From: eldy <>
Date: Tue, 10 Sep 2002 15:40:39 +0000 (+0000)
Subject: Added AllowAccessFromWebToFollowingIPAddresses parameter
X-Git-Tag: AWSTATS_5_0_BETA~64
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cc0000b7653e55549da146ea6045449ae2668449;p=thirdparty%2FAWStats.git

Added AllowAccessFromWebToFollowingIPAddresses parameter
---

diff --git a/wwwroot/cgi-bin/awstats.model.conf b/wwwroot/cgi-bin/awstats.model.conf
index 9d7aac01..beb76cad 100644
--- a/wwwroot/cgi-bin/awstats.model.conf
+++ b/wwwroot/cgi-bin/awstats.model.conf
@@ -251,6 +251,15 @@ AllowAccessFromWebToAuthenticatedUsersOnly=0
 AllowAccessFromWebToFollowingAuthenticatedUsers=""
 
 
+# When this parameter is define to something, the IP address of the user that
+# read its statistics from a browser (when AWStats is used as a CGI) is
+# checked and must match the IP address range defined by this parameter.
+# Example: "123.123.123.10-123.123.123.255"
+# Default: ""
+#
+AllowAccessFromWebToFollowingIPAddresses=""
+
+
 # If the "DirData" directory (see above) does not exists, AWStats return an
 # error. However, you can ask AWStats to create it.
 # This option can be used by some Web Hosting Providers that has defined a 
diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl
index fc66377e..4b5e3d51 100644
--- a/wwwroot/cgi-bin/awstats.pl
+++ b/wwwroot/cgi-bin/awstats.pl
@@ -152,13 +152,13 @@ $LevelForSearchEnginesDetection, $LevelForKeywordsDetection)=
 (2,1,1,1,1,1);
 use vars qw/
 $DirLock $DirCgi $DirData $DirIcons $DirLang $AWScript $ArchiveFileName
-$HTMLHeadSection $HTMLEndSection $LinksToWhoIs
+$AllowAccessFromWebToFollowingIPAddresses $HTMLHeadSection $HTMLEndSection $LinksToWhoIs
 $LogFile $LogFormat $LogSeparator $Logo $LogoLink $StyleSheet $WrapperScript $SiteDomain
 /;
 ($DirLock, $DirCgi, $DirData, $DirIcons, $DirLang, $AWScript, $ArchiveFileName,
-$HTMLHeadSection, $HTMLEndSection, $LinksToWhoIs,
+$AllowAccessFromWebToFollowingIPAddresses, $HTMLHeadSection, $HTMLEndSection, $LinksToWhoIs,
 $LogFile, $LogFormat, $LogSeparator, $Logo, $LogoLink, $StyleSheet, $WrapperScript, $SiteDomain)=
-("","","","","","","","","","","","","","","","","","");
+("","","","","","","","","","","","","","","","","","","");
 use vars qw/
 $color_Background $color_TableBG $color_TableBGRowTitle
 $color_TableBGTitle $color_TableBorder $color_TableRowTitle $color_TableTitle
@@ -823,6 +823,7 @@ sub Read_Config {
 			foreach my $elem (split(/\s+/,$value))	  { push @AllowAccessFromWebToFollowingAuthenticatedUsers,$elem; }
 			next;
 			}
+		if ($param =~ /^AllowAccessFromWebToFollowingIPAddresses/)		{ $AllowAccessFromWebToFollowingIPAddresses=$value; next; }
 		if ($param =~ /^CreateDirDataIfNotExists/)   { $CreateDirDataIfNotExists=$value; next; }
 		if ($param =~ /^SaveDatabaseFilesWithPermissionsForEveryone/)   { $SaveDatabaseFilesWithPermissionsForEveryone=$value; next; }
 		if ($param =~ /^PurgeLogFile/)          { $PurgeLogFile=$value; next; }
@@ -3407,6 +3408,21 @@ sub SigHandler {
 	sleep 10;
 }
 
+#--------------------------------------------------------------------
+# Function:     Convert an IPAddress into an integer
+# Parameters:   IPAddress
+# Input:        None
+# Output:       None
+# Return:       Int
+#--------------------------------------------------------------------
+sub Convert_IP_To_Decimal()
+{
+	my ($IPAddress) = @_;
+	my @ip_seg_arr = split(/\./,$IPAddress);
+	my $decimal_ip_address = 256 * 256 *256 * $ip_seg_arr[0] + 256 * 256 * $ip_seg_arr[1] + 256 * $ip_seg_arr[2] + $ip_seg_arr[3];
+	return($decimal_ip_address);
+}
+
 
 #--------------------------------------------------------------------
 # MAIN
@@ -3674,6 +3690,17 @@ if ($AllowAccessFromWebToAuthenticatedUsersOnly && $ENV{"GATEWAY_INTERFACE"}) {
 		}
 	}
 }
+if ($AllowAccessFromWebToFollowingIPAddresses && $ENV{"GATEWAY_INTERFACE"}) {
+	if ($AllowAccessFromWebToFollowingIPAddresses	!~ /^(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)$/) {
+		error("Error: AllowAccessFromWebToFollowingIPAddresses is defined to '$AllowAccessFromWebToFollowingIPAddresses' but does not match the correct syntax: IPAddressMin-IPAddressMax");
+	}
+	my $ipmin=&Convert_IP_To_Decimal($1);
+	my $ipmax=&Convert_IP_To_Decimal($2);
+	my $useripaddress=&Convert_IP_To_Decimal($ENV{"REMOTE_ADDR"});
+	if ($useripaddress < $ipmin || $useripaddress > $ipmax) {
+		error("Error: Access to statistics is not allowed from your IP Address ".$ENV{"REMOTE_ADDR"});
+	}
+}
 if ($UpdateStats && (! $AllowToUpdateStatsFromBrowser) && $ENV{"GATEWAY_INTERFACE"}) {
 	error("Error: Update of statistics is not allowed from a browser.");
 }