From b2a8ea7fee9a319d102b3138a8d8b73c57cfcd3a Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 22 Apr 2017 01:44:26 +0200 Subject: [PATCH 1/3] Add first version of Audit log --- api_FTL.php | 6 ++- auditlog.php | 78 ++++++++++++++++++++++++++++ scripts/pi-hole/js/auditlog.js | 94 ++++++++++++++++++++++++++++++++++ scripts/pi-hole/php/header.php | 8 ++- 4 files changed, 184 insertions(+), 2 deletions(-) create mode 100644 auditlog.php create mode 100644 scripts/pi-hole/js/auditlog.js diff --git a/api_FTL.php b/api_FTL.php index 0e0a2637..c367d153 100644 --- a/api_FTL.php +++ b/api_FTL.php @@ -71,7 +71,11 @@ if (isset($_GET['overTimeData10mins'])) if (isset($_GET['topItems']) && $auth) { - if(is_numeric($_GET['topItems'])) + if($_GET['topItems'] === "audit") + { + sendRequestFTL("top-domains for audit"); + } + else if(is_numeric($_GET['topItems'])) { sendRequestFTL("top-domains (".$_GET['topItems'].")"); } diff --git a/auditlog.php b/auditlog.php new file mode 100644 index 00000000..d0ae4c44 --- /dev/null +++ b/auditlog.php @@ -0,0 +1,78 @@ + + + + +
+

Audit log

+
+ +
+
+
+
+

Allowed queries

+
+ +
+
+ + + + + + + + +
DomainHitsAction
+
+
+
+ +
+ +
+ +
+ +
+
+
+

Blocked queries

+
+ +
+
+ + + + + + + + +
DomainHitsAction
+
+
+
+ +
+ +
+ +
+ +
+ + + + diff --git a/scripts/pi-hole/js/auditlog.js b/scripts/pi-hole/js/auditlog.js new file mode 100644 index 00000000..3cd2c680 --- /dev/null +++ b/scripts/pi-hole/js/auditlog.js @@ -0,0 +1,94 @@ +/* Pi-hole: A black hole for Internet advertisements +* (c) 2017 Pi-hole, LLC (https://pi-hole.net) +* Network-wide ad blocking via your own hardware. +* +* This file is copyright under the latest version of the EUPL. +* Please see LICENSE file for your rights under this license. */ +// Define global variables +var timeLineChart, queryTypeChart, forwardDestinationChart; + +function padNumber(num) { + return ("00" + num).substr(-2,2); +} + +// Helper function needed for converting the Objects to Arrays + +function objectToArray(p){ + var keys = Object.keys(p); + keys.sort(function(a, b) { + return a - b; + }); + + var arr = [], idx = []; + for (var i = 0; i < keys.length; i++) { + arr.push(p[keys[i]]); + idx.push(keys[i]); + } + return [idx,arr]; +} + +// Functions to update data in page + +var failures = 0; + +// Credit: http://stackoverflow.com/questions/1787322/htmlspecialchars-equivalent-in-javascript/4835406#4835406 +function escapeHtml(text) { + var map = { + "&": "&", + "<": "<", + ">": ">", + "\"": """, + "\'": "'" + }; + + return text.replace(/[&<>"']/g, function(m) { return map[m]; }); +} + +function updateTopLists() { + $.getJSON("api.php?topItems=audit", function(data) { + + if("FTLnotrunning" in data) + { + return; + } + + // Clear tables before filling them with data + $("#domain-frequency td").parent().remove(); + $("#ad-frequency td").parent().remove(); + var domaintable = $("#domain-frequency").find("tbody:last"); + var adtable = $("#ad-frequency").find("tbody:last"); + var url, domain, percentage; + for (domain in data.top_queries) { + if ({}.hasOwnProperty.call(data.top_queries,domain)){ + // Sanitize domain + domain = escapeHtml(domain); + url = ""+domain+""; + percentage = data.top_queries[domain] / data.dns_queries_today * 100; + domaintable.append(" " + url + + " " + data.top_queries[domain] + " Buttons ... "); + } + } + + for (domain in data.top_ads) { + if ({}.hasOwnProperty.call(data.top_ads,domain)){ + // Sanitize domain + domain = escapeHtml(domain); + url = ""+domain+""; + percentage = data.top_ads[domain] / data.ads_blocked_today * 100; + adtable.append(" " + url + + " " + data.top_ads[domain] + " Buttons ... "); + } + } + + $("#domain-frequency .overlay").hide(); + $("#ad-frequency .overlay").hide(); + // Update top lists data every 10 seconds + setTimeout(updateTopLists, 10000); + }); +} + +$(document).ready(function() { + + // Pull in data via AJAX + updateTopLists(); + }); diff --git a/scripts/pi-hole/php/header.php b/scripts/pi-hole/php/header.php index 0c49b724..594a5be1 100644 --- a/scripts/pi-hole/php/header.php +++ b/scripts/pi-hole/php/header.php @@ -459,7 +459,7 @@ if($auth) { Enable    -
  • active"> +
  • active"> Tools @@ -479,6 +479,12 @@ if($auth) { Query adlists
    • + + class="active"> + + Audit log + + class="active"> From 349faac0482dbe569ff09b8727963c2026b83c7f Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 22 Apr 2017 16:09:56 +0200 Subject: [PATCH 2/3] Implemented also actions for audit log --- api_FTL.php | 11 ++++- auditlog.php | 9 ++-- scripts/pi-hole/js/auditlog.js | 80 ++++++++++++++++++++-------------- scripts/pi-hole/php/add.php | 26 +++++++++-- 4 files changed, 86 insertions(+), 40 deletions(-) diff --git a/api_FTL.php b/api_FTL.php index c367d153..04988f28 100644 --- a/api_FTL.php +++ b/api_FTL.php @@ -92,7 +92,11 @@ if (isset($_GET['topItems']) && $auth) $top_queries[$tmp[2]] = intval($tmp[1]); } - if(is_numeric($_GET['topItems'])) + if($_GET['topItems'] === "audit") + { + sendRequestFTL("top-ads for audit"); + } + else if(is_numeric($_GET['topItems'])) { sendRequestFTL("top-ads (".$_GET['topItems'].")"); } @@ -106,7 +110,10 @@ if (isset($_GET['topItems']) && $auth) foreach($return as $line) { $tmp = explode(" ",$line); - $top_ads[$tmp[2]] = intval($tmp[1]); + if(count($tmp) === 4) + $top_ads[$tmp[2]." (".$tmp[3].")"] = intval($tmp[1]); + else + $top_ads[$tmp[2]] = intval($tmp[1]); } $result = array('top_queries' => $top_queries, diff --git a/auditlog.php b/auditlog.php index d0ae4c44..96d74577 100644 --- a/auditlog.php +++ b/auditlog.php @@ -11,7 +11,7 @@
    -

    Audit log

    +

    Audit log (showing live data)

    @@ -28,7 +28,7 @@ Domain Hits - Action + Actions @@ -55,7 +55,7 @@ Domain Hits - Action + Actions @@ -68,6 +68,9 @@
    +
    +

    Important: Note that black- and whitelisted domains are not automatically applied on this page to avoid restarting the DNS service too often. Instead, go to Update Lists and run the update, to have the new settings become effective.

    +
    diff --git a/scripts/pi-hole/js/auditlog.js b/scripts/pi-hole/js/auditlog.js index 3cd2c680..85aee673 100644 --- a/scripts/pi-hole/js/auditlog.js +++ b/scripts/pi-hole/js/auditlog.js @@ -7,30 +7,6 @@ // Define global variables var timeLineChart, queryTypeChart, forwardDestinationChart; -function padNumber(num) { - return ("00" + num).substr(-2,2); -} - -// Helper function needed for converting the Objects to Arrays - -function objectToArray(p){ - var keys = Object.keys(p); - keys.sort(function(a, b) { - return a - b; - }); - - var arr = [], idx = []; - for (var i = 0; i < keys.length; i++) { - arr.push(p[keys[i]]); - idx.push(keys[i]); - } - return [idx,arr]; -} - -// Functions to update data in page - -var failures = 0; - // Credit: http://stackoverflow.com/questions/1787322/htmlspecialchars-equivalent-in-javascript/4835406#4835406 function escapeHtml(text) { var map = { @@ -65,18 +41,29 @@ function updateTopLists() { url = ""+domain+""; percentage = data.top_queries[domain] / data.dns_queries_today * 100; domaintable.append(" " + url + - " " + data.top_queries[domain] + " Buttons ... "); + " " + data.top_queries[domain] + " "); } } for (domain in data.top_ads) { if ({}.hasOwnProperty.call(data.top_ads,domain)){ // Sanitize domain - domain = escapeHtml(domain); - url = ""+domain+""; - percentage = data.top_ads[domain] / data.ads_blocked_today * 100; - adtable.append(" " + url + - " " + data.top_ads[domain] + " Buttons ... "); + console.log(domain); + console.log(); + var input = domain.split(" "); + var printdomain = escapeHtml(input[0]); + if(input.length > 1) + { + url = ""+printdomain+" (wildcard blocked)"; + adtable.append(" " + url + + " " + data.top_ads[domain] + " "); + } + else + { + url = ""+printdomain+""; + adtable.append(" " + url + + " " + data.top_ads[domain] + " "); + } } } @@ -87,8 +74,37 @@ function updateTopLists() { }); } + +function add(domain,list) { + var token = $("#token").html(); + $.ajax({ + url: "scripts/pi-hole/php/add.php", + method: "post", + data: {"domain":domain, "list":list, "token":token, "auditlog":1}, + success: function(response) { + setTimeout(updateTopLists, 300); + } + }); +} + $(document).ready(function() { - // Pull in data via AJAX - updateTopLists(); + // Pull in data via AJAX + updateTopLists(); + + $("#domain-frequency tbody").on( "click", "button", function () { + var url = ($(this).parents("tr"))[0].innerText.split(" ")[0]; + if($(this).context.innerText === "Blacklist") + add(url,"black"); + else + add(url,"audit"); }); + + $("#ad-frequency tbody").on( "click", "button", function () { + var url = ($(this).parents("tr"))[0].innerText.split(" ")[0].split(" ")[0]; + if($(this).context.innerText === "Whitelist") + add(url,"white"); + else + add(url,"audit"); + }); +}); diff --git a/scripts/pi-hole/php/add.php b/scripts/pi-hole/php/add.php index d4ca64db..a19aae7a 100644 --- a/scripts/pi-hole/php/add.php +++ b/scripts/pi-hole/php/add.php @@ -16,13 +16,33 @@ list_verify($type); switch($type) { case "white": - echo exec("sudo pihole -w -q ${_POST['domain']}"); + if(!isset($_POST["auditlog"])) + echo exec("sudo pihole -w -q ${_POST['domain']}"); + else + { + echo exec("sudo pihole -w -q -n ${_POST['domain']}"); + echo exec("sudo pihole -a audit ${_POST['domain']}"); + } break; case "black": - echo exec("sudo pihole -b -q ${_POST['domain']}"); + if(!isset($_POST["auditlog"])) + echo exec("sudo pihole -b -q ${_POST['domain']}"); + else + { + echo exec("sudo pihole -b -q -n ${_POST['domain']}"); + echo exec("sudo pihole -a audit ${_POST['domain']}"); + } break; case "wild": - echo exec("sudo pihole -wild -q ${_POST['domain']}"); + if(!isset($_POST["auditlog"])) + echo exec("sudo pihole -wild -q ${_POST['domain']}"); + else + { + echo exec("sudo pihole -wild -q -n ${_POST['domain']}"); + echo exec("sudo pihole -a audit ${_POST['domain']}"); + } + case "audit": + echo exec("sudo pihole -a audit ${_POST['domain']}"); break; } From 870959026b7a605fcc94e646f95d6d782f32ed02 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 22 Apr 2017 16:19:19 +0200 Subject: [PATCH 3/3] Codacy fixes --- scripts/pi-hole/js/auditlog.js | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/scripts/pi-hole/js/auditlog.js b/scripts/pi-hole/js/auditlog.js index 85aee673..db904b91 100644 --- a/scripts/pi-hole/js/auditlog.js +++ b/scripts/pi-hole/js/auditlog.js @@ -47,10 +47,8 @@ function updateTopLists() { for (domain in data.top_ads) { if ({}.hasOwnProperty.call(data.top_ads,domain)){ - // Sanitize domain - console.log(domain); - console.log(); var input = domain.split(" "); + // Sanitize domain var printdomain = escapeHtml(input[0]); if(input.length > 1) { @@ -95,16 +93,24 @@ $(document).ready(function() { $("#domain-frequency tbody").on( "click", "button", function () { var url = ($(this).parents("tr"))[0].innerText.split(" ")[0]; if($(this).context.innerText === "Blacklist") + { add(url,"black"); + } else + { add(url,"audit"); + } }); $("#ad-frequency tbody").on( "click", "button", function () { var url = ($(this).parents("tr"))[0].innerText.split(" ")[0].split(" ")[0]; if($(this).context.innerText === "Whitelist") - add(url,"white"); + { + add(url,"white"); + } else + { add(url,"audit"); + } }); });