[ipfire-2.x.git] / html / cgi-bin / ipblocklist.cgi

#!/usr/bin/perl

###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
# Copyright (C) 2018 - 2020 The IPFire Team                                   #
#                                                                             #
###############################################################################

use strict;

# enable the following only for debugging purposes
#use warnings;
#use CGI::Carp 'fatalsToBrowser';

require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
require "${General::swroot}/ipblocklist-functions.pl";

# Import blockist sources and settings file.
require "${General::swroot}/ipblocklist/sources";

###############################################################################
# Configuration variables
###############################################################################

my $settings      = "${General::swroot}/ipblocklist/settings";
my %cgiparams     = ('ACTION' => '');

###############################################################################
# Variables
###############################################################################

my $errormessage  = '';
my $updating      = 0;
my %mainsettings;
my %color;

# Default settings - normally overwritten by settings file
my %settings = (
	'DEBUG'           => 0,
	'LOGGING'         => 'on',
	'ENABLE'          => 'off'
);

# Read all parameters
&Header::getcgihash( \%cgiparams);
&General::readhash( "${General::swroot}/main/settings", \%mainsettings );
&General::readhash( "/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color );

# Get list of supported blocklists.
my @blocklists = &IPblocklist::get_blocklists();

# Show Headers
&Header::showhttpheaders();

# Process actions
if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
	# Array to store if blocklists are missing on the system
	# and needs to be downloaded first.
	my @missing_blocklists = ();

	# Loop through the array of supported blocklists.
	foreach my $blocklist (@blocklists) {
		# Skip the blocklist if it is not enabled.
		next if($cgiparams{$blocklist} ne "on");

		# Get the file name which keeps the converted blocklist.
		my $ipset_db_file = &IPblocklist::get_ipset_db_file($blocklist);

		# Check if the blocklist already has been downloaded.
		if(-f "$ipset_db_file") {
			# Blocklist already exits, we can skip it.
			next;
		} else {
			# Blocklist not present, store in array to download it.
			push(@missing_blocklists, $blocklist);
		}
	}

	# Check if the red device is not active and blocklists are missing.
	if ((not -e "${General::swroot}/red/active") && (@missing_blocklists)) {
		# The system is offline, cannot download the missing blocklists.
		# Store an error message.
		$errormessage = "$Lang::tr{'system is offline'}";
	} else {
		# Loop over the array of missing blocklists.
		foreach my $missing_blocklist (@missing_blocklists) {
			# Call the download and convert function to get the missing blocklist.
			my $status = &IPblocklist::download_and_create_blocklist($missing_blocklist);

			# Check if there was an error during download.
			if ($status eq "dl_error") {
				$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist download error'}";
			} elsif ($status eq "empty_list") {
				$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist empty blocklist received'}";
			}
		}
	}

	# Check if there was an error.
	unless($errormessage) {
		# Write configuration hash.
		&General::writehash($settings, \%cgiparams);

		# XXX display firewall reload stuff
	}
}

# Show site
&Header::openpage($Lang::tr{'ipblocklist'}, 1, '');
&Header::openbigbox('100%', 'left');

# Display error message if there was one.
&error() if ($errormessage);

# Read-in ipblocklist settings.
&General::readhash( $settings, \%settings ) if (-r $settings);

# Display configuration section.
&configsite();

# End of page
&Header::closebigbox();
&Header::closepage();


#------------------------------------------------------------------------------
# sub configsite()
#
# Displays configuration
#------------------------------------------------------------------------------

sub configsite {
	# Find preselections
	my $enable = 'checked';

	&Header::openbox('100%', 'left', $Lang::tr{'settings'});

	# Enable checkbox
	$enable = ($settings{'ENABLE'} eq 'on') ? ' checked' : '';

print<<END;
	<form method='post' action='$ENV{'SCRIPT_NAME'}'>
		<table style='width:100%' border='0'>
			<tr>
				<td style='width:24em'>$Lang::tr{'ipblocklist use ipblocklists'}</td>
				<td><input type='checkbox' name='ENABLE' id='ENABLE'$enable></td>
			</tr>
		</table><br>
END

	# The following are only displayed if the blacklists are enabled
	$enable = ($settings{'LOGGING'} eq 'on') ? ' checked' : '';

print <<END;
		<div class='sources'>
			<table style='width:100%' border='0'>
				<tr>
					<td style='width:24em'>$Lang::tr{'ipblocklist log'}</td>
					<td><input type='checkbox' name="LOGGING" id="LOGGING"$enable></td>
				</tr>
			</table>

			<br><br>
			<h2>$Lang::tr{'ipblocklist blocklist settings'}</h2>

			<table width='100%' cellspacing='1' class='tbl'>
				<tr>
					<th align='left'>$Lang::tr{'ipblocklist id'}</th>
					<th align='left'>$Lang::tr{'ipblocklist name'}</th>
					<th align='left'>$Lang::tr{'ipblocklist category'}</th>
					<th align='center'>$Lang::tr{'ipblocklist enable'}</th>
				</tr>
END

	# Iterate through the list of sources
	my $lines = 0;

	foreach my $blocklist (@blocklists) {
		# Display blocklist name or provide a link to the website if available.
		my $website = "$blocklist";
		if ($IPblocklist::List::sources{$blocklist}{info}) {
			$website ="<a href='$IPblocklist::List::sources{$blocklist}{info}' target='_blank'>$blocklist</a>";
		}

		# Get the full name for the blocklist.
		my $name = &CGI::escapeHTML( $IPblocklist::List::sources{$blocklist}{'name'} );

		# Get category for this blocklist.
		my $category = $Lang::tr{"ipblocklist category $IPblocklist::List::sources{$blocklist}{'category'}"};

		# Determine if the blocklist is enabled.
		my $enable = '';
		$enable = 'checked' if ($settings{$blocklist} eq 'on');

		# Set colour for the table columns.
		my $col = ($lines++ % 2) ? "bgcolor='$color{'color20'}'" : "bgcolor='$color{'color22'}'";


print <<END;
				<tr $col>
					<td>$website</td>
					<td>$name</td>
					<td>$category</td>
					<td align='center'><input type='checkbox' name="$blocklist" id="$blocklist"$enable></td>
				</tr>
END
	}

# The save button at the bottom of the table
print <<END;
			</table>

		</div>

		<table style='width:100%;'>
			<tr>
				<td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
			</tr>
		</table>
	</form>
END

	&Header::closebox();
}

#------------------------------------------------------------------------------
# sub error()
#
# Shows error messages
#------------------------------------------------------------------------------

sub error {
	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
		print "<class name='base'>$errormessage\n";
		print "&nbsp;</class>\n";
	&Header::closebox();
}
Commit	Line	Data
5d242153 TF	1	#!/usr/bin/perl
	2
	3	###############################################################################
	4	# #
	5	# IPFire.org - A linux based firewall #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	# Copyright (C) 2018 - 2020 The IPFire Team #
	21	# #
	22	###############################################################################
	23
	24	use strict;
8f49b75b	25
5d242153 TF	26	# enable the following only for debugging purposes
	27	#use warnings;
	28	#use CGI::Carp 'fatalsToBrowser';
5d242153 TF	29
	30	require '/var/ipfire/general-functions.pl';
	31	require "${General::swroot}/lang.pl";
	32	require "${General::swroot}/header.pl";
8f49b75b SS	33	require "${General::swroot}/ipblocklist-functions.pl";
	34
	35	# Import blockist sources and settings file.
	36	require "${General::swroot}/ipblocklist/sources";
5d242153 TF	37
	38	###############################################################################
	39	# Configuration variables
	40	###############################################################################
	41
8f49b75b	42	my $settings = "${General::swroot}/ipblocklist/settings";
5d242153 TF	43	my %cgiparams = ('ACTION' => '');
	44
	45	###############################################################################
	46	# Variables
	47	###############################################################################
	48
	49	my $errormessage = '';
	50	my $updating = 0;
	51	my %mainsettings;
	52	my %color;
5d242153 TF	53
5d242153 TF	54	# Default settings - normally overwritten by settings file
8f49b75b SS	55	my %settings = (
	56	'DEBUG' => 0,
	57	'LOGGING' => 'on',
	58	'ENABLE' => 'off'
	59	);
5d242153 TF	60
5d242153 TF	61	# Read all parameters
8f49b75b SS	62	&Header::getcgihash( \%cgiparams);
	63	&General::readhash( "${General::swroot}/main/settings", \%mainsettings );
	64	&General::readhash( "/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color );
5d242153	65
8f49b75b SS	66	# Get list of supported blocklists.
8f49b75b SS	67	my @blocklists = &IPblocklist::get_blocklists();
5d242153 TF	68
5d242153 TF	69	# Show Headers
8f49b75b	70	&Header::showhttpheaders();
5d242153 TF	71
5d242153 TF	72	# Process actions
8f49b75b SS	73	if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
	74	# Array to store if blocklists are missing on the system
	75	# and needs to be downloaded first.
	76	my @missing_blocklists = ();
	77
	78	# Loop through the array of supported blocklists.
	79	foreach my $blocklist (@blocklists) {
	80	# Skip the blocklist if it is not enabled.
	81	next if($cgiparams{$blocklist} ne "on");
	82
	83	# Get the file name which keeps the converted blocklist.
	84	my $ipset_db_file = &IPblocklist::get_ipset_db_file($blocklist);
	85
	86	# Check if the blocklist already has been downloaded.
	87	if(-f "$ipset_db_file") {
	88	# Blocklist already exits, we can skip it.
	89	next;
	90	} else {
	91	# Blocklist not present, store in array to download it.
	92	push(@missing_blocklists, $blocklist);
	93	}
	94	}
5d242153	95
8f49b75b SS	96	# Check if the red device is not active and blocklists are missing.
	97	if ((not -e "${General::swroot}/red/active") && (@missing_blocklists)) {
	98	# The system is offline, cannot download the missing blocklists.
	99	# Store an error message.
	100	$errormessage = "$Lang::tr{'system is offline'}";
	101	} else {
	102	# Loop over the array of missing blocklists.
	103	foreach my $missing_blocklist (@missing_blocklists) {
	104	# Call the download and convert function to get the missing blocklist.
	105	my $status = &IPblocklist::download_and_create_blocklist($missing_blocklist);
	106
	107	# Check if there was an error during download.
8f49b75b	108	if ($status eq "dl_error") {
a72c2458	109	$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist download error'}";
8f49b75b	110	} elsif ($status eq "empty_list") {
a72c2458	111	$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist empty blocklist received'}";
8f49b75b SS	112	}
	113	}
	114	}
	115
	116	# Check if there was an error.
	117	unless($errormessage) {
	118	# Write configuration hash.
	119	&General::writehash($settings, \%cgiparams);
5d242153	120
8f49b75b SS	121	# XXX display firewall reload stuff
8f49b75b SS	122	}
5d242153 TF	123	}
	124
	125	# Show site
8f49b75b SS	126	&Header::openpage($Lang::tr{'ipblocklist'}, 1, '');
8f49b75b SS	127	&Header::openbigbox('100%', 'left');
5d242153	128
8f49b75b SS	129	# Display error message if there was one.
8f49b75b SS	130	&error() if ($errormessage);
5d242153	131
8f49b75b SS	132	# Read-in ipblocklist settings.
8f49b75b SS	133	&General::readhash( $settings, \%settings ) if (-r $settings);
5d242153	134
8f49b75b SS	135	# Display configuration section.
8f49b75b SS	136	&configsite();
5d242153 TF	137
5d242153 TF	138	# End of page
8f49b75b SS	139	&Header::closebigbox();
8f49b75b SS	140	&Header::closepage();
5d242153 TF	141
	142
	143	#------------------------------------------------------------------------------
	144	# sub configsite()
	145	#
	146	# Displays configuration
	147	#------------------------------------------------------------------------------
	148
8f49b75b SS	149	sub configsite {
	150	# Find preselections
	151	my $enable = 'checked';
5d242153	152
8f49b75b	153	&Header::openbox('100%', 'left', $Lang::tr{'settings'});
5d242153	154
8f49b75b SS	155	# Enable checkbox
8f49b75b SS	156	$enable = ($settings{'ENABLE'} eq 'on') ? ' checked' : '';
5d242153	157
8f49b75b SS	158	print<<END;
	159	<form method='post' action='$ENV{'SCRIPT_NAME'}'>
	160	<table style='width:100%' border='0'>
	161	<tr>
	162	<td style='width:24em'>$Lang::tr{'ipblocklist use ipblocklists'}</td>
	163	<td><input type='checkbox' name='ENABLE' id='ENABLE'$enable></td>
	164	</tr>
	165	</table><br>
5d242153 TF	166	END
5d242153 TF	167
8f49b75b SS	168	# The following are only displayed if the blacklists are enabled
	169	$enable = ($settings{'LOGGING'} eq 'on') ? ' checked' : '';
	170
	171	print <<END;
	172	<div class='sources'>
	173	<table style='width:100%' border='0'>
	174	<tr>
	175	<td style='width:24em'>$Lang::tr{'ipblocklist log'}</td>
	176	<td><input type='checkbox' name="LOGGING" id="LOGGING"$enable></td>
	177	</tr>
	178	</table>
	179
	180	<br><br>
	181	<h2>$Lang::tr{'ipblocklist blocklist settings'}</h2>
	182
	183	<table width='100%' cellspacing='1' class='tbl'>
	184	<tr>
	185	<th align='left'>$Lang::tr{'ipblocklist id'}</th>
	186	<th align='left'>$Lang::tr{'ipblocklist name'}</th>
	187	<th align='left'>$Lang::tr{'ipblocklist category'}</th>
	188	<th align='center'>$Lang::tr{'ipblocklist enable'}</th>
	189	</tr>
5d242153 TF	190	END
5d242153 TF	191
8f49b75b SS	192	# Iterate through the list of sources
8f49b75b SS	193	my $lines = 0;
5d242153	194
8f49b75b SS	195	foreach my $blocklist (@blocklists) {
	196	# Display blocklist name or provide a link to the website if available.
	197	my $website = "$blocklist";
	198	if ($IPblocklist::List::sources{$blocklist}{info}) {
	199	$website ="<a href='$IPblocklist::List::sources{$blocklist}{info}' target='_blank'>$blocklist</a>";
	200	}
5d242153	201
8f49b75b SS	202	# Get the full name for the blocklist.
8f49b75b SS	203	my $name = &CGI::escapeHTML( $IPblocklist::List::sources{$blocklist}{'name'} );
5d242153	204
8f49b75b SS	205	# Get category for this blocklist.
8f49b75b SS	206	my $category = $Lang::tr{"ipblocklist category $IPblocklist::List::sources{$blocklist}{'category'}"};
5d242153	207
8f49b75b SS	208	# Determine if the blocklist is enabled.
	209	my $enable = '';
	210	$enable = 'checked' if ($settings{$blocklist} eq 'on');
5d242153	211
8f49b75b SS	212	# Set colour for the table columns.
8f49b75b SS	213	my $col = ($lines++ % 2) ? "bgcolor='$color{'color20'}'" : "bgcolor='$color{'color22'}'";
5d242153	214
5d242153	215
8f49b75b SS	216	print <<END;
	217	<tr $col>
	218	<td>$website</td>
	219	<td>$name</td>
	220	<td>$category</td>
	221	<td align='center'><input type='checkbox' name="$blocklist" id="$blocklist"$enable></td>
	222	</tr>
5d242153	223	END
8f49b75b	224	}
5d242153	225
8f49b75b SS	226	# The save button at the bottom of the table
	227	print <<END;
	228	</table>
5d242153	229
8f49b75b	230	</div>
5d242153	231
8f49b75b SS	232	<table style='width:100%;'>
	233	<tr>
	234	<td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
	235	</tr>
	236	</table>
	237	</form>
5d242153 TF	238	END
5d242153 TF	239
8f49b75b	240	&Header::closebox();
5d242153 TF	241	}
5d242153 TF	242
5d242153 TF	243	#------------------------------------------------------------------------------
	244	# sub error()
	245	#
	246	# Shows error messages
	247	#------------------------------------------------------------------------------
	248
8f49b75b SS	249	sub error {
	250	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
	251	print "<class name='base'>$errormessage\n";
	252	print " </class>\n";
	253	&Header::closebox();
5d242153	254	}