Mercurial > hg > maltfilter

changeset 17:fe220b5a975a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Cleanups, add configuration for WHOIS linking.
author Matti Hamalainen <ccr@tnsp.org>
date Sat, 15 Aug 2009 20:42:16 +0300
parents 87c0cdc048f5
children b0017a324040
files example.conf maltfilter
diffstat 2 files changed, 61 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/example.conf	Sat Aug 15 19:41:03 2009 +0300
+++ b/example.conf	Sat Aug 15 20:42:16 2009 +0300
@@ -88,3 +88,8 @@
 ## (if left empty, CSS is not used.)
 #STATUS_FILE_HTML = "/var/www/maltstatus.html"
 #STATUS_FILE_CSS = "cool.css"
+
+## URL for a web-based WHOIS service. This URL will be used for creating
+## href links of the IP addresses. Default is whois.domaintools.com. Set
+## empty if you don't want links.
+#WHOIS_URL = "http://whois.domaintools.com/"
--- a/maltfilter	Sat Aug 15 19:41:03 2009 +0300
+++ b/maltfilter	Sat Aug 15 20:42:16 2009 +0300
@@ -32,6 +32,8 @@
   "STATUS_FILE_HTML" => "",
   "STATUS_FILE_CSS" => "",
 
+  "WHOIS_URL" => "http://whois.domaintools.com/",
+
   "CHK_SSHD"            => 1,
   "CHK_KNOWN_CGI"       => 1,
   "CHK_PHP_XSS"         => 1,
@@ -143,6 +145,30 @@
 #############################################################################
 ### Status output functionality
 #############################################################################
+sub urlencode($)
+{
+  my $value = $_[0];
+  $value =~ s/([^a-zA-Z_0-9 ])/"%" . uc(sprintf "%lx" , unpack("C", $1))/eg;
+  $value =~ tr/ /+/;
+  return $value;
+}
+
+my %entities = (
+  "<" => "lt",
+  ">" => "gt",
+  "&" => "amp",
+);
+
+sub htmlentities($)
+{
+  my $value = $_[0];
+#  $value =~ s/([keys %entities])/"&".$entities{$1}.";"/eg;
+  foreach my $val (keys %entities) {
+    $value =~ s/$val/\&$entities{$val}\;/g;
+  }
+  return $value;
+}
+
 sub printH($$$$)
 {
   my $fh = $_[1];
@@ -202,7 +228,12 @@
 
 sub getLink($$)
 {
-  return $_[0] ? "<a href=\"http://whois.domaintools.com/$_[1]\">$_[1]</a>" : $_[1];
+  if ($settings{"WHOIS_URL"} ne "") {
+    return $_[0] ? "<a href=\"".$settings{"WHOIS_URL"}.$_[1].
+      "\">".htmlentities($_[1])."</a>" : $_[1];
+  } else {
+    return $_[0];
+  }
 }
 
 sub printTable1($$$$$)
@@ -211,54 +242,63 @@
   my $ntotal = 0;
 
   printElem($m, $f,
-  "<table class=\"detailed\">\n<tr>".
-  "<th>Hits</th><th>IP-address</th><th>First hit</th><th>Latest hit</th><th>Reason(s)</th>".
-  "</tr>\n");
+  "<table class=\"detailed\">\n".
+  "<tr><th>Hits</th><th>IP-address</th><th>First hit</th><th>Latest hit</th><th>Reason(s)</th></tr>\n",
+
+  "Hits       | IP-address      | First hit                | Latest hit               | Reason(s)\n"
+  );
   
   foreach my $mip (sort { $func->($table, $a, $b) } keys %{$keys}) {
     printElem($m, $f, " <tr>");
-    printTD($m, $f, sprintf("%-10d", $table->{$mip}{"hits"}));
+    printTD($m, $f, sprintf(bb($m)."%-10d".eb($m), $table->{$mip}{"hits"}));
+    printElem(!$m, $f, " | ");
     printTD($m, $f, sprintf("%-15s", getLink($m, $mip)));
-    printElem(!$m, $f, " : ");
+    printElem(!$m, $f, " | ");
     printTD($m, $f, scalar localtime($table->{$mip}{"date1"}));
-    printElem(!$m, $f, " : ");
+    printElem(!$m, $f, " | ");
     printTD($m, $f, scalar localtime($table->{$mip}{"date2"}));
-    printElem(!$m, $f, " : ");
+    printElem(!$m, $f, " | ");
     my @reasons = ();
     foreach my $class (sort keys %{$table->{$mip}{"reason"}}) {
       my $msgs;
       if ($reportmode) {
         my @tmp = @{$table->{$mip}{"reason"}{$class}{"msg"}};
         if ($#tmp > 5) { $#tmp = 5; }
+        foreach (@tmp) { $_ = htmlentities($_); }
         $msgs = join(" ".bb($m)."|".eb($m)." ", @tmp);
       } else {
         $msgs = $table->{$mip}{"reason"}{$class}{"msg"};
       }
-      push(@reasons, bb($m).$class.eb($m)." #".$table->{$mip}{"reason"}{$class}{"hits"}." ( ".$msgs." )");
+      push(@reasons, bb($m).$class.eb($m)." #".$table->{$mip}{"reason"}{$class}{"hits"}.
+        " ( ".$msgs." )");
     }
     printTD($m, $f, join(", ", @reasons));
-    printElem($m, $f, "</tr>", "\n");
+    printElem($m, $f, "</tr>\n", "\n");
     $ntotal++;
   }
   printElem($m, $f, "</table>\n");
   printP($m, $f, bb($m).$ntotal.eb($m)." entries total.\n");
 }
 
+
 sub printTable2($$$$$)
 {
   my ($m, $f, $table, $keys, $func) = @_;
   my $nhits = 0;
-  my $str = "<th>IP-address</th><th>Hits</th><th>Latest hit</th><th>Class(es)</th>";
+  my $str = "<th>IP-address</th><th>Hits</th><th>Latest hit</th><th>Class</th>";
+  my $str2 = "IP-address      | Hits      | Latest hit               | Class                         ";
 
-  printElem($m, $f, "<table class=\"summary\">\n<tr>". $str."<th> </th>".$str ."</tr>\n");
+  printElem($m, $f,
+  "<table class=\"summary\">\n<tr>". $str."<th> </th>".$str ."</tr>\n",
+  $str2." || ".$str2."\n");
   
   my $printEntry = sub {
     printTD($m, $f, sprintf("%-15s", getLink($m, $_[0])));
-    printElem(!$m, $f, " : ");
+    printElem(!$m, $f, " | ");
     printTD($m, $f, sprintf("%-8d ", $table->{$_[0]}{"hits"}));
-    printElem(!$m, $f, " : ");
+    printElem(!$m, $f, " | ");
     printTD($m, $f, scalar localtime($table->{$_[0]}{"date2"}));
-    printElem(!$m, $f, " : ");
+    printElem(!$m, $f, " | ");
     my $tmp = join(", ", sort keys %{$table->{$_[0]}{"reason"}});
     printTD($m, $f, sprintf("%-30s", $tmp));
     $nhits += $table->{$_[0]}{"hits"};
@@ -296,9 +336,6 @@
 }
 
 
-###
-###
-###
 sub generate_status($$)
 {
   my $filename = shift;
@@ -404,6 +441,7 @@
 sub update_blocklist($)
 {
   my $mdate = $_[0];
+  $ENV{"PATH"} = "";
   open(STATUS, $settings{"IPTABLES"}." -v -n -L INPUT |") or
     die("Could not execute ".$settings{"IPTABLES"}."\n");
   %blocklist = ();