database, "SELECT objectname FROM object
WHERE objectid=CAST('" . $_GET['oid']."' AS BIGINT)");
$obj = pg_fetch_object($res, 0);
echo "";
if (!empty($_POST['ACTION']) && ($_POST['ACTION'] == 'Abuse'))
{
$abuse_points = 2;
$Source_IP = $_POST['source'];
echo "Reporting " . $_POST['ACTION'] . " for " . $_POST['source'] . "
\n";
$res = pg_exec($this->database, "SELECT * FROM object_abuse
WHERE objectid='". $_GET['oid'] ."' AND source='$Source_IP'");
if (pg_numrows($res) == 0)
{
echo "$Source_IP is new.
";
pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] .
"', '$Source_IP', '$abuse_points', '', NOW())");
}
else
{
$abuse = pg_fetch_object($res, 0);
$abuse_points += $abuse->nr_abuses;
echo $Source_IP . " will get " . $abuse_points . " abuse points.
";
echo "Status was " . $abuse->status . "
";
pg_exec($this->database, "UPDATE object_abuse SET nr_abuses='$abuse_points'" .
", last_change=NOW() WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'");
if ($abuse_points >= 6)
{
echo "
Block IP adrress $Source_IP on the firewall.
";
pg_exec($this->database, "UPDATE object_abuse SET status='dropped'" .
" WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'");
}
}
//select rawdata from log where logid in (select logid from log_abuse where source='');
}
else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Whitelist')
{
$Source_IP = $_POST['source'];
echo "Whitelisting " . $_POST['source'] . "
\n";
$res = pg_exec($this->database, "SELECT * FROM object_abuse
WHERE objectid='". $_GET['oid'] ."' AND source='$Source_IP'");
$Status = $_POST['status'];
if (pg_numrows($res) == 0)
{
echo "$Source_IP is new.
";
pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] .
"', '$Source_IP', 0, '$Status', NOW())");
}
else
{
$abuse = pg_fetch_object($res, 0);
echo $Source_IP . " will be whitelisted.
";
echo "Status was " . $abuse->status . "
";
pg_exec($this->database, "UPDATE object_abuse SET status='$Status'" .
", last_change=NOW() WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'");
}
}
else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Investigate')
{
// Present a list of abuse addresses in one subnet
$Subnet = $_POST['subnet'];
$res = pg_exec($this->database, "SELECT * FROM object_abuse
WHERE objectid='". $_GET['oid'] ."' AND source << '$Subnet'");
echo pg_numrows($res) . " records found.
";
echo "";
echo "IP address | Abuses | Status |
\n";
for ($ip = 0; $ip < pg_num_rows($res); $ip++)
{
$abuse = pg_fetch_object($res, $ip);
echo "";
echo $abuse->source;
echo " | ";
echo $abuse->nr_abuses;
echo " | ";
echo $abuse->status;
echo " |
";
}
echo "
";
}
else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Block')
{
// Block an entire subnet and remove the addresses from the list
$Subnet = $_POST['subnet'];
pg_exec($this->database, "DELETE FROM object_abuse WHERE objectid = '$ObjectId"
. "' AND source << '$Subnet'");
pg_exec($this->database, "UPDATE log_abuse set source='$Subnet'
WHERE objectid='$ObjectId' AND source << '$Subnet'");
$res = pg_exec($this->database, "SELECT logid FROM log_abuse
WHERE objectid='$ObjectId' AND source = '$Subnet'");
$abuse_points = pg_num_rows($res);
pg_exec($this->database, "INSERT INTO object_abuse VALUES ('$ObjectId" .
"', '$Subnet', '$abuse_points', 'dropped', NOW())");
}
if (!empty($_GET['src']))
{
$oid = $_GET['oid'];
$src = $_GET['src'];
$res = pg_exec($this->database, "SELECT * FROM log WHERE logid IN
(SELECT logid FROM log_abuse WHERE objectid=$oid AND source <<= '$src')
ORDER BY object_timestamp");
echo "";
echo "Time | Service | Abused log entry |
";
for ($row = 0; $row < pg_numrows($res); $row++)
{
$log = pg_fetch_object($res, $row);
echo "";
echo $log->object_timestamp;
echo " | ";
echo $log->servicecode;
echo " | ";
echo $log->rawdata;
echo " |
";
}
echo "
";
}
else
{
echo "";
echo "";
$res = pg_exec($this->database, "SELECT * FROM object_abuse
WHERE objectid='". $_GET['oid'] ."' ORDER BY source");
echo pg_numrows($res) . " records found.
";
echo "";
echo "IP address | Abuses | Status | Last Changed |
\n";
for ($ip = 0; $ip < pg_numrows($res); $ip++)
{
$abuse = pg_fetch_object($res, $ip);
echo "";
echo $abuse->source;
echo " | ";
echo "source . "'>" . $abuse->nr_abuses . "";
echo " | ";
echo $abuse->status;
echo " | ";
echo $abuse->last_change;
echo " |
";
}
echo "
";
}
}
}
}
$page = new abuse_list("Gnucomo Abuse List");
$page->Showpage();
?>