From mboxrd@z Thu Jan  1 00:00:00 1970
From: Horace Michael <horace.michael@gmx.com>
To: development@lists.ipfire.org
Subject: [[PATCH]] Guardian enhancements
Date: Thu, 03 Nov 2016 01:42:17 +0200
Message-ID: <1478130137-31542-1-git-send-email-horace.michael@gmx.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5260892947692643980=="
List-Id: <development.lists.ipfire.org>

--===============5260892947692643980==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

1. Detect for each IP the network it belongs and change background of that IP=
 according to the network (Green, Red, Blue, Orange)
2. For each IP detect the country it belongs to and display country flag near=
 IP

This is my second attempt to use GIT.

Signed-off-by: Horace Michael <horace.michael(a)gmx.com>
---
 html/cgi-bin/guardian.cgi | 687 +++++++++++++++++++++++++++++++-------------=
--
 1 file changed, 470 insertions(+), 217 deletions(-)
 mode change 100644 =3D> 100755 html/cgi-bin/guardian.cgi

diff --git a/html/cgi-bin/guardian.cgi b/html/cgi-bin/guardian.cgi
old mode 100644
new mode 100755
index 963a56430768..b05d4f7f7bad
--- a/html/cgi-bin/guardian.cgi
+++ b/html/cgi-bin/guardian.cgi
@@ -22,6 +22,9 @@
 use strict;
 use Locale::Codes::Country;
 use Guardian::Socket;
+use Net::IPv4Addr qw( :all );
+use Geo::IP::PurePerl;
+use Switch;
=20
 # enable only the following on debugging purpose
 #use warnings;
@@ -45,6 +48,16 @@ my @memory=3D();
 my @pid=3D();
 my @guardian=3D();
=20
+my @colour=3D();
+my @network=3D();
+my @masklen=3D();
+my $colour_multicast =3D "#A0A0A0";
+#needed for the country flag
+my @key;
+my @value;
+my $color=3D0;
+
+
 # Path to the guardian.ignore file.
 my $ignorefile =3D'/var/ipfire/guardian/guardian.ignore';
=20
@@ -56,6 +69,9 @@ my %module_file_locations =3D (
 	"SNORT" =3D> "/var/log/snort/alert",
 	"SSH" =3D> "/var/log/messages",
 );
+my %netsettings=3D();
+&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
+
=20
 our %netsettings =3D ();
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
@@ -65,6 +81,193 @@ our %mainsettings =3D ();
 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/i=
nclude/colors.txt", \%color);
=20
+# #####################################################
+# Collect data for the @network array.
+
+# Add Firewall Localhost 127.0.0.1
+push(@network, '127.0.0.1');
+push(@masklen, '255.255.255.255');
+push(@colour, ${Header::colourfw});
+
+
+
+if (open(IP, "${General::swroot}/red/local-ipaddress")) {
+	my $redip =3D <IP>;
+	close(IP);
+	chomp $redip;
+	push(@network, $redip);
+	push(@masklen, '255.255.255.255');
+	push(@colour, ${Header::colourfw});
+}
+
+# Add STATIC RED aliases
+if ($netsettings{'RED_DEV'}) {
+	my $aliasfile =3D "${General::swroot}/ethernet/aliases";
+	open(ALIASES, $aliasfile) or die 'Unable to open aliases file.';
+	my @aliases =3D <ALIASES>;
+	close(ALIASES);
+
+# We have a RED eth iface
+if ($netsettings{'RED_TYPE'} eq 'STATIC') {
+
+#We have a STATIC RED eth iface
+		foreach my $line (@aliases) {
+			chomp($line);
+			my @temp =3D split(/\,/,$line);
+			if ($temp[0]) {
+				push(@network, $temp[0]);
+				push(@masklen, $netsettings{'RED_NETMASK'} );
+				push(@colour, ${Header::colourfw} );
+			}
+		}
+	}
+}
+
+# Add Green Firewall Interface
+	push(@network, $netsettings{'GREEN_ADDRESS'});
+	push(@masklen, "255.255.255.255" );
+	push(@colour, ${Header::colourfw} );
+
+# Add Green Network to Array
+	push(@network, $netsettings{'GREEN_NETADDRESS'});
+	push(@masklen, $netsettings{'GREEN_NETMASK'} );
+	push(@colour, ${Header::colourgreen} );
+
+# Add Green Routes to Array
+	my @routes =3D `/sbin/route -n | /bin/grep $netsettings{'GREEN_DEV'}`;
+	foreach my $route (@routes) {
+		chomp($route);
+		my @temp =3D split(/[\t ]+/, $route);
+		push(@network, $temp[0]);
+		push(@masklen, $temp[2]);
+		push(@colour, ${Header::colourgreen} );
+	}
+
+# Add Blue Firewall Interface
+	push(@network, $netsettings{'BLUE_ADDRESS'});
+	push(@masklen, "255.255.255.255" );
+	push(@colour, ${Header::colourfw} );
+
+# Add Blue Network
+	if ($netsettings{'BLUE_DEV'}) {
+		push(@network, $netsettings{'BLUE_NETADDRESS'});
+		push(@masklen, $netsettings{'BLUE_NETMASK'} );
+		push(@colour, ${Header::colourblue} );
+
+# Add Blue Routes to Array
+	@routes =3D `/sbin/route -n | /bin/grep $netsettings{'BLUE_DEV'}`;
+	foreach my $route (@routes) {
+		chomp($route);
+		my @temp =3D split(/[\t ]+/, $route);
+		push(@network, $temp[0]);
+		push(@masklen, $temp[2]);
+		push(@colour, ${Header::colourblue} );
+	}
+}
+
+# Add Orange Firewall Interface
+	push(@network, $netsettings{'ORANGE_ADDRESS'});
+	push(@masklen, "255.255.255.255" );
+	push(@colour, ${Header::colourfw} );
+
+# Add Orange Network
+	if ($netsettings{'ORANGE_DEV'}) {
+		push(@network, $netsettings{'ORANGE_NETADDRESS'});
+		push(@masklen, $netsettings{'ORANGE_NETMASK'} );
+		push(@colour, ${Header::colourorange} );
+		# Add Orange Routes to Array
+		@routes =3D `/sbin/route -n | /bin/grep $netsettings{'ORANGE_DEV'}`;
+		foreach my $route (@routes) {
+			chomp($route);
+			my @temp =3D split(/[\t ]+/, $route);
+			push(@network, $temp[0]);
+			push(@masklen, $temp[2]);
+			push(@colour, ${Header::colourorange} );
+
+	}
+}
+
+# Highlight multicast connections.
+	push(@network, "224.0.0.0");
+	push(@masklen, "239.0.0.0");
+	push(@colour, $colour_multicast);
+
+# Add OpenVPN net and RED/BLUE/ORANGE entry (when appropriate)
+	if (-e "${General::swroot}/ovpn/settings") {
+		my %ovpnsettings =3D ();
+		&General::readhash("${General::swroot}/ovpn/settings", \%ovpnsettings);
+		my @tempovpnsubnet =3D split("\/",$ovpnsettings{'DOVPN_SUBNET'});
+
+# add OpenVPN net
+	push(@network, $tempovpnsubnet[0]);
+	push(@masklen, $tempovpnsubnet[1]);
+	push(@colour, ${Header::colourovpn} );
+
+# add BLUE:port / proto
+	if (($ovpnsettings{'ENABLED_BLUE'} eq 'on') && $netsettings{'BLUE_DEV'}) {
+		push(@network, $netsettings{'BLUE_ADDRESS'} );
+		push(@masklen, '255.255.255.255' );
+		push(@colour, ${Header::colourovpn});
+}
+
+# add ORANGE:port / proto
+	if (($ovpnsettings{'ENABLED_ORANGE'} eq 'on') && $netsettings{'ORANGE_DEV'}=
) {
+		push(@network, $netsettings{'ORANGE_ADDRESS'} );
+		push(@masklen, '255.255.255.255' );
+		push(@colour, ${Header::colourovpn} );
+	}
+}
+
+# Add OpenVPN net for custom OVPNs
+	if (-e "${General::swroot}/ovpn/ccd.conf") {
+		open(OVPNSUB, "${General::swroot}/ovpn/ccd.conf");
+		my @ovpnsub =3D <OVPNSUB>;
+		close(OVPNSUB);
+		foreach (@ovpnsub) {
+			my ($network, $mask) =3D split '/', (split ',', $_)[2];
+			$mask =3D ipv4_cidr2msk($mask) unless &General::validip($mask);
+			push(@network, $network);
+			push(@masklen, $mask);
+			push(@colour, ${Header::colourovpn});
+	}
+}
+
+open(IPSEC, "${General::swroot}/vpn/config");
+	my @ipsec =3D <IPSEC>;
+	close(IPSEC);
+	foreach my $line (@ipsec) {
+		my @vpn =3D split(',', $line);
+		my ($network, $mask) =3D split("/", $vpn[12]);
+		if (!&General::validip($mask)) {
+			$mask =3D ipv4_cidr2msk($mask);
+		}
+		push(@network, $network);
+		push(@masklen, $mask);
+		push(@colour, ${Header::colourvpn});
+}
+
+if (-e "${General::swroot}/ovpn/n2nconf") {
+	open(OVPNN2N, "${General::swroot}/ovpn/ovpnconfig");
+	my @ovpnn2n =3D <OVPNN2N>;
+	close(OVPNN2N);
+	foreach my $line (@ovpnn2n) {
+		my @ovpn =3D split(',', $line);
+		next if ($ovpn[4] ne 'net');
+		my ($network, $mask) =3D split("/", $ovpn[12]);
+		if (!&General::validip($mask)) {
+			$mask =3D ipv4_cidr2msk($mask);
+		}
+		push(@network, $network);
+		push(@masklen, $mask);
+		push(@colour, ${Header::colourovpn});
+	}
+}
+
+
+# #####################################################
+
+
+
 # Pakfire meta file for owncloud.
 # (File exists when the addon is installed.)
 my $owncloud_meta =3D "/opt/pakfire/db/installed/meta-owncloud";
@@ -475,8 +678,6 @@ sub showMainBox() {
 	</script>
 END
=20
-
-
 	# Draw current guardian state.
 	&Header::openbox('100%', 'center', $Lang::tr{'guardian'});
=20
@@ -563,14 +764,14 @@ END
 			</tr>
 END
=20
-			# Display owncloud checkbox when the addon is installed.
-			if ( -e "$owncloud_meta" ) {
-				print"<tr>\n";
-				print"<td width=3D'25%' class=3D'base'>$Lang::tr{'guardian block ownclou=
d brute-force'}</td>\n";
-				print"<td align=3D'left'>on <input type=3D'radio' name=3D'GUARDIAN_MONIT=
OR_OWNCLOUD' value=3D'on' $checked{'GUARDIAN_MONITOR_OWNCLOUD'}{'on'} /> /\n";
-				print"<input type=3D'radio' name=3D'GUARDIAN_MONITOR_OWNCLOUD' value=3D'=
off' $checked{'GUARDIAN_MONITOR_OWNCLOUD'}{'off'} /> off</td>\n";
-				print"</tr>\n";
-			}
+	# Display owncloud checkbox when the addon is installed.
+	if ( -e "$owncloud_meta" ) {
+		print"<tr>\n";
+		print"<td width=3D'25%' class=3D'base'>$Lang::tr{'guardian block owncloud =
brute-force'}</td>\n";
+		print"<td align=3D'left'>on <input type=3D'radio' name=3D'GUARDIAN_MONITOR=
_OWNCLOUD' value=3D'on' $checked{'GUARDIAN_MONITOR_OWNCLOUD'}{'on'} /> /\n";
+		print"<input type=3D'radio' name=3D'GUARDIAN_MONITOR_OWNCLOUD' value=3D'of=
f' $checked{'GUARDIAN_MONITOR_OWNCLOUD'}{'off'} /> off</td>\n";
+		print"</tr>\n";
+	}
 	print <<END;
 			<tr>
 				<td colspan=3D'2'><br></td>
@@ -657,128 +858,140 @@ sub showIgnoreBox() {
         &Header::openbox('100%', 'center', $Lang::tr{'guardian ignored hosts=
'});
=20
 	print <<END;
-		<table width=3D'80%'>
+		<table width=3D'60%'>
 			<tr>
 				<td class=3D'base' bgcolor=3D'$color{'color20'}'><b>$Lang::tr{'ip addres=
s'}</b></td>
+				<td width=3D'10%' class=3D'base' align=3D'center' bgcolor=3D'$color{'col=
or20'}'><b>$Lang::tr{'country'}</b></td>
 				<td class=3D'base' bgcolor=3D'$color{'color20'}'><b>$Lang::tr{'remark'}<=
/b></td>
-				<td class=3D'base' colspan=3D'3' bgcolor=3D'$color{'color20'}'></td>
+				<td class=3D'base' align=3D'center' colspan=3D'3' bgcolor=3D'$color{'col=
or20'}'><b>$Lang::tr{'action'}</b></td>
 			</tr>
 END
-			# Check if some hosts have been add to be ignored.
-			if (keys (%ignored)) {
-				my $col =3D "";
-
-				# Loop through all entries of the hash..
-				while( (my $key) =3D each %ignored)  {
-					# Assign data array positions to some nice variable names.
-					my $address =3D $ignored{$key}[0];
-					my $remark =3D $ignored{$key}[1];
-					my $status  =3D $ignored{$key}[2];
-
-					# Check if the key (id) number is even or not.
-					if ($settings{'ID'} eq $key) {
-						$col=3D"bgcolor=3D'${Header::colouryellow}'";
-					} elsif ($key % 2) {
-						$col=3D"bgcolor=3D'$color{'color22'}'";
-					} else {
-						$col=3D"bgcolor=3D'$color{'color20'}'";
-					}
-
-					# Choose icon for the checkbox.
-					my $gif;
-					my $gdesc;
-
-					# Check if the status is enabled and select the correct image and descr=
iption.
-					if ($status eq 'enabled' ) {
-						$gif =3D 'on.gif';
-						$gdesc =3D $Lang::tr{'click to disable'};
-					} else {
-						$gif =3D 'off.gif';
-						$gdesc =3D $Lang::tr{'click to enable'};
-					}
-
-					print <<END;
-					<tr>
-						<td width=3D'20%' class=3D'base' $col>$address</td>
-						<td width=3D'65%' class=3D'base' $col>$remark</td>
-
-						<td align=3D'center' $col>
-							<form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
-								<input type=3D'hidden' name=3D'ACTION' value=3D'$Lang::tr{'toggle en=
able disable'}' />
-								<input type=3D'image' name=3D'$Lang::tr{'toggle enable disable'}' sr=
c=3D'/images/$gif' alt=3D'$gdesc' title=3D'$gdesc' />
-								<input type=3D'hidden' name=3D'ID' value=3D'$key' />
-							</form>
-						</td>
-
-						<td align=3D'center' $col>
-							<form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
-								<input type=3D'hidden' name=3D'ACTION' value=3D'$Lang::tr{'edit'}' />
-								<input type=3D'image' name=3D'$Lang::tr{'edit'}' src=3D'/images/edit=
.gif' alt=3D'$Lang::tr{'edit'}' title=3D'$Lang::tr{'edit'}' />
-								<input type=3D'hidden' name=3D'ID' value=3D'$key' />
-							</form>
-						</td>
-
-						<td align=3D'center' $col>
-							<form method=3D'post' name=3D'$key' action=3D'$ENV{'SCRIPT_NAME'}'>
-								<input type=3D'image' name=3D'$Lang::tr{'remove'}' src=3D'/images/de=
lete.gif' title=3D'$Lang::tr{'remove'}' alt=3D'$Lang::tr{'remove'}'>
-								<input type=3D'hidden' name=3D'ID' value=3D'$key'>
-								<input type=3D'hidden' name=3D'ACTION' value=3D'$Lang::tr{'remove'}'>
-							</form>
-						</td>
-					</tr>
-END
-				}
-			} else {
-				# Print notice that currently no hosts are ignored.
-				print "<tr>\n";
-				print "<td class=3D'base' colspan=3D'2'>$Lang::tr{'guardian no entries'}=
</td>\n";
-				print "</tr>\n";
-			}
+# Check if some hosts have been add to be ignored.
+	if (keys (%ignored)) {
+		my $col =3D "";
+		my $col1 =3D "";
=20
-		print "</table>\n";
+# Loop through all entries of the hash..
+		while( (my $key) =3D each %ignored)  {
+			# Assign data array positions to some nice variable names.
+			my $address =3D $ignored{$key}[0];
+			my $remark =3D $ignored{$key}[1];
+			my $status  =3D $ignored{$key}[2];
=20
-	# Section to add new elements or edit existing ones.
-	print <<END;
-	<br>
-	<hr>
-	<br>
+			# geoip lookup
+			my $gi =3D Geo::IP::PurePerl->new();
+			my $ccode =3D $gi->country_code_by_name($address);
+			my $fcode =3D uc($ccode);
=20
-	<div align=3D'center'>
-		<table width=3D'100%'>
-END
+			# Detect the network in which the IP belongs and set the color for that n=
etwork.
+			$col1=3Dipcolour($address);
=20
-	# Assign correct headline and button text.
-	my $buttontext;
-	my $entry_address;
-	my $entry_remark;
+			# Check if the key (id) number is even or not.
+			if ($settings{'ID'} eq $key) {
+				$col=3D"bgcolor=3D'${Header::colouryellow}'";
+			} elsif ($key % 2) {
+				$col=3D"bgcolor=3D'$color{'color22'}'";
+			} else {
+				$col=3D"bgcolor=3D'$color{'color20'}'";
+			}
=20
-	# Check if an ID (key) has been given, in this case an existing entry shoul=
d be edited.
-	if ($settings{'ID'} ne '') {
-		$buttontext =3D $Lang::tr{'update'};
-		print "<tr><td class=3D'boldbase' colspan=3D'3'><b>$Lang::tr{'update'}</b>=
</td></tr>\n";
+# Choose icon for the checkbox.
+my $gif;
+my $gdesc;
+
+# Check if the status is enabled and select the correct image and descriptio=
n.
+if ($status eq 'enabled' ) {
+	$gif =3D 'on.gif';
+	$gdesc =3D $Lang::tr{'click to disable'};
+} else {
+	$gif =3D 'off.gif';
+	$gdesc =3D $Lang::tr{'click to enable'};
+}
=20
-		# Grab address and remark for the given key.
-		$entry_address =3D $ignored{$settings{'ID'}}[0];
-		$entry_remark =3D $ignored{$settings{'ID'}}[1];
+print "<tr>";
+	print "<td width=3D'20%' class=3D'base' bgcolor=3D$col1 ><a href=3D'/cgi-bi=
n/ipinfo.cgi?ip=3D$address'><span style=3D'color:#FFFFFF;'>$address</span></a=
></td>";
+	if ( $fcode ne "" ){
+		print "<td width=3D'10%' align=3D'center' $col><a href=3D'/cgi-bin/country=
.cgi#$fcode'><img src=3D'/images/flags/$fcode.png' border=3D'0' align=3D'absm=
iddle' alt=3D'$ccode' title=3D'$ccode' /></a></td>";
+	}
+	else {
+			print "<td align=3D'center' $col></td>";
+	}
+	print "<td width=3D'65%' class=3D'base' $col>$remark</td>";
+print <<END;
+	<td align=3D'center' $col>
+		<form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
+			<input type=3D'hidden' name=3D'ACTION' value=3D'$Lang::tr{'toggle enable =
disable'}' />
+			<input type=3D'image' name=3D'$Lang::tr{'toggle enable disable'}' src=3D'=
/images/$gif' alt=3D'$gdesc' title=3D'$gdesc' />
+			<input type=3D'hidden' name=3D'ID' value=3D'$key' />
+		</form>
+	</td>
+	<td align=3D'center' $col>
+		<form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
+			<input type=3D'hidden' name=3D'ACTION' value=3D'$Lang::tr{'edit'}' />
+			<input type=3D'image' name=3D'$Lang::tr{'edit'}' src=3D'/images/edit.gif'=
 alt=3D'$Lang::tr{'edit'}' title=3D'$Lang::tr{'edit'}' />
+			<input type=3D'hidden' name=3D'ID' value=3D'$key' />
+		</form>
+	</td>
+	<td align=3D'center' $col>
+		<form method=3D'post' name=3D'$key' action=3D'$ENV{'SCRIPT_NAME'}'>
+			<input type=3D'image' name=3D'$Lang::tr{'remove'}' src=3D'/images/delete.=
gif' title=3D'$Lang::tr{'remove'}' alt=3D'$Lang::tr{'remove'}'>
+			<input type=3D'hidden' name=3D'ID' value=3D'$key'>
+			<input type=3D'hidden' name=3D'ACTION' value=3D'$Lang::tr{'remove'}'>
+		</form>
+	</td>
+</tr>
+END
+		}
 	} else {
-		$buttontext =3D $Lang::tr{'add'};
-		print "<tr><td class=3D'boldbase' colspan=3D'3'><b>$Lang::tr{'dnsforward a=
dd a new entry'}</b></td></tr>\n";
+		# Print notice that currently no hosts are ignored.
+		print "<tr>\n";
+		print "<td class=3D'base' colspan=3D'2'>$Lang::tr{'guardian no entries'}</=
td>\n";
+		print "</tr>\n";
 	}
=20
-	print <<END;
-			<form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
-			<input type=3D'hidden' name=3D'ID' value=3D'$settings{'ID'}'>
-			<tr>
-				<td width=3D'30%'>$Lang::tr{'ip address'}: </td>
-				<td width=3D'50%'><input type=3D'text' name=3D'IGNORE_ENTRY_ADDRESS' val=
ue=3D'$entry_address' size=3D'24' /></td>
+		print "</table>\n";
=20
-				<td width=3D'30%'>$Lang::tr{'remark'}: </td>
-				<td wicth=3D'50%'><input type=3D'text' name=3DIGNORE_ENTRY_REMARK value=
=3D'$entry_remark' size=3D'24' /></td>
-				<td align=3D'center' width=3D'20%'><input type=3D'submit' name=3D'ACTION=
' value=3D'$buttontext' /></td>
-			</tr>
-			</form>
-		</table>
-	</div>
+# Section to add new elements or edit existing ones.
+print <<END;
+<br>
+<hr>
+<br>
+
+<div align=3D'center'>
+	<table width=3D'100%'>
+END
+
+# Assign correct headline and button text.
+my $buttontext;
+my $entry_address;
+my $entry_remark;
+
+# Check if an ID (key) has been given, in this case an existing entry should=
 be edited.
+if ($settings{'ID'} ne '') {
+	$buttontext =3D $Lang::tr{'update'};
+	print "<tr><td class=3D'boldbase' colspan=3D'3'><b>$Lang::tr{'update'}</b><=
/td></tr>\n";
+
+	# Grab address and remark for the given key.
+	$entry_address =3D $ignored{$settings{'ID'}}[0];
+	$entry_remark =3D $ignored{$settings{'ID'}}[1];
+} else {
+	$buttontext =3D $Lang::tr{'add'};
+	print "<tr><td class=3D'boldbase' colspan=3D'3'><b>$Lang::tr{'dnsforward ad=
d a new entry'}</b></td></tr>\n";
+}
+
+print <<END;
+		<form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
+		<input type=3D'hidden' name=3D'ID' value=3D'$settings{'ID'}'>
+		<tr>
+			<td width=3D'30%'>$Lang::tr{'ip address'}: </td>
+			<td width=3D'50%'><input type=3D'text' name=3D'IGNORE_ENTRY_ADDRESS' valu=
e=3D'$entry_address' size=3D'24' /></td>
+			<td width=3D'30%'>$Lang::tr{'remark'}: </td>
+			<td wicth=3D'50%'><input type=3D'text' name=3DIGNORE_ENTRY_REMARK value=
=3D'$entry_remark' size=3D'24' /></td>
+			<td align=3D'center' width=3D'20%'><input type=3D'submit' name=3D'ACTION'=
 value=3D'$buttontext' /></td>
+		</tr>
+		</form>
+	</table>
+</div>
 END
=20
 	&Header::closebox();
@@ -788,73 +1001,91 @@ END
 sub showBlockedBox() {
 	&Header::openbox('100%', 'center', $Lang::tr{'guardian blocked hosts'});
=20
-	print <<END;
-	<table width=3D'60%'>
-		<tr>
-			<td colspan=3D'2' class=3D'base' bgcolor=3D'$color{'color20'}'><b>$Lang::=
tr{'guardian blocked hosts'}</b></td>
-		</tr>
+	# <td width=3D'15%' class=3D'base' align=3D'center' bgcolor=3D'$color{'colo=
r15'}'><b>VirusTotal</b></td>
+		# <td width=3D'15%' class=3D'base' align=3D'center' bgcolor=3D'$color{'col=
or15'}'><b>DomainTools</b></td>
+		# <td width=3D'10%' class=3D'base' align=3D'center' bgcolor=3D'$color{'col=
or15'}'><b>MultiRBL</b></td>
+		# <td width=3D'10%' class=3D'base' align=3D'center' bgcolor=3D'$color{'col=
or15'}'><b>IPVoid</b></td>
+=09
+print <<END;
+<table width=3D'60%'>
+	<tr>
+		<td width=3D'30%' class=3D'base' bgcolor=3D'$color{'color20'}'><b>$Lang::t=
r{'guardian blocked hosts'}</b></td>
+		<td width=3D'10%' class=3D'base' align=3D'center' bgcolor=3D'$color{'color=
15'}'><b>$Lang::tr{'country'}</b></td>
+		<td width=3D'80%' class=3D'base' align=3D'right' bgcolor=3D'$color{'color1=
5'}'><b>$Lang::tr{'action'}</b></td>
+	</tr>
 END
=20
-		# Lauch function to get the currently blocked hosts.
-		my @blocked_hosts =3D &GetBlockedHosts();
+# Launch function to get the currently blocked hosts.
+my @blocked_hosts =3D &GetBlockedHosts();
=20
-		my $id =3D 0;
-		my $col =3D "";
+my $id =3D 0;
+my $col =3D "";
+my $col1 =3D "";
=20
-		# Loop through our blocked hosts array.
-		foreach my $blocked_host (@blocked_hosts) {
+# Loop through our blocked hosts array.
+foreach my $blocked_host (@blocked_hosts) {
+	# geoip lookup
+		my $gi =3D Geo::IP::PurePerl->new();
+		my $ccode =3D $gi->country_code_by_name($blocked_host);
+        my $fcode =3D uc($ccode);
=20
-			# Increase id number for each element in the ignore file.
-			$id++;
+	# Detect the network in which the IP belongs and set the color for that net=
work.
+		$col1=3Dipcolour($blocked_host);
=20
-			# Check if the id number is even or not.
-			if ($id % 2) {
-				$col=3D"bgcolor=3D'$color{'color22'}'";
-			} else {
-				$col=3D"bgcolor=3D'$color{'color20'}'";
-			}
+	# Increase id number for each element in the ignore file.
+	$id++;
=20
-			print <<END;
-			<tr>
-				<td width=3D'80%' class=3D'base' $col><a href=3D'/cgi-bin/ipinfo.cgi?ip=
=3D$blocked_host'>$blocked_host</a></td>
-				<td width=3D'20%' align=3D'center' $col>
-					<form method=3D'post' name=3D'frmb$id' action=3D'$ENV{'SCRIPT_NAME'}'>
-						<input type=3D'image' name=3D'$Lang::tr{'unblock'}' src=3D'/images/del=
ete.gif' title=3D'$Lang::tr{'unblock'}' alt=3D'$Lang::tr{'unblock'}'>
-						<input type=3D'hidden' name=3D'ADDRESS_UNBLOCK' value=3D'$blocked_host=
'>
-						<input type=3D'hidden' name=3D'ACTION' value=3D'$Lang::tr{'unblock'}'>
-					</form>
-				</td>
-			</tr>
+	# Check if the id number is even or not.
+	if ($id % 2) {
+		$col=3D"bgcolor=3D'$color{'color22'}'";
+	} else {
+		$col=3D"bgcolor=3D'$color{'color20'}'";
+	}
+	print "<tr>";
+	print "<td width=3D'30%' class=3D'base' align=3D'left' bgcolor=3D$col1><a h=
ref=3D'/cgi-bin/ipinfo.cgi?ip=3D$blocked_host' target=3D_blank> <span style=
=3D'color:#FFFFFF;'>$blocked_host</span></a></td>";
+		if ( $fcode ne "" ){
+			print "<td width=3D'10%' align=3D'center' $col><a href=3D'/cgi-bin/countr=
y.cgi#$fcode'><img src=3D'/images/flags/$fcode.png' border=3D'0' align=3D'abs=
middle' alt=3D'$ccode' title=3D'$ccode' /></a></td>";}
+		else {
+			print "<td align=3D'center' $col>$fcode</td>";}
+	print <<END;
+		<td width=3D'70%' align=3D'right' $col>
+			<form method=3D'post' name=3D'frmb$id' action=3D'$ENV{'SCRIPT_NAME'}'>
+				<input type=3D'image' name=3D'$Lang::tr{'unblock'}' src=3D'/images/delet=
e.gif' title=3D'$Lang::tr{'unblock'}' alt=3D'$Lang::tr{'unblock'}'>
+				<input type=3D'hidden' name=3D'ADDRESS_UNBLOCK' value=3D'$blocked_host'>
+				<input type=3D'hidden' name=3D'ACTION' value=3D'$Lang::tr{'unblock'}'>
+			</form>
+		</td>
+	</tr>
 END
-		}
+	}
=20
-	# If the loop only has been runs once the id still is "0", which means ther=
e are no
-	# additional entries (blocked hosts) in the iptables chain.
-	if ($id =3D=3D 0) {
+# If the loop only has been runs once the id still is "0", which means there=
 are no
+# additional entries (blocked hosts) in the iptables chain.
+if ($id =3D=3D 0) {
=20
-		# Print notice that currently no hosts are blocked.
-		print "<tr>\n";
-		print "<td class=3D'base' colspan=3D'2'>$Lang::tr{'guardian no entries'}</=
td>\n";
-		print "</tr>\n";
-	}
+	# Print notice that currently no hosts are blocked.
+	print "<tr>\n";
+	print "<td class=3D'base' colspan=3D'2'>$Lang::tr{'guardian no entries'}</t=
d>\n";
+	print "</tr>\n";
+}
=20
 	print "</table>\n";
=20
         # Section for a manual block of an IP-address.
-	print <<END;
-	<br>
-	<div align=3D'center'>
-		<table width=3D'60%' border=3D'0'>
-			<form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
-			<tr>
-				<td width=3D'30%'>$Lang::tr{'guardian block a host'}: </td>
-				<td width=3D'40%'><input type=3D'text' name=3D'ADDRESS_BLOCK' value=3D''=
 size=3D'24' /></td>
-				<td align=3D'center' width=3D'15%'><input type=3D'submit' name=3D'ACTION=
' value=3D'$Lang::tr{'block'}'></td>
-				<td align=3D'center' width=3D'15%'><input type=3D'submit' name=3D'ACTION=
' value=3D'$Lang::tr{'unblock all'}'></td>
-			</tr>
-			</form>
-		</table>
-	</div>
+print <<END;
+<br>
+<div align=3D'center'>
+	<table width=3D'60%' border=3D'0'>
+		<form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
+		<tr>
+			<td width=3D'30%'>$Lang::tr{'guardian block a host'}: </td>
+			<td width=3D'40%'><input type=3D'text' name=3D'ADDRESS_BLOCK' value=3D'' =
size=3D'24' /></td>
+			<td align=3D'center' width=3D'15%'><input type=3D'submit' name=3D'ACTION'=
 value=3D'$Lang::tr{'block'}'></td>
+			<td align=3D'center' width=3D'15%'><input type=3D'submit' name=3D'ACTION'=
 value=3D'$Lang::tr{'unblock all'}'></td>
+		</tr>
+		</form>
+	</table>
+</div>
 END
=20
 	&Header::closebox();
@@ -887,58 +1118,58 @@ sub daemonstats() {
 }
=20
 sub GetBlockedHosts() {
-	# Create new, empty array.
-	my @hosts;
-
-	# Lauch helper to get chains from iptables.
-	system('/usr/local/bin/getipstat');
-
-	# Open temporary file which contains the chains and rules.
-	open (FILE, '/srv/web/ipfire/html/iptables.txt');
-
-	# Loop through the entire file.
-	while (<FILE>) {
-		my $line =3D $_;
-
-		# Search for the guardian chain and extract
-		# the lines between it and the next empty line
-		# which is placed before the next firewall
-		# chain starts.
-		if ($line =3D~ /^Chain GUARDIAN/ .. /^\s*$/) {
-			# Skip descriptive lines.
-			next if ($line =3D~ /^Chain/);
-			next if ($line =3D~ /^ pkts/);
-
-			# Generate array, based on the line content (seperator is a single or mul=
tiple space's)
-			my @comps =3D split(/\s{1,}/, $line);
-			my ($lead, $pkts, $bytes, $target, $prot, $opt, $in, $out, $source, $dest=
ination) =3D @comps;
-
-			# Assign different variable names.
-			my $blocked_host =3D $source;
-
-			# Add host to our hosts array.
-			if ($blocked_host) {
-				push(@hosts, $blocked_host);
-			}
+# Create new, empty array.
+my @hosts;
+
+# Lauch helper to get chains from iptables.
+system('/usr/local/bin/getipstat');
+
+# Open temporary file which contains the chains and rules.
+open (FILE, '/srv/web/ipfire/html/iptables.txt');
+
+# Loop through the entire file.
+while (<FILE>) {
+	my $line =3D $_;
+
+	# Search for the guardian chain and extract
+	# the lines between it and the next empty line
+	# which is placed before the next firewall
+	# chain starts.
+	if ($line =3D~ /^Chain GUARDIAN/ .. /^\s*$/) {
+		# Skip descriptive lines.
+		next if ($line =3D~ /^Chain/);
+		next if ($line =3D~ /^ pkts/);
+
+		# Generate array, based on the line content (seperator is a single or mult=
iple space's)
+		my @comps =3D split(/\s{1,}/, $line);
+		my ($lead, $pkts, $bytes, $target, $prot, $opt, $in, $out, $source, $desti=
nation) =3D @comps;
+
+		# Assign different variable names.
+		my $blocked_host =3D $source;
+
+		# Add host to our hosts array.
+		if ($blocked_host) {
+			push(@hosts, $blocked_host);
 		}
 	}
+}
=20
-	# Close filehandle.
-	close(FILE);
+# Close filehandle.
+close(FILE);
=20
-	# Remove recently created temporary files of the "getipstat" binary.
-	system(rm -f "/srv/web/ipfire/html/iptables.txt");
-	system(rm -f "/srv/web/ipfire/html/iptablesmangle.txt");
-	system(rm -f "/srv/web/ipfire/html/iptablesnat.txt");
+# Remove recently created temporary files of the "getipstat" binary.
+system(rm -f "/srv/web/ipfire/html/iptables.txt");
+system(rm -f "/srv/web/ipfire/html/iptablesmangle.txt");
+system(rm -f "/srv/web/ipfire/html/iptablesnat.txt");
=20
-	# Convert entries, sort them, write back and store the sorted entries into =
new array.
-	my @sorted =3D map  { $_->[0] }
-             sort { $a->[1] <=3D> $b->[1] }
-             map  { [$_, int sprintf("%03.f%03.f%03.f%03.f", split(/\./, $_)=
)] }
-             @hosts;
+# Convert entries, sort them, write back and store the sorted entries into n=
ew array.
+my @sorted =3D map  { $_->[0] }
+          sort { $a->[1] <=3D> $b->[1] }
+          map  { [$_, int sprintf("%03.f%03.f%03.f%03.f", split(/\./, $_))] }
+          @hosts;
=20
-	# Return our sorted list.
-	return @sorted
+# Return our sorted list.
+return @sorted
 }
=20
 sub BuildConfiguration() {
@@ -1100,7 +1331,7 @@ sub GenerateIgnoreFile() {
 					print FILE "$address\n\n";
 				}
 			}
-                }
+		}
 	}
=20
 	close(FILE);
@@ -1135,3 +1366,25 @@ sub _get_address_from_file ($) {
 	# Return nothing.
 	return;
 }
+
+
+sub ipcolour($) {
+	my $id =3D 0;
+	my $colour =3D ${Header::colourred};
+	my ($ip) =3D $_[0];
+	my $found =3D 0;
+
+	foreach my $line (@network) {
+		if ($network[$id] eq '') {
+			$id++;
+		} else {
+			if (!$found && ipv4_in_network($network[$id], $masklen[$id], $ip) ) {
+				$found =3D 1;
+				$colour =3D $colour[$id];
+			}
+			$id++;
+		}
+	}
+
+	return $colour;
+}
--=20
2.7.4


--===============5260892947692643980==--