#!/usr/bin/perl
#use strict;
use DBI();
use Config::IniFiles;
use Getopt::Long;
use vars qw($configfile $quiet $help $version $iplist);

$ENV{'PATH'}='/sbin:/usr/sbin:/usr/local/sbin:/bin:/usr/bin:/usr/local/bin';

if(!$configfile)
{
     $configfile = "/etc/lms/lms.ini";
}

my $_version = '1.02 LMS by H_C_K';


if($version)
{
     print STDERR <<EOF;
lms-condition, version $_version
(C) 2009 H_C_K

EOF
     exit 0;
}
if(!$quiet)
{
     print STDOUT "lms-condition, version $_version\n";
     print STDOUT "Using file $configfile as config.\n";
}


my $ini = new Config::IniFiles -file => $configfile;
print @Config::IniFiles::errors;

my $networks_list = $ini->val('arping','networks') || '';
my $excluded_networks_list = $ini->val('arping','excluded_networks') || '';

my $dbtype = $ini->val('database', 'type') || 'mysql';
my $dbhost = $ini->val('database', 'host') || 'localhost';
my $dbuser = $ini->val('database', 'user') || 'root';
my $dbpasswd = $ini->val('database', 'password') || '';
my $dbname = $ini->val('database', 'database') || 'lms';

my $dbase;
my $utsfmt;

$IPTABLES = "/sbin/iptables";
$TABLE = "nat";
$SERWER = "10.0.0.1";
$PORT = "81";

if($dbtype =~ /mysql/)
{
    $dbase = DBI->connect("DBI:mysql:database=$dbname;host=$dbhost","$dbuser","$dbpasswd", { RaiseError => 1 });
    $utsfmt = "UNIX_TIMESTAMP()";
}
elsif($dbtype eq "postgres")
{
    $dbase = DBI->connect("DBI:Pg:dbname=$dbname;host=$dbhost","$dbuser","$dbpasswd", { RaiseError => 1 });
    $utsfmt = "EXTRACT(EPOCH FROM CURRENT_TIMESTAMP(0))";
}
else
{
    print STDERR "Fatal error: unsupported database type: $dbtype, exiting.\n";
    exit 1;
}

system("$IPTABLES -t $TABLE -D PREROUTING -p tcp --dport 80 -j warn");
system("$IPTABLES -F warn -t $TABLE");
system("$IPTABLES -X warn -t $TABLE");
system("$IPTABLES -t $TABLE -N warn");

my $sth = $dbase->prepare("SELECT inet_ntoa(ipaddr) AS ipaddr, inet_ntoa(ipaddr_pub) AS ipaddr_pub, ownerid, customers.name, customers.lastname, nodes.name AS komp_name FROM `nodes` LEFT JOIN `customers` ON (`customers`.`id` = `nodes`.`ownerid`) WHERE access=1 AND warning=1"); #nasze zapytanie
$sth->execute();
while (my $ref = $sth->fetchrow_hashref()) {
$ipaddr = $ref->{'ipaddr'};
$ipaddr_pub = $ref->{'ipaddr_pub'};
$komp_name = $ref->{'komp_name'};
$name = $ref->{'name'};
$lastname = $ref->{'lastname'};
if ($ipaddr eq "0.0.0.0") {
system( "$IPTABLES -t $TABLE -I warn -s $ipaddr_pub -p tcp -m condition --condition $ipaddr_pub -j DNAT --to-destination $SERWER:$PORT");
unlink "/proc/net/nf_condition/$ipaddr_pub"; # usuwamy stary plik
open(PLIK, ">>/proc/net/nf_condition/$ipaddr_pub"); #tworzymy nowy plik 
print PLIK "1\n";
close PLIK;
print "$ipaddr_pub - $komp_name Zablokowany Klient: $name $lastname\n";
}
else {
system( "$IPTABLES -t $TABLE -I warn -s $ipaddr -p tcp -m condition --condition $ipaddr -j DNAT --to-destination $SERWER:$PORT");
unlink "/proc/net/nf_condition/$ipaddr"; # usuwamy stary plik
open(PLIK, ">>/proc/net/nf_condition/$ipaddr"); #tworzymy plik konfiguracyjny
print PLIK "1\n";
close PLIK;
print "$ipaddr - $komp_name Zablokowany Klient: $name $lastname\n";
}

}
system("$IPTABLES -t $TABLE -A warn -j RETURN");
system("$IPTABLES -t $TABLE -I PREROUTING -p tcp --dport 80 -j warn");