aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFernando Lemos <fernandotcl@pfsense.org>2006-06-02 13:38:21 +0000
committerFernando Lemos <fernandotcl@pfsense.org>2006-06-02 13:38:21 +0000
commit341ff9436ee8b6eb2c89365d3b05a00408eb0eb3 (patch)
tree73e53337ad545c6ab0db3853811b782f448a69a2
parentf2d35e26a6f9ba2cbce67a1d3692fe4e881f4491 (diff)
downloadpfsense-packages-341ff9436ee8b6eb2c89365d3b05a00408eb0eb3.tar.gz
pfsense-packages-341ff9436ee8b6eb2c89365d3b05a00408eb0eb3.tar.bz2
pfsense-packages-341ff9436ee8b6eb2c89365d3b05a00408eb0eb3.zip
A custom version of Viralator, with some minor bug fixes and some customizations to fit our needs better. Can be improved, but it'll prolly be deprecated if HAVP for FreeBSD becomes stable enough and once it's integrated with the ClamAV package.
-rw-r--r--packages/viralator.inc86
-rw-r--r--packages/viralator.xml13
2 files changed, 99 insertions, 0 deletions
diff --git a/packages/viralator.inc b/packages/viralator.inc
new file mode 100644
index 00000000..dc4e6041
--- /dev/null
+++ b/packages/viralator.inc
@@ -0,0 +1,86 @@
+<?php
+require_once('config.inc');
+
+define('VIRALATOR_DOWNLOADDIR', '/usr/local/www/viralator');
+define('SQUIRM_CONF', '/usr/local/etc/squirm/squirm.conf');
+define('SQUIRM_PATTERNS', '/usr/local/etc/squirm/squirm.patterns');
+define('FORBIDDEN_EXTS', 'html htm css php pl js vbs jpg jpeg gif png');
+
+function viralator_install_command() {
+ if (!is_dir(VIRALATOR_DOWNLOADDIR)) mkdir(VIRALATOR_DOWNLOADDIR);
+
+ if (!is_file(SQUIRM_CONF)) {
+ $conf = <<<EOD
+begin
+network 0.0.0.0/0
+pattern squirm.patterns get
+end
+
+EOD;
+ file_put_contents(SQUIRM_CONF, $conf);
+ }
+
+ if (!is_dir(VIRALATOR_DOWNLOADDIR))
+ make_dirs(VIRALATOR_DOWNLOADDIR);
+}
+
+function viralator_validate_input($post, $input_errors) {
+ if (trim($post['http_otherexts'])) {
+ foreach (explode(',', $post['http_otherexts']) as $ext) {
+ $ext = trim($ext);
+ if (in_array($ext, explode(' ', FORBIDDEN_EXTS)))
+ $input_errors[] = "The HTTP virus scanner can't scan *.$ext files.";
+ else if (!preg_match('/\w+/', $ext))
+ $input_errors[] = "*.ext is not a valid file extension.";
+ }
+ }
+}
+
+function viralator_get_real_lan_ip() {
+ global $config;
+
+ $lan_if = $config['interfaces']['lan']['if'];
+ $line = trim(shell_exec("ifconfig $lan_if | grep inet | grep -v inet6"));
+ list($dummy, $ip) = explode(' ', $line);
+
+ return $ip;
+}
+
+function viralator_escape_dots($value) {
+ return preg_replace('/\./', '\\.', $value);
+}
+
+function viralator_resync() {
+ global $config;
+ $settings = $config['installedpackages']['clamav']['config'][0];
+
+ $exts = (empty($settings['http_exts']) ? array() : explode(',', $settings['http_exts']));
+
+ if (trim($settings['http_otherexts'])) {
+ foreach (explode(',', $settings['http_otherexts']) as $ext)
+ $exts[] = trim($ext);
+ }
+
+ $towrite = '';
+
+ // TODO: Escape any interface Squid listens on
+ $lan_ip = viralator_get_real_lan_ip();
+ if (is_ipaddr($lan_ip)) {
+ $escaped = viralator_escape_dots($lan_ip);
+ $towrite .= "abort regexi (^http://$escaped/.*)\n";
+ }
+
+ foreach (explode(' ', FORBIDDEN_EXTS) as $ext)
+ $towrite .= "abort .$ext\n";
+
+ foreach ($exts as $ext)
+ $towrite .= "regexi (^.*\\.$ext\$) http://$lan_ip/viralator.pl?url=\\1\n";
+
+ file_put_contents(SQUIRM_PATTERNS, $towrite);
+
+ if (is_package_installed('squid')) {
+ require_once('squid.inc');
+ squid_resync();
+ }
+}
+?>
diff --git a/packages/viralator.xml b/packages/viralator.xml
new file mode 100644
index 00000000..915e936b
--- /dev/null
+++ b/packages/viralator.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+ <include_file>viralator.inc</include_file>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/viralator.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/All/viralator.tgz</item>
+ </additional_files_needed>
+ <custom_php_install_command>
+ viralator_install_command();
+ </custom_php_install_command>
+</packagegui>