From 91634dbe88cc85a77b1b30246e527d3dac908f24 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sat, 3 Jan 2015 20:20:10 +0100 Subject: [PATCH] geoip-block.cgi: New CGI for managing geoip blocking. --- html/cgi-bin/geoip-block.cgi | 292 +++++++++++++++++++++++++++++++++++ 1 file changed, 292 insertions(+) create mode 100644 html/cgi-bin/geoip-block.cgi diff --git a/html/cgi-bin/geoip-block.cgi b/html/cgi-bin/geoip-block.cgi new file mode 100644 index 0000000000..eb18719192 --- /dev/null +++ b/html/cgi-bin/geoip-block.cgi @@ -0,0 +1,292 @@ +#!/usr/bin/perl +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2014 IPFire Developemnt Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +use strict; +# enable only the following on debugging purpose +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; + +require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; +require "${General::swroot}/header.pl"; + +# Directory which contains flag icons. +my $flagdir = "/srv/web/ipfire/html/images/flags"; +# File extension of the country flags. +my $extension = "png"; + +my $settingsfile = "${General::swroot}/firewall/geoipblock"; + +my %color = (); +my %mainsettings = (); +my %settings = (); +my %cgiparams = (); + +# Read configuration file. +&General::readhash("$settingsfile", \%settings); + +&General::readhash("${General::swroot}/main/settings", \%mainsettings); +&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); + +&Header::showhttpheaders(); + +#Get GUI values +&Header::getcgihash(\%cgiparams); + +# Call subfunction to get all available locations. +my @locations = &get_geoip_locations(); + +if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) { + # Check if we want to disable geoipblock. + if (exists $cgiparams{'GEOIPBLOCK_ENABLED'}) { + $settings{'GEOIPBLOCK_ENABLED'} = "on"; + } else { + $settings{'GEOIPBLOCK_ENABLED'} = "off"; + } + + # Loop through our locations array to prevent from + # non existing countries or code. + foreach my $cn (@locations) { + # Check if blocking for this country should be enabled/disabled. + if (exists $cgiparams{$cn}) { + $settings{$cn} = "on"; + } else { + $settings{$cn} = "off"; + } + } + + &General::writehash("$settingsfile", \%settings); + +# &General::firewall_config_changed(); +# +# $notice = $Lang::tr{'p2p block save notice'}; +} + +&Header::openpage($Lang::tr{'geoipblock configuration'}, 1, ''); + +# Checkbox pre-selection. +my $checked; +if ($settings{'GEOIPBLOCK_ENABLED'} eq "on") { + $checked = "checked='checked'"; +} + +# Print box to enable/disable geoipblock. +print"
\n"; + +&Header::openbox('100%', 'center', $Lang::tr{'geoipblock'}); +print < + + $Lang::tr{'geoipblock enable feature'} + + + +
+ + + +
+ + + + + +
+END + +&Header::closebox(); + +&Header::openbox('100%', 'center', $Lang::tr{'geoipblock block countries'}); +### JAVA SCRIPT ### +print < + // Function to allow checking all checkboxes at once. + function check_all() { + \$("#countries").find(":checkbox").prop("checked", true); + } + + function uncheck_all() { + \$("#countries").find(":checkbox").prop("checked", false); + } + + + + + + + + + + + + + + + + +END + +my $lines; +my $lines2; +my $col; +foreach my $location (@locations) { + # Country code in upper case. (DE) + my $ccode_uc = $location; + + # County code in lower case. (de) + my $ccode_lc = lc($location); + + # Full name of the country based on the country code. + my $cname = &General::get_full_country_name($ccode_lc); + + # Generate flag filename, based on the lower case written contry code + # and the defined file extension of the image files. (de.png) + my $flagfile = join('.', $ccode_lc,$extension); + + # Generate the full path to the flagfile, based on the given path and + # the previously generated filename. + my $flagpath = join('/', $flagdir,$flagfile); + + my $flag; + # Check if a flag for the country is available. + if (-e "$flagpath") { + $flag="$ccode_uc"; + } else { + $flag="N/A"; + } + + # Checkbox pre-selection. + my $checked; + if ($settings{$ccode_uc} eq "on") { + $checked = "checked='checked'"; + } + + # Colour lines. + if ($lines % 2) { + $col="bgcolor='$color{'color20'}'"; + } else { + $col="bgcolor='$color{'color22'}'"; + } + + # Grouping elements. + my $line_start; + my $line_end; + if ($lines2 % 2) { + # Increase lines (background color by once. + $lines++; + + # Add empty column in front. + $line_start=""; + + # When the line number can be diveded by "2", + # we are going to close the line. + $line_end=""; + } else { + # When the line number is not divideable by "2", + # we are starting a new line. + $line_start=""; + $line_end; + } + + print "$line_start\n"; + print "\n"; + print "\n"; + print "$line_end\n"; + +$lines2++; +} + +print < + +
+ $Lang::tr{'flag'} + + $Lang::tr{'countrycode'} + + $Lang::tr{'country'} +   + $Lang::tr{'flag'} + + $Lang::tr{'countrycode'} + + $Lang::tr{'country'} +
 
$flag$ccode_uc$cname
+ + + + + + +
+ $Lang::tr{'check all'} / + $Lang::tr{'uncheck all'} +
+ +
+ + + + + + + + +
$Lang::tr{'geoipblock country is blocked'}$Lang::tr{'geoipblock country is allowed'}
+END + +&Header::closebox(); +print"\n"; + +&Header::closebigbox(); +&Header::closepage(); + +sub get_geoip_locations() { + # Path to the directory which contains the binary geoip + # databases. + my $directory="/usr/share/xt_geoip/BE"; + + # Array with the final contry codes list. + my @contry_codes; + + # Open location and do a directory listing. + opendir(DIR, "$directory"); + my @locations = readdir(DIR); + closedir(DIR); + + # Loop through the directory listing, and cut of the file extensions. + foreach my $location (sort @locations) { + # skip . and .. + next if($location =~ /^\.$/); + next if($location =~ /^\.\.$/); + + # Remove whitespaces. + chomp($location); + + # Cut-off file extension. + my ($contry_code, $extension) = split(/\./, $location); + + # Add country code to array. + push(@contry_codes, $contry_code); + } + + return @contry_codes; +} -- 2.39.2