--- /dev/null
+<?php
+
+/**************************************************************************
+** (c) Copyright 2003, Andromeda Technology & Automation
+** This is free software; you can redistribute it and/or modify it under the
+** terms of the GNU General Public License, see the file COPYING.
+***************************************************************************
+** MODULE INFORMATION *
+***********************
+** FILE NAME : abuse.php
+** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
+** VERSION NUMBER : $Revision: 1.1 $
+**
+** DESCRIPTION : Abuse list page
+**
+** EXPORTED OBJECTS :
+** LOCAL OBJECTS :
+** MODULES USED :
+***************************************************************************
+** ADMINISTRATIVE INFORMATION *
+********************************
+** ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
+** CREATION DATE : Apr 13, 2004
+** LAST UPDATE : Apr 13, 2004
+** MODIFICATIONS :
+**************************************************************************/
+
+/*****************************
+ $Log: abuse.php,v $
+ Revision 1.1 2005-06-04 07:24:38 arjen
+ New page: Abuse list
+
+******************************/
+
+// RCSID = "$Id: abuse.php,v 1.1 2005-06-04 07:24:38 arjen Exp $";
+
+ini_set('include_path', '.:./classes:../phpclasses');
+
+require_once('page.class.php');
+
+
+class abuse_list extends page
+{
+
+ function Body()
+ {
+ if (!empty($_GET['oid']))
+ {
+ $res = pg_exec($this->database, "SELECT objectname FROM object
+ WHERE objectid=CAST('" . $_GET['oid']."' AS BIGINT)");
+ $obj = pg_fetch_object($res, 0);
+ echo "<h1>Abuse List for " . $obj->objectname . "</h1><hr>";
+
+ if (!empty($_POST['ACTION']) && ($_POST['ACTION'] == 'Abuse'))
+ {
+ $abuse_points = 2;
+ $Source_IP = $_POST['source'];
+ echo "Reporting " . $_POST['ACTION'] . " for " . $_POST['source'] . "<br>\n";
+ $res = pg_exec($this->database, "SELECT * FROM object_abuse
+ WHERE objectid='". $_GET['oid'] ."' AND source='$Source_IP'");
+ if (pg_numrows($res) == 0)
+ {
+ echo "$Source_IP is new.<br>";
+ pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] .
+ "', '$Source_IP', '$abuse_points')");
+ }
+ else
+ {
+ $abuse = pg_fetch_object($res, 0);
+ $abuse_points += $abuse->nr_abuses;
+ echo $Source_IP . " will get " . $abuse_points . " abuse points.<br>";
+ echo "Status was " . $abuse->status . "<br>";
+ pg_exec($this->database, "UPDATE object_abuse SET nr_abuses='$abuse_points'" .
+ " WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'");
+
+ if ($abuse_points >= 6)
+ {
+ echo "<h2 class='error'>Block IP adrress $Source_IP on the firewall.</h2>";
+ pg_exec($this->database, "UPDATE object_abuse SET status='dropped'" .
+ " WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'");
+ }
+ }
+//select rawdata from log where logid in (select logid from log_abuse where source='');
+
+ }
+ else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Investigate')
+ {
+ // Present a list of abuse addresses in one subnet
+
+ $Subnet = $_POST['subnet'];
+ $res = pg_exec($this->database, "SELECT * FROM object_abuse
+ WHERE objectid='". $_GET['oid'] ."' AND source << '$Subnet'");
+
+ echo pg_numrows($res) . " records found.<br>";
+
+ echo "<table>";
+ echo "<tr><th>IP address</th><th>Abuses</th><th>Status</th></tr>\n";
+
+ for ($ip = 0; $ip < pg_numrows($res); $ip++)
+ {
+ $abuse = pg_fetch_object($res, $ip);
+ echo "<tr><td>";
+ echo $abuse->source;
+ echo "</td><td>";
+ echo $abuse->nr_abuses;
+ echo "</td><td>";
+ echo $abuse->status;
+ echo "</td></tr>";
+ }
+ echo "</table>";
+
+ }
+ else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Block')
+ {
+ // Block an entire subnet and remove the addresses from the list
+
+ $Subnet = $_POST['subnet'];
+ pg_exec($this->database, "DELETE FROM object_abuse WHERE objectid = '" . $_GET['oid']
+ . "' AND source << '$Subnet'");
+ $abuse_points = 8;
+ pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] .
+ "', '$Subnet', '$abuse_points', 'dropped')");
+ }
+
+ echo "<form method='post'>";
+ echo "Report <input type='submit' name='ACTION' value='Abuse'>";
+ echo " for IP address <input type='text' name='source'>";
+ echo "</form>";
+
+ echo "<form method='post'>";
+ echo "<input type='submit' name='ACTION' value='Investigate'>";
+ echo " or <input type='submit' name='ACTION' value='Block'>";
+ echo " this subnet: <input type='text' name='subnet'>";
+ echo "</form>";
+
+ $res = pg_exec($this->database, "SELECT * FROM object_abuse
+ WHERE objectid='". $_GET['oid'] ."' ORDER BY source");
+
+ echo pg_numrows($res) . " records found.<br>";
+
+ echo "<table>";
+ echo "<tr><th>IP address</th><th>Abuses</th><th>Status</th></tr>\n";
+
+ for ($ip = 0; $ip < pg_numrows($res); $ip++)
+ {
+ $abuse = pg_fetch_object($res, $ip);
+ echo "<tr><td>";
+ echo $abuse->source;
+ echo "</td><td>";
+ echo $abuse->nr_abuses;
+ echo "</td><td>";
+ echo $abuse->status;
+ echo "</td></tr>";
+ }
+ echo "</table>";
+ }
+ }
+}
+
+$page = new abuse_list("Gnucomo Abuse List");
+
+$page->Showpage();
+
+?>
***********************
** FILE NAME : objects.php
** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
-** VERSION NUMBER : $Revision: 1.9 $
+** VERSION NUMBER : $Revision: 1.10 $
**
** DESCRIPTION : Objects Administration page.
** Input parameters: action (POST) : empty, 'Create'
/*****************************
$Log: objects.php,v $
- Revision 1.9 2003-09-01 06:55:00 arjen
+ Revision 1.10 2005-06-04 07:24:38 arjen
+ New page: Abuse list
+
+ Revision 1.9 2003/09/01 06:55:00 arjen
Provides an interface to edit the list of
services and users for an object.
******************************/
-// RCSID = "$Id: objects.php,v 1.9 2003-09-01 06:55:00 arjen Exp $";
+// RCSID = "$Id: objects.php,v 1.10 2005-06-04 07:24:38 arjen Exp $";
ini_set('include_path', '.:./classes:../phpclasses');
<table>
<tr><th>Object</th><th>Description</th><th>Log entries</th>
- <th>Parameters</th><th>Notifications</th></tr>
+ <th>Parameters</th><th>Notifications</th><th>Abuses</th></tr>
<?php
$obj = 0;
</td><td class='number'>
<?php echo "<a href='notification.php?oid=$u->objectid'>" . $this->nr_notifications
. " (" . $this->closed_notifications . " closed)</a>" ?>
+ </td><td class='number'>
+ <?php echo "<a href='abuse.php?oid=$u->objectid'>" . "Abuse list"
+ . " </a>" ?>
</td><td>
<form action='objects.php' method='post' onSubmit='return CheckRemove(this)'>
<input type='hidden' name='objectname' value='<?php echo $u->objectname ?>'>
echo "<td> </td>";
echo "<td class='number'>$count_logs</td>";
echo "<td class='number'>$count_parameters ($removed_parameters removed)</td>";
- echo "<td class='number'>$count_notifications ($closed_notifications closed)</td></tr>";
- echo "</table>";
+ echo "<td class='number'>$count_notifications ($closed_notifications closed)</td>";
+ echo "<td> </td>";
+ echo "</tr>\n";
+ echo "</table>\n";
?>