3 * how this might work..
5 * a) login - if it's a new IP not seen that day
6 * --> touch /tmp/run_pman_admin_iptables
8 * cron every minute... ?? << could do some kind of IPC?!?
10 * if file exists -> run this code.
12 * This code finds all the IP's used in the last 24 hours.
13 * and opens the firew all for them.
19 require_once 'Pman.php';
21 class Pman_Admin_Iptables extends Pman {
23 static $cli_desc = "Read ip addresses that have been used to log in, and add them to the iptables list..";
29 if (!$this->bootLoader->cli) {
35 // find IP's that have been used to log in.
36 // dump them to the iptables file.
37 // if it's different - apply it...
38 DB_DataObject::debugLevel(1);
39 // need to get a list of users who have Admin.Iptables rights..
40 /*$gr = DB_DataObject::factory('group_rights');
41 $grps = $gr->groupsWithRights('Admin.Iptables', 'S');
43 $gr = DB_DataObject::factory('groups');
44 $gr->get('name', 'Administrators');
47 $gm = DB_DataObject::factory('group_members');
48 $gm->whereAddIn('group_id', $grps, 'int');
50 $gm->selectAdd('distinct(user_id) as user_id');
51 $peps = $gm->fetchAll('user_id');
57 $p = DB_DataObject::Factory('Person');
59 $p->whereAdd("company_id_comptype = 'OWNER'");
60 $peps = $p->fetchAll('id');
63 $e = DB_DataObject::factory('Events');
66 $e->selectAdd('distinct(ipaddr) as ipaddr');
67 $e->person_table = DB_DataObject::factory('person')->tableName();
68 $e->whereAddIn('person_id', $peps, 'int');
69 switch( $e->getDatabaseConnection()->phptype) {
71 $e->whereAdd("event_when > NOW() - INTERVAL 1 DAY");
74 $e->whereAdd("event_when > NOW() - INTERVAL '1 DAY'");
77 $ips = $e->fetchAll('ipaddr');