source: trunk/dnsbl/dnsbl.cgi@ 64

Last change on this file since 64 was 64, checked in by Kris Deugau, 6 years ago

/trunk/dnsbl

Add reverse DNS lookup of submitted IP
  • Property svn:executable set to *
  • Property svn:keywords set to Date Rev Author Id
File size: 6.5 KB
Line 
1#!/usr/bin/perl
2# Main add-IP-to-list CGI
3##
4# $Id: dnsbl.cgi 64 2017-12-29 16:41:22Z kdeugau $
5# Copyright 2009-2011,2014 Kris Deugau <kdeugau@deepnet.cx>
6#
7# This program is free software: you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation, either version 3 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program. If not, see <http://www.gnu.org/licenses/>.
19##
20
21use strict;
22use warnings;
23no warnings qw(uninitialized);
24use CGI::Carp qw (fatalsToBrowser);
25use CGI::Simple;
26use HTML::Template;
27use Net::DNS;
28
29use DNSBL;
30use DNSBLweb;
31
32# Set up the CGI object...
33my $q = new CGI::Simple;
34# ... and get query-string params as well as POST params if necessary
35$q->parse_query_string;
36
37my %webvar;
38# This is probably excessive fiddling, but it puts the parameters somewhere my fingers know about...
39foreach ($q->param()) {
40 $webvar{$_} = $q->param($_);
41}
42
43my $dnsbl = new DNSBL;
44# here be drag'ns, should theoretically be $DNSBL::maxlvl, but we
45# only have up to level 4 in the report HTML/template
46my $maxlvl = 4;
47
48# try to be friendly to non-US-ASCII characters. Still need to find what
49# difference from RH<->Debian is still at fault.
50print $q->header(-charset=>'utf8');
51
52# default DB info - all other settings should be loaded from the DB.
53my $dbhost = "localhost";
54my $dbname = "dnsbl";
55my $dbuser = "dnsbl";
56my $dbpass = "spambgone";
57
58# Load a config ref containing DB host, name, user, and pass info based on
59# from the server name + full script web path. This allows us to host
60# multiple instances without having to duplicate the code.
61# This file is a Perl fragment to be processed inline.
62my $cfgname = $ENV{SERVER_NAME}.$ENV{REQUEST_URI};
63$cfgname =~ s|[./-]|_|g;
64$cfgname =~ s|_dnsbl_cgi.+||;
65$cfgname =~ s|_$||;
66if (-e "/etc/dnsbl/$cfgname.conf") {
67 my $cfg = `cat /etc/dnsbl/$cfgname.conf`;
68 ($cfg) = ($cfg =~ /^(.+)$/s); # avoid warnings, failures, and general nastiness with taint mode
69 eval $cfg;
70}
71
72my $dbh = $dnsbl->connect($dbhost, $dbname, $dbuser, $dbpass);
73
74my $page;
75my $templatedir = $ENV{SCRIPT_FILENAME};
76$templatedir =~ s/\w+\.cgi//;
77$templatedir .= "templates";
78$ENV{HTML_TEMPLATE_ROOT} = $templatedir;
79
80my %config;
81my $sth = $dbh->prepare("SELECT key,value FROM misc");
82$sth->execute;
83while (my ($key,$value) = $sth->fetchrow_array) {
84 $config{$key} = $value;
85}
86
87# decide which page to spit out...
88if (!$webvar{page}) {
89 $page = HTML::Template->new(filename => "index.tmpl");
90} else {
91 $page = HTML::Template->new(filename => "$webvar{page}.tmpl");
92}
93
94$page->param(pgtitle => $config{pgtitle}) if defined($config{pgtitle});
95$page->param(pgcomment => $config{pgcomment}) if defined($config{pgcomment});
96
97if ($webvar{page} eq 'report') {
98 my $dnsblsiteroot = $ENV{REQUEST_URI};
99 $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|;
100 $page->param(dnsblsiteroot => $dnsblsiteroot);
101
102 $webvar{ip} =~ s/^\s*//;
103 $webvar{ip} =~ s/\s*$//;
104 $page->param(ip => $webvar{ip});
105
106##fixme
107# at some point this may need to be tweaked for Net::DNS's 1.x calling convention when they drop support for the older one
108 #my @ptr = rr($webvar{ip});
109 #$page->param(revinfo => join(',',@ptr));
110 my $res = new Net::DNS::Resolver;
111 $res->tcp_timeout(2); # make me adjustable!
112 $res->udp_timeout(2); # make me adjustable!
113 my $query = $res->query($webvar{ip}, "PTR");
114 if ($query) {
115 my @rdata;
116 foreach my $rr ($query->answer) {
117 my ($host,$ttl,$class,$type,$data) =
118 ($rr->string =~ /^([0-9a-zA-Z_.-]+)\s+(\d+)\s+([A-Za-z]+)\s+([A-Za-z]+)\s+(.+)$/s);
119 push @rdata, $data;
120 }
121 $page->param(revinfo => join(', ',@rdata));
122 } else {
123 $page->param(revinfo => "DNS error: ".$res->errorstring);
124 }
125
126 my $count = $dnsbl->ipexists($webvar{ip});
127 $page->param(nreports => $count) if $count;
128 $page->param(browsebits =>
129 DNSBLweb::retlvl($dbh, $dnsbl, 0, ip => $webvar{ip}, block => $dnsbl->getcontainer($webvar{ip},0) ));
130 for (my $i=0; $i <= $maxlvl; $i++) {
131 my ($block,$org) = $dnsbl->getcontainer($webvar{ip},$i);
132 if ($block) {
133 my ($bcl,$bal) = $dnsbl->islisted($block);
134 $page->param("autob$i" => $bcl);
135 $page->param("listb$i" => $bal);
136 my ($ol) = $dnsbl->islisted($org);
137 $page->param("listorg$i" => $ol);
138 $page->param("block$i" => $block);
139 $page->param("org$i" => $org);
140 }
141 }
142} elsif ($webvar{page} eq 'dbreport') {
143 my $dnsblsiteroot = $ENV{REQUEST_URI};
144 $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|;
145 $page->param(dnsblsiteroot => $dnsblsiteroot);
146
147 my $err = '';
148
149 $webvar{ip} =~ s/^\s*//;
150 $webvar{ip} =~ s/\s*$//;
151
152 # basic algo: for each listing level, add the org and block if not already present.
153 # escape the loop if we check a level with no block entered.
154
155 # there are still error checks that should probably be done. changes in block
156 # level/parenting should also Just Work(TM), rather than requiring setparents.pl
157 # or setparents-full.pl
158 for (my $i = 0; $i <= $maxlvl; $i++) {
159 my $orgn = "org$i";
160 my $blockn = "block$i";
161 $webvar{$orgn} =~ s/^\s*//;
162 $webvar{$orgn} =~ s/\s*$//;
163 $webvar{$blockn} =~ s/^\s*//;
164 $webvar{$blockn} =~ s/\s*$//;
165 my $orgid = $dnsbl->orgexists($webvar{$orgn});
166 if (!$orgid) {
167 $orgid = $dnsbl->addorg($webvar{$orgn});
168 $page->param($orgn => $webvar{$orgn});
169 }
170 if ($webvar{$blockn} =~ /-/) {
171 my $tmp = new NetAddr::IP $webvar{$blockn};
172 if (!$tmp) {
173 # Don't need to autofind ranges that are already CIDR-matched
174 $err .= "Autofinding CIDR block containing $webvar{ip} for range '$webvar{$blockn}': ";
175 my ($s,$f) = split /[\s-]+/, $webvar{$blockn};
176 my $cidr = $dnsbl->range2cidr($s, $f, $webvar{ip});
177 $err .= "$cidr<br>\n";
178 $webvar{$blockn} = $cidr;
179 }
180 }
181 if (!$dnsbl->blockexists($webvar{$blockn})) {
182 my $ret = $dnsbl->addblock($webvar{$blockn}, $orgid, $i);
183 $err .= "error adding $webvar{$blockn}: $ret<br>\n" if $ret;
184 $page->param($blockn => $webvar{$blockn});
185 }
186 last unless $webvar{"block".($i+1)};
187 }
188
189 my $count = $dnsbl->report($webvar{ip});
190
191 $page->param(ip => $webvar{ip});
192 $page->param(err => $err);
193
194 $page->param(browsebits =>
195 DNSBLweb::retlvl($dbh, $dnsbl, 0, ip => $webvar{ip}, block => $dnsbl->getcontainer($webvar{ip},0) ));
196}
197
198print $page->output;
Note: See TracBrowser for help on using the repository browser.