Poor-Mans-IDS/controlpanel/trafficctrl.cpp

//////////////////////////////////////////////////////////////////////
// Traffic Montor Control HTTP server
// Written by Jonathan A. Foster <jon@jfpossibilities.com>
// Started August 13th, 2021
// Copyright JF Possibilities, Inc. All rights reserved.
//
// Provide a control panel to manage which domains we want to watch,
// ignore anc block.
//////////////////////////////////////////////////////////////////////
#include <stdlib.h>
#include <string>
#include <stdexcept>
#include <iostream>

/// C++CMS/DB ///

#include <cppcms/service.h>
#include <cppcms/applications_pool.h>
#include <cppcms/mount_point.h>
#include <cppcms/url_dispatcher.h>
#include <cppcms/url_mapper.h>
#include <cppcms/http_request.h>
#include <cppcms/http_response.h>
#include <cppdb/frontend.h>

/// Our app ///

#include "../strutil.h"
#include "data.h"

/// Build flags ///

// TODO: better application of C++CMS booster logging
//#define DEBUGGIN



//////////////////////////////////////////////////////////////////////
// C++CMS App to manage the state of all known domain names.
//////////////////////////////////////////////////////////////////////

const std::string filter_titles[] = { "Undecided", "Accepted", "Blocked" };
const std::string       actions[] = { "Reset",     "Accept",  "Block" };
      std::string        root_uri = "";

struct app: public cppcms::application {
  std::auto_ptr<cppdb::session> sql;
  int items_per_page;


  
  std::string numlist(const std::string &field) {
    std::string r;
    const cppcms::http::request::form_type &POST = request().post();
    for(
      cppcms::http::request::form_type::const_iterator it = POST.find(field);
      it!=POST.end() && it->first==field;
      it++
    ) {
      if(it->second!="") {
          if(r!="") r+=",";
          r+="'"+sql->escape(it->second)+"'";
      }
    }
    return r;
  }
  
  
  
  void list(Domain::STATUS sid) {
    int          i;
    std::string  s;
    StringList   list;
    DomainList   c;
    
    // TODO: put this someplace else?
    
    /// Form processing ///
    
    if(request().request_method()=="POST") {
      std::string op = request().post("op");
      // nothing to do without a valid "op"
      if(op=="0" || op=="1" || op=="2") {
        // eliminate NOP busywork
        if((s=numlist("id"))!="" && sid!=atoi(op.c_str())) {
          *sql << "UPDATE dns SET status="+op+" WHERE name IN ("+s+")"
               << cppdb::exec;
        }
        if((s=request().post("domain"))!="") {
          *sql << "UPDATE dns SET status=? WHERE name=? OR name LIKE ?"
               << op << s << ("%."+s)
               << cppdb::exec;
        }
      }
    }
    
    /// Auto add unknown domains to DNS list ///

    cppdb::result r = *sql << 
        "SELECT c.them_name "
        "FROM connections c LEFT OUTER JOIN dns ON c.them_name=dns.name "
        "WHERE c.them_name<>'' AND dns.name IS NULL "
        "GROUP BY c.them_name";
    while(r.next()) {
      r >> s;
      list.push_back(s);
    }
    
    if(!list.empty()) {
      cppdb::statement q = *sql << "INSERT INTO dns (name) VALUES (?)";
      for(StringList::iterator i=list.begin(); i!=list.end(); i++) {
        q.reset();
        q << *i << cppdb::exec;
      }
    }
    
    /// Produce list of unknowns ///
    
    c.filter    = filter_titles[sid];
    s = request().get("pg");
    if(s=="")
      c.page = 1;
    else
      c.page = atoi(s.c_str());
    if(c.page < 1 || c.page > 999999) c.page = 1;
    r = *sql << "SELECT name, decided, status FROM dns WHERE status=? "
                "LIMIT "+str((c.page-1)*items_per_page)+","+str(items_per_page)
             << sid;
    for(i = c.list.size(); r.next(); i++) {
      c.list.resize(i+1);
      r >> c.list[i].name >> c.list[i].decided >> c.list[i].status;
    }
    r = *sql << "SELECT count(*) FROM dns WHERE status=?" << sid << cppdb::row;
    r >> c.count;
    c.page_size = items_per_page;
    c.pages     = (c.count+items_per_page-1)/items_per_page;
    render("mainskin", "domain_list", c);
  }
  
  
  
  void undecided() { list(Domain::undecided); }
  void accepted()  { list(Domain::accepted ); }
  void blocked()   { list(Domain::blocked  ); }
  
  
  
  app(cppcms::service &s): cppcms::application(s), items_per_page(50) {
#ifdef DEBUGGIN
std::cerr << "spawning app object" << std::endl;
#endif
    sql.reset(new cppdb::session());
    sql->open(settings().get<std::string>("trafficctrl.db"));
    
        mapper().root(root_uri);
        mapper().assign("blocked",     "/blocked");
    dispatcher().assign("/blocked/?",  &app::blocked,   this);
        mapper().assign("accepted",    "/accepted");
    dispatcher().assign("/accepted/?", &app::accepted,  this);
        mapper().assign("");
    dispatcher().assign("/?",          &app::undecided, this);

  }
  
  // logging
  void main(const std::string url) {
#ifdef DEBUGGIN
std::cerr << "request: " << url                     << '\n'
          << "   INFO: " << request().path_info()   << '\n'
          << " SCRIPT: " << request().script_name() << '\n'
          << std::endl;
#endif
    cppcms::application::main(url);
  }
  
};



//////////////////////////////////////////////////////////////////////
// main() - Launch C++CMS with my test app on "/"
//////////////////////////////////////////////////////////////////////

int main(int argc, char **args) {
  // create server object
  cppcms::service srv(argc, args);
  // Get root URI from configuration file.
  root_uri = srv.settings().get("trafficctrl.root_uri", "");
  // Mount our app in the server
  srv.applications_pool().mount(
    cppcms::create_pool<app>(),
    cppcms::mount_point(root_uri)
  );
  // Serve it!
  // TODO: log crashes.
#ifdef DEBUGGIN
std::cerr << "Launching" << std::endl;
#endif
  srv.run();

  return 0;
}