aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cgi/GeoLite2-Country.mmdbbin3990267 -> 5599113 bytes
-rw-r--r--cgi/api.py2
-rw-r--r--cgi/framework.py22
-rw-r--r--cgi/geoip.py133
-rw-r--r--cgi/manage.py2
-rw-r--r--cgi/modapi.py4
-rw-r--r--cgi/oekaki.py4
-rwxr-xr-xcgi/weabot.py22
8 files changed, 26 insertions, 163 deletions
diff --git a/cgi/GeoLite2-Country.mmdb b/cgi/GeoLite2-Country.mmdb
index 90c1146..7d90a1b 100644
--- a/cgi/GeoLite2-Country.mmdb
+++ b/cgi/GeoLite2-Country.mmdb
Binary files differ
diff --git a/cgi/api.py b/cgi/api.py
index 09e7d75..7b8b6bd 100644
--- a/cgi/api.py
+++ b/cgi/api.py
@@ -29,7 +29,7 @@ def api(self, path_split):
def api_process(self, path_split):
formdata = self.formdata
- ip = self.environ["REMOTE_ADDR"]
+ ip = self.ip
t = time.time()
method = path_split[2]
diff --git a/cgi/framework.py b/cgi/framework.py
index cfc1fd3..0f62fff 100644
--- a/cgi/framework.py
+++ b/cgi/framework.py
@@ -105,7 +105,7 @@ def addressIsProxy(ip):
def addressIsES(ip):
ES = ['AR', 'BO', 'CL', 'CO', 'CR', 'CU', 'EC', 'ES', 'GF',
'GY', 'GT', 'HN', 'MX', 'NI', 'PA', 'PE', 'PY', 'PR',
- 'SR', 'UY', 'VE', 'v6'] # 'BR',
+ 'SR', 'UY', 'VE'] # 'BR',
return getCountry(ip) in ES
@@ -114,18 +114,14 @@ def addressIsBannedCountry(ip):
def getCountry(ip):
- if ":" in ip:
- return "v6"
- else:
- import geoip2.database
- import geoip2.errors
- try:
- with geoip2.database.Reader('GeoLite2-Country.mmdb') as reader:
- response = reader.country(ip)
- return response.country.iso_code
- except geoip2.errors.AddressNotFoundError:
- return "??"
-
+ import geoip2.database
+ import geoip2.errors
+ try:
+ with geoip2.database.Reader('GeoLite2-Country.mmdb') as reader:
+ response = reader.country(ip)
+ return response.country.iso_code
+ except geoip2.errors.AddressNotFoundError:
+ return "??"
def clearCache():
if Settings._.CONN:
diff --git a/cgi/geoip.py b/cgi/geoip.py
deleted file mode 100644
index 36c25d1..0000000
--- a/cgi/geoip.py
+++ /dev/null
@@ -1,133 +0,0 @@
-"""Python API that wraps GeoIP country database lookup into a simple function.
-
-Download the latest MaxMind GeoIP country database and read other docs here:
- http://www.maxmind.com/app/geolitecountry
-
-Copyright (C) 2009 Ben Hoyt, released under the Lesser General Public License:
- http://www.gnu.org/licenses/lgpl.txt
-
-Usage examples:
-
->>> country('64.233.161.99')
-'US'
->>> country('202.21.128.102')
-'NZ'
->>> country('asdf')
-''
->>> country('127.0.0.1')
-''
-"""
-
-# List of country codes (indexed by GeoIP country ID number)
-countries = (
- '', 'AP', 'EU', 'AD', 'AE', 'AF', 'AG', 'AI', 'AL', 'AM', 'AN', 'AO', 'AQ',
- 'AR', 'AS', 'AT', 'AU', 'AW', 'AZ', 'BA', 'BB', 'BD', 'BE', 'BF', 'BG', 'BH',
- 'BI', 'BJ', 'BM', 'BN', 'BO', 'BR', 'BS', 'BT', 'BV', 'BW', 'BY', 'BZ', 'CA',
- 'CC', 'CD', 'CF', 'CG', 'CH', 'CI', 'CK', 'CL', 'CM', 'CN', 'CO', 'CR', 'CU',
- 'CV', 'CX', 'CY', 'CZ', 'DE', 'DJ', 'DK', 'DM', 'DO', 'DZ', 'EC', 'EE', 'EG',
- 'EH', 'ER', 'ES', 'ET', 'FI', 'FJ', 'FK', 'FM', 'FO', 'FR', 'FX', 'GA', 'GB',
- 'GD', 'GE', 'GF', 'GH', 'GI', 'GL', 'GM', 'GN', 'GP', 'GQ', 'GR', 'GS', 'GT',
- 'GU', 'GW', 'GY', 'HK', 'HM', 'HN', 'HR', 'HT', 'HU', 'ID', 'IE', 'IL', 'IN',
- 'IO', 'IQ', 'IR', 'IS', 'IT', 'JM', 'JO', 'JP', 'KE', 'KG', 'KH', 'KI', 'KM',
- 'KN', 'KP', 'KR', 'KW', 'KY', 'KZ', 'LA', 'LB', 'LC', 'LI', 'LK', 'LR', 'LS',
- 'LT', 'LU', 'LV', 'LY', 'MA', 'MC', 'MD', 'MG', 'MH', 'MK', 'ML', 'MM', 'MN',
- 'MO', 'MP', 'MQ', 'MR', 'MS', 'MT', 'MU', 'MV', 'MW', 'MX', 'MY', 'MZ', 'NA',
- 'NC', 'NE', 'NF', 'NG', 'NI', 'NL', 'NO', 'NP', 'NR', 'NU', 'NZ', 'OM', 'PA',
- 'PE', 'PF', 'PG', 'PH', 'PK', 'PL', 'PM', 'PN', 'PR', 'PS', 'PT', 'PW', 'PY',
- 'QA', 'RE', 'RO', 'RU', 'RW', 'SA', 'SB', 'SC', 'SD', 'SE', 'SG', 'SH', 'SI',
- 'SJ', 'SK', 'SL', 'SM', 'SN', 'SO', 'SR', 'ST', 'SV', 'SY', 'SZ', 'TC', 'TD',
- 'TF', 'TG', 'TH', 'TJ', 'TK', 'TM', 'TN', 'TO', 'TL', 'TR', 'TT', 'TV', 'TW',
- 'TZ', 'UA', 'UG', 'UM', 'US', 'UY', 'UZ', 'VA', 'VC', 'VE', 'VG', 'VI', 'VN',
- 'VU', 'WF', 'WS', 'YE', 'YT', 'RS', 'ZA', 'ZM', 'ME', 'ZW', 'A1', 'A2', 'O1',
- 'AX', 'GG', 'IM', 'JE', 'BL', 'MF')
-
-
-def iptonum(ip):
- """Convert IP address string to 32-bit integer, or return None if IP is bad.
-
- >>> iptonum('0.0.0.0')
- 0
- >>> hex(iptonum('127.0.0.1'))
- '0x7f000001'
- >>> hex(iptonum('255.255.255.255'))
- '0xffffffffL'
- >>> iptonum('127.0.0.256')
- >>> iptonum('1.2.3')
- >>> iptonum('a.s.d.f')
- >>> iptonum('1.2.3.-4')
- >>> iptonum('')
- """
- segments = ip.split('.')
- if len(segments) != 4:
- return None
- num = 0
- for segment in segments:
- try:
- segment = int(segment)
- except ValueError:
- return None
- if segment < 0 or segment > 255:
- return None
- num = num << 8 | segment
- return num
-
-
-class DatabaseError(Exception):
- pass
-
-
-class GeoIP(object):
- """Wraps GeoIP country database lookup into a class."""
-
- _record_length = 3
- _country_start = 16776960
-
- def __init__(self, dbname='GeoIP.dat'):
- """Init GeoIP instance with given GeoIP country database file."""
- self._dbfile = open(dbname, 'rb')
-
- def country(self, ip):
- """Lookup IP address string and turn it into a two-letter country code
- like 'NZ', or return empty string if unknown.
-
- >>> g = GeoIP()
- >>> g.country('64.233.161.99')
- 'US'
- >>> g.country('202.21.128.102')
- 'NZ'
- >>> g.country('asdf')
- ''
- >>> g.country('127.0.0.1')
- ''
- """
- ipnum = iptonum(ip)
- if ipnum is None:
- return ''
- return countries[self._country_id(ipnum)]
-
- def _country_id(self, ipnum):
- """Look up and return country ID of given 32-bit IP address."""
- # Search algorithm from: http://code.google.com/p/pygeoip/
- offset = 0
- for depth in range(31, -1, -1):
- self._dbfile.seek(offset * 2 * self._record_length)
- data = self._dbfile.read(2 * self._record_length)
- x = [0, 0]
- for i in range(2):
- for j in range(self._record_length):
- x[i] += ord(data[self._record_length * i + j]) << (j * 8)
- i = 1 if ipnum & (1 << depth) else 0
- if x[i] >= self._country_start:
- return x[i] - self._country_start
- offset = x[i]
- raise DatabaseError('GeoIP database corrupt: offset=%s' % offset)
-
-
-def country(ip, dbname='GeoIP.dat'):
- """Helper function that creates a GeoIP instance and calls country()."""
- return GeoIP(dbname).country(ip)
-
-
-if __name__ == '__main__':
- import doctest
- doctest.testmod()
diff --git a/cgi/manage.py b/cgi/manage.py
index 37546dc..45ed0c4 100644
--- a/cgi/manage.py
+++ b/cgi/manage.py
@@ -36,7 +36,7 @@ def manage(self, path_split):
else:
page += _('Incorrect username/password.')
logAction('', 'Failed login. U:'+self.formdata['username']+' IP logged.')
- logging.warn("Failed login. U:{} IP:{}".format(self.formdata['username'], self.environ["REMOTE_ADDR"]))
+ logging.warn("Failed login. U:{} IP:{}".format(self.formdata['username'], self.ip))
else:
# Validate existing session
manage_cookie = getCookie(self, 'weabot_manage')
diff --git a/cgi/modapi.py b/cgi/modapi.py
index 499535e..ba53026 100644
--- a/cgi/modapi.py
+++ b/cgi/modapi.py
@@ -30,7 +30,7 @@ def api(self, path_split):
def api_process(self, path_split):
formdata = self.formdata
- ip = self.environ["REMOTE_ADDR"]
+ ip = self.ip
t = time.time()
method = path_split[2]
values = {'state': 'success'}
@@ -64,7 +64,7 @@ def api_process(self, path_split):
str(timestamp() - 604800)) # one week
else:
logAction('', 'Failed log-in. Username:'+_mysql.escape_string(
- self.formdata['username'])+' IP:'+self.environ["REMOTE_ADDR"])
+ self.formdata['username'])+' IP:'+self.ip)
raise APIError("Incorrect username/password.")
else:
raise APIError("Bad request")
diff --git a/cgi/oekaki.py b/cgi/oekaki.py
index ab31fb7..a58d0fd 100644
--- a/cgi/oekaki.py
+++ b/cgi/oekaki.py
@@ -120,7 +120,7 @@ def oekaki(self, path_split):
# 4: Data format
board = setBoard(path_split[3])
- ip = inet_aton(self.environ["REMOTE_ADDR"])
+ ip = inet_aton(self.ip)
fname = os.path.join(Settings.IMAGES_DIR,
board['dir'], "temp", str(ip) + ".png")
@@ -144,7 +144,7 @@ def oekaki(self, path_split):
raise UserError('Esta sección no soporta oekaki.')
ts = int(time.time())
- ip = inet_aton(self.environ["REMOTE_ADDR"])
+ ip = inet_aton(self.ip)
fname = os.path.join(Settings.IMAGES_DIR,
board['dir'], "temp", str(ip) + ".png")
oek = 'no'
diff --git a/cgi/weabot.py b/cgi/weabot.py
index dfa9de6..ff6debc 100755
--- a/cgi/weabot.py
+++ b/cgi/weabot.py
@@ -38,6 +38,7 @@ class weabot(object):
logging.basicConfig(filename='weabot.log', format='%(asctime)s %(levelname)s %(message)s', level=logging.DEBUG)
self.environ = environ
+ self.ip = self.environ["HTTP_X_REAL_IP"]
if self.environ["PATH_INFO"].startswith("/weabot.py/"):
self.environ["PATH_INFO"] = self.environ["PATH_INFO"][11:]
@@ -87,7 +88,7 @@ class weabot(object):
if board:
if board['board_type'] == 1:
info = {}
- info['host'] = self.environ["REMOTE_ADDR"]
+ info['host'] = self.ip
info['name'] = self.formdata.get('fielda', '')
info['email'] = self.formdata.get('fieldb', '')
info['message'] = self.formdata.get('message', '')
@@ -144,7 +145,7 @@ class weabot(object):
raise UserError("El request está incompleto.")
# let's get all the POST data we need
- ip = self.environ["REMOTE_ADDR"]
+ ip = self.ip
boarddir = self.formdata.get('board')
parent = self.formdata.get('parent')
trap1 = self.formdata.get('name', '')
@@ -263,7 +264,7 @@ class weabot(object):
caught = True
# Redirect to ban page if user is banned
- if Settings.ENABLE_BANS and addressIsBanned(self.environ['REMOTE_ADDR'], board["dir"], blind_only=True):
+ if Settings.ENABLE_BANS and addressIsBanned(self.ip, board["dir"], blind_only=True):
raise UserError('<meta http-equiv="refresh" content="0; url=/cgi/banned/%s">' % board["dir"])
if len(path_split) > 4 and path_split[4] and board['board_type'] == 1:
@@ -293,7 +294,7 @@ class weabot(object):
# Report post, check if they are enabled
# Can't report if banned
caught = True
- ip = self.environ["REMOTE_ADDR"]
+ ip = self.ip
boarddir = path_split[2]
postid = int(path_split[3])
reason = self.formdata.get('reason')
@@ -327,7 +328,7 @@ class weabot(object):
self.output += '<html xmlns="http://www.w3.org/1999/xhtml"><meta http-equiv="refresh" content="0;url=%s" /><body><p>...</p></body></html>' % url
elif path_split[1] == "banned":
OpenDb()
- bans = FetchAll("SELECT * FROM `bans` WHERE INET6_ATON(%s) BETWEEN `ipstart` AND `ipend`", (self.environ["REMOTE_ADDR"],))
+ bans = FetchAll("SELECT * FROM `bans` WHERE INET6_ATON(%s) BETWEEN `ipstart` AND `ipend`", (self.ip,))
if bans:
for ban in bans:
if ban["boards"]:
@@ -349,7 +350,7 @@ class weabot(object):
'reason': ban['reason'],
'added': formatTimestamp(ban["added"]),
'expire': expire,
- 'ip': self.environ["REMOTE_ADDR"],
+ 'ip': self.ip,
'ipstr': ban['ipstr'],
}
self.output = renderTemplate(
@@ -370,7 +371,7 @@ class weabot(object):
board = setBoard(path_split[2])
# Redirect to ban page if user is banned
- if Settings.ENABLE_BANS and addressIsBanned(self.environ['REMOTE_ADDR'], board["dir"], blind_only=True):
+ if Settings.ENABLE_BANS and addressIsBanned(self.ip, board["dir"], blind_only=True):
raise UserError('<meta http-equiv="refresh" content="0; url=/cgi/banned/%s">' % board["dir"])
self.output = dynamicRead(int(path_split[3]), path_split[4])
@@ -379,8 +380,7 @@ class weabot(object):
OpenDb()
try:
board = setBoard(self.formdata["board"])
- message = format_post(
- self.formdata["message"], self.environ["REMOTE_ADDR"], self.formdata["parentid"])
+ message = format_post(self.formdata["message"], self.ip, self.formdata["parentid"])
self.output = message
except Exception as messagez:
self.output = "Error: " + \
@@ -972,7 +972,7 @@ class weabot(object):
UpdateDb("INSERT INTO `reports` (board, postid, parentid, link, ip, reason, repip, timestamp, timestamp_formatted) " +
"VALUES (%s, %s, %s, %s, %s, %s, INET6_ATON(%s), %s, %s)",
- (board["dir"], post['id'], post['parentid'], link, post['ip'], message, self.environ["REMOTE_ADDR"], t, formatTimestamp(t)))
+ (board["dir"], post['id'], post['parentid'], link, post['ip'], message, self.ip, t, formatTimestamp(t)))
self.output = renderTemplate("report.html", {'finished': True})
def stats(self):
@@ -982,7 +982,7 @@ class weabot(object):
try:
with open('stats.json', 'r') as f:
out = json.load(f)
- except ValueError:
+ except (ValueError, FileNotFoundError):
out = {'t': 0}
regenerated = False