Provide a web interface for dropped IP addresses

[gnucomo.git] / src / web / dropped.php

<?php
/*
 *  Provide a list of address to be blocked on the firewall
 *  One GET parameter "object=hostname' will select dropped addresses for
 *  that specific host. The default is to return dropped addresses for all hosts.
 *
 * A remote host can obtain the list of addresses with wget, for example:
 *
 * wget --quiet -O gnucomo-abuses --no-check-certificate https://www.andromeda.nl/gnucomo/dropped.php?object=chronon.soleus.nu
 *
 */

header('Content-Type: text/plain');
ini_set('include_path', '.:./classes:../phpclasses');

require_once('gnucomo_config.php');

//echo "client address = " . $_SERVER['REMOTE_ADDR'] . "\n";

$allowed_clients = array("82.161.249.49", "94.142.246.85");
//echo array_search($_SERVER['REMOTE_ADDR'], $allowed_clients);
//echo "\n";

if (array_search($_SERVER['REMOTE_ADDR'], $allowed_clients) !== FALSE)
{ 
   $config = new gnucomo_config;
   $config->read("gnucomo");

   //  A special user for accessing dropped addresses

   $name   = "firewall";
   $passw  = "Gnuc0mo-Ab4se";

   $database = pg_connect($config->Database($name, $passw));

   $query = "select source from object_abuse where status='dropped' and family(source)=4";

      if (!empty($_GET['object']))
      {
         $object_query = "SELECT objectid FROM object WHERE objectname='" . $_GET['object']."'";
         $res = pg_exec($database, $object_query);
         $obj = pg_fetch_object($res, 0);

         $query .= " and objectid=" . $obj->objectid;
      }

   $query .= " order by source";


   $res = pg_exec($database, $query);

            for ($ip = 0; $ip < pg_num_rows($res); $ip++)
            {
               $abuse = pg_fetch_object($res, $ip);
               echo $abuse->source;
               echo "\n";
            }
}
else
{
   echo "Permission denied.\n";
}
?>