_SIZE__
max_txt_size = __MAX_TXT_SIZE__
+ pass_enabled = __PASS_ENABLED__
+ pass_list = "__PASS_LIST__"
server = "__SERVER__"
port = "__PORT__"
return
}