--- /dev/null
+<?php
+/*
+ * Provide a list of address to be blocked on the firewall
+ * One GET parameter "object=hostname' will select dropped addresses for
+ * that specific host. The default is to return dropped addresses for all hosts.
+ *
+ * A remote host can obtain the list of addresses with wget, for example:
+ *
+ * wget --quiet -O gnucomo-abuses --no-check-certificate https://www.andromeda.nl/gnucomo/dropped.php?object=chronon.soleus.nu
+ *
+ */
+
+header('Content-Type: text/plain');
+ini_set('include_path', '.:./classes:../phpclasses');
+
+require_once('gnucomo_config.php');
+
+//echo "client address = " . $_SERVER['REMOTE_ADDR'] . "\n";
+
+$allowed_clients = array("82.161.249.49", "94.142.246.85");
+//echo array_search($_SERVER['REMOTE_ADDR'], $allowed_clients);
+//echo "\n";
+
+if (array_search($_SERVER['REMOTE_ADDR'], $allowed_clients) !== FALSE)
+{
+ $config = new gnucomo_config;
+ $config->read("gnucomo");
+
+ // A special user for accessing dropped addresses
+
+ $name = "firewall";
+ $passw = "Gnuc0mo-Ab4se";
+
+ $database = pg_connect($config->Database($name, $passw));
+
+ $query = "select source from object_abuse where status='dropped' and family(source)=4";
+
+ if (!empty($_GET['object']))
+ {
+ $object_query = "SELECT objectid FROM object WHERE objectname='" . $_GET['object']."'";
+ $res = pg_exec($database, $object_query);
+ $obj = pg_fetch_object($res, 0);
+
+ $query .= " and objectid=" . $obj->objectid;
+ }
+
+ $query .= " order by source";
+
+
+ $res = pg_exec($database, $query);
+
+ for ($ip = 0; $ip < pg_num_rows($res); $ip++)
+ {
+ $abuse = pg_fetch_object($res, $ip);
+ echo $abuse->source;
+ echo "\n";
+ }
+}
+else
+{
+ echo "Permission denied.\n";
+}
+?>