add GeoIP and rDNS information to used nameservers
[ipfire-2.x.git] / html / cgi-bin / netexternal.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 #                                                                             #
4 # IPFire.org - A linux based firewall                                         #
5 # Copyright (C) 2005-2010  IPFire Team                                        #
6 #                                                                             #
7 # This program is free software: you can redistribute it and/or modify        #
8 # it under the terms of the GNU General Public License as published by        #
9 # the Free Software Foundation, either version 3 of the License, or           #
10 # (at your option) any later version.                                         #
11 #                                                                             #
12 # This program is distributed in the hope that it will be useful,             #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of              #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
15 # GNU General Public License for more details.                                #
16 #                                                                             #
17 # You should have received a copy of the GNU General Public License           #
18 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
19 #                                                                             #
20 ###############################################################################
21
22 use strict;
23
24 # enable only the following on debugging purpose
25 #use warnings;
26 #use CGI::Carp 'fatalsToBrowser';
27
28 use IO::Socket;
29
30 require '/var/ipfire/general-functions.pl';
31 require "${General::swroot}/lang.pl";
32 require "${General::swroot}/header.pl";
33 require "${General::swroot}/geoip-functions.pl";
34 require "${General::swroot}/graphs.pl";
35
36 my %color = ();
37 my %mainsettings = ();
38 my %netsettings=();
39 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
40 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
41 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
42
43 my @graphs=();
44 my %dhcpinfo=();
45
46 my @querry = split(/\?/,$ENV{'QUERY_STRING'});
47 $querry[0] = '' unless defined $querry[0];
48 $querry[1] = 'hour' unless defined $querry[1];
49
50 if ( $querry[0] ne~ ""){
51         print "Content-type: image/png\n\n";
52         binmode(STDOUT);
53         &Graphs::updateifgraph($querry[0],$querry[1]);
54 }else{
55
56         &Header::showhttpheaders();
57         &Header::openpage($Lang::tr{'network traffic graphs external'}, 1, '');
58         &Header::openbigbox('100%', 'left');
59
60         if ($netsettings{'RED_TYPE'} ne 'PPPOE'){
61                 if ($netsettings{'RED_DEV'} ne $netsettings{'GREEN_DEV'}){
62                         push (@graphs, ($netsettings{'RED_DEV'}));
63                 }
64         }else{
65                 push (@graphs, "ppp0");
66         }
67         
68         if (-e "/var/log/rrd/collectd/localhost/interface/if_octets-ipsec0.rrd"){
69                 push (@graphs, ("ipsec0"));
70         }
71
72         if (-e "/var/log/rrd/collectd/localhost/interface/if_octets-tun0.rrd"){
73                 push (@graphs, ("tun0"));
74         }
75
76         foreach (@graphs) {
77                 &Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}");
78                 &Graphs::makegraphbox("netexternal.cgi",$_,"day");
79                 &Header::closebox();
80         }
81
82         ## DNSSEC
83         my @nameservers = ();
84         foreach my $f ("${General::swroot}/red/dns1", "${General::swroot}/red/dns2") {
85                 open(DNS, "<$f");
86                 my $nameserver = <DNS>;
87                 close(DNS);
88
89                 chomp($nameserver);
90                 if ($nameserver) {
91                         push(@nameservers, $nameserver);
92                 }
93         }
94
95         &Header::openbox('100%', 'center', $Lang::tr{'dnssec information'});
96
97         print <<END;
98                 <table class="tbl" width='66%'>
99                         <thead>
100                                 <tr>
101                                         <th align="center">
102                                                 <strong>$Lang::tr{'nameserver'}</strong>
103                                         </th>
104                                         <th align="center">
105                                                 <strong>$Lang::tr{'country'}</strong>
106                                         </th>
107                                         <th align="center">
108                                                 <strong>$Lang::tr{'rdns'}</strong>
109                                         </th>
110                                         <th align="center">
111                                                 <strong>$Lang::tr{'status'}</strong>
112                                         </th>
113                                 </tr>
114                         </thead>
115                         <tbody>
116 END
117
118         my $id = 0;
119         for my $nameserver (@nameservers) {
120                 my $status = &check_dnssec($nameserver, "ping.ipfire.org");
121
122                 my $colour = "";
123                 my $bgcolour = "";
124                 my $message = "";
125
126                 # DNSSEC Not supported
127                 if ($status == 0) {
128                         $message = $Lang::tr{'dnssec not supported'};
129                         $colour = "white";
130                         $bgcolour = ${Header::colourred};
131
132                 # DNSSEC Aware
133                 } elsif ($status == 1) {
134                         $message = $Lang::tr{'dnssec aware'};
135                         $colour = "black";
136                         $bgcolour = ${Header::colouryellow};
137
138                 # DNSSEC Validating
139                 } elsif ($status == 2) {
140                         $message = $Lang::tr{'dnssec validating'};
141                         $colour = "white";
142                         $bgcolour = ${Header::colourgreen};
143
144                 # Error
145                 } else {
146                         $colour = ${Header::colourred};
147                 }
148
149                 my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
150
151                 # collect more information about name server (rDNS, GeoIP country code)
152                 my $ccode = &GeoIP::lookup($nameserver);
153                 my $flag_icon = &GeoIP::get_flag_icon($ccode);
154
155                 my $iaddr = inet_aton($nameserver);
156                 my $rdns = gethostbyaddr($iaddr, AF_INET);
157                 if (!$rdns) { $rdns = $Lang::tr{'lookup failed'}; }
158
159                 print <<END;
160                         <tr bgcolor="$table_colour">
161                                 <td>
162                                         $nameserver
163                                 </td>
164                                 <td align="center">
165                                         <a href='country.cgi#$ccode'><img src="$flag_icon" border="0" alt="$ccode" title="$ccode" /></a>
166                                 </td>
167                                 <td align="center">
168                                         $rdns
169                                 </td>
170                                 <td bgcolor="$bgcolour" align="center">
171                                         <font color="$colour"><strong>$message</strong></font>
172                                 </td>
173                         </tr>
174 END
175         }
176
177         print <<END;
178                         </tbody>
179                 </table>
180 END
181
182         &Header::closebox();
183
184         if ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/  && $netsettings{'RED_TYPE'} eq "DHCP"){
185
186                 &Header::openbox('100%', 'left', "RED $Lang::tr{'dhcp configuration'}");
187                 if (-s "${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info") {
188
189                         &General::readhash("${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info", \%dhcpinfo);
190
191                         my $DNS1=`echo $dhcpinfo{'domain_name_servers'} | cut -f 1 -d " "`;
192                         my $DNS2=`echo $dhcpinfo{'domain_name_servers'} | cut -f 2 -d " "`;
193
194                         my $lsetme=0;
195                         my $leasetime="";
196                         if ($dhcpinfo{'dhcp_lease_time'} ne "") {
197                                 $lsetme=$dhcpinfo{'dhcp_lease_time'};
198                                 $lsetme=($lsetme/60);
199                                 
200                                 if ($lsetme > 59) {
201                                         $lsetme=($lsetme/60); $leasetime=$lsetme." Hour";
202                                 }else{
203                                         $leasetime=$lsetme." Minute";
204                                 }
205                                 
206                                 if ($lsetme > 1) {
207                                         $leasetime=$leasetime."s";
208                                 }
209                         }
210
211                         my $rentme=0;
212                         my $rnwltime="";
213
214                         if ($dhcpinfo{'dhcp_renewal_time'} ne "") {
215                                 $rentme=$dhcpinfo{'dhcp_renewal_time'};
216                                 $rentme=($rentme/60);
217                                 
218                                 if ($rentme > 59){
219                                         $rentme=($rentme/60); $rnwltime=$rentme." Hour";
220                                 }else{
221                                         $rnwltime=$rentme." Minute";
222                                 }
223                                 
224                                 if ($rentme > 1){
225                                         $rnwltime=$rnwltime."s";
226                                 }
227                         }
228
229                         my $maxtme=0;
230                         my $maxtime="";
231
232                         if ($dhcpinfo{'dhcp_rebinding_time'} ne "") {
233                                 $maxtme=$dhcpinfo{'dhcp_rebinding_time'};
234                                 $maxtme=($maxtme/60);
235
236                                 if ($maxtme > 59){
237                                         $maxtme=($maxtme/60); $maxtime=$maxtme." Hour";
238                                 } else {
239                                         $maxtime=$maxtme." Minute";
240                                 }
241
242                                 if ($maxtme > 1) {
243                                         $maxtime=$maxtime."s";
244                                 }
245                         }
246
247
248                         print <<END
249 <table width='100%'>
250 <tr><td width='30%'>$Lang::tr{'domain'}</td><td>$dhcpinfo{'domain_name'}</td></tr>
251 <tr><td>$Lang::tr{'gateway'}</td><td>$dhcpinfo{'routers'}</td></tr>
252 <tr><td>$Lang::tr{'primary dns'}</td><td>$DNS1</td></tr>
253 <tr><td>$Lang::tr{'secondary dns'}</td><td>$DNS2</td></tr>
254 <tr><td>$Lang::tr{'dhcp server'}</td><td>$dhcpinfo{'dhcp_server_identifier'}</td></tr>
255 <tr><td>$Lang::tr{'def lease time'}</td><td>$leasetime</td></tr>
256 <tr><td>$Lang::tr{'default renewal time'}</td><td>$rnwltime</td></tr>
257 <tr><td>$Lang::tr{'max renewal time'}</td><td>$maxtime</td></tr>
258 </table>
259 END
260 ;
261                 }else{
262                         print "$Lang::tr{'no dhcp lease'}";
263                 }
264                 &Header::closebox();
265         }
266
267         &Header::closebigbox();
268         &Header::closepage();
269 }
270
271 sub check_dnssec($$) {
272         my $nameserver = shift;
273         my $record = shift;
274
275         my @command = ("dig", "+dnssec", $record, "\@$nameserver");
276
277         my @output = qx(@command);
278         my $output = join("", @output);
279
280         my $status = 0;
281         if ($output =~ m/status: (\w+)/) {
282                 $status = ($1 eq "NOERROR");
283
284                 if (!$status) {
285                         return -1;
286                 }
287         }
288
289         my @flags = ();
290         if ($output =~ m/flags: (.*);/) {
291                 @flags = split(/ /, $1);
292         }
293
294         my $aware = ($output =~ m/RRSIG/);
295         my $validating = ("ad" ~~ @flags);
296
297         return $aware + $validating;
298 }