1 | #!/usr/bin/perl
|
---|
2 | # Main add-IP-to-list CGI
|
---|
3 | ##
|
---|
4 | # $Id: dnsbl.cgi 46 2014-12-08 22:44:07Z kdeugau $
|
---|
5 | # Copyright 2009-2011 Kris Deugau <kdeugau@deepnet.cx>
|
---|
6 | #
|
---|
7 | # This program is free software: you can redistribute it and/or modify
|
---|
8 | # it under the terms of the GNU General Public License as published by
|
---|
9 | # the Free Software Foundation, either version 3 of the License, or
|
---|
10 | # (at your option) any later version.
|
---|
11 | #
|
---|
12 | # This program is distributed in the hope that it will be useful,
|
---|
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
15 | # GNU General Public License for more details.
|
---|
16 | #
|
---|
17 | # You should have received a copy of the GNU General Public License
|
---|
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>.
|
---|
19 | ##
|
---|
20 |
|
---|
21 | use strict;
|
---|
22 | use warnings;
|
---|
23 | no warnings qw(uninitialized);
|
---|
24 | use CGI::Carp qw (fatalsToBrowser);
|
---|
25 | use CGI::Simple;
|
---|
26 | use HTML::Template;
|
---|
27 |
|
---|
28 | use DNSBL;
|
---|
29 |
|
---|
30 | # Set up the CGI object...
|
---|
31 | my $q = new CGI::Simple;
|
---|
32 | # ... and get query-string params as well as POST params if necessary
|
---|
33 | $q->parse_query_string;
|
---|
34 |
|
---|
35 | my %webvar;
|
---|
36 | # This is probably excessive fiddling, but it puts the parameters somewhere my fingers know about...
|
---|
37 | foreach ($q->param()) {
|
---|
38 | $webvar{$_} = $q->param($_);
|
---|
39 | }
|
---|
40 |
|
---|
41 | my $dnsbl = new DNSBL;
|
---|
42 |
|
---|
43 | # try to be friendly to non-US-ASCII characters. Still need to find what
|
---|
44 | # difference from RH<->Debian is still at fault.
|
---|
45 | print $q->header(-charset=>'utf8');
|
---|
46 |
|
---|
47 | # default DB info - all other settings should be loaded from the DB.
|
---|
48 | my $dbhost = "localhost";
|
---|
49 | my $dbname = "dnsbl";
|
---|
50 | my $dbuser = "dnsbl";
|
---|
51 | my $dbpass = "spambgone";
|
---|
52 |
|
---|
53 | # Load a config ref containing DB host, name, user, and pass info based on
|
---|
54 | # from the server name + full script web path. This allows us to host
|
---|
55 | # multiple instances without having to duplicate the code.
|
---|
56 | # This file is a Perl fragment to be processed inline.
|
---|
57 | my $cfgname = $ENV{SERVER_NAME}.$ENV{REQUEST_URI};
|
---|
58 | $cfgname =~ s|[./-]|_|g;
|
---|
59 | $cfgname =~ s|_dnsbl_cgi.+||;
|
---|
60 | $cfgname =~ s|_$||;
|
---|
61 | if (-e "/etc/dnsbl/$cfgname.conf") {
|
---|
62 | my $cfg = `cat /etc/dnsbl/$cfgname.conf`;
|
---|
63 | ($cfg) = ($cfg =~ /^(.+)$/s); # avoid warnings, failures, and general nastiness with taint mode
|
---|
64 | eval $cfg;
|
---|
65 | }
|
---|
66 |
|
---|
67 | my $dbh = $dnsbl->connect($dbhost, $dbname, $dbuser, $dbpass);
|
---|
68 |
|
---|
69 | my $page;
|
---|
70 | my $templatedir = $ENV{SCRIPT_FILENAME};
|
---|
71 | $templatedir =~ s/dnsbl\.cgi//;
|
---|
72 | $templatedir .= "templates";
|
---|
73 | $ENV{HTML_TEMPLATE_ROOT} = $templatedir;
|
---|
74 |
|
---|
75 | my %config;
|
---|
76 | my $sth = $dbh->prepare("SELECT key,value FROM misc");
|
---|
77 | $sth->execute;
|
---|
78 | while (my ($key,$value) = $sth->fetchrow_array) {
|
---|
79 | $config{$key} = $value;
|
---|
80 | }
|
---|
81 |
|
---|
82 | # decide which page to spit out...
|
---|
83 | if (!$webvar{page}) {
|
---|
84 | $page = HTML::Template->new(filename => "index.tmpl");
|
---|
85 | } else {
|
---|
86 | $page = HTML::Template->new(filename => "$webvar{page}.tmpl");
|
---|
87 | }
|
---|
88 |
|
---|
89 | $page->param(pgtitle => $config{pgtitle}) if defined($config{pgtitle});
|
---|
90 | $page->param(pgcomment => $config{pgcomment}) if defined($config{pgcomment});
|
---|
91 |
|
---|
92 | if ($webvar{page} eq 'report') {
|
---|
93 | my $dnsblsiteroot = $ENV{REQUEST_URI};
|
---|
94 | $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|;
|
---|
95 | $page->param(dnsblsiteroot => $dnsblsiteroot);
|
---|
96 |
|
---|
97 | $page->param(ip => $webvar{ip});
|
---|
98 | my $count = $dnsbl->ipexists($webvar{ip});
|
---|
99 | $page->param(nreports => $count) if $count;
|
---|
100 | $page->param(browsebits => browse($dbh,$webvar{ip}));
|
---|
101 | for (my $i=0; $i<3; $i++) {
|
---|
102 | my ($block,$org) = $dnsbl->getcontainer($webvar{ip},$i);
|
---|
103 | if ($block) {
|
---|
104 | my ($bcl,$bal) = $dnsbl->islisted($block);
|
---|
105 | $page->param("autob$i" => $bcl);
|
---|
106 | $page->param("listb$i" => $bal);
|
---|
107 | my ($ol) = $dnsbl->islisted($org);
|
---|
108 | $page->param("listorg$i" => $ol);
|
---|
109 | $page->param("block$i" => $block);
|
---|
110 | $page->param("org$i" => $org);
|
---|
111 | }
|
---|
112 | }
|
---|
113 | } elsif ($webvar{page} eq 'dbreport') {
|
---|
114 | my $dnsblsiteroot = $ENV{REQUEST_URI};
|
---|
115 | $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|;
|
---|
116 | $page->param(dnsblsiteroot => $dnsblsiteroot);
|
---|
117 |
|
---|
118 | my $err = '';
|
---|
119 | my $org0id = $dnsbl->orgexists($webvar{org0});
|
---|
120 | if (!$org0id) {
|
---|
121 | $org0id = $dnsbl->addorg($webvar{org0});
|
---|
122 | $page->param(org0 => $webvar{org0});
|
---|
123 | }
|
---|
124 | if (!$dnsbl->blockexists($webvar{block0})) {
|
---|
125 | my $ret = $dnsbl->addblock($webvar{block0}, $org0id, 0);
|
---|
126 | $err .= "error adding $webvar{block0}: $ret<br>\n" if $ret;
|
---|
127 | $page->param(block0 => $webvar{block0});
|
---|
128 | }
|
---|
129 | # yes, this is grotty. PTHBTT!
|
---|
130 | if ($webvar{block1}) {
|
---|
131 | my $org1id = $dnsbl->orgexists($webvar{org1});
|
---|
132 | if (!$org1id) {
|
---|
133 | $org1id = $dnsbl->addorg($webvar{org1});
|
---|
134 | $page->param(org1 => $webvar{org1});
|
---|
135 | }
|
---|
136 | if (!$dnsbl->blockexists($webvar{block1})) {
|
---|
137 | my $ret = $dnsbl->addblock($webvar{block1}, $org1id, 1);
|
---|
138 | $err .= "error adding $webvar{block1}: $ret<br>\n" if $ret;
|
---|
139 | $page->param(block1 => $webvar{block1});
|
---|
140 | }
|
---|
141 | if ($webvar{block2}) {
|
---|
142 | my $org2id = $dnsbl->orgexists($webvar{org2});
|
---|
143 | if (!$org2id) {
|
---|
144 | $org2id = $dnsbl->addorg($webvar{org2});
|
---|
145 | $page->param(org2 => $webvar{org2});
|
---|
146 | }
|
---|
147 | if (!$dnsbl->blockexists($webvar{block2})) {
|
---|
148 | my $ret = $dnsbl->addblock($webvar{block2}, $org2id, 2);
|
---|
149 | $err .= "error adding $webvar{block2}: $ret<br>\n" if $ret;
|
---|
150 | $page->param(block2 => $webvar{block2});
|
---|
151 | }
|
---|
152 | }
|
---|
153 | }
|
---|
154 | my $count = $dnsbl->report($webvar{ip});
|
---|
155 |
|
---|
156 | $page->param(ip => $webvar{ip});
|
---|
157 | $page->param(err => $err);
|
---|
158 |
|
---|
159 | $page->param(browsebits => browse($dbh,$webvar{ip}));
|
---|
160 | }
|
---|
161 |
|
---|
162 | print $page->output;
|
---|
163 |
|
---|
164 | exit 0;
|
---|
165 |
|
---|
166 |
|
---|
167 |
|
---|
168 | ## extra subs. should probably put this in a module somehow to share with browse.cgi
|
---|
169 |
|
---|
170 | sub browse {
|
---|
171 | my $dbh = shift;
|
---|
172 | my $ip = shift;
|
---|
173 | my $ipcidr = new NetAddr::IP $ip;
|
---|
174 |
|
---|
175 | my $basesql = "SELECT b.block,o.orgname,b.listme,o.listme,b.comments,o.comments ".
|
---|
176 | "FROM blocks b INNER JOIN orgs o ON b.orgid=o.orgid ".
|
---|
177 | "WHERE b.block ";
|
---|
178 |
|
---|
179 | my $sth0 = $dbh->prepare($basesql." >> ? AND b.level=0 ORDER BY block");
|
---|
180 | my $sth1 = $dbh->prepare($basesql." <<= ? AND b.level=1 ORDER BY block");
|
---|
181 | my $sth2 = $dbh->prepare($basesql." <<= ? AND b.level=2 ORDER BY block");
|
---|
182 | my $sthiplist = $dbh->prepare("select * from iplist where ip <<= ? order by ip");
|
---|
183 |
|
---|
184 | my %ipseen;
|
---|
185 | my $out = '';
|
---|
186 |
|
---|
187 | my $tmpl0 = new HTML::Template(filename => 'templates/browse-block.tmpl');
|
---|
188 |
|
---|
189 | $sth0->execute($ip);
|
---|
190 | while (my ($block0,$org0,$listmeb0,$listmeo0,$bcomments0,$ocomments0) = $sth0->fetchrow_array) {
|
---|
191 | my $block0cidr = new NetAddr::IP $block0;
|
---|
192 | $tmpl0->param(lvlclass => 'lvl0'.($dnsbl->autolist_block($block0) ? ' auto0' : '').
|
---|
193 | ( $ipcidr->within($block0cidr) ? ' inhere' : ''));
|
---|
194 | $tmpl0->param(netclass => ($listmeb0 ? 'b0list' : ''));
|
---|
195 | $tmpl0->param(net => $block0);
|
---|
196 | $tmpl0->param(orgclass => ($listmeo0 ? 'b0org' : ''));
|
---|
197 | $tmpl0->param(org => $org0);
|
---|
198 | $tmpl0->param(bcomment => $bcomments0) if $bcomments0;
|
---|
199 | $tmpl0->param(ocomment => $ocomments0) if $ocomments0;
|
---|
200 | $sth1->execute($block0);
|
---|
201 | my $lvl1out = '';
|
---|
202 | if ($sth1->rows > 0) {
|
---|
203 | while (my ($block1,$org1,$listmeb1,$listmeo1,$bcomments1,$ocomments1) = $sth1->fetchrow_array) {
|
---|
204 | my $block1cidr = new NetAddr::IP $block1;
|
---|
205 | my $tmpl1 = new HTML::Template(filename => 'templates/browse-block.tmpl');
|
---|
206 | $tmpl1->param(lvlclass => 'lvl1'.($dnsbl->autolist_block($block1) ? ' auto1' : '').
|
---|
207 | ( $ipcidr->within($block1cidr) ? ' inhere' : ''));
|
---|
208 | $tmpl1->param(netclass => ($listmeb1 ? 'b1list' : ''));
|
---|
209 | $tmpl1->param(net => $block1);
|
---|
210 | $tmpl1->param(orgclass => ($listmeo1 ? 'b1org' : ''));
|
---|
211 | $tmpl1->param(org => $org1);
|
---|
212 | $tmpl1->param(bcomment => $bcomments1) if $bcomments1;
|
---|
213 | $tmpl1->param(ocomment => $ocomments1) if $ocomments1;
|
---|
214 | $tmpl1->param(indent => ' ');
|
---|
215 | my $lvl2out = '';
|
---|
216 | $sth2->execute($block1);
|
---|
217 | if ($sth2->rows > 0) {
|
---|
218 | while (my ($block2,$org2,$listmeb2,$listmeo2,$bcomments2,$ocomments2) = $sth2->fetchrow_array) {
|
---|
219 | my $block2cidr = new NetAddr::IP $block2;
|
---|
220 | my $tmpl2 = new HTML::Template(filename => 'templates/browse-block.tmpl');
|
---|
221 | $tmpl2->param(lvlclass => 'lvl2'.($dnsbl->autolist_block($block2) ? ' auto2' : '').
|
---|
222 | ( $ipcidr->within($block2cidr) ? ' inhere' : ''));
|
---|
223 | $tmpl2->param(netclass => ($listmeb2 ? 'b2list' : ''));
|
---|
224 | $tmpl2->param(net => $block2);
|
---|
225 | $tmpl2->param(orgclass => ($listmeo2 ? 'b2org' : ''));
|
---|
226 | $tmpl2->param(org => $org2);
|
---|
227 | $tmpl2->param(bcomment => $bcomments2) if $bcomments2;
|
---|
228 | $tmpl2->param(ocomment => $ocomments2) if $ocomments2;
|
---|
229 | $tmpl2->param(indent => ' ');
|
---|
230 | $sthiplist->execute($block2);
|
---|
231 | my @iprows;
|
---|
232 | while (my @data4 = $sthiplist->fetchrow_array) {
|
---|
233 | my %iprow;
|
---|
234 | $iprow{ip} = $data4[0];
|
---|
235 | $iprow{ipcount} = $data4[1];
|
---|
236 | $iprow{indent} = ' ';
|
---|
237 | $iprow{repeater} = 1 if $ip eq $data4[0];
|
---|
238 | # ip | count | s4list | added
|
---|
239 | push @iprows, \%iprow;
|
---|
240 | $ipseen{$data4[0]} = 1;
|
---|
241 | }
|
---|
242 | $tmpl2->param(iplist => \@iprows);
|
---|
243 | $lvl2out .= $tmpl2->output;
|
---|
244 | }
|
---|
245 | }
|
---|
246 |
|
---|
247 | $sthiplist->execute($block1);
|
---|
248 | my @iprows;
|
---|
249 | while (my @data4 = $sthiplist->fetchrow_array) {
|
---|
250 | next if $ipseen{$data4[0]};
|
---|
251 | my %iprow;
|
---|
252 | $iprow{ip} = $data4[0];
|
---|
253 | $iprow{ipcount} = $data4[1];
|
---|
254 | $iprow{indent} = ' ';
|
---|
255 | $iprow{repeater} = 1 if $ip eq $data4[0];
|
---|
256 | # ip | count | s4list | added
|
---|
257 | push @iprows, \%iprow;
|
---|
258 | $ipseen{$data4[0]} = 1;
|
---|
259 | }
|
---|
260 | $tmpl1->param(iplist => \@iprows);
|
---|
261 | $tmpl1->param(subs => $lvl2out);
|
---|
262 | $lvl1out .= $tmpl1->output;
|
---|
263 |
|
---|
264 | }
|
---|
265 | } # sth1->rows
|
---|
266 | $sthiplist->execute($block0);
|
---|
267 | my @iprows;
|
---|
268 | while (my @data4 = $sthiplist->fetchrow_array) {
|
---|
269 | next if $ipseen{$data4[0]};
|
---|
270 | my %iprow;
|
---|
271 | $iprow{ip} = $data4[0];
|
---|
272 | $iprow{ipcount} = $data4[1];
|
---|
273 | $iprow{indent} = '';
|
---|
274 | $iprow{repeater} = 1 if $ip eq $data4[0];
|
---|
275 | # ip | count | s4list | added
|
---|
276 | push @iprows, \%iprow;
|
---|
277 | $ipseen{$data4[0]} = 1;
|
---|
278 | }
|
---|
279 | $tmpl0->param(iplist => \@iprows);
|
---|
280 | $tmpl0->param(subs => $lvl1out);
|
---|
281 | }
|
---|
282 |
|
---|
283 | return $tmpl0->output;
|
---|
284 | } # end browse()
|
---|