Mercurial > hg > maltfilter
changeset 17:fe220b5a975a
Cleanups, add configuration for WHOIS linking.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Sat, 15 Aug 2009 20:42:16 +0300 |
parents | 87c0cdc048f5 |
children | b0017a324040 |
files | example.conf maltfilter |
diffstat | 2 files changed, 61 insertions(+), 18 deletions(-) [+] |
line wrap: on
line diff
--- a/example.conf Sat Aug 15 19:41:03 2009 +0300 +++ b/example.conf Sat Aug 15 20:42:16 2009 +0300 @@ -88,3 +88,8 @@ ## (if left empty, CSS is not used.) #STATUS_FILE_HTML = "/var/www/maltstatus.html" #STATUS_FILE_CSS = "cool.css" + +## URL for a web-based WHOIS service. This URL will be used for creating +## href links of the IP addresses. Default is whois.domaintools.com. Set +## empty if you don't want links. +#WHOIS_URL = "http://whois.domaintools.com/"
--- a/maltfilter Sat Aug 15 19:41:03 2009 +0300 +++ b/maltfilter Sat Aug 15 20:42:16 2009 +0300 @@ -32,6 +32,8 @@ "STATUS_FILE_HTML" => "", "STATUS_FILE_CSS" => "", + "WHOIS_URL" => "http://whois.domaintools.com/", + "CHK_SSHD" => 1, "CHK_KNOWN_CGI" => 1, "CHK_PHP_XSS" => 1, @@ -143,6 +145,30 @@ ############################################################################# ### Status output functionality ############################################################################# +sub urlencode($) +{ + my $value = $_[0]; + $value =~ s/([^a-zA-Z_0-9 ])/"%" . uc(sprintf "%lx" , unpack("C", $1))/eg; + $value =~ tr/ /+/; + return $value; +} + +my %entities = ( + "<" => "lt", + ">" => "gt", + "&" => "amp", +); + +sub htmlentities($) +{ + my $value = $_[0]; +# $value =~ s/([keys %entities])/"&".$entities{$1}.";"/eg; + foreach my $val (keys %entities) { + $value =~ s/$val/\&$entities{$val}\;/g; + } + return $value; +} + sub printH($$$$) { my $fh = $_[1]; @@ -202,7 +228,12 @@ sub getLink($$) { - return $_[0] ? "<a href=\"http://whois.domaintools.com/$_[1]\">$_[1]</a>" : $_[1]; + if ($settings{"WHOIS_URL"} ne "") { + return $_[0] ? "<a href=\"".$settings{"WHOIS_URL"}.$_[1]. + "\">".htmlentities($_[1])."</a>" : $_[1]; + } else { + return $_[0]; + } } sub printTable1($$$$$) @@ -211,54 +242,63 @@ my $ntotal = 0; printElem($m, $f, - "<table class=\"detailed\">\n<tr>". - "<th>Hits</th><th>IP-address</th><th>First hit</th><th>Latest hit</th><th>Reason(s)</th>". - "</tr>\n"); + "<table class=\"detailed\">\n". + "<tr><th>Hits</th><th>IP-address</th><th>First hit</th><th>Latest hit</th><th>Reason(s)</th></tr>\n", + + "Hits | IP-address | First hit | Latest hit | Reason(s)\n" + ); foreach my $mip (sort { $func->($table, $a, $b) } keys %{$keys}) { printElem($m, $f, " <tr>"); - printTD($m, $f, sprintf("%-10d", $table->{$mip}{"hits"})); + printTD($m, $f, sprintf(bb($m)."%-10d".eb($m), $table->{$mip}{"hits"})); + printElem(!$m, $f, " | "); printTD($m, $f, sprintf("%-15s", getLink($m, $mip))); - printElem(!$m, $f, " : "); + printElem(!$m, $f, " | "); printTD($m, $f, scalar localtime($table->{$mip}{"date1"})); - printElem(!$m, $f, " : "); + printElem(!$m, $f, " | "); printTD($m, $f, scalar localtime($table->{$mip}{"date2"})); - printElem(!$m, $f, " : "); + printElem(!$m, $f, " | "); my @reasons = (); foreach my $class (sort keys %{$table->{$mip}{"reason"}}) { my $msgs; if ($reportmode) { my @tmp = @{$table->{$mip}{"reason"}{$class}{"msg"}}; if ($#tmp > 5) { $#tmp = 5; } + foreach (@tmp) { $_ = htmlentities($_); } $msgs = join(" ".bb($m)."|".eb($m)." ", @tmp); } else { $msgs = $table->{$mip}{"reason"}{$class}{"msg"}; } - push(@reasons, bb($m).$class.eb($m)." #".$table->{$mip}{"reason"}{$class}{"hits"}." ( ".$msgs." )"); + push(@reasons, bb($m).$class.eb($m)." #".$table->{$mip}{"reason"}{$class}{"hits"}. + " ( ".$msgs." )"); } printTD($m, $f, join(", ", @reasons)); - printElem($m, $f, "</tr>", "\n"); + printElem($m, $f, "</tr>\n", "\n"); $ntotal++; } printElem($m, $f, "</table>\n"); printP($m, $f, bb($m).$ntotal.eb($m)." entries total.\n"); } + sub printTable2($$$$$) { my ($m, $f, $table, $keys, $func) = @_; my $nhits = 0; - my $str = "<th>IP-address</th><th>Hits</th><th>Latest hit</th><th>Class(es)</th>"; + my $str = "<th>IP-address</th><th>Hits</th><th>Latest hit</th><th>Class</th>"; + my $str2 = "IP-address | Hits | Latest hit | Class "; - printElem($m, $f, "<table class=\"summary\">\n<tr>". $str."<th> </th>".$str ."</tr>\n"); + printElem($m, $f, + "<table class=\"summary\">\n<tr>". $str."<th> </th>".$str ."</tr>\n", + $str2." || ".$str2."\n"); my $printEntry = sub { printTD($m, $f, sprintf("%-15s", getLink($m, $_[0]))); - printElem(!$m, $f, " : "); + printElem(!$m, $f, " | "); printTD($m, $f, sprintf("%-8d ", $table->{$_[0]}{"hits"})); - printElem(!$m, $f, " : "); + printElem(!$m, $f, " | "); printTD($m, $f, scalar localtime($table->{$_[0]}{"date2"})); - printElem(!$m, $f, " : "); + printElem(!$m, $f, " | "); my $tmp = join(", ", sort keys %{$table->{$_[0]}{"reason"}}); printTD($m, $f, sprintf("%-30s", $tmp)); $nhits += $table->{$_[0]}{"hits"}; @@ -296,9 +336,6 @@ } -### -### -### sub generate_status($$) { my $filename = shift; @@ -404,6 +441,7 @@ sub update_blocklist($) { my $mdate = $_[0]; + $ENV{"PATH"} = ""; open(STATUS, $settings{"IPTABLES"}." -v -n -L INPUT |") or die("Could not execute ".$settings{"IPTABLES"}."\n"); %blocklist = ();