commit 592af617daddf0f883421a27add06919ee879b41
Author: sceox <sceox@riseup.net>
Date:   Mon Aug 31 21:05:23 2020 -0700

    initial commit

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..5e0d285
--- /dev/null
+++ b/README.md
@@ -0,0 +1,16 @@
+A simple anti-spam system for
+[question2answer](https://www.question2answer.org/qa/), using [the
+stopforumspam API](https://www.stopforumspam.com/usage) and
+[ufw](https://launchpad.net/ufw).
+
+To deploy:
+
+* modify the configuration variables in the scripts
+* copy the scripts to /usr/local/bin
+* add a line like `0 0 * * * /usr/local/bin/q2a_usercheck.sh` to root's
+  crontab. Alternatively, you can add `q2a_usercheck.sh` to /etc/cron.daily/
+  if it exists (for example, on debian).
+
+TODO:
+* add support for pf
+* add support for iptables
diff --git a/forumspam.sh b/forumspam.sh
new file mode 100755
index 0000000..1f85f7f
--- /dev/null
+++ b/forumspam.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# API reference: https://www.stopforumspam.com/usage
+
+ip=$1
+repl=`mktemp`
+logf=/var/log/forumspam.log
+
+curl 'http://api.stopforumspam.org/api?ip='$ip 2>/dev/null > $repl
+
+if ! grep -q '<response success="true">' $repl; then
+	echo error failed to query stopforumspam api >> $logf
+	exit 1
+fi
+if ! grep -q '<appears>yes</appears>' $repl; then
+	exit 0
+fi
+freq=`grep '<frequency>' $repl | sed 's/<frequency>//; s!</frequency>!!'`
+if [ "$freq" -ge 1 ]; then
+	if ufw deny from $ip >/dev/null; then
+		echo `date` blocked ip $ip with freq $freq >> $logf
+		exit 0
+	else
+		echo error failed to add ufw rule >> $logf
+		exit 2
+	fi
+fi
diff --git a/q2a_usercheck.sh b/q2a_usercheck.sh
new file mode 100755
index 0000000..258490a
--- /dev/null
+++ b/q2a_usercheck.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+mysql_user='q2a_user'
+mysql_pass='q2a_pass'
+mysql_db='q2a_db'
+
+tmpf=`mktemp`
+yesterday=`date -d yesterday '+%Y-%m-%d %H:%M:%S'`
+
+mysql -u $mysql_user "--password=$mysql_pass" $mysql_db -e \
+	"SELECT INET_NTOA(CONV(HEX(createip),16,10))
+	FROM qa_users WHERE created >= '$yesterday';
+	" | sed '1d' > $tmpf
+
+while read ip ; do
+	/usr/local/bin/forumspam.sh "$ip"
+done < $tmpf
+
+rm $tmpf