From b3125143e32478699846446dea4df99392b84bd4 Mon Sep 17 00:00:00 2001 From: cmaffio Date: Tue, 10 May 2016 17:18:44 +0200 Subject: [PATCH] gestione reti --- proxy/net_acl.php | 125 +++++++++++++++++++++++++++++++ proxy/net_edit.php | 115 ++++++++++++++++++++++++++++ proxy/net_lista.php | 76 +++++++++++++++++++ proxy/proxy_gest.php | 44 +++++++++++ proxy/squid_acl/squid_acl.pl | 2 +- proxy/squid_acl/squid_acl_net.pl | 119 +++++++++++++++++++++++++++++ 6 files changed, 480 insertions(+), 1 deletion(-) create mode 100755 proxy/net_acl.php create mode 100755 proxy/net_edit.php create mode 100755 proxy/net_lista.php create mode 100755 proxy/proxy_gest.php create mode 100755 proxy/squid_acl/squid_acl_net.pl diff --git a/proxy/net_acl.php b/proxy/net_acl.php new file mode 100755 index 0000000..29a9fdf --- /dev/null +++ b/proxy/net_acl.php @@ -0,0 +1,125 @@ + $value) { + if ($key == 'id') continue; + + $query = " INSERT INTO + proxy_acl_net + SET + idacllist = $key, + idaclnet = $id, + stato = $value, + data = NOW() + ON DUPLICATE KEY UPDATE + stato = $value, + data = NOW() + "; + $res = mysql_query( $query, $DB_ID ); + } +} elseif (isset($_GET['id'])) { + $id = $_GET['id']; +} + +$query = " SELECT + net, + mask + FROM + proxy_net + WHERE + id = $id + "; +$res = mysql_query( $query, $DB_ID ); +$dato = mysql_fetch_array ( $res ); +$net = $dato['net']." / ".$dato['mask']; + +$query = " SELECT + proxy_acl_list.id, + proxy_acl_list.nome, + proxy_acl_list.sys, + proxy_acl_net.stato + FROM + proxy_acl_list + JOIN + proxy_acl_net + ON + proxy_acl_net.idacllist = proxy_acl_list.id + AND + proxy_acl_net.idaclnet = $id + AND + proxy_acl_list.attivo = 1 + UNION DISTINCT SELECT + proxy_acl_list.id, + proxy_acl_list.nome, + proxy_acl_list.sys, + proxy_acl_list.dflt + FROM + proxy_acl_list + WHERE + proxy_acl_list.id NOT IN (SELECT idacllist FROM proxy_acl_net WHERE idaclnet = $id) + AND + proxy_acl_list.attivo = 1 + ORDER BY + sys DESC, + nome +"; +$res = mysql_query( $query, $DB_ID ); +?> + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ReteNegaDefaultAutorizzaNome Lista
onChange="do_submit()"/> onChange="do_submit()"/> onChange="do_submit()"/>
+
+ + diff --git a/proxy/net_edit.php b/proxy/net_edit.php new file mode 100755 index 0000000..1b673ec --- /dev/null +++ b/proxy/net_edit.php @@ -0,0 +1,115 @@ + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ReteNetMaskData attivazioneUltima Modifica
Net AttivaNet non Attiva + +
+
+ + diff --git a/proxy/net_lista.php b/proxy/net_lista.php new file mode 100755 index 0000000..d571943 --- /dev/null +++ b/proxy/net_lista.php @@ -0,0 +1,76 @@ + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Net AbilitataNet DisabilitataDettaglioACL /
+
+ + diff --git a/proxy/proxy_gest.php b/proxy/proxy_gest.php new file mode 100755 index 0000000..f8a821d --- /dev/null +++ b/proxy/proxy_gest.php @@ -0,0 +1,44 @@ + + + + + + + diff --git a/proxy/squid_acl/squid_acl.pl b/proxy/squid_acl/squid_acl.pl index 9260ada..7d8f7b3 100755 --- a/proxy/squid_acl/squid_acl.pl +++ b/proxy/squid_acl/squid_acl.pl @@ -24,8 +24,8 @@ $sts->execute (); open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log"; LOG->autoflush(1); -alarm $timeout; while($limit) { + alarm $timeout; my $query = ""; my $input = <>; chop $input; diff --git a/proxy/squid_acl/squid_acl_net.pl b/proxy/squid_acl/squid_acl_net.pl new file mode 100755 index 0000000..3a2c04d --- /dev/null +++ b/proxy/squid_acl/squid_acl_net.pl @@ -0,0 +1,119 @@ +#!/usr/bin/perl +$|=1; + +use DBI; +use Switch; +use FindBin qw($Bin); + +require "$Bin/../script/conntrack.conf"; + +local $SIG{ALRM} = sub { + my $time = localtime; # scalar context + print LOG "$$ - $time - Exit\n"; + exit 1; +}; + +srand($$); +$timeout = 60 * (int(rand(5))+61); +$limit = 50; + +my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die ($DBI::errstr); +$sts = $dbmysql->prepare("use $DBname"); +$sts->execute (); + +open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log"; +LOG->autoflush(1); + +while($limit) { + alarm $timeout; + my $query = ""; + my $input = <>; + chop $input; + + my @param = split / /, $input; + + my $ritorno = cerca ($param[1],$param[2], -1); + $limit--; + if ($ritorno) { + print LOG "$param[0] - $param[1] - $param[2] - ERR\n"; + print "DENY\n"; + } else { + $ritorno = cerca ($param[1],$param[2], 1); + if ($ritorno) { + print LOG "$param[0] - $param[1] - $param[2] - OK\n"; + print "OK\n"; + } else { + print LOG "$param[0] - $param[1] - $param[2] - ERR\n"; + print "\n"; + } + } +} +exit; + +sub cerca { + my $ip = shift; + my $url = shift; + my $stato = shift; + + if ($stato == 1) { + $tutto = ""; + } else { + $tutto = ""; + } + + $query = " SELECT + 1 + FROM + proxy_net + JOIN + proxy_acl_net + ON + proxy_net.id = proxy_acl_net.idaclnet + AND + proxy_acl_net.stato = $stato + JOIN + proxy_acl_list + ON + proxy_acl_net.idacllist = proxy_acl_list.id + AND + proxy_acl_list.attivo = 1 + JOIN + proxy_acl + ON + proxy_acl.idacllist = proxy_acl_list.id + AND + proxy_acl.attivo = 1 + AND + LOCATE(proxy_acl.rif, '$url') > 0 + WHERE + (INET_ATON('$ip') & INET_ATON(proxy_net.mask)) = INET_ATON(proxy_net.net) + UNION DISTINCT SELECT + 1 + FROM + proxy_net + JOIN + proxy_acl_net + ON + proxy_net.id = proxy_acl_net.idaclnet + AND + proxy_acl_net.stato = $stato + JOIN + proxy_acl_list + ON + proxy_acl_net.idacllist = proxy_acl_list.id + AND + proxy_acl_list.nome = 'ALL' + WHERE + (INET_ATON('$ip') & INET_ATON(proxy_net.mask)) = INET_ATON(proxy_net.net) + "; + +# print "$query\n"; + $sts = $dbmysql->prepare($query); + $sts->execute (); + + if ($ref = $sts->fetchrow_hashref ) { + return 1; + } else { + return 0; + } +}