3 ###############################################################################
5 # IPFire.org - A linux based firewall #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 # Copyright (C) 2018 - 2020 The IPFire Team #
22 ###############################################################################
26 # enable the following only for debugging purposes
28 #use CGI::Carp 'fatalsToBrowser';
30 require '/var/ipfire/general-functions.pl';
31 require "${General::swroot}/lang.pl";
32 require "${General::swroot}/header.pl";
33 require "${General::swroot}/ipblocklist-functions.pl";
35 # Import blockist sources and settings file.
36 require "${General::swroot}/ipblocklist/sources";
38 ###############################################################################
39 # Configuration variables
40 ###############################################################################
42 my $settings = "${General::swroot}/ipblocklist/settings";
43 my %cgiparams = ('ACTION' => '');
45 ###############################################################################
47 ###############################################################################
49 my $errormessage = '';
50 my $headline = "$Lang::tr{'error message'}";
55 # Default settings - normally overwritten by settings file
63 &Header
::getcgihash
( \
%cgiparams);
64 &General
::readhash
( "${General::swroot}/main/settings", \
%mainsettings );
65 &General
::readhash
("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \
%color);
67 # Get list of supported blocklists.
68 my @blocklists = &IPblocklist
::get_blocklists
();
71 &Header
::showhttpheaders
();
74 if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
75 # Array to store if blocklists are missing on the system
76 # and needs to be downloaded first.
77 my @missing_blocklists = ();
79 # Loop through the array of supported blocklists.
80 foreach my $blocklist (@blocklists) {
81 # Skip the blocklist if it is not enabled.
82 next if($cgiparams{$blocklist} ne "on");
84 # Get the file name which keeps the converted blocklist.
85 my $ipset_db_file = &IPblocklist
::get_ipset_db_file
($blocklist);
87 # Check if the blocklist already has been downloaded.
88 if(-f
"$ipset_db_file") {
89 # Blocklist already exits, we can skip it.
92 # Blocklist not present, store in array to download it.
93 push(@missing_blocklists, $blocklist);
97 # Check if the red device is not active and blocklists are missing.
98 if ((not -e
"${General::swroot}/red/active") && (@missing_blocklists)) {
99 # The system is offline, cannot download the missing blocklists.
100 # Store an error message.
101 $errormessage = "$Lang::tr{'system is offline'}";
103 # Loop over the array of missing blocklists.
104 foreach my $missing_blocklist (@missing_blocklists) {
105 # Call the download and convert function to get the missing blocklist.
106 my $status = &IPblocklist
::download_and_create_blocklist
($missing_blocklist);
108 # Check if there was an error during download.
109 if ($status eq "dl_error") {
110 $errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist download error'}";
111 } elsif ($status eq "empty_list") {
112 $errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist empty blocklist received'}";
117 # Check if there was an error.
118 unless($errormessage) {
119 # Write configuration hash.
120 &General
::writehash
($settings, \
%cgiparams);
122 # Call function to mark a required reload of the firewall.
123 &General
::firewall_config_changed
();
125 # Display notice about a required reload of the firewall.
126 $headline = "$Lang::tr{'notice'}";
127 $errormessage = "$Lang::tr{'fw rules reload notice'}";
132 &Header
::openpage
($Lang::tr
{'ipblocklist'}, 1, '');
133 &Header
::openbigbox
('100%', 'left');
135 # Display error message if there was one.
136 &error
() if ($errormessage);
138 # Read-in ipblocklist settings.
139 &General
::readhash
( $settings, \
%settings ) if (-r
$settings);
141 # Display configuration section.
145 &Header
::closebigbox
();
146 &Header
::closepage
();
149 #------------------------------------------------------------------------------
152 # Displays configuration
153 #------------------------------------------------------------------------------
157 my $enable = 'checked';
159 &Header
::openbox
('100%', 'left', $Lang::tr
{'settings'});
162 $enable = ($settings{'ENABLE'} eq 'on') ?
' checked' : '';
165 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
166 <table style='width:100%' border='0'>
168 <td style='width:24em'>$Lang::tr{'ipblocklist use ipblocklists'}</td>
169 <td><input type='checkbox' name='ENABLE' id='ENABLE'$enable></td>
174 # The following are only displayed if the blacklists are enabled
175 $enable = ($settings{'LOGGING'} eq 'on') ?
' checked' : '';
178 <div class='sources'>
179 <table style='width:100%' border='0'>
181 <td style='width:24em'>$Lang::tr{'ipblocklist log'}</td>
182 <td><input type='checkbox' name="LOGGING" id="LOGGING"$enable></td>
187 <h2>$Lang::tr{'ipblocklist blocklist settings'}</h2>
189 <table width='100%' cellspacing='1' class='tbl'>
191 <th align='left'>$Lang::tr{'ipblocklist id'}</th>
192 <th align='left'>$Lang::tr{'ipblocklist name'}</th>
193 <th align='left'>$Lang::tr{'ipblocklist category'}</th>
194 <th align='center'>$Lang::tr{'ipblocklist enable'}</th>
198 # Iterate through the list of sources
201 foreach my $blocklist (@blocklists) {
202 # Display blocklist name or provide a link to the website if available.
203 my $website = "$blocklist";
204 if ($IPblocklist::List
::sources
{$blocklist}{info
}) {
205 $website ="<a href='$IPblocklist::List::sources{$blocklist}{info}' target='_blank'>$blocklist</a>";
208 # Get the full name for the blocklist.
209 my $name = &CGI
::escapeHTML
( $IPblocklist::List
::sources
{$blocklist}{'name'} );
211 # Get category for this blocklist.
212 my $category = $Lang::tr{"ipblocklist category $IPblocklist::List::sources{$blocklist}{'category'}"};
214 # Determine if the blocklist is enabled.
216 $enable = 'checked' if ($settings{$blocklist} eq 'on');
218 # Set colour for the table columns.
219 my $col = ($lines++ % 2) ? "bgcolor
='$color{'color20
'}'" : "bgcolor
='$color{'color22
'}'";
227 <td align='center'><input type='checkbox' name="$blocklist" id="$blocklist"$enable></td>
232 # The save button at the bottom of the table
238 <table style='width:100%;'>
240 <td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
249 #------------------------------------------------------------------------------
252 # Shows error messages
253 #------------------------------------------------------------------------------
256 &Header
::openbox
('100%', 'left', $headline);
257 print "<class name='base'>$errormessage\n";
258 print " </class>\n";