[people/pmueller/ipfire-2.x.git] / html / cgi-bin / ipblocklist.cgi

#!/usr/bin/perl

###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
# Copyright (C) 2018 - 2020 The IPFire Team                                   #
#                                                                             #
###############################################################################

use strict;

# enable the following only for debugging purposes
#use warnings;
#use CGI::Carp 'fatalsToBrowser';

require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
require "${General::swroot}/ipblocklist-functions.pl";

# Import blockist sources and settings file.
require "${General::swroot}/ipblocklist/sources";

###############################################################################
# Configuration variables
###############################################################################

my $settings      = "${General::swroot}/ipblocklist/settings";
my %cgiparams     = ('ACTION' => '');

###############################################################################
# Variables
###############################################################################

my $errormessage  = '';
my $headline = "$Lang::tr{'error message'}";
my $updating      = 0;
my %mainsettings;
my %color;

# Default settings - normally overwritten by settings file
my %settings = (
	'DEBUG'           => 0,
	'LOGGING'         => 'on',
	'ENABLE'          => 'off'
);

# Read all parameters
&Header::getcgihash( \%cgiparams);
&General::readhash( "${General::swroot}/main/settings", \%mainsettings );
&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);

# Get list of supported blocklists.
my @blocklists = &IPblocklist::get_blocklists();

# Show Headers
&Header::showhttpheaders();

# Process actions
if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
	# Assign checkbox values, in case they are not checked.
	$cgiparams{'ENABLE'} = "off" unless($cgiparams{'ENABLE'});
	$cgiparams{'LOGGING'} = "off" unless($cgiparams{'LOGGING'});

	# Array to store if blocklists are missing on the system
	# and needs to be downloaded first.
	my @missing_blocklists = ();

	# Loop through the array of supported blocklists.
	foreach my $blocklist (@blocklists) {
		# Skip the blocklist if it is not enabled.
		next if($cgiparams{$blocklist} ne "on");

		# Get the file name which keeps the converted blocklist.
		my $ipset_db_file = &IPblocklist::get_ipset_db_file($blocklist);

		# Check if the blocklist already has been downloaded.
		if(-f "$ipset_db_file") {
			# Blocklist already exits, we can skip it.
			next;
		} else {
			# Blocklist not present, store in array to download it.
			push(@missing_blocklists, $blocklist);
		}
	}

	# Check if the red device is not active and blocklists are missing.
	if ((not -e "${General::swroot}/red/active") && (@missing_blocklists)) {
		# The system is offline, cannot download the missing blocklists.
		# Store an error message.
		$errormessage = "$Lang::tr{'system is offline'}";
	} else {
		# Loop over the array of missing blocklists.
		foreach my $missing_blocklist (@missing_blocklists) {
			# Call the download and convert function to get the missing blocklist.
			my $status = &IPblocklist::download_and_create_blocklist($missing_blocklist);

			# Check if there was an error during download.
			if ($status eq "dl_error") {
				$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist download error'}";
			} elsif ($status eq "empty_list") {
				$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist empty blocklist received'}";
			}
		}
	}

	# Check if there was an error.
	unless($errormessage) {
		# Write configuration hash.
		&General::writehash($settings, \%cgiparams);

		# Call function to mark a required reload of the firewall.
		&General::firewall_config_changed();

		# Display notice about a required reload of the firewall.
		$headline = "$Lang::tr{'notice'}";
		$errormessage = "$Lang::tr{'fw rules reload notice'}";
	}
}

# Show site
&Header::openpage($Lang::tr{'ipblocklist'}, 1, '');
&Header::openbigbox('100%', 'left');

# Display error message if there was one.
&error() if ($errormessage);

# Read-in ipblocklist settings.
&General::readhash( $settings, \%settings ) if (-r $settings);

# Display configuration section.
&configsite();

# End of page
&Header::closebigbox();
&Header::closepage();


#------------------------------------------------------------------------------
# sub configsite()
#
# Displays configuration
#------------------------------------------------------------------------------

sub configsite {
	# Find preselections
	my $enable = 'checked';

	&Header::openbox('100%', 'left', $Lang::tr{'settings'});

	# Enable checkbox
	$enable = ($settings{'ENABLE'} eq 'on') ? ' checked' : '';

print<<END;
	<form method='post' action='$ENV{'SCRIPT_NAME'}'>
		<table style='width:100%' border='0'>
			<tr>
				<td style='width:24em'>$Lang::tr{'ipblocklist use ipblocklists'}</td>
				<td><input type='checkbox' name='ENABLE' id='ENABLE'$enable></td>
			</tr>
		</table><br>
END

	# The following are only displayed if the blacklists are enabled
	$enable = ($settings{'LOGGING'} eq 'on') ? ' checked' : '';

print <<END;
		<div class='sources'>
			<table style='width:100%' border='0'>
				<tr>
					<td style='width:24em'>$Lang::tr{'ipblocklist log'}</td>
					<td><input type='checkbox' name="LOGGING" id="LOGGING"$enable></td>
				</tr>
			</table>

			<br><br>
			<h2>$Lang::tr{'ipblocklist blocklist settings'}</h2>

			<table width='100%' cellspacing='1' class='tbl'>
				<tr>
					<th align='left'>$Lang::tr{'ipblocklist id'}</th>
					<th align='left'>$Lang::tr{'ipblocklist name'}</th>
					<th align='left'>$Lang::tr{'ipblocklist category'}</th>
					<th align='center'>$Lang::tr{'ipblocklist enable'}</th>
				</tr>
END

	# Iterate through the list of sources
	my $lines = 0;

	foreach my $blocklist (@blocklists) {
		# Display blocklist name or provide a link to the website if available.
		my $website = "$blocklist";
		if ($IPblocklist::List::sources{$blocklist}{info}) {
			$website ="<a href='$IPblocklist::List::sources{$blocklist}{info}' target='_blank'>$blocklist</a>";
		}

		# Get the full name for the blocklist.
		my $name = &CGI::escapeHTML( $IPblocklist::List::sources{$blocklist}{'name'} );

		# Get category for this blocklist.
		my $category = $Lang::tr{"ipblocklist category $IPblocklist::List::sources{$blocklist}{'category'}"};

		# Determine if the blocklist is enabled.
		my $enable = '';
		$enable = 'checked' if ($settings{$blocklist} eq 'on');

		# Set colour for the table columns.
		my $col = ($lines++ % 2) ? "bgcolor='$color{'color20'}'" : "bgcolor='$color{'color22'}'";


print <<END;
				<tr $col>
					<td>$website</td>
					<td>$name</td>
					<td>$category</td>
					<td align='center'><input type='checkbox' name="$blocklist" id="$blocklist"$enable></td>
				</tr>
END
	}

# The save button at the bottom of the table
print <<END;
			</table>

		</div>

		<table style='width:100%;'>
			<tr>
				<td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
			</tr>
		</table>
	</form>
END

	&Header::closebox();
}

#------------------------------------------------------------------------------
# sub error()
#
# Shows error messages
#------------------------------------------------------------------------------

sub error {
	&Header::openbox('100%', 'left', $headline);
		print "<class name='base'>$errormessage\n";
		print "&nbsp;</class>\n";
	&Header::closebox();
}
Commit	Line	Data
5d242153 TF	1	#!/usr/bin/perl
	2
	3	###############################################################################
	4	# #
	5	# IPFire.org - A linux based firewall #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	# Copyright (C) 2018 - 2020 The IPFire Team #
	21	# #
	22	###############################################################################
	23
	24	use strict;
8f49b75b	25
5d242153 TF	26	# enable the following only for debugging purposes
	27	#use warnings;
	28	#use CGI::Carp 'fatalsToBrowser';
5d242153 TF	29
	30	require '/var/ipfire/general-functions.pl';
	31	require "${General::swroot}/lang.pl";
	32	require "${General::swroot}/header.pl";
8f49b75b SS	33	require "${General::swroot}/ipblocklist-functions.pl";
	34
	35	# Import blockist sources and settings file.
	36	require "${General::swroot}/ipblocklist/sources";
5d242153 TF	37
	38	###############################################################################
	39	# Configuration variables
	40	###############################################################################
	41
8f49b75b	42	my $settings = "${General::swroot}/ipblocklist/settings";
5d242153 TF	43	my %cgiparams = ('ACTION' => '');
	44
	45	###############################################################################
	46	# Variables
	47	###############################################################################
	48
	49	my $errormessage = '';
2493c9ea	50	my $headline = "$Lang::tr{'error message'}";
5d242153 TF	51	my $updating = 0;
	52	my %mainsettings;
	53	my %color;
5d242153 TF	54
5d242153 TF	55	# Default settings - normally overwritten by settings file
8f49b75b SS	56	my %settings = (
	57	'DEBUG' => 0,
	58	'LOGGING' => 'on',
	59	'ENABLE' => 'off'
	60	);
5d242153 TF	61
5d242153 TF	62	# Read all parameters
8f49b75b SS	63	&Header::getcgihash( \%cgiparams);
8f49b75b SS	64	&General::readhash( "${General::swroot}/main/settings", \%mainsettings );
bda85117	65	&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
5d242153	66
8f49b75b SS	67	# Get list of supported blocklists.
8f49b75b SS	68	my @blocklists = &IPblocklist::get_blocklists();
5d242153 TF	69
5d242153 TF	70	# Show Headers
8f49b75b	71	&Header::showhttpheaders();
5d242153 TF	72
5d242153 TF	73	# Process actions
8f49b75b	74	if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
0450dce6 SS	75	# Assign checkbox values, in case they are not checked.
	76	$cgiparams{'ENABLE'} = "off" unless($cgiparams{'ENABLE'});
	77	$cgiparams{'LOGGING'} = "off" unless($cgiparams{'LOGGING'});
	78
8f49b75b SS	79	# Array to store if blocklists are missing on the system
	80	# and needs to be downloaded first.
	81	my @missing_blocklists = ();
	82
	83	# Loop through the array of supported blocklists.
	84	foreach my $blocklist (@blocklists) {
	85	# Skip the blocklist if it is not enabled.
	86	next if($cgiparams{$blocklist} ne "on");
	87
	88	# Get the file name which keeps the converted blocklist.
	89	my $ipset_db_file = &IPblocklist::get_ipset_db_file($blocklist);
	90
	91	# Check if the blocklist already has been downloaded.
	92	if(-f "$ipset_db_file") {
	93	# Blocklist already exits, we can skip it.
	94	next;
	95	} else {
	96	# Blocklist not present, store in array to download it.
	97	push(@missing_blocklists, $blocklist);
	98	}
	99	}
5d242153	100
8f49b75b SS	101	# Check if the red device is not active and blocklists are missing.
	102	if ((not -e "${General::swroot}/red/active") && (@missing_blocklists)) {
	103	# The system is offline, cannot download the missing blocklists.
	104	# Store an error message.
	105	$errormessage = "$Lang::tr{'system is offline'}";
	106	} else {
	107	# Loop over the array of missing blocklists.
	108	foreach my $missing_blocklist (@missing_blocklists) {
	109	# Call the download and convert function to get the missing blocklist.
	110	my $status = &IPblocklist::download_and_create_blocklist($missing_blocklist);
	111
	112	# Check if there was an error during download.
8f49b75b	113	if ($status eq "dl_error") {
a72c2458	114	$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist download error'}";
8f49b75b	115	} elsif ($status eq "empty_list") {
a72c2458	116	$errormessage = "$Lang::tr{'ipblocklist could not download blocklist'} - $Lang::tr{'ipblocklist empty blocklist received'}";
8f49b75b SS	117	}
	118	}
	119	}
	120
	121	# Check if there was an error.
	122	unless($errormessage) {
	123	# Write configuration hash.
	124	&General::writehash($settings, \%cgiparams);
5d242153	125
3b114903 SS	126	# Call function to mark a required reload of the firewall.
	127	&General::firewall_config_changed();
	128
	129	# Display notice about a required reload of the firewall.
2493c9ea	130	$headline = "$Lang::tr{'notice'}";
77af89e5	131	$errormessage = "$Lang::tr{'fw rules reload notice'}";
8f49b75b	132	}
5d242153 TF	133	}
	134
	135	# Show site
8f49b75b SS	136	&Header::openpage($Lang::tr{'ipblocklist'}, 1, '');
8f49b75b SS	137	&Header::openbigbox('100%', 'left');
5d242153	138
8f49b75b SS	139	# Display error message if there was one.
8f49b75b SS	140	&error() if ($errormessage);
5d242153	141
8f49b75b SS	142	# Read-in ipblocklist settings.
8f49b75b SS	143	&General::readhash( $settings, \%settings ) if (-r $settings);
5d242153	144
8f49b75b SS	145	# Display configuration section.
8f49b75b SS	146	&configsite();
5d242153 TF	147
5d242153 TF	148	# End of page
8f49b75b SS	149	&Header::closebigbox();
8f49b75b SS	150	&Header::closepage();
5d242153 TF	151
	152
	153	#------------------------------------------------------------------------------
	154	# sub configsite()
	155	#
	156	# Displays configuration
	157	#------------------------------------------------------------------------------
	158
8f49b75b SS	159	sub configsite {
	160	# Find preselections
	161	my $enable = 'checked';
5d242153	162
8f49b75b	163	&Header::openbox('100%', 'left', $Lang::tr{'settings'});
5d242153	164
8f49b75b SS	165	# Enable checkbox
8f49b75b SS	166	$enable = ($settings{'ENABLE'} eq 'on') ? ' checked' : '';
5d242153	167
8f49b75b SS	168	print<<END;
	169	<form method='post' action='$ENV{'SCRIPT_NAME'}'>
	170	<table style='width:100%' border='0'>
	171	<tr>
	172	<td style='width:24em'>$Lang::tr{'ipblocklist use ipblocklists'}</td>
	173	<td><input type='checkbox' name='ENABLE' id='ENABLE'$enable></td>
	174	</tr>
	175	</table><br>
5d242153 TF	176	END
5d242153 TF	177
8f49b75b SS	178	# The following are only displayed if the blacklists are enabled
	179	$enable = ($settings{'LOGGING'} eq 'on') ? ' checked' : '';
	180
	181	print <<END;
	182	<div class='sources'>
	183	<table style='width:100%' border='0'>
	184	<tr>
	185	<td style='width:24em'>$Lang::tr{'ipblocklist log'}</td>
	186	<td><input type='checkbox' name="LOGGING" id="LOGGING"$enable></td>
	187	</tr>
	188	</table>
	189
	190	<br><br>
	191	<h2>$Lang::tr{'ipblocklist blocklist settings'}</h2>
	192
	193	<table width='100%' cellspacing='1' class='tbl'>
	194	<tr>
	195	<th align='left'>$Lang::tr{'ipblocklist id'}</th>
	196	<th align='left'>$Lang::tr{'ipblocklist name'}</th>
	197	<th align='left'>$Lang::tr{'ipblocklist category'}</th>
	198	<th align='center'>$Lang::tr{'ipblocklist enable'}</th>
	199	</tr>
5d242153 TF	200	END
5d242153 TF	201
8f49b75b SS	202	# Iterate through the list of sources
8f49b75b SS	203	my $lines = 0;
5d242153	204
8f49b75b SS	205	foreach my $blocklist (@blocklists) {
	206	# Display blocklist name or provide a link to the website if available.
	207	my $website = "$blocklist";
	208	if ($IPblocklist::List::sources{$blocklist}{info}) {
	209	$website ="<a href='$IPblocklist::List::sources{$blocklist}{info}' target='_blank'>$blocklist</a>";
	210	}
5d242153	211
8f49b75b SS	212	# Get the full name for the blocklist.
8f49b75b SS	213	my $name = &CGI::escapeHTML( $IPblocklist::List::sources{$blocklist}{'name'} );
5d242153	214
8f49b75b SS	215	# Get category for this blocklist.
8f49b75b SS	216	my $category = $Lang::tr{"ipblocklist category $IPblocklist::List::sources{$blocklist}{'category'}"};
5d242153	217
8f49b75b SS	218	# Determine if the blocklist is enabled.
	219	my $enable = '';
	220	$enable = 'checked' if ($settings{$blocklist} eq 'on');
5d242153	221
8f49b75b SS	222	# Set colour for the table columns.
8f49b75b SS	223	my $col = ($lines++ % 2) ? "bgcolor='$color{'color20'}'" : "bgcolor='$color{'color22'}'";
5d242153	224
5d242153	225
8f49b75b SS	226	print <<END;
	227	<tr $col>
	228	<td>$website</td>
	229	<td>$name</td>
	230	<td>$category</td>
	231	<td align='center'><input type='checkbox' name="$blocklist" id="$blocklist"$enable></td>
	232	</tr>
5d242153	233	END
8f49b75b	234	}
5d242153	235
8f49b75b SS	236	# The save button at the bottom of the table
	237	print <<END;
	238	</table>
5d242153	239
8f49b75b	240	</div>
5d242153	241
8f49b75b SS	242	<table style='width:100%;'>
	243	<tr>
	244	<td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
	245	</tr>
	246	</table>
	247	</form>
5d242153 TF	248	END
5d242153 TF	249
8f49b75b	250	&Header::closebox();
5d242153 TF	251	}
5d242153 TF	252
5d242153 TF	253	#------------------------------------------------------------------------------
	254	# sub error()
	255	#
	256	# Shows error messages
	257	#------------------------------------------------------------------------------
	258
8f49b75b	259	sub error {
2493c9ea	260	&Header::openbox('100%', 'left', $headline);
8f49b75b SS	261	print "<class name='base'>$errormessage\n";
	262	print " </class>\n";
	263	&Header::closebox();
5d242153	264	}