<?php
/*******************************************************************************
* Copyright (c) 2015, 2016 Eclipse Foundation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
* Contributors:
* Eric Poirier (Eclipse Foundation) - initial API and implementation
* Chrisotpher Guindon (Eclipse Foundation)
*******************************************************************************/
require_once("webmaster.class.php");
class Firewall extends Webmaster {
private $search_results = NULL;
private $all_blocks = NULL;
private $recent_blocks = NULL;
private $period = "12";
public function __construct(App $App){
parent::__construct($App);
if ($this->getFormName() === 'webmaster-firewall') {
// Checking the page state
switch ($this->getState()) {
case 'change_recent_blocks_period':
$this->period = filter_var($this->App->getHTTPParameter('period', 'POST'), FILTER_SANITIZE_STRING);
break;
case 'insert_block':
$this->_insertBlock();
break;
case 'delete_block':
$this->_deleteBlock();
break;
case 'search_block':
$this->getSearchResults();
break;
}
}
}
/**
* This function gets the recent blocks
*
* @return array
* */
public function getRecentBlocks() {
if (is_null($this->recent_blocks)) {
$this->recent_blocks = $this->_fetchBlocks($this->period);
}
return $this->recent_blocks;
}
/**
* This function gets all the blocks from the Attacks table
*
* @return array
* */
public function getAllBlocks() {
if (is_null($this->all_blocks)) {
$this->all_blocks = $this->_fetchBlocks();
}
return $this->all_blocks;
}
/**
* This function gets all the search results from the Attacks table
*
* @return array
* */
public function getSearchResults() {
if (is_null($this->search_results) && $this->getState() === 'search_block') {
$this->_searchBlocks();
}
return $this->search_results;
}
/**
* This function deletes a blocked row from the Attacks table
* */
private function _deleteBlock() {
$subnet = filter_var($this->App->getHTTPParameter('subnet_to_delete', 'POST'), FILTER_SANITIZE_STRING);
if ($this->_isValidIp($subnet)) {
$sql = "DELETE FROM Attacks
WHERE Subnet = " . $this->App->returnQuotedString($this->App->sqlSanitize($subnet));
$delete = $this->App->infra_sql($sql);
$this->_updateStats($subnet,'0');
$this->App->setSystemMessage('delete_block','You have successfully deleted the blocked subnet: ' . $subnet . '.', 'success');
return TRUE;
}
$this->App->setSystemMessage('delete_block','There was a problem blocking the subnet: ' . $subnet . '.', 'danger');
return FALSE;
}
/**
* This function updates the Stats table
*
* @param $subnet contains a string
* @param $blocking contains a string of either 1 or 0
* */
private function _updateStats($subnet, $blocking_option) {
if ($this->_isValidIp($subnet)) {
// By default we assume we're inserting a block
$blocking_where = "0";
$count = "";
// But if we're deleting a block
if ($blocking_option === "0") {
$blocking_where = "1";
$count = ", Count = (Count-1)";
}
$sql = "UPDATE Stats
SET Blocking = ". $this->App->sqlSanitize($blocking_option) . $this->App->sqlSanitize($count) . "
WHERE Blocking = ". $this->App->sqlSanitize($blocking_where) ."
AND Subnet = " . $this->App->returnQuotedString($this->App->sqlSanitize($subnet));
$update = $this->App->infra_sql($sql);
}
}
/**
* This function fetches recent blocks based on a number of hours
*
* @param $period
*
* @return array
* */
private function _fetchBlocks($period = "") {
if (empty($period)) {
$this->App->setSystemMessage('fetch_blocks','Please select a period of time.', 'danger');
return;
}
$sql = "SELECT * FROM Attacks";
if ($period != "") {
$sql .= " WHERE AttackDateTime > DATE_SUB(NOW(), INTERVAL " . $this->App->sqlSanitize($period) . " HOUR)";
}
$sql .= " ORDER BY AttackDateTime DESC";
$result = $this->App->infra_sql($sql);
$recent_blocks = array();
while ($row = mysql_fetch_array($result)) {
$recent_blocks[] = $row;
}
if (empty($recent_blocks)) {
return "There weren't any blocks whitin the past <strong>". $period ." hours</strong>.";
}
return $recent_blocks;
}
/**
* This function validates an IP addresses or Subnets
*
* @return bool
* */
private function _isValidIp($ip) {
if (!empty($ip) && $ip != '0.0.0.0'){
if (preg_match("/^[1-9][0-9]{0,2}(\.[0-9]{1,3}){3}$/",$ip) == 1) {
return TRUE;
}
}
$msg = "The IP " . $ip." is not valid.";
if (empty($ip)) {
$msg = "You need to enter an IP address.";
}
$this->App->setSystemMessage('validate_ip',$msg,"danger");
return FALSE;
}
/**
* This function inserts or update attacking ip in the attacks table
*
*/
private function _insertBlock() {
$ip = filter_var($this->App->getHTTPParameter('insert_block_ip', 'POST'), FILTER_SANITIZE_STRING);
$time = strtoupper(str_replace('_', ' ', filter_var($this->App->getHTTPParameter('insert_block_time', 'POST'), FILTER_SANITIZE_STRING)));
$port = filter_var($this->App->getHTTPParameter('insert_block_port', 'POST'), FILTER_SANITIZE_STRING);
if ($port != "22") {
$port = "0";
}
if (empty($time) && !filter_var($time, FILTER_SANITIZE_STRING)) {
$msg_type = "danger";
$msg = "Please select a valid amount of time for the ip to be blocked.";
}
// Making sure the ip is valid
if ($this->_isValidIp($ip) && !(isset($msg_type) && $msg_type == 'danger')) {
// getting the subnet
$exploded_ip = explode('.',$ip);
$subnet = $exploded_ip[0].".".$exploded_ip[1].".".$exploded_ip[2].".0";
$sql = "INSERT INTO Attacks
(AttackingIp,Subnet,Port,AttackDateTime,ExpiryDateTime,UserID,VictimNode)
VALUES (
".$this->App->returnQuotedString($this->App->sqlSanitize($ip)).",
".$this->App->returnQuotedString($this->App->sqlSanitize($subnet)).",
" . $this->App->returnQuotedString($this->App->sqlSanitize($port)) .",
NOW(),
DATE_ADD(NOW(), INTERVAL ". $this->App->sqlSanitize($time) ."),
'Webmaster',
'Portal'
)
ON DUPLICATE KEY
UPDATE
AttackDateTime = NOW(),
ExpiryDateTime = DATE_ADD(NOW(), INTERVAL ". $this->App->sqlSanitize($time) .")";
$insert = $this->App->infra_sql($sql);
$this->_updateStats($subnet, '1');
$msg_type = "success";
$msg = "You have successfully blocked <strong>" . $ip . "</strong> for <strong>" . $time . "</strong>.";
}
$this->App->setSystemMessage('insert_block', $msg, $msg_type);
}
/**
* This function returns an array of blocked IP addresses or Subnets
*
* @return array
* */
private function _searchBlocks() {
$ip = filter_var($this->App->getHTTPParameter('search_block_ip', 'POST'), FILTER_SANITIZE_STRING);
$search_results = array();
if ($this->_isValidIp($ip)) {
$sql = "SELECT DISTINCT
Subnet,Port,UserID,VictimNode,AttackDateTime,ExpiryDateTime
FROM Attacks
WHERE (Subnet = " . $this->App->returnQuotedString($this->App->sqlSanitize($ip)) . "
OR AttackingIp = " . $this->App->returnQuotedString($this->App->sqlSanitize($ip)) . ")
ORDER BY AttackDateTime DESC";
$result = $this->App->infra_sql($sql);
while ($row = mysql_fetch_array($result)) {
$search_results[] = $row;
}
}
$this->search_results = $search_results;
return $search_results;
}
}