From acac9de4f997f8f05866cd56aa231908bd3fefd7 Mon Sep 17 00:00:00 2001
From: arjen <arjen>
Date: Sat, 4 Jun 2005 07:24:38 +0000
Subject: [PATCH] New page: Abuse list

---
 src/web/abuse.php   | 164 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/web/objects.php |  20 +++++--
 2 files changed, 178 insertions(+), 6 deletions(-)
 create mode 100644 src/web/abuse.php
diff --git a/src/web/abuse.php b/src/web/abuse.php
new file mode 100644
index 0000000..2595e0b
--- /dev/null
+++ b/src/web/abuse.php
@@ -0,0 +1,164 @@
+<?php
+
+/**************************************************************************
+**  (c) Copyright 2003, Andromeda Technology & Automation
+** This is free software; you can redistribute it and/or modify it under the
+** terms of the GNU General Public License, see the file COPYING.
+***************************************************************************
+** MODULE INFORMATION *
+***********************
+**      FILE NAME      : abuse.php
+**      SYSTEM NAME    : Gnucomo - Gnu Computer Monitoring
+**      VERSION NUMBER : $Revision: 1.1 $
+**
+**  DESCRIPTION      : Abuse list page
+**
+**  EXPORTED OBJECTS : 
+**  LOCAL    OBJECTS : 
+**  MODULES  USED    :
+***************************************************************************
+**  ADMINISTRATIVE INFORMATION *
+********************************
+**      ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
+**      CREATION DATE   : Apr 13, 2004
+**      LAST UPDATE     : Apr 13, 2004
+**      MODIFICATIONS   : 
+**************************************************************************/
+
+/*****************************
+   $Log: abuse.php,v $
+   Revision 1.1  2005-06-04 07:24:38  arjen
+   New page: Abuse list
+
+******************************/
+
+// RCSID = "$Id: abuse.php,v 1.1 2005-06-04 07:24:38 arjen Exp $";
+
+ini_set('include_path', '.:./classes:../phpclasses');
+
+require_once('page.class.php');
+
+
+class abuse_list extends page
+{
+
+   function Body()
+   {
+      if (!empty($_GET['oid']))
+      {
+         $res = pg_exec($this->database, "SELECT objectname FROM object
+                                          WHERE objectid=CAST('" . $_GET['oid']."' AS BIGINT)");
+         $obj = pg_fetch_object($res, 0);
+         echo "<h1>Abuse List for " . $obj->objectname . "</h1><hr>";
+
+         if (!empty($_POST['ACTION']) && ($_POST['ACTION'] == 'Abuse'))
+         {
+            $abuse_points = 2;
+            $Source_IP = $_POST['source'];
+            echo "Reporting " . $_POST['ACTION'] . " for " . $_POST['source'] . "<br>\n";
+            $res = pg_exec($this->database, "SELECT * FROM object_abuse
+                                  WHERE objectid='". $_GET['oid'] ."' AND source='$Source_IP'");
+            if (pg_numrows($res) == 0)
+            {
+               echo "$Source_IP is new.<br>";
+               pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] .
+                                  "', '$Source_IP', '$abuse_points')");
+            }
+            else
+            {
+               $abuse = pg_fetch_object($res, 0);
+               $abuse_points += $abuse->nr_abuses;
+               echo $Source_IP . " will get " . $abuse_points . " abuse points.<br>";
+               echo "Status was " . $abuse->status . "<br>";
+               pg_exec($this->database, "UPDATE object_abuse SET nr_abuses='$abuse_points'" .
+                           " WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'");
+
+               if ($abuse_points >= 6)
+               {
+                  echo "<h2 class='error'>Block IP adrress $Source_IP on the firewall.</h2>";
+                  pg_exec($this->database, "UPDATE object_abuse SET status='dropped'" .
+                           " WHERE objectid='" . $_GET['oid'] . "' AND source='$Source_IP'");
+               }
+            }
+//select rawdata from log where logid in (select logid from log_abuse where source='');
+
+         }
+         else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Investigate')
+         {
+            //  Present a list of abuse addresses in one subnet
+
+            $Subnet = $_POST['subnet'];
+            $res = pg_exec($this->database, "SELECT * FROM object_abuse
+                                  WHERE objectid='". $_GET['oid'] ."' AND source << '$Subnet'");
+
+            echo pg_numrows($res) . " records found.<br>";
+
+            echo "<table>";
+            echo "<tr><th>IP address</th><th>Abuses</th><th>Status</th></tr>\n";
+
+            for ($ip = 0; $ip < pg_numrows($res); $ip++)
+            {
+               $abuse = pg_fetch_object($res, $ip);
+               echo "<tr><td>";
+               echo $abuse->source;
+               echo "</td><td>";
+               echo $abuse->nr_abuses;
+               echo "</td><td>";
+               echo $abuse->status;
+               echo "</td></tr>";
+            }
+            echo "</table>";
+
+         }
+         else if (!empty($_POST['ACTION']) && $_POST['ACTION'] == 'Block')
+         {
+            //  Block an entire subnet and remove the addresses from the list
+
+            $Subnet = $_POST['subnet'];
+            pg_exec($this->database, "DELETE FROM object_abuse WHERE objectid = '" . $_GET['oid']
+                                         . "' AND source << '$Subnet'");
+            $abuse_points = 8;
+            pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] .
+                                  "', '$Subnet', '$abuse_points', 'dropped')");
+         }
+
+         echo "<form method='post'>";
+         echo "Report <input type='submit' name='ACTION' value='Abuse'>";
+         echo " for IP address <input type='text' name='source'>";
+         echo "</form>"; 
+
+         echo "<form method='post'>";
+         echo "<input type='submit' name='ACTION' value='Investigate'>";
+         echo " or <input type='submit' name='ACTION' value='Block'>";
+         echo " this subnet: <input type='text' name='subnet'>";
+         echo "</form>"; 
+
+         $res = pg_exec($this->database, "SELECT * FROM object_abuse
+                                  WHERE objectid='". $_GET['oid'] ."' ORDER BY source");
+
+         echo pg_numrows($res) . " records found.<br>";
+
+         echo "<table>";
+         echo "<tr><th>IP address</th><th>Abuses</th><th>Status</th></tr>\n";
+
+         for ($ip = 0; $ip < pg_numrows($res); $ip++)
+         {
+            $abuse = pg_fetch_object($res, $ip);
+            echo "<tr><td>";
+            echo $abuse->source;
+            echo "</td><td>";
+            echo $abuse->nr_abuses;
+            echo "</td><td>";
+            echo $abuse->status;
+            echo "</td></tr>";
+         }
+         echo "</table>";
+      }
+   }
+}
+
+$page = new abuse_list("Gnucomo Abuse List");
+
+$page->Showpage();
+
+?>
diff --git a/src/web/objects.php b/src/web/objects.php
index 536d910..6a9c434 100644
--- a/src/web/objects.php
+++ b/src/web/objects.php
@@ -9,7 +9,7 @@
 ***********************
 **      FILE NAME      : objects.php
 **      SYSTEM NAME    : Gnucomo - Gnu Computer Monitoring
-**      VERSION NUMBER : $Revision: 1.9 $
+**      VERSION NUMBER : $Revision: 1.10 $
 **
 **  DESCRIPTION      : Objects Administration page.
 **                     Input parameters: action (POST) : empty, 'Create'
@@ -29,7 +29,10 @@
 
 /*****************************
    $Log: objects.php,v $
-   Revision 1.9  2003-09-01 06:55:00  arjen
+   Revision 1.10  2005-06-04 07:24:38  arjen
+   New page: Abuse list
+
+   Revision 1.9  2003/09/01 06:55:00  arjen
    Provides an interface to edit the list of
    services and users for an object.
 
@@ -59,7 +62,7 @@
 
 ******************************/
 
-// RCSID = "$Id: objects.php,v 1.9 2003-09-01 06:55:00 arjen Exp $";
+// RCSID = "$Id: objects.php,v 1.10 2005-06-04 07:24:38 arjen Exp $";
 
 ini_set('include_path', '.:./classes:../phpclasses');
 
@@ -347,7 +350,7 @@ class object_page extends page
 
       <table>
       <tr><th>Object</th><th>Description</th><th>Log entries</th>
-          <th>Parameters</th><th>Notifications</th></tr>
+          <th>Parameters</th><th>Notifications</th><th>Abuses</th></tr>
 
 <?php
       $obj = 0;
@@ -384,6 +387,9 @@ class object_page extends page
          </td><td class='number'>
              <?php echo "<a href='notification.php?oid=$u->objectid'>" . $this->nr_notifications
                       . " (" . $this->closed_notifications . " closed)</a>" ?>
+         </td><td class='number'>
+             <?php echo "<a href='abuse.php?oid=$u->objectid'>" . "Abuse list"
+                      . " </a>" ?>
          </td><td>
              <form action='objects.php' method='post' onSubmit='return CheckRemove(this)'>
                  <input type='hidden' name='objectname' value='<?php echo $u->objectname ?>'>
@@ -399,8 +405,10 @@ class object_page extends page
       echo "<td>&nbsp;</td>";
       echo "<td class='number'>$count_logs</td>";
       echo "<td class='number'>$count_parameters ($removed_parameters removed)</td>";
-      echo "<td class='number'>$count_notifications ($closed_notifications closed)</td></tr>";
-      echo "</table>";
+      echo "<td class='number'>$count_notifications ($closed_notifications closed)</td>";
+      echo "<td>&nbsp;</td>";
+      echo "</tr>\n";
+      echo "</table>\n";
 
 ?>
 
-- 
2.11.0


Object	Description	Log entries	Parameters	Notifications
Parameters	Notifications	Abuses
objectid'>" . $this->nr_notifications . " (" . $this->closed_notifications . " closed)" ?> +	+ objectid'>" . "Abuse list" + . " " ?>	@@ -399,8 +405,10 @@ class object_page extends page echo "		$count_logs	$count_parameters ($removed_parameters removed)	$count_notifications ($closed_notifications closed)