database, "SELECT objectname FROM object WHERE objectid=CAST('" . $_GET['oid']."' AS BIGINT)"); $obj = pg_fetch_object($res, 0); echo "

Abuse List for " . $obj->objectname . "

"; if (!empty($_POST['ACTION']) && ($_POST['ACTION'] == 'Abuse')) { $abuse_points = 2; $Source_IP = $_POST['source']; echo "Reporting " . $_POST['ACTION'] . " for " . $_POST['source'] . "
\n"; $res = pg_exec($this->database, "SELECT * FROM object_abuse WHERE objectid='". $_GET['oid'] ."' AND source='$Source_IP'"); if (pg_numrows($res) == 0) { echo "$Source_IP is new.
"; pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] . "', '$Source_IP', '$abuse_points')"); } else { $abuse = pg_fetch_object($res, 0); $abuse_points += $abuse->nr_abuses; echo $Source_IP . " will get " . $abuse_points . " abuse points.
"; echo "Status was " . $abuse->status . "
"; pg_exec($this->database, "UPDATE object_abuse SET nr_abuses='$abuse_points'" . " WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'"); if ($abuse_points >= 6) { echo "

Block IP adrress $Source_IP on the firewall.

"; pg_exec($this->database, "UPDATE object_abuse SET status='dropped'" . " WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'"); } } //select rawdata from log where logid in (select logid from log_abuse where source=''); } else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Investigate') { // Present a list of abuse addresses in one subnet $Subnet = $_POST['subnet']; $res = pg_exec($this->database, "SELECT * FROM object_abuse WHERE objectid='". $_GET['oid'] ."' AND source << '$Subnet'"); echo pg_numrows($res) . " records found.
"; echo ""; echo "\n"; for ($ip = 0; $ip < pg_numrows($res); $ip++) { $abuse = pg_fetch_object($res, $ip); echo ""; } echo "
IP addressAbusesStatus
"; echo $abuse->source; echo ""; echo $abuse->nr_abuses; echo ""; echo $abuse->status; echo "
"; } else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Block') { // Block an entire subnet and remove the addresses from the list $Subnet = $_POST['subnet']; pg_exec($this->database, "DELETE FROM object_abuse WHERE objectid = '" . $_GET['oid'] . "' AND source << '$Subnet'"); $abuse_points = 8; pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] . "', '$Subnet', '$abuse_points', 'dropped')"); } if (!empty($_GET['src'])) { $oid = $_GET['oid']; $src = $_GET['src']; $res = pg_exec($this->database, "SELECT logid FROM log_abuse WHERE objectid=$oid AND source <<= '$src'"); echo ""; echo ""; for ($row = 0; $row < pg_numrows($res); $row++) { $logid = pg_fetch_object($res, $row); //$log = pg_fetch_object(pg_exec($this->database, "SELECT rawdata FROM log WHERE logid=" . $logid->logid), 0); echo ""; } echo "
Abused log entry
"; //echo $log->rawdata; echo $logid->logid; echo "
"; } else { echo "
"; echo "Report "; echo " for IP address "; echo "
"; echo "
"; echo ""; echo " or "; echo " this subnet: "; echo "
"; $res = pg_exec($this->database, "SELECT * FROM object_abuse WHERE objectid='". $_GET['oid'] ."' ORDER BY source"); echo pg_numrows($res) . " records found.
"; echo ""; echo "\n"; for ($ip = 0; $ip < pg_numrows($res); $ip++) { $abuse = pg_fetch_object($res, $ip); echo ""; } echo "
IP addressAbusesStatusLast Changed
"; echo $abuse->source; echo ""; echo "" . $abuse->nr_abuses . ""; echo ""; echo $abuse->status; echo ""; echo $abuse->last_changed; echo "
"; } } } } $page = new abuse_list("Gnucomo Abuse List"); $page->Showpage(); ?>