############################################################################### # Copyright 2006-2023, Way to the Web Limited # URL: http://www.configserver.com # Email: sales@waytotheweb.com ############################################################################### ## no critic (RequireUseWarnings, ProhibitExplicitReturnUndef, ProhibitMixedBooleanOperators, RequireBriefOpen) package ConfigServer::DisplayResellerUI; use strict; use lib '/usr/local/csf/lib'; use Fcntl qw(:DEFAULT :flock); use POSIX qw(:sys_wait_h sysconf strftime); use File::Basename; use Net::CIDR::Lite; use IPC::Open3; use ConfigServer::Config; use ConfigServer::CheckIP qw(checkip); use ConfigServer::Sendmail; use ConfigServer::Logger; use Exporter qw(import); our $VERSION = 1.01; our @ISA = qw(Exporter); our @EXPORT_OK = qw(); umask(0177); our ($chart, $ipscidr6, $ipv6reg, $ipv4reg, %config, %ips, $mobile, %FORM, $script, $script_da, $images, $myv, %rprivs, $hostname, $hostshort, $tz, $panel); # ############################################################################### # start main sub main { my $form_ref = shift; %FORM = %{$form_ref}; $script = shift; $script_da = shift; $images = shift; $myv = shift; open (my $IN,"<","/etc/csf/csf.resellers"); flock ($IN, LOCK_SH); while (my $line = <$IN>) { my ($user,$alert,$privs) = split(/\:/,$line); $privs =~ s/\s//g; foreach my $priv (split(/\,/,$privs)) { $rprivs{$user}{$priv} = 1; } $rprivs{$user}{ALERT} = $alert; } close ($IN); open (my $HOSTNAME, "<","/proc/sys/kernel/hostname"); flock ($HOSTNAME, LOCK_SH); $hostname = <$HOSTNAME>; chomp $hostname; close ($HOSTNAME); $hostshort = (split(/\./,$hostname))[0]; $tz = strftime("%z", localtime); my $config = ConfigServer::Config->loadconfig(); %config = $config->config(); $panel = "cPanel"; if ($config{GENERIC}) {$panel = "Generic"} if ($config{INTERWORX}) {$panel = "InterWorx"} if ($config{DIRECTADMIN}) {$panel = "DirectAdmin"} if ($FORM{ip} ne "") {$FORM{ip} =~ s/(^\s+)|(\s+$)//g} if ($FORM{action} ne "" and !checkip(\$FORM{ip})) { print "\n"; print "
"; print "[$FORM{ip}] is not a valid IP address\n"; print "
\n"; print "

\n"; } else { if ($FORM{action} eq "qallow" and $rprivs{$ENV{REMOTE_USER}}{ALLOW}) { if ($FORM{comment} eq "") { print "\n"; print "
You must provide a Comment for this option
\n"; } else { $FORM{comment} =~ s/"//g; print "\n"; print "
"; print "

Allowing $FORM{ip}...

\n

\n";
				my $text = &printcmd("/usr/sbin/csf","-a",$FORM{ip},"ALLOW by Reseller $ENV{REMOTE_USER} ($FORM{comment})");
				print "
\n
...Done.
\n";
				print "
\n"; if ($rprivs{$ENV{REMOTE_USER}}{ALERT}) { open (my $IN, "<", "/usr/local/csf/tpl/reselleralert.txt"); flock ($IN, LOCK_SH); my @alert = <$IN>; close ($IN); chomp @alert; my @message; foreach my $line (@alert) { $line =~ s/\[reseller\]/$ENV{REMOTE_USER}/ig; $line =~ s/\[action\]/ALLOW/ig; $line =~ s/\[ip\]/$FORM{ip}/ig; $line =~ s/\[rip\]/$ENV{REMOTE_HOST}/ig; $line =~ s/\[text\]/Result of ALLOW:\n\n$text/ig; push @message, $line; } ConfigServer::Sendmail::relay("", "", @message); } ConfigServer::Logger::logfile("$panel Reseller [$ENV{REMOTE_USER}]: ALLOW $FORM{ip}"); } print "

\n"; } elsif ($FORM{action} eq "qdeny" and $rprivs{$ENV{REMOTE_USER}}{DENY}) { if ($FORM{comment} eq "") { print "\n"; print "
You must provide a Comment for this option
\n"; } else { $FORM{comment} =~ s/"//g; print "\n"; print "
"; print "

Blocking $FORM{ip}...

\n

\n";
				my $text = &printcmd("/usr/sbin/csf","-d",$FORM{ip},"DENY by Reseller $ENV{REMOTE_USER} ($FORM{comment})");
				print "
\n
...Done.
\n";
				print "
\n"; if ($rprivs{$ENV{REMOTE_USER}}{ALERT}) { open (my $IN, "<", "/usr/local/csf/tpl/reselleralert.txt"); flock ($IN, LOCK_SH); my @alert = <$IN>; close ($IN); chomp @alert; my @message; foreach my $line (@alert) { $line =~ s/\[reseller\]/$ENV{REMOTE_USER}/ig; $line =~ s/\[action\]/DENY/ig; $line =~ s/\[ip\]/$FORM{ip}/ig; $line =~ s/\[rip\]/$ENV{REMOTE_HOST}/ig; $line =~ s/\[text\]/Result of DENY:\n\n$text/ig; push @message, $line; } ConfigServer::Sendmail::relay("", "", @message); } ConfigServer::Logger::logfile("$panel Reseller [$ENV{REMOTE_USER}]: DENY $FORM{ip}"); } print "

\n"; } elsif ($FORM{action} eq "qkill" and $rprivs{$ENV{REMOTE_USER}}{UNBLOCK}) { my $text = ""; if ($rprivs{$ENV{REMOTE_USER}}{ALERT}) { my ($childin, $childout); my $pid = open3($childin, $childout, $childout, "/usr/sbin/csf","-g",$FORM{ip}); while (<$childout>) {$text .= $_} waitpid ($pid, 0); } print "\n"; print "
"; print "

Unblock $FORM{ip}, trying permanent blocks...

\n

\n";
			my $text1 = &printcmd("/usr/sbin/csf","-dr",$FORM{ip});
			print "
\n
...Done.
\n";
			print "
Unblock $FORM{ip}, trying temporary blocks...
\n
\n";
			my $text2 = &printcmd("/usr/sbin/csf","-tr",$FORM{ip});
			print "
\n
...Done.
\n";
			print "
\n"; print "

\n"; if ($rprivs{$ENV{REMOTE_USER}}{ALERT}) { open (my $IN, "<", "/usr/local/csf/tpl/reselleralert.txt"); flock ($IN, LOCK_SH); my @alert = <$IN>; close ($IN); chomp @alert; my @message; foreach my $line (@alert) { $line =~ s/\[reseller\]/$ENV{REMOTE_USER}/ig; $line =~ s/\[action\]/UNBLOCK/ig; $line =~ s/\[ip\]/$FORM{ip}/ig; $line =~ s/\[rip\]/$ENV{REMOTE_HOST}/ig; $line =~ s/\[text\]/Result of GREP before UNBLOCK:\n$text\n\nResult of UNBLOCK:\nPermanent:\n$text1\nTemporary:\n$text2\n/ig; push @message, $line; } ConfigServer::Sendmail::relay("", "", @message); } ConfigServer::Logger::logfile("$panel Reseller [$ENV{REMOTE_USER}]: UNBLOCK $FORM{ip}"); } elsif ($FORM{action} eq "grep" and $rprivs{$ENV{REMOTE_USER}}{GREP}) { print "\n"; print "
"; print "

Searching for $FORM{ip}...

\n

\n";
			&printcmd("/usr/sbin/csf","-g",$FORM{ip});
			print "
\n
...Done.
\n";
			print "
\n"; print "

\n"; } else { print "\n"; print ""; if ($rprivs{$ENV{REMOTE_USER}}{ALLOW}) {print "\n"} if ($rprivs{$ENV{REMOTE_USER}}{DENY}) {print "\n"} if ($rprivs{$ENV{REMOTE_USER}}{UNBLOCK}) {print "\n"} if ($rprivs{$ENV{REMOTE_USER}}{GREP}) {print "\n"} print "
csf - ConfigServer Firewall options for $ENV{REMOTE_USER}
Allow IP address through the firewall and add to the allow file (csf.allow).
Comment for Allow: (required)
Block IP address in the firewall and add to the deny file (csf.deny).
Comment for Block: (required)
Remove IP address from the firewall (temp and perm blocks)
Search iptables for IP address

\n"; } } print "
\n"; print "
csf: v$myv
"; print "

©2006-2023, ConfigServer Services (Way to the Web Limited)

\n"; return; } # end main ############################################################################### # start printcmd sub printcmd { my @command = @_; my $text; my ($childin, $childout); my $pid = open3($childin, $childout, $childout, @command); while (<$childout>) {print $_ ; $text .= $_} waitpid ($pid, 0); return $text; } # end printcmd ############################################################################### 1;