[people/pmueller/ipfire-2.x.git] / html / cgi-bin / ipblocklist.cgi

#!/usr/bin/perl

###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
# Copyright (C) 2018 - 2020 The IPFire Team                                   #
#                                                                             #
###############################################################################

use strict;

# enable the following only for debugging purposes
#use warnings;
#use CGI::Carp 'fatalsToBrowser';

require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
require "${General::swroot}/ipblocklist-functions.pl";

# Import blockist sources and settings file.
require "${General::swroot}/ipblocklist/sources";

###############################################################################
# Configuration variables
###############################################################################

my $settings      = "${General::swroot}/ipblocklist/settings";
my %cgiparams     = ('ACTION' => '');

###############################################################################
# Variables
###############################################################################

my $errormessage  = '';
my $headline = "$Lang::tr{'error message'}";
my $updating      = 0;
my %mainsettings;
my %color;

# Default settings - normally overwritten by settings file
my %settings = (
	'DEBUG'           => 0,
	'LOGGING'         => 'on',
	'ENABLE'          => 'off'
);

# Read all parameters
&Header::getcgihash( \%cgiparams);
&General::readhash( "${General::swroot}/main/settings", \%mainsettings );
&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);

# Get list of supported blocklists.
my @blocklists = &IPblocklist::get_blocklists();

# Show Headers
&Header::showhttpheaders();

# Process actions
if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
	# Array to store if blocklists are missing on the system
	# and needs to be downloaded first.
	my @missing_blocklists = ();

	# Loop through the array of supported blocklists.
	foreach my $blocklist (@blocklists) {
		# Skip the blocklist if it is not enabled.
		next if($cgiparams{$blocklist} ne "on");

		# Get the file name which keeps the converted blocklist.
		my $ipset_db_file = &IPblocklist::get_ipset_db_file($blocklist);

		# Check if the blocklist already has been downloaded.
		if(-f "$ipset_db_file") {
			# Blocklist already exits, we can skip it.
			next;
		} else {
			# Blocklist not present, store in array to download it.
			push(@missing_blocklists, $blocklist);
		}
	}

	# Check if the red device is not active and blocklists are missing.
	if ((not -e "${General::swroot}/red/active") && (@missing_blocklists)) {
		# The system is offline, cannot download the missing blocklists.
		# Store an error message.
		$errormessage = "$Lang::tr{'system is offline'}";
	} else {
		# Loop over the array of missing blocklists.
		foreach my $missing_blocklist (@missing_blocklists) {
			# Call the download and convert function to get the missing blocklist.
			my $status = &IPblocklist::download_and_create_blocklist($missing_blocklist);

			# Check if there was an error during download.
			if ($status eq "dl_error") {
				$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist download error'}";
			} elsif ($status eq "empty_list") {
				$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist empty blocklist received'}";
			}
		}
	}

	# Check if there was an error.
	unless($errormessage) {
		# Write configuration hash.
		&General::writehash($settings, \%cgiparams);

		# Call function to mark a required reload of the firewall.
		&General::firewall_config_changed();

		# Display notice about a required reload of the firewall.
		$headline = "$Lang::tr{'notice'}";
		$errormessage = "$Lang::tr{'fw rules reload notice'}";
	}
}

# Show site
&Header::openpage($Lang::tr{'ipblocklist'}, 1, '');
&Header::openbigbox('100%', 'left');

# Display error message if there was one.
&error() if ($errormessage);

# Read-in ipblocklist settings.
&General::readhash( $settings, \%settings ) if (-r $settings);

# Display configuration section.
&configsite();

# End of page
&Header::closebigbox();
&Header::closepage();


#------------------------------------------------------------------------------
# sub configsite()
#
# Displays configuration
#------------------------------------------------------------------------------

sub configsite {
	# Find preselections
	my $enable = 'checked';

	&Header::openbox('100%', 'left', $Lang::tr{'settings'});

	# Enable checkbox
	$enable = ($settings{'ENABLE'} eq 'on') ? ' checked' : '';

print<<END;
	<form method='post' action='$ENV{'SCRIPT_NAME'}'>
		<table style='width:100%' border='0'>
			<tr>
				<td style='width:24em'>$Lang::tr{'ipblocklist use ipblocklists'}</td>
				<td><input type='checkbox' name='ENABLE' id='ENABLE'$enable></td>
			</tr>
		</table><br>
END

	# The following are only displayed if the blacklists are enabled
	$enable = ($settings{'LOGGING'} eq 'on') ? ' checked' : '';

print <<END;
		<div class='sources'>
			<table style='width:100%' border='0'>
				<tr>
					<td style='width:24em'>$Lang::tr{'ipblocklist log'}</td>
					<td><input type='checkbox' name="LOGGING" id="LOGGING"$enable></td>
				</tr>
			</table>

			<br><br>
			<h2>$Lang::tr{'ipblocklist blocklist settings'}</h2>

			<table width='100%' cellspacing='1' class='tbl'>
				<tr>
					<th align='left'>$Lang::tr{'ipblocklist id'}</th>
					<th align='left'>$Lang::tr{'ipblocklist name'}</th>
					<th align='left'>$Lang::tr{'ipblocklist category'}</th>
					<th align='center'>$Lang::tr{'ipblocklist enable'}</th>
				</tr>
END

	# Iterate through the list of sources
	my $lines = 0;

	foreach my $blocklist (@blocklists) {
		# Display blocklist name or provide a link to the website if available.
		my $website = "$blocklist";
		if ($IPblocklist::List::sources{$blocklist}{info}) {
			$website ="<a href='$IPblocklist::List::sources{$blocklist}{info}' target='_blank'>$blocklist</a>";
		}

		# Get the full name for the blocklist.
		my $name = &CGI::escapeHTML( $IPblocklist::List::sources{$blocklist}{'name'} );

		# Get category for this blocklist.
		my $category = $Lang::tr{"ipblocklist category $IPblocklist::List::sources{$blocklist}{'category'}"};

		# Determine if the blocklist is enabled.
		my $enable = '';
		$enable = 'checked' if ($settings{$blocklist} eq 'on');

		# Set colour for the table columns.
		my $col = ($lines++ % 2) ? "bgcolor='$color{'color20'}'" : "bgcolor='$color{'color22'}'";


print <<END;
				<tr $col>
					<td>$website</td>
					<td>$name</td>
					<td>$category</td>
					<td align='center'><input type='checkbox' name="$blocklist" id="$blocklist"$enable></td>
				</tr>
END
	}

# The save button at the bottom of the table
print <<END;
			</table>

		</div>

		<table style='width:100%;'>
			<tr>
				<td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
			</tr>
		</table>
	</form>
END

	&Header::closebox();
}

#------------------------------------------------------------------------------
# sub error()
#
# Shows error messages
#------------------------------------------------------------------------------

sub error {
	&Header::openbox('100%', 'left', $headline);
		print "<class name='base'>$errormessage\n";
		print "&nbsp;</class>\n";
	&Header::closebox();
}
Commit	Line	Data
5d242153 TF	1	#!/usr/bin/perl
	2
	3	###############################################################################
	4	# #
	5	# IPFire.org - A linux based firewall #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	# Copyright (C) 2018 - 2020 The IPFire Team #
	21	# #
	22	###############################################################################
	23
	24	use strict;
8f49b75b	25
5d242153 TF	26	# enable the following only for debugging purposes
	27	#use warnings;
	28	#use CGI::Carp 'fatalsToBrowser';
5d242153 TF	29
	30	require '/var/ipfire/general-functions.pl';
	31	require "${General::swroot}/lang.pl";
	32	require "${General::swroot}/header.pl";
8f49b75b SS	33	require "${General::swroot}/ipblocklist-functions.pl";
	34
	35	# Import blockist sources and settings file.
	36	require "${General::swroot}/ipblocklist/sources";
5d242153 TF	37
	38	###############################################################################
	39	# Configuration variables
	40	###############################################################################
	41
8f49b75b	42	my $settings = "${General::swroot}/ipblocklist/settings";
5d242153 TF	43	my %cgiparams = ('ACTION' => '');
	44
	45	###############################################################################
	46	# Variables
	47	###############################################################################
	48
	49	my $errormessage = '';
2493c9ea	50	my $headline = "$Lang::tr{'error message'}";
5d242153 TF	51	my $updating = 0;
	52	my %mainsettings;
	53	my %color;
5d242153 TF	54
5d242153 TF	55	# Default settings - normally overwritten by settings file
8f49b75b SS	56	my %settings = (
	57	'DEBUG' => 0,
	58	'LOGGING' => 'on',
	59	'ENABLE' => 'off'
	60	);
5d242153 TF	61
5d242153 TF	62	# Read all parameters
8f49b75b SS	63	&Header::getcgihash( \%cgiparams);
8f49b75b SS	64	&General::readhash( "${General::swroot}/main/settings", \%mainsettings );
bda85117	65	&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
5d242153	66
8f49b75b SS	67	# Get list of supported blocklists.
8f49b75b SS	68	my @blocklists = &IPblocklist::get_blocklists();
5d242153 TF	69
5d242153 TF	70	# Show Headers
8f49b75b	71	&Header::showhttpheaders();
5d242153 TF	72
5d242153 TF	73	# Process actions
8f49b75b SS	74	if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
	75	# Array to store if blocklists are missing on the system
	76	# and needs to be downloaded first.
	77	my @missing_blocklists = ();
	78
	79	# Loop through the array of supported blocklists.
	80	foreach my $blocklist (@blocklists) {
	81	# Skip the blocklist if it is not enabled.
	82	next if($cgiparams{$blocklist} ne "on");
	83
	84	# Get the file name which keeps the converted blocklist.
	85	my $ipset_db_file = &IPblocklist::get_ipset_db_file($blocklist);
	86
	87	# Check if the blocklist already has been downloaded.
	88	if(-f "$ipset_db_file") {
	89	# Blocklist already exits, we can skip it.
	90	next;
	91	} else {
	92	# Blocklist not present, store in array to download it.
	93	push(@missing_blocklists, $blocklist);
	94	}
	95	}
5d242153	96
8f49b75b SS	97	# Check if the red device is not active and blocklists are missing.
	98	if ((not -e "${General::swroot}/red/active") && (@missing_blocklists)) {
	99	# The system is offline, cannot download the missing blocklists.
	100	# Store an error message.
	101	$errormessage = "$Lang::tr{'system is offline'}";
	102	} else {
	103	# Loop over the array of missing blocklists.
	104	foreach my $missing_blocklist (@missing_blocklists) {
	105	# Call the download and convert function to get the missing blocklist.
	106	my $status = &IPblocklist::download_and_create_blocklist($missing_blocklist);
	107
	108	# Check if there was an error during download.
8f49b75b	109	if ($status eq "dl_error") {
a72c2458	110	$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist download error'}";
8f49b75b	111	} elsif ($status eq "empty_list") {
a72c2458	112	$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist empty blocklist received'}";
8f49b75b SS	113	}
	114	}
	115	}
	116
	117	# Check if there was an error.
	118	unless($errormessage) {
	119	# Write configuration hash.
	120	&General::writehash($settings, \%cgiparams);
5d242153	121
3b114903 SS	122	# Call function to mark a required reload of the firewall.
	123	&General::firewall_config_changed();
	124
	125	# Display notice about a required reload of the firewall.
2493c9ea	126	$headline = "$Lang::tr{'notice'}";
77af89e5	127	$errormessage = "$Lang::tr{'fw rules reload notice'}";
8f49b75b	128	}
5d242153 TF	129	}
	130
	131	# Show site
8f49b75b SS	132	&Header::openpage($Lang::tr{'ipblocklist'}, 1, '');
8f49b75b SS	133	&Header::openbigbox('100%', 'left');
5d242153	134
8f49b75b SS	135	# Display error message if there was one.
8f49b75b SS	136	&error() if ($errormessage);
5d242153	137
8f49b75b SS	138	# Read-in ipblocklist settings.
8f49b75b SS	139	&General::readhash( $settings, \%settings ) if (-r $settings);
5d242153	140
8f49b75b SS	141	# Display configuration section.
8f49b75b SS	142	&configsite();
5d242153 TF	143
5d242153 TF	144	# End of page
8f49b75b SS	145	&Header::closebigbox();
8f49b75b SS	146	&Header::closepage();
5d242153 TF	147
	148
	149	#------------------------------------------------------------------------------
	150	# sub configsite()
	151	#
	152	# Displays configuration
	153	#------------------------------------------------------------------------------
	154
8f49b75b SS	155	sub configsite {
	156	# Find preselections
	157	my $enable = 'checked';
5d242153	158
8f49b75b	159	&Header::openbox('100%', 'left', $Lang::tr{'settings'});
5d242153	160
8f49b75b SS	161	# Enable checkbox
8f49b75b SS	162	$enable = ($settings{'ENABLE'} eq 'on') ? ' checked' : '';
5d242153	163
8f49b75b SS	164	print<<END;
	165	<form method='post' action='$ENV{'SCRIPT_NAME'}'>
	166	<table style='width:100%' border='0'>
	167	<tr>
	168	<td style='width:24em'>$Lang::tr{'ipblocklist use ipblocklists'}</td>
	169	<td><input type='checkbox' name='ENABLE' id='ENABLE'$enable></td>
	170	</tr>
	171	</table><br>
5d242153 TF	172	END
5d242153 TF	173
8f49b75b SS	174	# The following are only displayed if the blacklists are enabled
	175	$enable = ($settings{'LOGGING'} eq 'on') ? ' checked' : '';
	176
	177	print <<END;
	178	<div class='sources'>
	179	<table style='width:100%' border='0'>
	180	<tr>
	181	<td style='width:24em'>$Lang::tr{'ipblocklist log'}</td>
	182	<td><input type='checkbox' name="LOGGING" id="LOGGING"$enable></td>
	183	</tr>
	184	</table>
	185
	186	<br><br>
	187	<h2>$Lang::tr{'ipblocklist blocklist settings'}</h2>
	188
	189	<table width='100%' cellspacing='1' class='tbl'>
	190	<tr>
	191	<th align='left'>$Lang::tr{'ipblocklist id'}</th>
	192	<th align='left'>$Lang::tr{'ipblocklist name'}</th>
	193	<th align='left'>$Lang::tr{'ipblocklist category'}</th>
	194	<th align='center'>$Lang::tr{'ipblocklist enable'}</th>
	195	</tr>
5d242153 TF	196	END
5d242153 TF	197
8f49b75b SS	198	# Iterate through the list of sources
8f49b75b SS	199	my $lines = 0;
5d242153	200
8f49b75b SS	201	foreach my $blocklist (@blocklists) {
	202	# Display blocklist name or provide a link to the website if available.
	203	my $website = "$blocklist";
	204	if ($IPblocklist::List::sources{$blocklist}{info}) {
	205	$website ="<a href='$IPblocklist::List::sources{$blocklist}{info}' target='_blank'>$blocklist</a>";
	206	}
5d242153	207
8f49b75b SS	208	# Get the full name for the blocklist.
8f49b75b SS	209	my $name = &CGI::escapeHTML( $IPblocklist::List::sources{$blocklist}{'name'} );
5d242153	210
8f49b75b SS	211	# Get category for this blocklist.
8f49b75b SS	212	my $category = $Lang::tr{"ipblocklist category $IPblocklist::List::sources{$blocklist}{'category'}"};
5d242153	213
8f49b75b SS	214	# Determine if the blocklist is enabled.
	215	my $enable = '';
	216	$enable = 'checked' if ($settings{$blocklist} eq 'on');
5d242153	217
8f49b75b SS	218	# Set colour for the table columns.
8f49b75b SS	219	my $col = ($lines++ % 2) ? "bgcolor='$color{'color20'}'" : "bgcolor='$color{'color22'}'";
5d242153	220
5d242153	221
8f49b75b SS	222	print <<END;
	223	<tr $col>
	224	<td>$website</td>
	225	<td>$name</td>
	226	<td>$category</td>
	227	<td align='center'><input type='checkbox' name="$blocklist" id="$blocklist"$enable></td>
	228	</tr>
5d242153	229	END
8f49b75b	230	}
5d242153	231
8f49b75b SS	232	# The save button at the bottom of the table
	233	print <<END;
	234	</table>
5d242153	235
8f49b75b	236	</div>
5d242153	237
8f49b75b SS	238	<table style='width:100%;'>
	239	<tr>
	240	<td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
	241	</tr>
	242	</table>
	243	</form>
5d242153 TF	244	END
5d242153 TF	245
8f49b75b	246	&Header::closebox();
5d242153 TF	247	}
5d242153 TF	248
5d242153 TF	249	#------------------------------------------------------------------------------
	250	# sub error()
	251	#
	252	# Shows error messages
	253	#------------------------------------------------------------------------------
	254
8f49b75b	255	sub error {
2493c9ea	256	&Header::openbox('100%', 'left', $headline);
8f49b75b SS	257	print "<class name='base'>$errormessage\n";
	258	print " </class>\n";
	259	&Header::closebox();
5d242153	260	}