1 |
jpp |
1.1 |
diff -Nur smeserver-denyhosts-2.9.old/root/etc/e-smith/events/actions/denyhost-purge smeserver-denyhosts-2.9/root/etc/e-smith/events/actions/denyhost-purge |
2 |
|
|
--- smeserver-denyhosts-2.9.old/root/etc/e-smith/events/actions/denyhost-purge 1969-12-31 19:00:00.000000000 -0500 |
3 |
|
|
+++ smeserver-denyhosts-2.9/root/etc/e-smith/events/actions/denyhost-purge 2019-03-24 22:39:38.664000000 -0400 |
4 |
|
|
@@ -0,0 +1,64 @@ |
5 |
|
|
+#!/usr/bin/perl -w |
6 |
|
|
+ |
7 |
|
|
+use strict; |
8 |
|
|
+use Errno; |
9 |
|
|
+use esmith::ConfigDB; |
10 |
|
|
+use esmith::util; |
11 |
|
|
+use esmith::db; |
12 |
|
|
+use Data::Validate::IP; |
13 |
|
|
+my $validator=Data::Validate::IP->new; |
14 |
|
|
+ |
15 |
|
|
+my $event = $ARGV [0]; |
16 |
|
|
+my $ip = $ARGV [1]; |
17 |
|
|
+my $whitelist = $ARGV [2]; |
18 |
|
|
+my $debug=0; |
19 |
|
|
+ |
20 |
|
|
+die "IP missing" unless defined ($ip); |
21 |
|
|
+die "Not an IP" unless ($validator->is_ipv4($ip)); |
22 |
|
|
+ |
23 |
|
|
+ |
24 |
|
|
+die "IP $ip not banned" unless (system("grep $ip /etc/hosts.deny_ssh ".'>/dev/null 2>&1') == 0); |
25 |
|
|
+die "can not stop denyhost" unless ( system("/etc/init.d/denyhosts","stop") ==0); |
26 |
|
|
+ |
27 |
|
|
+# unlist |
28 |
|
|
+my @files = ('/etc/hosts.deny_ssh', '/var/lib/denyhosts/hosts', '/var/lib/denyhosts/hosts-restricted' , '/var/lib/denyhosts/hosts-root', '/var/lib/denyhosts/hosts-valid', '/var/lib/denyhosts/users-hosts' ); |
29 |
|
|
+foreach my $file (@files) { |
30 |
|
|
+ |
31 |
|
|
+ if (system("grep $ip $file".' >/dev/null 2>&1') == 0) { |
32 |
|
|
+ print "$ip removed from $file\n" if (system("sed -i '/$ip/d' $file") == 0 && $debug ) |
33 |
|
|
+ } |
34 |
|
|
+} |
35 |
|
|
+ |
36 |
|
|
+#(optional, whitelist) /var/lib/denyhosts/allowed-hosts |
37 |
|
|
+if (defined($whitelist)) { |
38 |
|
|
+ # add to db |
39 |
|
|
+ my $db = esmith::ConfigDB->open |
40 |
|
|
+ || warn "Couldn't open configuration database (permissions problems?)"; |
41 |
|
|
+ |
42 |
|
|
+ my $rec = $db->get('denyhosts'); |
43 |
|
|
+ if ($rec) |
44 |
|
|
+ { |
45 |
|
|
+ |
46 |
|
|
+ my $prop = $rec->prop('ValidFrom') || ''; |
47 |
|
|
+ |
48 |
|
|
+ my @vals = split /,/, $prop; |
49 |
|
|
+ unless (grep /^$ip$/, @vals) |
50 |
|
|
+ { # already have this entry |
51 |
|
|
+ if ($prop ne '') |
52 |
|
|
+ { |
53 |
|
|
+ $prop .= ",$ip"; |
54 |
|
|
+ } |
55 |
|
|
+ else |
56 |
|
|
+ { |
57 |
|
|
+ $prop = "$ip"; |
58 |
|
|
+ } |
59 |
|
|
+ $rec->set_prop('ValidFrom', $prop); |
60 |
|
|
+ |
61 |
|
|
+ system("/sbin/e-smith/expand-template /var/lib/denyhosts/allowed-hosts"); |
62 |
|
|
+ print "Add to whitelist: $ip \n"; |
63 |
|
|
+ } |
64 |
|
|
+ } |
65 |
|
|
+} |
66 |
|
|
+# /etc/init.d/denyhosts start |
67 |
|
|
+system("/etc/init.d/denyhosts","start"); |
68 |
|
|
+ |
69 |
|
|
diff -Nur smeserver-denyhosts-2.9.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/denyhosts smeserver-denyhosts-2.9/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/denyhosts |
70 |
|
|
--- smeserver-denyhosts-2.9.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/denyhosts 2012-06-03 12:11:23.000000000 -0400 |
71 |
jpp |
1.2 |
+++ smeserver-denyhosts-2.9/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/denyhosts 2019-03-24 23:00:19.024000000 -0400 |
72 |
|
|
@@ -51,4 +51,16 @@ |
73 |
jpp |
1.1 |
<base>ERROR_STOPPING</base> |
74 |
|
|
<trans>Error while trying to stop service</trans> |
75 |
|
|
</entry> |
76 |
|
|
+ <entry> |
77 |
|
|
+ <base>SUCCESS_IP</base> |
78 |
|
|
+ <trans>The following IP has been unbanned</trans> |
79 |
|
|
+ </entry> |
80 |
|
|
+ <entry> |
81 |
|
|
+ <base>SUCCESS_IP_WHITE</base> |
82 |
|
|
+ <trans>The following IP has been unbanned and whitelisted</trans> |
83 |
|
|
+ </entry> |
84 |
jpp |
1.2 |
+ <entry> |
85 |
|
|
+ <base>WHITELIST</base> |
86 |
|
|
+ <trans>Whitelist</trans> |
87 |
|
|
+ </entry> |
88 |
jpp |
1.1 |
</lexicon> |
89 |
|
|
diff -Nur smeserver-denyhosts-2.9.old/root/etc/e-smith/web/functions/denyhosts smeserver-denyhosts-2.9/root/etc/e-smith/web/functions/denyhosts |
90 |
|
|
--- smeserver-denyhosts-2.9.old/root/etc/e-smith/web/functions/denyhosts 2008-04-22 13:07:27.000000000 -0400 |
91 |
|
|
+++ smeserver-denyhosts-2.9/root/etc/e-smith/web/functions/denyhosts 2019-03-24 22:40:05.661000000 -0400 |
92 |
|
|
@@ -35,5 +35,10 @@ |
93 |
|
|
|
94 |
|
|
<subroutine src="show_current_deny()"/> |
95 |
|
|
</page> |
96 |
|
|
+ <page name="Second" |
97 |
|
|
+ pre-event="RemoveIP()"> |
98 |
|
|
+ <subroutine src="print_status_message()" /> |
99 |
|
|
+ <subroutine src="back()" /> |
100 |
|
|
+ </page> |
101 |
|
|
</form> |
102 |
|
|
|
103 |
|
|
diff -Nur smeserver-denyhosts-2.9.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/denyhosts.pm smeserver-denyhosts-2.9/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/denyhosts.pm |
104 |
|
|
--- smeserver-denyhosts-2.9.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/denyhosts.pm 2019-03-24 22:37:21.756000000 -0400 |
105 |
|
|
+++ smeserver-denyhosts-2.9/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/denyhosts.pm 2019-03-24 22:38:20.584000000 -0400 |
106 |
jpp |
1.3 |
@@ -10,10 +10,12 @@ |
107 |
jpp |
1.1 |
use File::Basename; |
108 |
|
|
use Exporter; |
109 |
|
|
use Carp; |
110 |
|
|
+use Data::Validate::IP; |
111 |
|
|
|
112 |
|
|
our @ISA = qw(esmith::FormMagick Exporter); |
113 |
|
|
|
114 |
|
|
-our @EXPORT = qw(get_value get_prop change_settings); |
115 |
|
|
+our @EXPORT = qw(get_value get_prop change_settings RemoveIP); |
116 |
jpp |
1.3 |
+my $scriptname = basename($0); |
117 |
jpp |
1.1 |
|
118 |
|
|
our $VERSION = sprintf '%d.%03d', q$Revision: 1.00 $ =~ /: (\d+).(\d+)/; |
119 |
|
|
our $db = esmith::ConfigDB->open |
120 |
|
|
@@ -55,6 +59,7 @@ |
121 |
|
|
return CGI::FormMagick::Validator::ip_number($self, $ip); |
122 |
|
|
} |
123 |
|
|
|
124 |
|
|
+ |
125 |
|
|
sub _get_valid_from |
126 |
|
|
{ |
127 |
|
|
my $self = shift; |
128 |
|
|
@@ -122,13 +127,17 @@ |
129 |
|
|
$q->start_table({class => "sme-border"}),"\n"; |
130 |
|
|
print $q->Tr( |
131 |
|
|
esmith::cgi::genSmallCell($q, $self->localise('IP_ADDRESS'),"header"), |
132 |
|
|
- esmith::cgi::genSmallCell($q, $self->localise('FIRST_SEEN'),"header")); |
133 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('FIRST_SEEN'),"header"), |
134 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header")); |
135 |
|
|
|
136 |
|
|
foreach my $val (sort ip_sort keys %vals) |
137 |
|
|
{ |
138 |
|
|
+ my $action3 ="<a href=\"$scriptname?page=0&page_stack=&Next=Next&action=RemoveIP&IP=$val&wherenext=Second\">".$self->localise('REMOVE')."</a>" . |
139 |
|
|
+ " <a href=\"$scriptname?page=0&page_stack=&Next=Next&action=RemoveIP&IP=$val&wherenext=Second&Whitelist=true\">".$self->localise('WHITELIST')."</a>" ; |
140 |
|
|
print $q->Tr( |
141 |
|
|
esmith::cgi::genSmallCell($q, $val, "normal"), |
142 |
|
|
- esmith::cgi::genSmallCell($q, $vals{$val}, "normal")); |
143 |
|
|
+ esmith::cgi::genSmallCell($q, $vals{$val}, "normal"), |
144 |
|
|
+ esmith::cgi::genSmallCell($q, $action3, "normal")); |
145 |
|
|
} |
146 |
|
|
print '</table></td></tr>'; |
147 |
|
|
} |
148 |
|
|
@@ -249,4 +258,50 @@ |
149 |
|
|
$fm->success('SUCCESS'); |
150 |
|
|
} |
151 |
|
|
|
152 |
|
|
+# validate subnet |
153 |
|
|
+ |
154 |
|
|
+ |
155 |
|
|
+ |
156 |
|
|
+# RemoveIP after validation |
157 |
|
|
+sub RemoveIP { |
158 |
|
|
+ my $fm = shift; |
159 |
|
|
+ my $q = $fm->{'cgi'}; |
160 |
|
|
+ |
161 |
|
|
+# my ($fm) = @_; |
162 |
|
|
+# my $q = $fm->{'cgi'}; |
163 |
|
|
+# use Data::Dumper; |
164 |
|
|
+#warn Dumper($fm); |
165 |
|
|
+ my %conf; |
166 |
|
|
+ my $ip = ($q->param('IP') || ''); |
167 |
|
|
+ my $whitelist = ($q->param('Whitelist'))? "true" : ''; |
168 |
|
|
+ #check ip |
169 |
|
|
+ my $validator=Data::Validate::IP->new; |
170 |
|
|
+ |
171 |
|
|
+ unless ($validator->is_ipv4($ip)) |
172 |
|
|
+ { |
173 |
|
|
+ $fm->error('ERROR_STOPPING'); |
174 |
|
|
+ return undef; |
175 |
|
|
+ } |
176 |
|
|
+ $ip = $validator->is_ipv4($ip); |
177 |
|
|
+ unless ( system( "/etc/e-smith/events/actions/denyhost-purge none $ip $whitelist".' >/dev/null 2>&1' ) == 0 ) |
178 |
|
|
+ { |
179 |
|
|
+ $fm->error('ERROR_UPDATING'); |
180 |
|
|
+ return undef; |
181 |
|
|
+ } |
182 |
|
|
+ if ($whitelist ne "" ) { |
183 |
|
|
+ $fm->success($fm->localise('SUCCESS_IP_WHITE').": $ip",'First'); |
184 |
|
|
+ } |
185 |
|
|
+ else |
186 |
|
|
+ { |
187 |
|
|
+ $fm->success($fm->localise('SUCCESS_IP').": $ip",'First'); |
188 |
|
|
+ } |
189 |
|
|
+} |
190 |
|
|
+ |
191 |
|
|
+sub back { |
192 |
|
|
+ my $fm = shift; |
193 |
|
|
+ my $q = $fm->{'cgi'}; |
194 |
|
|
+ print "<a href='$scriptname'>".$fm->localise('Back')."</a>"; |
195 |
|
|
+return; |
196 |
|
|
+} |
197 |
|
|
+ |
198 |
|
|
1; |