############################################################################### # Copyright (C) 2006-2025 Jonathan Michaelson # # https://github.com/waytotheweb/scripts # # This program is free software; you can redistribute it and/or modify it under # the terms of the GNU General Public License as published by the Free Software # Foundation; either version 3 of the License, or (at your option) any later # version. # # This program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more # details. # # You should have received a copy of the GNU General Public License along with # this program; if not, see . ############################################################################### ## no critic (RequireUseWarnings, ProhibitExplicitReturnUndef, ProhibitMixedBooleanOperators, RequireBriefOpen) package ConfigServer::DisplayResellerUI; use strict; use lib '/usr/local/csf/lib'; use Fcntl qw(:DEFAULT :flock); use POSIX qw(:sys_wait_h sysconf strftime); use File::Basename; use Net::CIDR::Lite; use IPC::Open3; use ConfigServer::Config; use ConfigServer::CheckIP qw(checkip); use ConfigServer::Sendmail; use ConfigServer::Logger; use Exporter qw(import); our $VERSION = 1.01; our @ISA = qw(Exporter); our @EXPORT_OK = qw(); umask(0177); our ($chart, $ipscidr6, $ipv6reg, $ipv4reg, %config, %ips, $mobile, %FORM, $script, $script_da, $images, $myv, %rprivs, $hostname, $hostshort, $tz, $panel); # ############################################################################### # start main sub main { my $form_ref = shift; %FORM = %{$form_ref}; $script = shift; $script_da = shift; $images = shift; $myv = shift; open (my $IN,"<","/etc/csf/csf.resellers"); flock ($IN, LOCK_SH); while (my $line = <$IN>) { my ($user,$alert,$privs) = split(/\:/,$line); $privs =~ s/\s//g; foreach my $priv (split(/\,/,$privs)) { $rprivs{$user}{$priv} = 1; } $rprivs{$user}{ALERT} = $alert; } close ($IN); open (my $HOSTNAME, "<","/proc/sys/kernel/hostname"); flock ($HOSTNAME, LOCK_SH); $hostname = <$HOSTNAME>; chomp $hostname; close ($HOSTNAME); $hostshort = (split(/\./,$hostname))[0]; $tz = strftime("%z", localtime); my $config = ConfigServer::Config->loadconfig(); %config = $config->config(); $panel = "cPanel"; if ($config{GENERIC}) {$panel = "Generic"} if ($config{INTERWORX}) {$panel = "InterWorx"} if ($config{DIRECTADMIN}) {$panel = "DirectAdmin"} if ($FORM{ip} ne "") {$FORM{ip} =~ s/(^\s+)|(\s+$)//g} if ($FORM{action} ne "" and !checkip(\$FORM{ip})) { print "\n"; print "

"; print "[$FORM{ip}] is not a valid IP address\n"; print "

\n"; print "

\n"; } else { if ($FORM{action} eq "qallow" and $rprivs{$ENV{REMOTE_USER}}{ALLOW}) { if ($FORM{comment} eq "") { print "\n"; print "

You must provide a Comment for this option

\n"; } else { $FORM{comment} =~ s/"//g; print "\n"; print "

"; print " Allowing $FORM{ip}... \n \n"; my $text = &printcmd("/usr/sbin/csf","-a",$FORM{ip},"ALLOW by Reseller $ENV{REMOTE_USER} ($FORM{comment})"); print " \n ...Done. \n"; print "

\n"; if ($rprivs{$ENV{REMOTE_USER}}{ALERT}) { open (my $IN, "<", "/usr/local/csf/tpl/reselleralert.txt"); flock ($IN, LOCK_SH); my @alert = <$IN>; close ($IN); chomp @alert; my @message; foreach my $line (@alert) { $line =~ s/\[reseller\]/$ENV{REMOTE_USER}/ig; $line =~ s/\[action\]/ALLOW/ig; $line =~ s/\[ip\]/$FORM{ip}/ig; $line =~ s/\[rip\]/$ENV{REMOTE_HOST}/ig; $line =~ s/\[text\]/Result of ALLOW:\n\n$text/ig; push @message, $line; } ConfigServer::Sendmail::relay("", "", @message); } ConfigServer::Logger::logfile("$panel Reseller [$ENV{REMOTE_USER}]: ALLOW $FORM{ip}"); } print "

\n"; } elsif ($FORM{action} eq "qdeny" and $rprivs{$ENV{REMOTE_USER}}{DENY}) { if ($FORM{comment} eq "") { print "\n"; print "

You must provide a Comment for this option

\n"; } else { $FORM{comment} =~ s/"//g; print "\n"; print "

"; print " Blocking $FORM{ip}... \n \n"; my $text = &printcmd("/usr/sbin/csf","-d",$FORM{ip},"DENY by Reseller $ENV{REMOTE_USER} ($FORM{comment})"); print " \n ...Done. \n"; print "

\n"; if ($rprivs{$ENV{REMOTE_USER}}{ALERT}) { open (my $IN, "<", "/usr/local/csf/tpl/reselleralert.txt"); flock ($IN, LOCK_SH); my @alert = <$IN>; close ($IN); chomp @alert; my @message; foreach my $line (@alert) { $line =~ s/\[reseller\]/$ENV{REMOTE_USER}/ig; $line =~ s/\[action\]/DENY/ig; $line =~ s/\[ip\]/$FORM{ip}/ig; $line =~ s/\[rip\]/$ENV{REMOTE_HOST}/ig; $line =~ s/\[text\]/Result of DENY:\n\n$text/ig; push @message, $line; } ConfigServer::Sendmail::relay("", "", @message); } ConfigServer::Logger::logfile("$panel Reseller [$ENV{REMOTE_USER}]: DENY $FORM{ip}"); } print "

\n"; } elsif ($FORM{action} eq "qkill" and $rprivs{$ENV{REMOTE_USER}}{UNBLOCK}) { my $text = ""; if ($rprivs{$ENV{REMOTE_USER}}{ALERT}) { my ($childin, $childout); my $pid = open3($childin, $childout, $childout, "/usr/sbin/csf","-g",$FORM{ip}); while (<$childout>) {$text .= $_} waitpid ($pid, 0); } print "\n"; print "

"; print "

Unblock $FORM{ip}, trying permanent blocks...

\n";
			my $text1 = &printcmd("/usr/sbin/csf","-dr",$FORM{ip});
			print "
\n...Done.\n";
			print "Unblock $FORM{ip}, trying temporary blocks...
\n
\n";
			my $text2 = &printcmd("/usr/sbin/csf","-tr",$FORM{ip});
			print "
\n...Done.\n";
			print "

\n"; print "

\n"; if ($rprivs{$ENV{REMOTE_USER}}{ALERT}) { open (my $IN, "<", "/usr/local/csf/tpl/reselleralert.txt"); flock ($IN, LOCK_SH); my @alert = <$IN>; close ($IN); chomp @alert; my @message; foreach my $line (@alert) { $line =~ s/\[reseller\]/$ENV{REMOTE_USER}/ig; $line =~ s/\[action\]/UNBLOCK/ig; $line =~ s/\[ip\]/$FORM{ip}/ig; $line =~ s/\[rip\]/$ENV{REMOTE_HOST}/ig; $line =~ s/\[text\]/Result of GREP before UNBLOCK:\n$text\n\nResult of UNBLOCK:\nPermanent:\n$text1\nTemporary:\n$text2\n/ig; push @message, $line; } ConfigServer::Sendmail::relay("", "", @message); } ConfigServer::Logger::logfile("$panel Reseller [$ENV{REMOTE_USER}]: UNBLOCK $FORM{ip}"); } elsif ($FORM{action} eq "grep" and $rprivs{$ENV{REMOTE_USER}}{GREP}) { print "\n"; print "

"; print " Searching for $FORM{ip}... \n \n"; &printcmd("/usr/sbin/csf","-g",$FORM{ip}); print " \n ...Done. \n"; print "

\n"; print "

\n"; } else { print "\n"; print ""; if ($rprivs{$ENV{REMOTE_USER}}{ALLOW}) {print "\n"} if ($rprivs{$ENV{REMOTE_USER}}{DENY}) {print "\n"} if ($rprivs{$ENV{REMOTE_USER}}{UNBLOCK}) {print "\n"} if ($rprivs{$ENV{REMOTE_USER}}{GREP}) {print "\n"} print "

csf - ConfigServer Firewall options for $ENV{REMOTE_USER}
	Allow IP address through the firewall and add to the allow file (csf.allow). Comment for Allow: (required)
	Block IP address in the firewall and add to the deny file (csf.deny). Comment for Block: (required)
	Remove IP address from the firewall (temp and perm blocks)
	Search iptables for IP address

\n"; } } print "
\n"; print "

csf: v$myv

"; print "

\n"; return; } # end main ############################################################################### # start printcmd sub printcmd { my @command = @_; my $text; my ($childin, $childout); my $pid = open3($childin, $childout, $childout, @command); while (<$childout>) {print $_ ; $text .= $_} waitpid ($pid, 0); return $text; } # end printcmd ############################################################################### 1;