Changeset 67 for trunk


Ignore:
Timestamp:
01/09/18 18:12:13 (6 years ago)
Author:
Kris Deugau
Message:

/trunk/dnsbl

Review and update copyright dates on DNSBL.pm, DNSBLweb.pm, browse.cgi,

delist-ip, dnsbl.cgi, and export-dnsbl. Also add a version requirement
on DNSBL.pm in any callers.

Update browse.cgi with limited search and some operational-sanity boundaries

instead of blindly barfing out the entire dataset, requiring code changes
to view only a subset of data.

Location:
trunk/dnsbl
Files:
8 edited

Legend:

Unmodified
Added
Removed

  • trunk/dnsbl/DNSBL.pm

    r66 r67  
    33##
    44# $Id$
    5 # Copyright 2009-2011,2014 Kris Deugau <kdeugau@deepnet.cx>
     5# Copyright 2009-2012,2014,2018 Kris Deugau <kdeugau@deepnet.cx>
    66#
    77#    This program is free software: you can redistribute it and/or modify
     
    2929use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
    3030
    31 $VERSION        = 2.1;
     31$VERSION        = 2.2;
    3232@ISA            = qw(Exporter);
    3333@EXPORT_OK      = qw(

  • trunk/dnsbl/DNSBLweb.pm

    r66 r67  
    44##
    55# $Id: DNSBL.pm 48 2014-12-09 21:29:34Z kdeugau $
    6 # Copyright 2014 Kris Deugau <kdeugau@deepnet.cx>
     6# Copyright 2014,2018 Kris Deugau <kdeugau@deepnet.cx>
    77#
    88#    This program is free software: you can redistribute it and/or modify

  • trunk/dnsbl/Makefile

    r61 r67  
    1313
    1414PKGNAME=dnsbl
    15 VERSION=0.3.2
     15VERSION=0.4.0
    1616
    1717all:

  • trunk/dnsbl/browse.cgi

    r66 r67  
    33##
    44# $Id$
    5 # Copyright 2009-2011,2014 Kris Deugau <kdeugau@deepnet.cx>
     5# Copyright 2009-2012,2014,2018 Kris Deugau <kdeugau@deepnet.cx>
    66#
    77#    This program is free software: you can redistribute it and/or modify
     
    2323use DBI;
    2424use CGI::Carp qw(fatalsToBrowser);
     25use CGI::Simple;
    2526use HTML::Template;
    2627
    27 use DNSBL;
     28use DNSBL 2.2;
    2829use DNSBLweb;
    2930
     
    4950}
    5051
     52# Set up the CGI object...
     53my $q = new CGI::Simple;
     54# ... and get query-string params as well as POST params if necessary
     55$q->parse_query_string;
     56
     57my %webvar;
     58# This is probably excessive fiddling, but it puts the parameters somewhere my fingers know about...
     59foreach ($q->param()) {
     60  $webvar{$_} = $q->param($_);
     61}
     62
     63# try to be friendly to non-US-ASCII characters.  Still need to find what
     64# difference from RH<->Debian is still at fault.
     65print $q->header(-charset=>'utf8');
     66
    5167my $dbh = $dnsbl->connect($dbhost, $dbname, $dbuser, $dbpass);
    5268
    53 print "Content-Type: text/html\n\n";
     69my $block = '';
    5470
    5571my $templatedir = $ENV{SCRIPT_FILENAME};
     
    6581}
    6682
    67 my $template = HTML::Template->new(filename => "browse.tmpl");
     83# basic validation so we don't try to look up something ridiculous
     84if ($webvar{block}) {
     85  $webvar{block} =~ s/\s+//g;
     86  $block = $webvar{block} if $webvar{block} =~ /^[\d\.]+(?:\/\d+)?$/;
     87}
    6888
    69 $template->param(pgtitle => $config{pgtitle}) if defined($config{pgtitle});
    70 $template->param(pgcomment => $config{pgcomment}) if defined($config{pgcomment});
     89if ($block) {
     90  my $template = HTML::Template->new(filename => "browse.tmpl");
    7191
    72 my $out = DNSBLweb::retlvl($dbh, $dnsbl, 0, block => '162.144.0.0/16');
     92  $template->param(pgtitle => $config{pgtitle}) if defined($config{pgtitle});
     93  $template->param(pgcomment => $config{pgcomment}) if defined($config{pgcomment});
    7394
    74 $template->param(enchilada => $out);
    75 print $template->output;
     95  my $out;
     96  if ($block =~ /^[\d\.]+$/) {
     97    $out = DNSBLweb::retlvl($dbh, $dnsbl, 0, ip => $block, block => $dnsbl->getcontainer($block,0) );
     98  } else {
     99    $out = DNSBLweb::retlvl($dbh, $dnsbl, 0, block => $block);
     100  }
     101
     102  $template->param(enchilada => $out);
     103  print $template->output;
     104
     105} else {
     106  # refuse to show the whole tree, as in a "real" dataset it's horribly slow.  even a /8 is often "a bit much"
     107  print qq(
     108<html>
     109<head>
     110<title>$config{pgtitle}</title>
     111<body>
     112$config{pgcomment}<br>
     113);
     114  if ($webvar{block}) {
     115    $webvar{block} =~ s{[^\w]+}{_}g;  #neuter any attempts at funky data injection
     116    print qq(<span style="border: 1px solid #FF0000;">Invalid netblock specification $webvar{block}</span>\n);
     117  }
     118print qq(
     119<form action="browse.cgi" method="POST">
     120Enter a CIDR netblock to browse.<br>
     121This does not have to exactly match a netblock entered in the database.<br>
     122<input name="block">
     123<input type="submit">
     124</form>
     125</body>
     126</html>
     127);
     128}

  • trunk/dnsbl/delist-ip

    r40 r67  
    33##
    44# $Id$
    5 # Copyright 2011, 2012 Kris Deugau <kdeugau@deepnet.cx>
     5# Copyright 2011, 2012, 2018 Kris Deugau <kdeugau@deepnet.cx>
    66#
    77#    This program is free software: you can redistribute it and/or modify
     
    2323use DBI;
    2424
    25 use DNSBL;
     25use DNSBL 2.2;
    2626
    2727my $dnsbl = new DNSBL;
     
    5959my $removeme = $ARGV[0];
    6060
    61 $sth = $dbh->prepare("SELECT ip,count,s4list,added FROM iplist WHERE ip=?");
     61$sth = $dbh->prepare("SELECT ip,count,s4list,added,exclude FROM iplist WHERE ip=?");
    6262$sth->execute($removeme);
    63 my ($ip,$count,$s4list,$added) = $sth->fetchrow_array;
     63my ($ip,$count,$s4list,$added,$exclude) = $sth->fetchrow_array;
    6464
    6565die "IP $removeme not found.  Exiting.\n" if !$ip;
     
    6969local $dbh->{RaiseError} = 1;
    7070eval {
    71   $sth = $dbh->prepare("INSERT INTO waslisted (ip,count,s4list,origadded) VALUES (?,?,?,?)");
    72   $sth->execute($ip,$count,$s4list,$added);
     71  $sth = $dbh->prepare("INSERT INTO waslisted (ip,count,s4list,origadded,exclude) VALUES (?,?,?,?,?)");
     72  $sth->execute($ip,$count,$s4list,$added,$exclude);
    7373  $sth = $dbh->prepare("DELETE FROM iplist WHERE ip=?");
    7474  $sth->execute($ip);

  • trunk/dnsbl/dnsbl.cgi

    r66 r67  
    33##
    44# $Id$
    5 # Copyright 2009-2011,2014 Kris Deugau <kdeugau@deepnet.cx>
     5# Copyright 2009-2012,2014,2015,2017,2018 Kris Deugau <kdeugau@deepnet.cx>
    66#
    77#    This program is free software: you can redistribute it and/or modify
     
    2727use Net::DNS;
    2828
    29 use DNSBL;
     29use DNSBL 2.2;
    3030use DNSBLweb;
    3131

  • trunk/dnsbl/export-dnsbl

    r66 r67  
    33##
    44# $Id$
    5 # Copyright 2009-2011 Kris Deugau <kdeugau@deepnet.cx>
     5# Copyright 2009-2012,2014,2018 Kris Deugau <kdeugau@deepnet.cx>
    66#
    77#    This program is free software: you can redistribute it and/or modify
     
    2323use DBI;
    2424
    25 use DNSBL;
     25use DNSBL 2.2;
    2626
    2727my $dnsbl = new DNSBL;

  • trunk/dnsbl/templates/browse.tmpl

    r25 r67  
    55</head>
    66<body>
    7 <TMPL_VAR NAME=pgcomment>
     7<TMPL_VAR NAME=pgcomment><br>
     8<a href="browse.cgi">Return to lookup form</a>
    89<TMPL_VAR NAME=enchilada>
     10<a href="browse.cgi">Return to lookup form</a>
    911</body>
    1012</html>
Note: See TracChangeset for help on using the changeset viewer.