#!/usr/bin/perl -wT

use strict;
use warnings;

use lib "/home/simon/public_html/leaky.org";
use HTML::Entities;
use proxy;

my $blocked = 0;
if ($ENV{HTTP_USER_AGENT} && $ENV{HTTP_USER_AGENT} eq "Mozilla/5.0") {
    $blocked = 1;
}
if ($ENV{REMOTE_ADDR} eq "8.134.62.220") {
    $blocked = 1;
}

if ($blocked) {
    print "Status: 404 Not Found\n";
    print "Content-Type: text/html\n";
    print "\n";
    print "<title>404 Not Found</title>\n";
    print "<h1>404 Not Found</h1>\n";
    exit;
}

my $xforward = $ENV{HTTP_X_FORWARDED_FOR} || "";
my $remote = $ENV{REMOTE_ADDR} || "";

my $html_xforward = encode_entities($xforward);
my $html_remote = encode_entities($remote);

print <<EOF;
Content-type: text/html

<html>
<head><title>IP Address Tester</title>
</head>
<body>
<h1>IP ADDRESS TESTER</h1>

<script type="text/javascript"><!--
google_ad_client = "ca-pub-2355266279262436";
/* Leaky_IP_Tester */
google_ad_slot = "5593586700";
google_ad_width = 728;
google_ad_height = 90;
//-->
</script>
<script type="text/javascript"
src="//pagead2.googlesyndication.com/pagead/show_ads.js">
</script>

<p>If you suspect your ISP is doing something strange to your HTTP access like pushing it through a transparent proxy, you can check what should be direct access at <a href="https://www.leaky.org/ip_tester.pl">https://www.leaky.org/ip_tester.pl</a> instead.</p>

<h3>Checking</h3>
<p>Your X-Forwarded-For header is <b>$html_xforward</b><br/>
The connection IP shows up as <b>$html_remote</b></p>

EOF

my $status = "Unknown";

if (proxy::is_proxy_ip($remote)) {
	my $ip = proxy::strip_ip($xforward);
    my $html_ip = encode_entities($ip);
	print <<EOF;
<p>This IP is a known web-proxy and stripping off the web-proxy IPs reveal you're probably at <b>$html_ip</b></p>
EOF
	if (! $ip) {
		$status = "FAILED";
		warn "PROXY: WEIRD: $remote / $ip / $xforward\n";
		print "<p>Failed to reveal an actual IP behind what should have been a proxy. We'll just assume you're at $html_remote after all.</p>";
	} else {
		$status = "FOUND";
		warn "PROXY: FOUND: $remote / $ip / $xforward\n";
	}
} else {
	print <<EOF;
<p>That IP isn't a known web-proxy so we'll just assume this is your actual IP address.<br/>
If it is in fact the IP of a web-proxy (run by your ISP), let me know.</p>
EOF
	$status = "NONE";
	warn "PROXY: NONE: $remote /  / $xforward\n";
}

print <<EOF;
<p>Status from checking is one of Unknown, FOUND, NONE or FAILED. Yours is <b>$status</b></p>
<p>
<h3>Browser Headers</h3>
For your information, here are some other values relating to your web access.</p>
<table width="100%">
EOF

foreach my $k (keys %ENV) {
    next if ($ENV{$k} =~ m#/home/simon#);
	next if (grep { $k eq $_ } qw/PATH SERVER_SOFTWARE SERVER_ADMIN/);
	print "<tr><td>" . encode_entities($k) . "</td><td>". (encode_entities($ENV{$k}) || "&nbsp;") . "</td></tr>\n";
}
print <<EOF;
</table>
<p><h3>Status Meanings:</h3>
<dt><b>Unknown</b></dt>
<dd>You should never get this status!</dd>
<dt><b>FOUND</b></dt>
<dd>The connection IP is a known webproxy. Processing of X-Forwarded-For header succeeded in getting what is probably your real IP</dd>
<dt><b>NONE</b></dt>
<dd>Connection IP is not a known webproxy. Assuming that to be your actual IP.</dd>
<dt><b>FAILED</b></dt>
<dd>Connection IP is a known webproxy but either there was no X-Forwarded-For header or processing it failed in some way.</dd>
</p>
</body></html>
EOF