1 | #!/usr/bin/perl
|
---|
2 | # Main add-IP-to-list CGI
|
---|
3 | ##
|
---|
4 | # $Id: dnsbl.cgi 45 2014-12-08 22:37:23Z kdeugau $
|
---|
5 | # Copyright 2009-2011 Kris Deugau <kdeugau@deepnet.cx>
|
---|
6 | #
|
---|
7 | # This program is free software: you can redistribute it and/or modify
|
---|
8 | # it under the terms of the GNU General Public License as published by
|
---|
9 | # the Free Software Foundation, either version 3 of the License, or
|
---|
10 | # (at your option) any later version.
|
---|
11 | #
|
---|
12 | # This program is distributed in the hope that it will be useful,
|
---|
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
15 | # GNU General Public License for more details.
|
---|
16 | #
|
---|
17 | # You should have received a copy of the GNU General Public License
|
---|
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>.
|
---|
19 | ##
|
---|
20 |
|
---|
21 | use strict;
|
---|
22 | use warnings;
|
---|
23 | no warnings qw(uninitialized);
|
---|
24 | use CGI::Carp qw (fatalsToBrowser);
|
---|
25 | use CGI::Simple;
|
---|
26 | use HTML::Template;
|
---|
27 |
|
---|
28 | use DNSBL;
|
---|
29 |
|
---|
30 | # Set up the CGI object...
|
---|
31 | my $q = new CGI::Simple;
|
---|
32 | # ... and get query-string params as well as POST params if necessary
|
---|
33 | $q->parse_query_string;
|
---|
34 |
|
---|
35 | my %webvar;
|
---|
36 | # This is probably excessive fiddling, but it puts the parameters somewhere my fingers know about...
|
---|
37 | foreach ($q->param()) {
|
---|
38 | $webvar{$_} = $q->param($_);
|
---|
39 | }
|
---|
40 |
|
---|
41 | my $dnsbl = new DNSBL;
|
---|
42 |
|
---|
43 | print "Content-type: text/html\n\n";
|
---|
44 |
|
---|
45 | # default DB info - all other settings should be loaded from the DB.
|
---|
46 | my $dbhost = "localhost";
|
---|
47 | my $dbname = "dnsbl";
|
---|
48 | my $dbuser = "dnsbl";
|
---|
49 | my $dbpass = "spambgone";
|
---|
50 |
|
---|
51 | # Load a config ref containing DB host, name, user, and pass info based on
|
---|
52 | # from the server name + full script web path. This allows us to host
|
---|
53 | # multiple instances without having to duplicate the code.
|
---|
54 | # This file is a Perl fragment to be processed inline.
|
---|
55 | my $cfgname = $ENV{SERVER_NAME}.$ENV{REQUEST_URI};
|
---|
56 | $cfgname =~ s|[./-]|_|g;
|
---|
57 | $cfgname =~ s|_dnsbl_cgi.+||;
|
---|
58 | $cfgname =~ s|_$||;
|
---|
59 | if (-e "/etc/dnsbl/$cfgname.conf") {
|
---|
60 | my $cfg = `cat /etc/dnsbl/$cfgname.conf`;
|
---|
61 | ($cfg) = ($cfg =~ /^(.+)$/s); # avoid warnings, failures, and general nastiness with taint mode
|
---|
62 | eval $cfg;
|
---|
63 | }
|
---|
64 |
|
---|
65 | my $dbh = $dnsbl->connect($dbhost, $dbname, $dbuser, $dbpass);
|
---|
66 |
|
---|
67 | my $page;
|
---|
68 | my $templatedir = $ENV{SCRIPT_FILENAME};
|
---|
69 | $templatedir =~ s/dnsbl\.cgi//;
|
---|
70 | $templatedir .= "templates";
|
---|
71 | $ENV{HTML_TEMPLATE_ROOT} = $templatedir;
|
---|
72 |
|
---|
73 | my %config;
|
---|
74 | my $sth = $dbh->prepare("SELECT key,value FROM misc");
|
---|
75 | $sth->execute;
|
---|
76 | while (my ($key,$value) = $sth->fetchrow_array) {
|
---|
77 | $config{$key} = $value;
|
---|
78 | }
|
---|
79 |
|
---|
80 | # decide which page to spit out...
|
---|
81 | if (!$webvar{page}) {
|
---|
82 | $page = HTML::Template->new(filename => "index.tmpl");
|
---|
83 | } else {
|
---|
84 | $page = HTML::Template->new(filename => "$webvar{page}.tmpl");
|
---|
85 | }
|
---|
86 |
|
---|
87 | $page->param(pgtitle => $config{pgtitle}) if defined($config{pgtitle});
|
---|
88 | $page->param(pgcomment => $config{pgcomment}) if defined($config{pgcomment});
|
---|
89 |
|
---|
90 | if ($webvar{page} eq 'report') {
|
---|
91 | my $dnsblsiteroot = $ENV{REQUEST_URI};
|
---|
92 | $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|;
|
---|
93 | $page->param(dnsblsiteroot => $dnsblsiteroot);
|
---|
94 |
|
---|
95 | $page->param(ip => $webvar{ip});
|
---|
96 | my $count = $dnsbl->ipexists($webvar{ip});
|
---|
97 | $page->param(nreports => $count) if $count;
|
---|
98 | $page->param(browsebits => browse($dbh,$webvar{ip}));
|
---|
99 | for (my $i=0; $i<3; $i++) {
|
---|
100 | my ($block,$org) = $dnsbl->getcontainer($webvar{ip},$i);
|
---|
101 | if ($block) {
|
---|
102 | my ($bcl,$bal) = $dnsbl->islisted($block);
|
---|
103 | $page->param("autob$i" => $bcl);
|
---|
104 | $page->param("listb$i" => $bal);
|
---|
105 | my ($ol) = $dnsbl->islisted($org);
|
---|
106 | $page->param("listorg$i" => $ol);
|
---|
107 | $page->param("block$i" => $block);
|
---|
108 | $page->param("org$i" => $org);
|
---|
109 | }
|
---|
110 | }
|
---|
111 | } elsif ($webvar{page} eq 'dbreport') {
|
---|
112 | my $dnsblsiteroot = $ENV{REQUEST_URI};
|
---|
113 | $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|;
|
---|
114 | $page->param(dnsblsiteroot => $dnsblsiteroot);
|
---|
115 |
|
---|
116 | my $err = '';
|
---|
117 | my $org0id = $dnsbl->orgexists($webvar{org0});
|
---|
118 | if (!$org0id) {
|
---|
119 | $org0id = $dnsbl->addorg($webvar{org0});
|
---|
120 | $page->param(org0 => $webvar{org0});
|
---|
121 | }
|
---|
122 | if (!$dnsbl->blockexists($webvar{block0})) {
|
---|
123 | my $ret = $dnsbl->addblock($webvar{block0}, $org0id, 0);
|
---|
124 | $err .= "error adding $webvar{block0}: $ret<br>\n" if $ret;
|
---|
125 | $page->param(block0 => $webvar{block0});
|
---|
126 | }
|
---|
127 | # yes, this is grotty. PTHBTT!
|
---|
128 | if ($webvar{block1}) {
|
---|
129 | my $org1id = $dnsbl->orgexists($webvar{org1});
|
---|
130 | if (!$org1id) {
|
---|
131 | $org1id = $dnsbl->addorg($webvar{org1});
|
---|
132 | $page->param(org1 => $webvar{org1});
|
---|
133 | }
|
---|
134 | if (!$dnsbl->blockexists($webvar{block1})) {
|
---|
135 | my $ret = $dnsbl->addblock($webvar{block1}, $org1id, 1);
|
---|
136 | $err .= "error adding $webvar{block1}: $ret<br>\n" if $ret;
|
---|
137 | $page->param(block1 => $webvar{block1});
|
---|
138 | }
|
---|
139 | if ($webvar{block2}) {
|
---|
140 | my $org2id = $dnsbl->orgexists($webvar{org2});
|
---|
141 | if (!$org2id) {
|
---|
142 | $org2id = $dnsbl->addorg($webvar{org2});
|
---|
143 | $page->param(org2 => $webvar{org2});
|
---|
144 | }
|
---|
145 | if (!$dnsbl->blockexists($webvar{block2})) {
|
---|
146 | my $ret = $dnsbl->addblock($webvar{block2}, $org2id, 2);
|
---|
147 | $err .= "error adding $webvar{block2}: $ret<br>\n" if $ret;
|
---|
148 | $page->param(block2 => $webvar{block2});
|
---|
149 | }
|
---|
150 | }
|
---|
151 | }
|
---|
152 | my $count = $dnsbl->report($webvar{ip});
|
---|
153 |
|
---|
154 | $page->param(ip => $webvar{ip});
|
---|
155 | $page->param(err => $err);
|
---|
156 |
|
---|
157 | $page->param(browsebits => browse($dbh,$webvar{ip}));
|
---|
158 | }
|
---|
159 |
|
---|
160 | print $page->output;
|
---|
161 |
|
---|
162 | exit 0;
|
---|
163 |
|
---|
164 |
|
---|
165 |
|
---|
166 | ## extra subs. should probably put this in a module somehow to share with browse.cgi
|
---|
167 |
|
---|
168 | sub browse {
|
---|
169 | my $dbh = shift;
|
---|
170 | my $ip = shift;
|
---|
171 | my $ipcidr = new NetAddr::IP $ip;
|
---|
172 |
|
---|
173 | my $basesql = "SELECT b.block,o.orgname,b.listme,o.listme,b.comments,o.comments ".
|
---|
174 | "FROM blocks b INNER JOIN orgs o ON b.orgid=o.orgid ".
|
---|
175 | "WHERE b.block ";
|
---|
176 |
|
---|
177 | my $sth0 = $dbh->prepare($basesql." >> ? AND b.level=0 ORDER BY block");
|
---|
178 | my $sth1 = $dbh->prepare($basesql." <<= ? AND b.level=1 ORDER BY block");
|
---|
179 | my $sth2 = $dbh->prepare($basesql." <<= ? AND b.level=2 ORDER BY block");
|
---|
180 | my $sthiplist = $dbh->prepare("select * from iplist where ip <<= ? order by ip");
|
---|
181 |
|
---|
182 | my %ipseen;
|
---|
183 | my $out = '';
|
---|
184 |
|
---|
185 | my $tmpl0 = new HTML::Template(filename => 'templates/browse-block.tmpl');
|
---|
186 |
|
---|
187 | $sth0->execute($ip);
|
---|
188 | while (my ($block0,$org0,$listmeb0,$listmeo0,$bcomments0,$ocomments0) = $sth0->fetchrow_array) {
|
---|
189 | my $block0cidr = new NetAddr::IP $block0;
|
---|
190 | $tmpl0->param(lvlclass => 'lvl0'.($dnsbl->autolist_block($block0) ? ' auto0' : '').
|
---|
191 | ( $ipcidr->within($block0cidr) ? ' inhere' : ''));
|
---|
192 | $tmpl0->param(netclass => ($listmeb0 ? 'b0list' : ''));
|
---|
193 | $tmpl0->param(net => $block0);
|
---|
194 | $tmpl0->param(orgclass => ($listmeo0 ? 'b0org' : ''));
|
---|
195 | $tmpl0->param(org => $org0);
|
---|
196 | $tmpl0->param(bcomment => $bcomments0) if $bcomments0;
|
---|
197 | $tmpl0->param(ocomment => $ocomments0) if $ocomments0;
|
---|
198 | $sth1->execute($block0);
|
---|
199 | my $lvl1out = '';
|
---|
200 | if ($sth1->rows > 0) {
|
---|
201 | while (my ($block1,$org1,$listmeb1,$listmeo1,$bcomments1,$ocomments1) = $sth1->fetchrow_array) {
|
---|
202 | my $block1cidr = new NetAddr::IP $block1;
|
---|
203 | my $tmpl1 = new HTML::Template(filename => 'templates/browse-block.tmpl');
|
---|
204 | $tmpl1->param(lvlclass => 'lvl1'.($dnsbl->autolist_block($block1) ? ' auto1' : '').
|
---|
205 | ( $ipcidr->within($block1cidr) ? ' inhere' : ''));
|
---|
206 | $tmpl1->param(netclass => ($listmeb1 ? 'b1list' : ''));
|
---|
207 | $tmpl1->param(net => $block1);
|
---|
208 | $tmpl1->param(orgclass => ($listmeo1 ? 'b1org' : ''));
|
---|
209 | $tmpl1->param(org => $org1);
|
---|
210 | $tmpl1->param(bcomment => $bcomments1) if $bcomments1;
|
---|
211 | $tmpl1->param(ocomment => $ocomments1) if $ocomments1;
|
---|
212 | $tmpl1->param(indent => ' ');
|
---|
213 | my $lvl2out = '';
|
---|
214 | $sth2->execute($block1);
|
---|
215 | if ($sth2->rows > 0) {
|
---|
216 | while (my ($block2,$org2,$listmeb2,$listmeo2,$bcomments2,$ocomments2) = $sth2->fetchrow_array) {
|
---|
217 | my $block2cidr = new NetAddr::IP $block2;
|
---|
218 | my $tmpl2 = new HTML::Template(filename => 'templates/browse-block.tmpl');
|
---|
219 | $tmpl2->param(lvlclass => 'lvl2'.($dnsbl->autolist_block($block2) ? ' auto2' : '').
|
---|
220 | ( $ipcidr->within($block2cidr) ? ' inhere' : ''));
|
---|
221 | $tmpl2->param(netclass => ($listmeb2 ? 'b2list' : ''));
|
---|
222 | $tmpl2->param(net => $block2);
|
---|
223 | $tmpl2->param(orgclass => ($listmeo2 ? 'b2org' : ''));
|
---|
224 | $tmpl2->param(org => $org2);
|
---|
225 | $tmpl2->param(bcomment => $bcomments2) if $bcomments2;
|
---|
226 | $tmpl2->param(ocomment => $ocomments2) if $ocomments2;
|
---|
227 | $tmpl2->param(indent => ' ');
|
---|
228 | $sthiplist->execute($block2);
|
---|
229 | my @iprows;
|
---|
230 | while (my @data4 = $sthiplist->fetchrow_array) {
|
---|
231 | my %iprow;
|
---|
232 | $iprow{ip} = $data4[0];
|
---|
233 | $iprow{ipcount} = $data4[1];
|
---|
234 | $iprow{indent} = ' ';
|
---|
235 | $iprow{repeater} = 1 if $ip eq $data4[0];
|
---|
236 | # ip | count | s4list | added
|
---|
237 | push @iprows, \%iprow;
|
---|
238 | $ipseen{$data4[0]} = 1;
|
---|
239 | }
|
---|
240 | $tmpl2->param(iplist => \@iprows);
|
---|
241 | $lvl2out .= $tmpl2->output;
|
---|
242 | }
|
---|
243 | }
|
---|
244 |
|
---|
245 | $sthiplist->execute($block1);
|
---|
246 | my @iprows;
|
---|
247 | while (my @data4 = $sthiplist->fetchrow_array) {
|
---|
248 | next if $ipseen{$data4[0]};
|
---|
249 | my %iprow;
|
---|
250 | $iprow{ip} = $data4[0];
|
---|
251 | $iprow{ipcount} = $data4[1];
|
---|
252 | $iprow{indent} = ' ';
|
---|
253 | $iprow{repeater} = 1 if $ip eq $data4[0];
|
---|
254 | # ip | count | s4list | added
|
---|
255 | push @iprows, \%iprow;
|
---|
256 | $ipseen{$data4[0]} = 1;
|
---|
257 | }
|
---|
258 | $tmpl1->param(iplist => \@iprows);
|
---|
259 | $tmpl1->param(subs => $lvl2out);
|
---|
260 | $lvl1out .= $tmpl1->output;
|
---|
261 |
|
---|
262 | }
|
---|
263 | } # sth1->rows
|
---|
264 | $sthiplist->execute($block0);
|
---|
265 | my @iprows;
|
---|
266 | while (my @data4 = $sthiplist->fetchrow_array) {
|
---|
267 | next if $ipseen{$data4[0]};
|
---|
268 | my %iprow;
|
---|
269 | $iprow{ip} = $data4[0];
|
---|
270 | $iprow{ipcount} = $data4[1];
|
---|
271 | $iprow{indent} = '';
|
---|
272 | $iprow{repeater} = 1 if $ip eq $data4[0];
|
---|
273 | # ip | count | s4list | added
|
---|
274 | push @iprows, \%iprow;
|
---|
275 | $ipseen{$data4[0]} = 1;
|
---|
276 | }
|
---|
277 | $tmpl0->param(iplist => \@iprows);
|
---|
278 | $tmpl0->param(subs => $lvl1out);
|
---|
279 | }
|
---|
280 |
|
---|
281 | return $tmpl0->output;
|
---|
282 | } # end browse()
|
---|