From: Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
Date: Fri, 30 Jan 2015 17:12:36 +0000 (+0100)
Subject: partial implementation of provider_proxy
X-Git-Tag: v4.18.0~4
X-Git-Url: https://mop.ddnsfree.com/gitweb/?p=brisk.git;a=commitdiff_plain;h=f8e4fc91f8fa59e3dea560616a461db0bfc301cf

partial implementation of provider_proxy
---

diff --git a/web/Obj/brisk.phh b/web/Obj/brisk.phh
index 3a8b43a..896c28b 100644
--- a/web/Obj/brisk.phh
+++ b/web/Obj/brisk.phh
@@ -90,6 +90,7 @@ define('DEBUGGING', "no-debugging");
 
 require_once("$DOCUMENT_ROOT/Etc/".BRISK_CONF);
 require_once("${G_base}Obj/ipclass.phh");
+require_once("${G_base}Obj/provider_proxy.phh");
 
 $mlang_brisk = array( 'btn_backstand'=> array( 'it' => 'torna in piedi',
                                                'en' => 'back standing' ),
@@ -1039,6 +1040,7 @@ class Brisk
 
     var $ban_list;  // ban list (authized allowed)
     var $black_list;  // black list (anti-dos, noone allowed)
+    var $provider_proxy; // list of provider/browser that offer proxy service
     var $ghost_sess;
     var $delay_mgr;
 
@@ -1052,13 +1054,13 @@ class Brisk
     }
 
     // constructor
-    static function create($crystal_filename, $ban_list, $black_list) {
+    static function create($crystal_filename, $ban_list, $black_list, $prov_proxy) {
         if (($brisk_ser = @file_get_contents($crystal_filename)) != FALSE) {
             if (($brisk = unserialize($brisk_ser)) != FALSE) {
                 fprintf(STDERR, "ROOM FROM FILE\n");
                 rename($crystal_filename, $crystal_filename.".old");
 
-                $brisk->reload(TRUE, $ban_list, $black_list);
+                $brisk->reload(TRUE, $ban_list, $black_list, $prov_proxy);
 
                 return($brisk);
             }
@@ -1074,6 +1076,7 @@ class Brisk
 
         $thiz->ban_list = IpClass::create();
         $thiz->black_list = IpClass::create();
+        $thiz->provider_proxy = ProviderProxy::create();
         $thiz->ghost_sess = new GhostSess();
 
         for ($i = 0 ; $i < MAX_PLAYERS ; $i++) {
@@ -1090,14 +1093,14 @@ class Brisk
 
         static::$sess_cur = FALSE;
 
-        $thiz->reload(TRUE, $ban_list, $black_list);
+        $thiz->reload(TRUE, $ban_list, $black_list, $prov_proxy);
 
         return ($thiz);
     }
 
-    function reload($is_first, $ban_list, $black_list)
+    function reload($is_first, $ban_list, $black_list, $prov_proxy)
     {
-        fprintf(STDERR, "RELOAD STUFF (%d)(%d)\n", count($ban_list), count($black_list));
+        fprintf(STDERR, "RELOAD STUFF (%d)(%d)(%d)\n", count($ban_list), count($black_list), count($prov_proxy));
 
         if (defined('CURL_DE_SAC_VERS')) {
             if (brisk_cds_reload($this) == FALSE) {
@@ -1106,6 +1109,7 @@ class Brisk
         }
         $this->ban_list->update($ban_list);
         $this->black_list->update($black_list);
+        $this->provider_proxy->update($prov_proxy);
 
         if (!$is_first) {
             $this->banned_kickoff();
@@ -1170,6 +1174,11 @@ class Brisk
         return ($this->black_list->check($ip_str));
     }
 
+    function pproxy_realip($ip_str)
+    {
+        return ($this->provider_proxy->realip($ip_str));
+    }
+
     function users_cleanup()
     {
         for ($i = 0 ; $i < MAX_PLAYERS ; $i++) {
@@ -2607,7 +2616,8 @@ class Brisk
       GLOBAL $G_ban_list, $G_black_list;
 
       printf("NEW_SOCKET (root): %d PATH [%s]\n", intval($new_socket), $path);
-      $remote_addr = addrtoipv4($addr);
+      // $remote_addr = addrtoipv4($addr);
+      $remote_addr = $this->pproxy_realip(addrtoipv4($addr));
 
       fprintf(STDERR, "\n\n\n PRE_BLACK_CHECK \n\n\n");
       if ($this->black_check($remote_addr)) {
diff --git a/web/Obj/provider_proxy.phh b/web/Obj/provider_proxy.phh
new file mode 100644
index 0000000..7542802
--- /dev/null
+++ b/web/Obj/provider_proxy.phh
@@ -0,0 +1,116 @@
+<?php
+/*
+ *  brisk - Obj/provider_proxy.phh
+ *
+ *  Copyright (C) 2015      Matteo Nastasi
+ *                          mailto: nastasi@alternativeoutput.it
+ *                                  matteo.nastasi@milug.org
+ *                          web: http://www.alternativeoutput.it
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABLILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details. You should have received a
+ * copy of the GNU General Public License along with this program; if
+ * not, write to the Free Software Foundation, Inc, 59 Temple Place -
+ * Suite 330, Boston, MA 02111-1307, USA.
+ *
+ */
+
+require_once("${G_base}Obj/ipclass.phh");
+
+$G_pproxy = array( "samosa" => array("headitem" => "X-Forwarded-For",
+                                     "ipclass" => array("107.178.33.0/24",
+                                                        "107.178.34.0/24",
+                                                        "107.178.35.0/24",
+                                                        "107.178.37.0/24",
+                                                        "107.178.38.0/24",
+                                                        "107.178.39.0/24",
+                                                        "107.178.41.0/24",
+                                                        "107.178.42.0/24",
+                                                        "107.178.43.0/24",
+                                                        "107.178.45.0/24",
+                                                        "107.178.46.0/24",
+                                                        "107.178.47.0/24",
+                                                        "206.173.221.0/24") ),
+                   "mytest" => array("headitem" => "X-Forwarded-For",
+                                     "ipclass" => array("192.168.2.3/24") )
+                   );
+
+class ProviderProxyItem
+{
+    var $name;
+    var $headitem;
+    var $ipclass;
+
+    function ProviderProxyItem($pp_name, $pp_descr)
+    {
+        $this->name     = $pp_name;
+        $this->headitem = $pp_descr['headitem'];
+        $this->ipclass  = IPClass::create($pp_descr['ipclass']);
+    }
+}
+
+
+class ProviderProxy
+{
+    var $pp;
+
+    function ProviderProxy()
+    {
+        $this->pp = NULL;
+    }
+
+    static function create($pproxy = NULL)
+    {
+        $thiz = new ProviderProxy();
+        
+        if ($pproxy != NULL)
+            $thiz->update($pproxy);
+
+        return ($thiz);
+    }
+
+    function clean()
+    {
+        if ($this->pp != NULL) {
+            foreach ($this->pp as $pp_name) {
+                unset($this->pp[$pp_name]);
+            }
+            unset($this->pp);
+            $this->pp = NULL;
+        }
+    }
+
+    function update($pproxy)
+    {
+        $this->clean();
+
+        $this->pp = array();
+        foreach ($pproxy as $pp_name => $pp_descr) {
+            $this->pp[$pp_name] = new ProviderProxyItem($pp_name, $pp_descr);
+        }
+    }
+
+    function realip($headers, $ip)
+    {
+        if ($this->pp != NULL) {
+            foreach ($this->pp as $pp_name => $pp_item) {
+                if ($pp_item->match($ip)) {
+                    if (isset($headers[$pp_item->headitem])) {
+                        fprintf(STDERR, "Match public proxy [%s]\n", $pp_name);
+                        return ($headers[$pp_item->headitem]);
+                    }
+                }
+            }
+        }
+        return ($ip);
+    }
+}
+
+?>
\ No newline at end of file
diff --git a/web/spush/brisk-spush.php b/web/spush/brisk-spush.php
index 6e07d92..76db91f 100755
--- a/web/spush/brisk-spush.php
+++ b/web/spush/brisk-spush.php
@@ -42,11 +42,11 @@ require_once($G_base."briskin5/index_wr.php");
 
 function main($argv)
 {
-    GLOBAL $G_ban_list, $G_black_list;
+    GLOBAL $G_ban_list, $G_black_list, $G_prov_proxy;
 
     pid_save();
     do {
-        if (($brisk = Brisk::create(LEGAL_PATH."/brisk-crystal.data", $G_ban_list, $G_black_list)) == FALSE) {
+        if (($brisk = Brisk::create(LEGAL_PATH."/brisk-crystal.data", $G_ban_list, $G_black_list, $G_prov_proxy)) == FALSE) {
             log_crit("Brisk::create failed");
             $ret = 1;
             break;