本文整理匯總了PHP中IP::isIPAddressOrRange方法的典型用法代碼示例。如果您正苦於以下問題:PHP IP::isIPAddressOrRange方法的具體用法?PHP IP::isIPAddressOrRange怎麽用?PHP IP::isIPAddressOrRange使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類IP
的用法示例。
在下文中一共展示了IP::isIPAddressOrRange方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: pattern_save
function pattern_save()
{
$q = new mysql();
$ipclass = new IP();
$tr = explode("\n", $_POST["pattern-save"]);
$f = array();
while (list($num, $ligne) = each($tr)) {
$ligne = trim($ligne);
if ($ligne == null) {
continue;
}
if (!$ipclass->isIPAddressOrRange($ligne)) {
continue;
}
$f[] = "('{$_POST["routerid"]}','{$_POST["destination"]}','{$ligne}','{$_POST["service"]}')";
}
if (count($f) > 0) {
$sql = "INSERT IGNORE INTO `firehol_routers_exclude` (routerid,`destination`,`pattern`,`service`) VALUES " . @implode(",", $f);
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo $q->mysql_error;
}
}
}
示例2: BlockIPs
function BlockIPs()
{
$ipClass = new IP();
$unix = new unix();
$tmpdir = $unix->TEMP_DIR();
$curl = new ccurl("https://rules.emergingthreatspro.com/fwrules/emerging-Block-IPs.txt");
$targetpath = "{$tmpdir}/emerging-Block-IPs.txt";
if (!$curl->GetFile($targetpath)) {
echo "{$targetpath} failed\n";
artica_update_event(0, "Unable to download emerging-Block-IPs.txt", $curl->errors, __FILE__, __LINE__);
return;
}
$f = explode("\n", @file_get_contents($targetpath));
$proxyname = $unix->hostname_g();
$q = new postgres_sql();
$q->suricata_tables();
$tr = array();
while (list($num, $ligne) = each($f)) {
$ligne = trim($ligne);
if ($ligne == null) {
continue;
}
if (strpos(" {$ligne}", "#") > 0) {
continue;
}
if (!$ipClass->isIPAddressOrRange($ligne)) {
continue;
}
$zdate = date("Y-m-d H:i:s");
$proto = "TCP";
$dest_port = 0;
$src_ip = $ligne;
$uduniq = md5("0,{$src_ip},{$dest_port},{$proto}");
if ($GLOBALS["VERBOSE"]) {
echo "0,{$src_ip},{$dest_port},{$proto}\n";
}
$tr[] = "('{$zdate}','{$uduniq}','0','{$src_ip}','{$dest_port}','{$proto}','{$proxyname}',1)";
}
if (count($tr) > 0) {
$q->QUERY_SQL("DELETE FROM suricata_firewall WHERE xauto=1");
}
$content = @implode(",", $tr);
$prefix = "INSERT INTO suricata_firewall (zdate,uduniq,signature,src_ip,dst_port,proto,proxyname,xauto) VALUES ";
$q->QUERY_SQL("{$prefix} {$content} ON CONFLICT DO NOTHING");
if (!$q->ok) {
echo $q->mysql_error . "\n";
return;
}
$php = $unix->LOCATE_PHP5_BIN();
shell_exec("{$php} /usr/share/artica-postfix/exec.suricata-fw.php --run");
}
示例3: add_nocache_save
function add_nocache_save()
{
$table = "denycache_websites";
$q = new mysql_squid_builder();
$q1 = new mysql_squid_builder();
$acl = new squid_acls();
$IP = new IP();
$sql = "CREATE TABLE IF NOT EXISTS `deny_cache_domains` (\n\t\t\t\t`items` VARCHAR(256) NOT NULL PRIMARY KEY\n\t\t\t\t) ENGINE=MYISAM;";
$q->QUERY_SQL($sql);
$tr = explode("\n", $_POST["nocache"]);
$q->QUERY_SQL("TRUNCATE TABLE deny_cache_domains", "artica_backup");
while (list($none, $www) = each($tr)) {
$www = trim(strtolower($www));
if ($www == null) {
continue;
}
if (!$IP->isIPAddressOrRange($www)) {
if (substr($www, 0, 1) != "^") {
$www = $acl->dstdomain_parse($www);
}
}
$q->QUERY_SQL("INSERT IGNORE INTO deny_cache_domains (items) VALUES ('{$www}')", "artica_backup");
if (!$q->ok) {
echo $q->mysql_error;
return;
}
}
}
示例4: dirname
include_once dirname(__FILE__) . "/ressources/class.maincf.multi.inc";
include_once dirname(__FILE__) . "/ressources/class.postfix.regex.inc";
$q = new mysql();
$ipClass = new IP();
echo "Starting......: " . date("H:i:s") . " Building rules....\n";
$sql = "SELECT ID,pattern FROM miltergreylist_acls WHERE `method`='whitelist' AND `type`='addr'";
$results = $q->QUERY_SQL($sql, "artica_backup");
while ($ligne = mysql_fetch_assoc($results)) {
$ipaddr = trim($ligne["pattern"]);
if ($ipaddr == null) {
continue;
}
if ($ipaddr == "127.0.0.1/8") {
$ipaddr = "127.0.0.0/8";
}
if (!$ipClass->isIPAddressOrRange($ipaddr)) {
continue;
}
$MAINARRAY[] = "{$ipaddr}\tOK rule id {$ligne["ID"]}";
}
$sql = "SELECT ID,pattern FROM miltergreylist_acls WHERE `method`='blacklist' AND `type`='addr'";
$results = $q->QUERY_SQL($sql, "artica_backup");
while ($ligne = mysql_fetch_assoc($results)) {
$ipaddr = $ligne["pattern"];
if (!$ipClass->isIPAddressOrRange($ipaddr)) {
continue;
}
$MAINARRAY[] = "{$ipaddr}\tREJECT Go Away! rule id {$ligne["ID"]}";
}
echo "Starting......: " . date("H:i:s") . " /etc/postfix/acls.cdir.cf " . count($MAINARRAY) . " items\n";
@file_put_contents("/etc/postfix/acls.cdir.cf", @implode("\n", $MAINARRAY) . "\n");
示例5: xbuild
//.........這裏部分代碼省略.........
$f[] = "#session_preload_libraries = ''";
$f[] = "";
$f[] = "";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "# LOCK MANAGEMENT";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "";
$f[] = "#deadlock_timeout = 1s";
$f[] = "#max_locks_per_transaction = 64\t\t# min 10";
$f[] = "\t\t\t\t\t# (change requires restart)";
$f[] = "# Note: Each lock table slot uses ~270 bytes of shared memory, and there are";
$f[] = "# max_locks_per_transaction * (max_connections + max_prepared_transactions)";
$f[] = "# lock table slots.";
$f[] = "#max_pred_locks_per_transaction = 64\t# min 10";
$f[] = "\t\t\t\t\t# (change requires restart)";
$f[] = "";
$f[] = "";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "# VERSION/PLATFORM COMPATIBILITY";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "";
$f[] = "# - Previous PostgreSQL Versions -";
$f[] = "";
$f[] = "#array_nulls = on";
$f[] = "#backslash_quote = safe_encoding\t# on, off, or safe_encoding";
$f[] = "#default_with_oids = off";
$f[] = "#escape_string_warning = on";
$f[] = "#lo_compat_privileges = off";
$f[] = "#operator_precedence_warning = off";
$f[] = "#quote_all_identifiers = off";
$f[] = "#sql_inheritance = on";
$f[] = "#standard_conforming_strings = on";
$f[] = "#synchronize_seqscans = on";
$f[] = "";
$f[] = "# - Other Platforms and Clients -";
$f[] = "";
$f[] = "#transform_null_equals = off";
$f[] = "";
$f[] = "";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "# ERROR HANDLING";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "";
$f[] = "#exit_on_error = off\t\t\t# terminate session on any error?";
$f[] = "#restart_after_crash = on\t\t# reinitialize after backend crash?";
$f[] = "";
$f[] = "";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "# CONFIG FILE INCLUDES";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "";
$f[] = "# These options allow settings to be loaded from files other than the";
$f[] = "# default postgresql.conf.";
$f[] = "";
$f[] = "#include_dir = 'conf.d'\t\t\t# include files ending in '.conf' from";
$f[] = "\t\t\t\t\t# directory 'conf.d'";
$f[] = "#include_if_exists = 'exists.conf'\t# include file only if it exists";
$f[] = "#include = 'special.conf'\t\t# include file";
$f[] = "";
$f[] = "";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "# CUSTOMIZED OPTIONS";
$f[] = "#------------------------------------------------------------------------------";
$f[] = "";
$f[] = "# Add settings for extensions here";
build_progress_restart("{starting}", 60);
@file_put_contents("/home/ArticaStatsDB/postgresql.conf", @implode("\n", $f) . "\n");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /home/ArticaStatsDB/postgresql.conf done\n";
}
$f = array();
$f[] = "@authcomment@";
$f[] = "";
$f[] = "# TYPE DATABASE USER ADDRESS METHOD";
$f[] = "";
$f[] = "local all all trust";
$f[] = "host all all 127.0.0.1/32 trust";
$q = new mysql_squid_builder();
$Ipclass = new IP();
$sql = "SELECT * FROM influxIPClients";
$results = $q->QUERY_SQL($sql);
while ($ligne = mysql_fetch_assoc($results)) {
$ipaddr = $ligne["ipaddr"];
$isServ = intval($ligne["isServ"]);
if (!$Ipclass->isIPAddressOrRange($ipaddr)) {
continue;
}
if (strpos($ipaddr, "/") == 0) {
$ipaddr = "{$ipaddr}/32";
}
if ($isServ == 1) {
$f[] = "host all all {$ipaddr} trust";
}
}
build_progress_restart("{starting}", 65);
@file_put_contents("/home/ArticaStatsDB/pg_hba.conf", @implode("\n", $f) . "\n");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /home/ArticaStatsDB/pg_hba.conf done\n";
}
}
示例6: parse_rules
function parse_rules()
{
$unix = new unix();
$sock = new sockets();
$q = new mysql_squid_builder();
$InfluxAdminPort = intval($sock->GET_INFO("InfluxAdminPort"));
if ($InfluxAdminPort == 0) {
$InfluxAdminPort = 8083;
}
$iptables = $unix->find_program("iptables");
$c = 0;
$sql = "SELECT * FROM influxIPClients";
$results = $q->QUERY_SQL($sql);
if (mysql_num_rows($results) == 0) {
return null;
}
$f[] = "\t{$iptables} -I INPUT -p tcp --destination-port 8086 -j REJECT --reject-with tcp-reset -m comment --comment \"ArticaStatsAppliance\" || true";
$f[] = "\t{$iptables} -I INPUT -p tcp --destination-port {$InfluxAdminPort} -j REJECT --reject-with tcp-reset -m comment --comment \"ArticaStatsAppliance\" || true";
$f[] = "\t{$iptables} -I INPUT -s 127.0.0.1 -p tcp --destination-port 8086 -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
$f[] = "\t{$iptables} -I INPUT -s 127.0.0.1 -p tcp --destination-port {$InfluxAdminPort} -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
while (list($interface, $ligne) = each($NETWORK_ALL_INTERFACES)) {
$IPADDR = $ligne["IPADDR"];
if ($interface == "lo") {
continue;
}
$f[] = "\t{$iptables} -I INPUT -s {$IPADDR} -p tcp --destination-port 8086 -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
$f[] = "\t{$iptables} -I INPUT -s {$IPADDR} -p tcp --destination-port {$InfluxAdminPort} -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
}
$Ipclass = new IP();
while ($ligne = mysql_fetch_assoc($results)) {
$ipaddr = $ligne["ipaddr"];
$isServ = intval($ligne["isServ"]);
if (!$Ipclass->isIPAddressOrRange($ipaddr)) {
continue;
}
if ($isServ == 1) {
$f[] = "\t{$iptables} -I INPUT -s {$ipaddr} -p tcp --destination-port 8086 -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
} else {
$f[] = "\t{$iptables} -I INPUT -s {$ipaddr} -p tcp --destination-port {$InfluxAdminPort} -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
}
}
return @implode("\n", $f);
}
示例7: pattern_item
function pattern_item($destination, $eth = null, $port = 0, $destinationProto = 0)
{
$nic = new system_nic();
$trace = @debug_backtrace();
$interface = null;
$portText = null;
if (isset($trace[1])) {
$called = "in " . basename($trace[1]["file"]) . " function {$trace[1]["function"]}() line {$trace[1]["line"]}";
}
if ($GLOBALS["VERBOSE"]) {
echo "[" . __LINE__ . "]: Destination: {$destination} eth={$eth} port={$port} destinationProto={$destinationProto} - {$called}\n";
}
if (is_numeric($eth)) {
$eth = null;
}
if ($port > 0) {
$portText = "--srcport {$port}";
if ($destinationProto == 1) {
$portText = " --dport {$port}";
}
}
$pdest = "-s ";
if ($eth != null) {
if ($destinationProto == 0) {
$interface = " -m physdev --physdev-in {$eth} ";
}
}
if ($destinationProto == 1) {
$pdest = "-d ";
}
if ($destination == "*") {
$destination = "0.0.0.0/0";
}
if (trim($destination) == null) {
if ($GLOBALS["VERBOSE"]) {
echo "[" . __LINE__ . "]: Destination: return *** {$interface}{$portText} ***\n";
}
return "{$interface}{$portText}";
}
if (preg_match("#[0-9\\.]+-[0-9\\.]+#", $destination)) {
if ($destinationProto == 1) {
if ($GLOBALS["VERBOSE"]) {
echo "[" . __LINE__ . "]: Destination: return *** {$interface}-m iprange --dst-range '{$destination}'{$portText} ***\n";
}
return "{$interface}-m iprange --dst-range '{$destination}'{$portText} ";
}
if ($GLOBALS["VERBOSE"]) {
echo "[" . __LINE__ . "]: Destination: return *** {$interface}-m iprange --src-range '{$destination}'{$portText} ***\n";
}
return "{$interface}-m iprange --src-range '{$destination}'{$portText} ";
}
$ipClass = new IP();
if ($ipClass->IsvalidMAC($destination)) {
if ($GLOBALS["VERBOSE"]) {
echo "[" . __LINE__ . "]: Destination: return *** {$interface}-m mac --mac-source {$destination}{$portText} ***\n";
}
return "{$interface}-m mac --mac-source {$destination}{$portText} ";
}
if ($ipClass->isIPAddressOrRange($destination)) {
return "{$interface}{$pdest}{$destination}{$portText} ";
}
}
示例8: execute_autconfig
//.........這裏部分代碼省略.........
if (!$q->ok) {
echo $q->mysql_error . "\n";
build_progress("Building first rule...MySQL error", 110);
return;
}
$MAIN_RULE_ID = intval($q->last_id);
if ($MAIN_RULE_ID == 0) {
build_progress("Building first rule...MAIN_RULE_ID = 0!", 110);
return;
}
$zmd5 = md5("{$MAIN_RULE_ID}{$PROXY}{$PORT}");
build_progress("Add destination {$PROXY}:{$PORT}", 20);
$q->QUERY_SQL("INSERT IGNORE INTO wpad_destination (zmd5,aclid,proxyserver,proxyport,zorder)\n\t\t\tVALUES ('{$zmd5}','{$MAIN_RULE_ID}','{$PROXY}','{$PORT}',0)");
if (!$q->ok) {
echo $q->mysql_error . "\n";
build_progress("Add destination {$PROXY}:{$PORT} MySQL error", 110);
return;
}
build_progress("Creating Proxy object `Everyone`", 25);
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT ID FROM webfilters_sqgroups WHERE `GroupType`='all'"));
$SourceGroupID = intval($ligne["ID"]);
if ($SourceGroupID == 0) {
$sql = "INSERT IGNORE INTO webfilters_sqgroups (GroupName,GroupType,enabled,`acltpl`,`params`) VALUES ('Everyone','all','1','','');";
$q->QUERY_SQL($sql);
if (!$q->ok) {
echo $q->mysql_error . "\n";
build_progress("Creating Proxy object `Everyone` MySQL error", 110);
return;
}
$SourceGroupID = intval($q->last_id);
}
if ($SourceGroupID == 0) {
build_progress("Creating Proxy object `Everyone` SourceGroupID = 0!", 110);
return;
}
build_progress("Creating Proxy object `WPAD - Local networks`", 25);
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT ID FROM webfilters_sqgroups WHERE `GroupName`='WPAD - Local networks'"));
$NetWorkGroupID = intval($ligne["ID"]);
if ($NetWorkGroupID == 0) {
$sql = "INSERT IGNORE INTO webfilters_sqgroups (GroupName,GroupType,enabled,`acltpl`,`params`) \n\t\t\t\tVALUES ('WPAD - Local networks','src','1','','');";
$q->QUERY_SQL($sql);
if (!$q->ok) {
echo $q->mysql_error . "\n";
build_progress("Creating Proxy object `WPAD - Local networks` MySQL error", 110);
return;
}
$NetWorkGroupID = intval($q->last_id);
}
if ($NetWorkGroupID == 0) {
build_progress("Creating Proxy object `WPAD - Local networks` NetWorkGroupID = 0!", 110);
return;
}
$IP = new IP();
$LOCALNET_ARRAY = array();
if (strpos($LOCALNET, ",") > 0) {
$LOCALNET_ARRAY_TEMP = explode(",", $LOCALNET);
while (list($none, $line) = each($LOCALNET_ARRAY_TEMP)) {
$line = trim($line);
if (!$IP->isIPAddressOrRange($line)) {
continue;
}
$LOCALNET_ARRAY[] = "('{$line}','{$NetWorkGroupID}','1','')";
}
} else {
if ($IP->isIPAddressOrRange(trim($LOCALNET))) {
$LOCALNET_ARRAY[] = "('{$LOCALNET}','{$NetWorkGroupID}','1','')";
}
}
build_progress("Filling Proxy object `WPAD - Local networks`", 30);
$q->QUERY_SQL("DELETE FROM webfilters_sqitems WHERE gpid={$NetWorkGroupID}");
if (!$q->ok) {
echo $q->mysql_error . "\n";
build_progress("Filling Proxy object `WPAD - Local networks` MySQL error", 110);
return;
}
$sql = "INSERT INTO webfilters_sqitems (pattern,gpid,enabled,other)\n\tVALUES " . @implode(",", $LOCALNET_ARRAY);
$q->QUERY_SQL($sql);
if (!$q->ok) {
echo $q->mysql_error . "\n";
build_progress("Filling Proxy object `WPAD - Local networks` MySQL error", 110);
return;
}
build_progress("Linking Everyone - {$SourceGroupID} - to rule {$MAIN_RULE_ID}", 30);
$zmd5 = md5("{$MAIN_RULE_ID}{$SourceGroupID}");
$q->QUERY_SQL("INSERT INTO wpad_sources_link (zmd5,aclid,negation,gpid,zorder) VALUES ('{$zmd5}','{$MAIN_RULE_ID}','0','{$SourceGroupID}',1)");
if (!$q->ok) {
echo $q->mysql_error . "\n";
build_progress("MySQL error", 110);
return;
}
$zmd5 = md5("{$MAIN_RULE_ID}{$NetWorkGroupID}");
build_progress("Linking WPAD - Local networks - {$NetWorkGroupID} - to rule {$MAIN_RULE_ID}", 50);
$q->QUERY_SQL("INSERT INTO wpad_white_link (zmd5,aclid,negation,gpid,zorder) VALUES ('{$zmd5}','{$MAIN_RULE_ID}','0','{$NetWorkGroupID}',1)");
if (!$q->ok) {
echo $q->mysql_error . "\n";
build_progress("MySQL error", 110);
return;
}
build_progress("{success}", 100);
}
示例9: item_import
function item_import()
{
$page = CurrentPageName();
$tpl = new templates();
$ID = $_POST["item-id"];
$gpid = $_POST["ID"];
$q = new mysql_squid_builder();
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT GroupType FROM webfilters_sqgroups WHERE ID='{$gpid}'"));
$GroupType = $ligne["GroupType"];
$t = array();
$sqladd = "INSERT IGNORE INTO webfilters_sqitems (pattern,gpid,enabled,other) VALUES ";
$Patterns = array();
$f = explode("\n", $_POST["item-import"]);
$ipClass = new IP();
while (list($num, $pattern) = each($f)) {
if (trim($pattern) == null) {
continue;
}
if ($GroupType == "url_regex_extensions") {
if (preg_match("#\\.(.+?)\$#", $pattern, $re)) {
$pattern = $re[1];
}
}
if ($GroupType == "dstdomain") {
if (preg_match("#\\/\\/#", $pattern)) {
$URLAR = parse_url($pattern);
if (isset($URLAR["host"])) {
$pattern = $URLAR["host"];
}
}
if (preg_match("#^www.(.*)#", $pattern, $re)) {
$pattern = $re[1];
}
if (preg_match("#(.*?)\\/#", $pattern, $re)) {
$pattern = $re[1];
}
}
if ($GroupType == "arp") {
$pattern = trim(strtoupper($pattern));
$pattern = str_replace("-", ":", $pattern);
}
if ($GroupType == "dst") {
if (!$ipClass->isIPAddressOrRange($pattern)) {
continue;
}
}
if ($GroupType == "src") {
if (!$ipClass->isIPAddressOrRange($pattern)) {
continue;
}
}
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT ID FROM webfilters_sqitems WHERE gpid='{$gpid}' AND pattern='{$pattern}'"));
if (trim($ligne["ID"]) > 0) {
continue;
}
$Patterns[$pattern] = true;
}
if (count($Patterns) > 0) {
while (list($a, $b) = each($Patterns)) {
$t[] = "('{$a}','{$gpid}','1','')";
}
}
if (count($t) > 0) {
$sql = $sqladd . @implode(",", $t);
$q->QUERY_SQL($sql);
if (!$q->ok) {
echo $q->mysql_error . "\n***\n{$sql}\n****\n";
return;
}
}
}
示例10: apache_firewall
function apache_firewall()
{
$q = new mysql();
$unix = new unix();
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
if ($q->COUNT_ROWS("iptables_webint", "artica_backup") == 0) {
return null;
}
$f[] = "Order Allow,Deny";
$ipClass = new IP();
$c = 0;
$results = $q->QUERY_SQL("SELECT * FROM iptables_webint", "artica_backup");
while ($ligne = mysql_fetch_assoc($results)) {
$pattern = $ligne["pattern"];
if (!$ipClass->isIPAddressOrRange($pattern)) {
continue;
}
$f[] = "\tAllow from {$pattern}";
$c++;
}
if (count($c) > 0) {
$f[] = "\tAllow from 127.0.0.1";
return @implode("\n", $f);
}
}
示例11: firewall_rules
function firewall_rules($type = 0)
{
if (isset($GLOBALS["FWRLS"][$type])) {
return $GLOBALS["FWRLS"][$type];
}
$Ipclass = new IP();
$q = new mysql_squid_builder();
$f = array();
$array[100] = "garbage";
$array[0] = "global";
$array[1] = "known-users";
$array[2] = "unknown-users";
$results = $q->QUERY_SQL("SELECT * FROM hotspot_networks WHERE hotspoted={$type} AND direction=0 ORDER BY zorder");
$Count = mysql_num_rows($results);
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Checking \"{$array[$type]}\" {$Count} rule(s)\n";
}
if ($Count == 0) {
if ($type == 1) {
return "FirewallRule allow to 0.0.0.0/0";
}
return;
}
while ($ligne = mysql_fetch_assoc($results)) {
$hotspoted = $ligne["hotspoted"];
$proto = $ligne["proto"];
$port = $ligne["port"];
if ($port == 0) {
$port = null;
}
$pattern = $ligne["pattern"];
$action = $ligne["action"];
$s = array();
$s[] = $action;
if ($proto != null) {
$s[] = $proto;
}
if ($port != null) {
$s[] = "port {$port}";
}
if (!$Ipclass->isIPAddressOrRange($pattern)) {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: resolving \"{$pattern}\"\n";
}
$pattern = gethostbyname($pattern);
}
if (!$Ipclass->isIPAddressOrRange($pattern)) {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: unable to resolve {$ligne["pattern"]}\n";
}
continue;
}
$s[] = "to {$pattern}";
$f[] = "\tFirewallRule " . @implode(" ", $s);
}
if ($type == 1) {
if (count($f) == 0) {
$f[] = "\tFirewallRule allow to 0.0.0.0/0";
}
}
if ($type == 0) {
if (count($f) == 0) {
$f[] = "\tFirewallRule drop to 0.0.0.0/0";
}
}
$GLOBALS["FWRLS"][$type] = @implode("\n", $f);
return $GLOBALS["FWRLS"][$type];
}
示例12: pattern_save
function pattern_save()
{
$q = new mysql_meta();
$ipclass = new IP();
$tr = explode("\n", $_POST["pattern-save"]);
$f = array();
while (list($num, $ligne) = each($tr)) {
$ligne = trim($ligne);
if ($ligne == null) {
continue;
}
if (!$ipclass->isIPAddressOrRange($ligne)) {
echo "{$ligne} Not a range or IP address\n";
continue;
}
$f[] = "('{$_POST["groupid"]}','{$_POST["destport"]}','{$_POST["include"]}','{$ligne}')";
}
if (count($f) > 0) {
$sql = "INSERT IGNORE INTO `proxy_ports_wbl` (`groupid`,`destport`,`include`,`pattern`) VALUES " . @implode(",", $f);
$q->QUERY_SQL($sql);
if (!$q->ok) {
echo $q->mysql_error;
return;
}
}
}
示例13: InSquid
function InSquid($reconfigure_squid = false)
{
$unix = new unix();
$sock = new sockets();
$ipClass = new IP();
$q = new mysql_squid_builder();
$acls = new squid_acls();
$acls->clean_dstdomains();
build_progress_squidr("{checking} {whitelist}", 30);
$sql = "CREATE TABLE IF NOT EXISTS `privoxy_whitelist` (\n\t\t\t\t`items` VARCHAR(256) NOT NULL PRIMARY KEY\n\t\t\t\t) ENGINE=MYISAM;";
$q->QUERY_SQL($sql);
$results = $q->QUERY_SQL("SELECT * FROM privoxy_whitelist");
$ACLS = array();
$ACLS["IPS"] = array();
$ACLS["DOMS"] = array();
while ($ligne = mysql_fetch_assoc($results)) {
$items = trim(strtolower($ligne["items"]));
if ($ipClass->isIPAddressOrRange($items)) {
$ACLS["IPS"][$items] = $items;
}
$ACLS["DOMS"][$items] = $items;
}
$ipacls = array();
$ACLS["DOMS"]["apple.com"] = "apple.com";
$ACLS["DOMS"]["windowsupdate.com"] = "windowsupdate.com";
$ACLS["DOMS"]["googleapis.com"] = "googleapis.com";
$ACLS["DOMS"]["mozilla.net"] = "mozilla.net";
$ACLS["DOMS"]["teamviewer.com"] = "teamviewer.com";
$ACLS["DOMS"]["microsoft.com"] = "microsoft.com";
$ACLS["DOMS"]["artica.fr"] = "artica.fr";
if (count($ACLS["IPS"]) > 0) {
while (list($num, $line) = each($ACLS["IPS"])) {
$ipacls[] = $line;
}
}
if (count($ACLS["DOMS"]) > 0) {
while (list($num, $line) = each($ACLS["DOMS"])) {
$domacls[] = $line;
}
}
if (count($domacls) > 0) {
$domacls = $acls->clean_dstdomains($domacls);
}
$PrivoxyPort = intval($sock->GET_INFO("PrivoxyPort"));
$f = explode("\n", @file_get_contents("/etc/squid3/squid.conf"));
$privoxyInSquid = false;
while (list($num, $line) = each($f)) {
if (preg_match("#include.*?privoxy\\.conf#", $line)) {
$privoxyInSquid = true;
break;
}
}
$InSquid[] = "acl AntiAdsPost method POST";
if (count($domacls) > 0) {
@file_put_contents("/etc/squid3/AntiAdsDenyWeb.acl", @implode("\n", $domacls));
$InSquid[] = "acl AntiAdsDenyWeb dstdomain \"/etc/squid3/AntiAdsDenyWeb.acl\"";
}
if (count($ipacls) > 0) {
@file_put_contents("/etc/squid3/AntiAdsDenyIP.acl", @implode("\n", $ipacls));
$InSquid[] = "acl AntiAdsDenyIP dst \"/etc/squid3/AntiAdsDenyIP.acl\"";
}
$InSquid[] = "cache_peer 127.0.0.1 parent {$PrivoxyPort} 7 no-query no-digest no-netdb-exchange name=AntiAds";
$InSquid[] = "always_direct allow FTP";
if (count($ipacls) > 0) {
$InSquid[] = "cache_peer_access AntiAds deny AntiAdsDenyIP";
}
if (count($domacls) > 0) {
$InSquid[] = "cache_peer_access AntiAds deny AntiAdsDenyWeb";
}
$InSquid[] = "cache_peer_access AntiAds deny AntiAdsPost";
$InSquid[] = "cache_peer_access AntiAds allow all";
@file_put_contents("/etc/squid3/privoxy.conf", @implode("\n", $InSquid));
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/squid3/privoxy.conf done\n";
}
build_progress_squidr("{reconfiguring}", 50);
if ($privoxyInSquid == false) {
$php = $unix->LOCATE_PHP5_BIN();
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Reconfiguring Squid-cache\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --force");
}
if ($reconfigure_squid) {
build_progress_squidr("{reloading}", 90);
$squidbin = $unix->LOCATE_SQUID_BIN();
system("{$squidbin} -f /etc/squid3/squid.conf -k reconfigure");
}
build_progress_squidr("{done}", 100);
}
示例14: firewall_rules
function firewall_rules($type = 0)
{
if (isset($GLOBALS["FWRLS"][$type])) {
return $GLOBALS["FWRLS"][$type];
}
$HotSpotWhiteWhatsApp = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotWhiteWhatsApp"));
$Ipclass = new IP();
$q = new mysql_squid_builder();
$f = array();
$array[100] = "garbage";
$array[0] = "global";
$array[1] = "known-users";
$array[2] = "unknown-users";
if ($type == 1) {
if ($HotSpotWhiteWhatsApp == 1) {
$f[] = "FirewallRule allow tcp port 5222";
$f[] = "FirewallRule allow tcp port 5223";
$f[] = "FirewallRule allow tcp port 5228";
}
}
//--------------------------------------------------------------------------
$sql = "SELECT * FROM `hotspot_whitelist`";
$results = $q->QUERY_SQL($sql);
while ($ligne = mysql_fetch_assoc($results)) {
$f[] = "\tFirewallRule allow to {$ligne["ipaddr"]}";
}
//--------------------------------------------------------------------------
$results = $q->QUERY_SQL("SELECT * FROM hotspot_networks WHERE hotspoted={$type} AND direction=0 ORDER BY zorder");
$Count = mysql_num_rows($results);
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Checking \"{$array[$type]}\" {$Count} rule(s)\n";
}
if ($Count == 0) {
$f[] = "# Type {$type} No rule set";
if ($type == 1) {
$f[] = "FirewallRule allow to 0.0.0.0/0";
}
return @implode("\n", $f);
}
while ($ligne = mysql_fetch_assoc($results)) {
$hotspoted = $ligne["hotspoted"];
$proto = $ligne["proto"];
$port = $ligne["port"];
if ($port == 0) {
$port = null;
}
$pattern = $ligne["pattern"];
$action = $ligne["action"];
$s = array();
$s[] = $action;
if ($proto != null) {
$s[] = $proto;
}
if ($port != null) {
$s[] = "port {$port}";
}
$f[] = "# Type {$type} to {$pattern}/{$proto} port:{$port} action={$action} ";
if (!$Ipclass->isIPAddressOrRange($pattern)) {
$f[] = "# ! {$pattern} isIPAddressOrRange -> false -> try to resolve";
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: resolving \"{$pattern}\"\n";
}
$pattern = gethostbyname($pattern);
}
if (!$Ipclass->isIPAddressOrRange($pattern)) {
$f[] = "# ! {$pattern} isIPAddressOrRange -> false";
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: unable to resolve {$ligne["pattern"]}\n";
}
continue;
}
$s[] = "to {$pattern}";
$f[] = "\tFirewallRule " . @implode(" ", $s);
}
if ($type == 1) {
if (count($f) == 0) {
$f[] = "\tFirewallRule allow to 0.0.0.0/0";
}
}
if ($type == 0) {
if (count($f) == 0) {
$f[] = "\tFirewallRule drop to 0.0.0.0/0";
}
}
$GLOBALS["FWRLS"][$type] = @implode("\n", $f);
return $GLOBALS["FWRLS"][$type];
}
示例15: build
function build()
{
$sock = new sockets();
$unix = new unix();
$EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
$SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
$ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
$ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
$ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
$ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
$ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
$EnableArticaHotSpotCAS = $sock->GET_INFO("EnableArticaHotSpotCAS");
if (!is_numeric($EnableArticaHotSpotCAS)) {
$EnableArticaHotSpotCAS = 0;
}
$HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
if ($ArticaHotSpotPort == 0) {
$ArticaHotSpotPort = rand(38000, 64000);
$sock->SET_INFO("ArticaHotSpotPort", $ArticaHotSpotPort);
}
if ($ArticaSSLHotSpotPort == 0) {
$ArticaSSLHotSpotPort = rand(38500, 64000);
$sock->SET_INFO("ArticaSSLHotSpotPort", $ArticaSSLHotSpotPort);
}
if ($ArticaHotSpotInterface == null) {
$ArticaHotSpotInterface = "eth0";
}
if (!is_numeric($ArticaSplashHotSpotPort)) {
$ArticaSplashHotSpotPort = 16080;
}
if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
$ArticaSplashHotSpotPortSSL = 16443;
}
$unix = new unix();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
$GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
$time = time();
$suffixTables = "-m comment --comment \"ArticaHotSpot-{$time}\"";
$q = new mysql_squid_builder();
$ipClass = new IP();
$iptables = $unix->find_program("iptables");
defaults_ports();
$f[] = ebtables_rules();
if ($GLOBALS["EBTABLES"]) {
$GLOBALS["MARKHTTP"] = null;
$GLOBALS["MARKHTTPS"] = null;
}
if (!$GLOBALS["EBTABLES"]) {
$f[] = "{$iptables} -t mangle -N internet -m comment --comment ArticaHotSpot-{$time}";
$f[] = "{$iptables} -t mangle -N internssl -m comment --comment ArticaHotSpot-{$time}";
$f[] = "{$iptables} -t mangle -A internet -j MARK --set-mark 99 -m comment --comment ArticaHotSpot-{$time}";
$f[] = "{$iptables} -t mangle -A internssl -j MARK --set-mark 98 -m comment --comment ArticaHotSpot-{$time}";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} C.A.S : {$EnableArticaHotSpotCAS}\n";
}
$Squid_http_address = "127.0.0.1:{$ArticaHotSpotPort}";
$webserver_http_address = "{$ipaddr}:{$ArticaSplashHotSpotPort}";
$c = 0;
if ($EnableArticaHotSpotCAS == 1) {
$ArticaHotSpotCASHost = $sock->GET_INFO("ArticaHotSpotCASHost");
$ArticaHotSpotCASPort = $sock->GET_INFO("ArticaHotSpotCASPort");
$f[] = whitelist_destination($ArticaHotSpotCASHost);
}
$sql = "SELECT * FROM `hotspot_whitelist`";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$q->mysql_error}\n";
}
return;
}
$Total = mysql_num_rows($results);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$Total} whitelisted websites\n";
}
while ($ligne = mysql_fetch_assoc($results)) {
$f[] = whitelist_webserver($ligne["ipaddr"], $ligne["port"], $ligne["ssl"]);
}
$sql = "SELECT * FROM `hotspot_networks` WHERE hotspoted=0";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$q->mysql_error}\n";
}
return;
}
$Total = mysql_num_rows($results);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$Total} whitelisted\n";
}
while ($ligne = mysql_fetch_assoc($results)) {
$pattern = $ligne["pattern"];
if ($ipClass->IsvalidMAC($pattern)) {
$c++;
$f[] = redirect_mac_to_proxy($pattern);
continue;
}
if ($ipClass->isIPAddressOrRange($pattern)) {
//.........這裏部分代碼省略.........