#!/usr/bin/perl # Main add-IP-to-list CGI ## # $Id: dnsbl.cgi 46 2014-12-08 22:44:07Z kdeugau $ # Copyright 2009-2011 Kris Deugau # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . ## use strict; use warnings; no warnings qw(uninitialized); use CGI::Carp qw (fatalsToBrowser); use CGI::Simple; use HTML::Template; use DNSBL; # Set up the CGI object... my $q = new CGI::Simple; # ... and get query-string params as well as POST params if necessary $q->parse_query_string; my %webvar; # This is probably excessive fiddling, but it puts the parameters somewhere my fingers know about... foreach ($q->param()) { $webvar{$_} = $q->param($_); } my $dnsbl = new DNSBL; # try to be friendly to non-US-ASCII characters. Still need to find what # difference from RH<->Debian is still at fault. print $q->header(-charset=>'utf8'); # default DB info - all other settings should be loaded from the DB. my $dbhost = "localhost"; my $dbname = "dnsbl"; my $dbuser = "dnsbl"; my $dbpass = "spambgone"; # Load a config ref containing DB host, name, user, and pass info based on # from the server name + full script web path. This allows us to host # multiple instances without having to duplicate the code. # This file is a Perl fragment to be processed inline. my $cfgname = $ENV{SERVER_NAME}.$ENV{REQUEST_URI}; $cfgname =~ s|[./-]|_|g; $cfgname =~ s|_dnsbl_cgi.+||; $cfgname =~ s|_$||; if (-e "/etc/dnsbl/$cfgname.conf") { my $cfg = `cat /etc/dnsbl/$cfgname.conf`; ($cfg) = ($cfg =~ /^(.+)$/s); # avoid warnings, failures, and general nastiness with taint mode eval $cfg; } my $dbh = $dnsbl->connect($dbhost, $dbname, $dbuser, $dbpass); my $page; my $templatedir = $ENV{SCRIPT_FILENAME}; $templatedir =~ s/dnsbl\.cgi//; $templatedir .= "templates"; $ENV{HTML_TEMPLATE_ROOT} = $templatedir; my %config; my $sth = $dbh->prepare("SELECT key,value FROM misc"); $sth->execute; while (my ($key,$value) = $sth->fetchrow_array) { $config{$key} = $value; } # decide which page to spit out... if (!$webvar{page}) { $page = HTML::Template->new(filename => "index.tmpl"); } else { $page = HTML::Template->new(filename => "$webvar{page}.tmpl"); } $page->param(pgtitle => $config{pgtitle}) if defined($config{pgtitle}); $page->param(pgcomment => $config{pgcomment}) if defined($config{pgcomment}); if ($webvar{page} eq 'report') { my $dnsblsiteroot = $ENV{REQUEST_URI}; $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|; $page->param(dnsblsiteroot => $dnsblsiteroot); $page->param(ip => $webvar{ip}); my $count = $dnsbl->ipexists($webvar{ip}); $page->param(nreports => $count) if $count; $page->param(browsebits => browse($dbh,$webvar{ip})); for (my $i=0; $i<3; $i++) { my ($block,$org) = $dnsbl->getcontainer($webvar{ip},$i); if ($block) { my ($bcl,$bal) = $dnsbl->islisted($block); $page->param("autob$i" => $bcl); $page->param("listb$i" => $bal); my ($ol) = $dnsbl->islisted($org); $page->param("listorg$i" => $ol); $page->param("block$i" => $block); $page->param("org$i" => $org); } } } elsif ($webvar{page} eq 'dbreport') { my $dnsblsiteroot = $ENV{REQUEST_URI}; $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|; $page->param(dnsblsiteroot => $dnsblsiteroot); my $err = ''; my $org0id = $dnsbl->orgexists($webvar{org0}); if (!$org0id) { $org0id = $dnsbl->addorg($webvar{org0}); $page->param(org0 => $webvar{org0}); } if (!$dnsbl->blockexists($webvar{block0})) { my $ret = $dnsbl->addblock($webvar{block0}, $org0id, 0); $err .= "error adding $webvar{block0}: $ret
\n" if $ret; $page->param(block0 => $webvar{block0}); } # yes, this is grotty. PTHBTT! if ($webvar{block1}) { my $org1id = $dnsbl->orgexists($webvar{org1}); if (!$org1id) { $org1id = $dnsbl->addorg($webvar{org1}); $page->param(org1 => $webvar{org1}); } if (!$dnsbl->blockexists($webvar{block1})) { my $ret = $dnsbl->addblock($webvar{block1}, $org1id, 1); $err .= "error adding $webvar{block1}: $ret
\n" if $ret; $page->param(block1 => $webvar{block1}); } if ($webvar{block2}) { my $org2id = $dnsbl->orgexists($webvar{org2}); if (!$org2id) { $org2id = $dnsbl->addorg($webvar{org2}); $page->param(org2 => $webvar{org2}); } if (!$dnsbl->blockexists($webvar{block2})) { my $ret = $dnsbl->addblock($webvar{block2}, $org2id, 2); $err .= "error adding $webvar{block2}: $ret
\n" if $ret; $page->param(block2 => $webvar{block2}); } } } my $count = $dnsbl->report($webvar{ip}); $page->param(ip => $webvar{ip}); $page->param(err => $err); $page->param(browsebits => browse($dbh,$webvar{ip})); } print $page->output; exit 0; ## extra subs. should probably put this in a module somehow to share with browse.cgi sub browse { my $dbh = shift; my $ip = shift; my $ipcidr = new NetAddr::IP $ip; my $basesql = "SELECT b.block,o.orgname,b.listme,o.listme,b.comments,o.comments ". "FROM blocks b INNER JOIN orgs o ON b.orgid=o.orgid ". "WHERE b.block "; my $sth0 = $dbh->prepare($basesql." >> ? AND b.level=0 ORDER BY block"); my $sth1 = $dbh->prepare($basesql." <<= ? AND b.level=1 ORDER BY block"); my $sth2 = $dbh->prepare($basesql." <<= ? AND b.level=2 ORDER BY block"); my $sthiplist = $dbh->prepare("select * from iplist where ip <<= ? order by ip"); my %ipseen; my $out = ''; my $tmpl0 = new HTML::Template(filename => 'templates/browse-block.tmpl'); $sth0->execute($ip); while (my ($block0,$org0,$listmeb0,$listmeo0,$bcomments0,$ocomments0) = $sth0->fetchrow_array) { my $block0cidr = new NetAddr::IP $block0; $tmpl0->param(lvlclass => 'lvl0'.($dnsbl->autolist_block($block0) ? ' auto0' : ''). ( $ipcidr->within($block0cidr) ? ' inhere' : '')); $tmpl0->param(netclass => ($listmeb0 ? 'b0list' : '')); $tmpl0->param(net => $block0); $tmpl0->param(orgclass => ($listmeo0 ? 'b0org' : '')); $tmpl0->param(org => $org0); $tmpl0->param(bcomment => $bcomments0) if $bcomments0; $tmpl0->param(ocomment => $ocomments0) if $ocomments0; $sth1->execute($block0); my $lvl1out = ''; if ($sth1->rows > 0) { while (my ($block1,$org1,$listmeb1,$listmeo1,$bcomments1,$ocomments1) = $sth1->fetchrow_array) { my $block1cidr = new NetAddr::IP $block1; my $tmpl1 = new HTML::Template(filename => 'templates/browse-block.tmpl'); $tmpl1->param(lvlclass => 'lvl1'.($dnsbl->autolist_block($block1) ? ' auto1' : ''). ( $ipcidr->within($block1cidr) ? ' inhere' : '')); $tmpl1->param(netclass => ($listmeb1 ? 'b1list' : '')); $tmpl1->param(net => $block1); $tmpl1->param(orgclass => ($listmeo1 ? 'b1org' : '')); $tmpl1->param(org => $org1); $tmpl1->param(bcomment => $bcomments1) if $bcomments1; $tmpl1->param(ocomment => $ocomments1) if $ocomments1; $tmpl1->param(indent => ' '); my $lvl2out = ''; $sth2->execute($block1); if ($sth2->rows > 0) { while (my ($block2,$org2,$listmeb2,$listmeo2,$bcomments2,$ocomments2) = $sth2->fetchrow_array) { my $block2cidr = new NetAddr::IP $block2; my $tmpl2 = new HTML::Template(filename => 'templates/browse-block.tmpl'); $tmpl2->param(lvlclass => 'lvl2'.($dnsbl->autolist_block($block2) ? ' auto2' : ''). ( $ipcidr->within($block2cidr) ? ' inhere' : '')); $tmpl2->param(netclass => ($listmeb2 ? 'b2list' : '')); $tmpl2->param(net => $block2); $tmpl2->param(orgclass => ($listmeo2 ? 'b2org' : '')); $tmpl2->param(org => $org2); $tmpl2->param(bcomment => $bcomments2) if $bcomments2; $tmpl2->param(ocomment => $ocomments2) if $ocomments2; $tmpl2->param(indent => ' '); $sthiplist->execute($block2); my @iprows; while (my @data4 = $sthiplist->fetchrow_array) { my %iprow; $iprow{ip} = $data4[0]; $iprow{ipcount} = $data4[1]; $iprow{indent} = ' '; $iprow{repeater} = 1 if $ip eq $data4[0]; # ip | count | s4list | added push @iprows, \%iprow; $ipseen{$data4[0]} = 1; } $tmpl2->param(iplist => \@iprows); $lvl2out .= $tmpl2->output; } } $sthiplist->execute($block1); my @iprows; while (my @data4 = $sthiplist->fetchrow_array) { next if $ipseen{$data4[0]}; my %iprow; $iprow{ip} = $data4[0]; $iprow{ipcount} = $data4[1]; $iprow{indent} = ' '; $iprow{repeater} = 1 if $ip eq $data4[0]; # ip | count | s4list | added push @iprows, \%iprow; $ipseen{$data4[0]} = 1; } $tmpl1->param(iplist => \@iprows); $tmpl1->param(subs => $lvl2out); $lvl1out .= $tmpl1->output; } } # sth1->rows $sthiplist->execute($block0); my @iprows; while (my @data4 = $sthiplist->fetchrow_array) { next if $ipseen{$data4[0]}; my %iprow; $iprow{ip} = $data4[0]; $iprow{ipcount} = $data4[1]; $iprow{indent} = ''; $iprow{repeater} = 1 if $ip eq $data4[0]; # ip | count | s4list | added push @iprows, \%iprow; $ipseen{$data4[0]} = 1; } $tmpl0->param(iplist => \@iprows); $tmpl0->param(subs => $lvl1out); } return $tmpl0->output; } # end browse()