aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormarcelloc <marcellocoutinho@gmail.com>2012-01-27 14:24:51 -0200
committermarcelloc <marcellocoutinho@gmail.com>2012-01-27 14:24:51 -0200
commitcf08e91af27301092ea4ef4bd96762fcd82db58c (patch)
treec93f620a3779c6d9f47800e6a8e606de9ca05730
parentdf225741292cdf7067938de8bc2f018fc14f76a1 (diff)
downloadpfsense-packages-cf08e91af27301092ea4ef4bd96762fcd82db58c.tar.gz
pfsense-packages-cf08e91af27301092ea4ef4bd96762fcd82db58c.tar.bz2
pfsense-packages-cf08e91af27301092ea4ef4bd96762fcd82db58c.zip
Dansguardian - First release
-rwxr-xr-xconfig/dansguardian/dansguardian.conf.template715
-rwxr-xr-xconfig/dansguardian/dansguardian.inc1615
-rw-r--r--config/dansguardian/dansguardian.php114
-rw-r--r--config/dansguardian/dansguardian.xml125
-rwxr-xr-xconfig/dansguardian/dansguardian_about.php114
-rwxr-xr-xconfig/dansguardian/dansguardian_antivirus_acl.xml193
-rw-r--r--config/dansguardian/dansguardian_blacklist.xml156
-rw-r--r--config/dansguardian/dansguardian_config.xml134
-rwxr-xr-xconfig/dansguardian/dansguardian_content_acl.xml160
-rwxr-xr-xconfig/dansguardian/dansguardian_file_acl.xml200
-rwxr-xr-xconfig/dansguardian/dansguardian_filters.xml241
-rwxr-xr-xconfig/dansguardian/dansguardian_groups.xml (renamed from config/dansguardian/dansguardian_lists.xml)273
-rwxr-xr-xconfig/dansguardian/dansguardian_header_acl.xml180
-rw-r--r--config/dansguardian/dansguardian_limits.xml22
-rw-r--r--config/dansguardian/dansguardian_log.xml22
-rwxr-xr-xconfig/dansguardian/dansguardian_phrase_acl.xml223
-rw-r--r--config/dansguardian/dansguardian_pics_acl.xml157
-rwxr-xr-xconfig/dansguardian/dansguardian_search_acl.xml217
-rwxr-xr-xconfig/dansguardian/dansguardian_site_acl.xml253
-rwxr-xr-xconfig/dansguardian/dansguardian_sync.xml20
-rwxr-xr-xconfig/dansguardian/dansguardian_url_acl.xml293
-rw-r--r--config/dansguardian/dansguardian_users_footer.xml14
-rw-r--r--config/dansguardian/dansguardian_users_header.xml91
-rw-r--r--config/dansguardian/dansguardianfx.conf.template382
-rw-r--r--pkg_config.8.xml21
-rw-r--r--pkg_config.8.xml.amd6421
26 files changed, 4535 insertions, 1421 deletions
diff --git a/config/dansguardian/dansguardian.conf.template b/config/dansguardian/dansguardian.conf.template
new file mode 100755
index 00000000..7b3fcc4c
--- /dev/null
+++ b/config/dansguardian/dansguardian.conf.template
@@ -0,0 +1,715 @@
+<?php
+/*
+ dansguardian.inc
+ part of the Dansguardian package for pfSense
+ Copyright (C) 2012 Marcello Coutinho
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+*/
+
+#create dansguardian.conf
+ $dg=<<<EOF
+# DansGuardian config file for version 2.12.0.0
+
+# **NOTE** as of version 2.7.5 most of the list files are now in dansguardianf1.conf
+
+
+# Web Access Denied Reporting (does not affect logging)
+#
+# -1 = log, but do not block - Stealth mode
+# 0 = just say 'Access Denied'
+# 1 = report why but not what denied phrase
+# 2 = report fully
+# 3 = use HTML template file (accessdeniedaddress ignored) - recommended
+#
+reportinglevel = {$reportlevel}
+
+# Language dir where languages are stored for internationalisation.
+# The HTML template within this dir is only used when reportinglevel
+# is set to 3. When used, DansGuardian will display the HTML file instead of
+# using the perl cgi script. This option is faster, cleaner
+# and easier to customise the access denied page.
+# The language file is used no matter what setting however.
+#
+languagedir = '/usr/local/share/dansguardian/languages'
+
+# language to use from languagedir.
+language = '{$reportlanguage}'
+
+# Logging Settings
+#
+# 0 = none 1 = just denied 2 = all text based 3 = all requests
+loglevel = {$loglevel}
+
+# Log Exception Hits
+# Log if an exception (user, ip, URL, phrase) is matched and so
+# the page gets let through. Can be useful for diagnosing
+# why a site gets through the filter.
+# 0 = never log exceptions
+# 1 = log exceptions, but do not explicitly mark them as such
+# 2 = always log & mark exceptions (default)
+logexceptionhits = {$logexceptionhits}
+
+# Log File Format
+# 1 = DansGuardian format (space delimited)
+# 2 = CSV-style format
+# 3 = Squid Log File Format
+# 4 = Tab delimited
+logfileformat = {$logfileformat}
+
+# truncate large items in log lines
+# 0 = no truncating (default)
+#maxlogitemlength = 0
+
+# anonymize logs (blank out usernames & IPs)
+anonymizelogs = {$anonymizelogs}
+
+
+# Syslog logging
+#
+# Use syslog for access logging instead of logging to the file
+# at the defined or built-in "loglocation"
+#logsyslog = off
+
+# Log file location
+#
+# Defines the log directory and filename.
+loglocation = '/var/log/dansguardian/access.log'
+
+
+# Statistics log file location
+#
+# Defines the stat file directory and filename.
+# Only used in conjunction with maxips > 0
+# Once every 3 minutes, the current number of IPs in the cache, and the most
+# that have been in the cache since the daemon was started, are written to this
+# file. IPs persist in the cache for 7 days.
+statlocation = '/var/log/dansguardian/stats'
+
+
+# Network Settings
+#
+# the IP that DansGuardian listens on. If left blank DansGuardian will
+# listen on all IPs. That would include all NICs, loopback, modem, etc.
+# Normally you would have your firewall protecting this, but if you want
+# you can limit it to a certain IP. To bind to multiple interfaces,
+# specify each IP on an individual filterip line.
+# You can have the same IP twice so long as it has a different port.
+{$filterip}
+
+# the ports that DansGuardian listens to. Specify one line per filterip
+# line. You can specify different authentication mechanisms per port but
+# only if the mechanisms can co-exist (e.g. basic/proxy auth can't)
+#filterports = 8080
+#filterports = 8081
+{$filterports}
+
+# the ip of the proxy (default is the loopback - i.e. this server)
+proxyip = 127.0.0.1
+
+# the port DansGuardian connects to proxy on
+proxyport = 3128
+
+# Whether to retrieve the original destination IP in transparent proxy
+# setups and check it against the domain pulled from the HTTP headers.
+#
+# Be aware that when visiting sites which use a certain type of round-robin
+# DNS for load balancing, DG may mark requests as invalid unless DG gets
+# exactly the same answers to its DNS requests as clients. The chances of
+# this happening can be increased if all clients and servers on the same LAN
+# make use of a local, caching DNS server instead of using upstream DNS
+# directly.
+#
+# See http://www.kb.cert.org/vuls/id/435052
+# on (default) | off
+#!! Not compiled !! originalip = on
+
+# accessdeniedaddress is the address of your web server to which the cgi
+# dansguardian reporting script was copied. Only used in reporting levels 1 and 2.
+#
+# This webserver must be either:
+# 1. Non-proxied. Either a machine on the local network, or listed as an exception
+# in your browser's proxy configuration.
+# 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
+# only for users using both transparent proxying and a non-local server
+# to host this script.
+#
+# Individual filter groups can override this setting in their own configuration.
+#
+accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
+
+# Non standard delimiter (only used with accessdeniedaddress)
+# To help preserve the full banned URL, including parameters, the variables
+# passed into the access denied CGI are separated using non-standard
+# delimiters. This can be useful to ensure correct operation of the filter
+# bypass modes. Parameters are split using "::" in place of "&", and "==" in
+# place of "=".
+# Default is enabled, but to go back to the standard mode, disable it.
+nonstandarddelimiter = {$nonstandarddelimiter}
+
+
+
+# Banned image replacement
+# Images that are banned due to domain/url/etc reasons including those
+# in the adverts blacklists can be replaced by an image. This will,
+# for example, hide images from advert sites and remove broken image
+# icons from banned domains.
+# on (default) | off
+usecustombannedimage = {$usecustombannedimage}
+custombannedimagefile = '/usr/local/share/dansguardian/transparent1x1.gif'
+
+
+#Banned flash replacement
+usecustombannedflash = {$usecustombannedflash}
+custombannedflashfile = '/usr/local/share/dansguardian/blockedflash.swf'
+
+
+
+# Filter groups options
+# filtergroups sets the number of filter groups. A filter group is a set of content
+# filtering options you can apply to a group of users. The value must be 1 or more.
+# DansGuardian will automatically look for dansguardianfN.conf where N is the filter
+# group. To assign users to groups use the filtergroupslist option. All users default
+# to filter group 1. You must have some sort of authentication to be able to map users
+# to a group. The more filter groups the more copies of the lists will be in RAM so
+# use as few as possible.
+filtergroups = {$filtergroups}
+filtergroupslist = '/usr/local/etc/dansguardian/lists/filtergroupslist'
+
+
+
+# Authentication files location
+bannediplist = '/usr/local/etc/dansguardian/lists/bannediplist'
+exceptioniplist = '/usr/local/etc/dansguardian/lists/exceptioniplist'
+
+# Per-Room blocking definition directory
+# A directory containing text files containing the room's name followed by IPs or ranges
+# Think of it as bannediplist on crack
+perroomblockingdirectory = '/usr/local/etc/dansguardian/lists/bannedrooms/'
+
+# Show weighted phrases found
+# If enabled then the phrases found that made up the total which excedes
+# the naughtyness limit will be logged and, if the reporting level is
+# high enough, reported. on | off
+showweightedfound = {$showweightedfound}
+
+# Weighted phrase mode
+# There are 3 possible modes of operation:
+# 0 = off = do not use the weighted phrase feature.
+# 1 = on, normal = normal weighted phrase operation.
+# 2 = on, singular = each weighted phrase found only counts once on a page.
+#
+# IMPORTANT: Note that setting this to "0" turns off all features which
+# extract phrases from page content, including banned & exception
+# phrases (not just weighted), search term filtering, and scanning for
+# links to banned URLs.
+#
+weightedphrasemode = {$weightedphrasemode}
+
+
+
+# Positive (clean) result caching for URLs
+# Caches good pages so they don't need to be scanned again.
+# It also works with AV plugins.
+# 0 = off (recommended for ISPs with users with disimilar browsing)
+# 1000 = recommended for most users
+# 5000 = suggested max upper limit
+# If you're using an AV plugin then use at least 5000.
+urlcachenumber = {$urlcachenumber}
+#
+# Age before they are stale and should be ignored in seconds
+# 0 = never
+# 900 = recommended = 15 mins
+urlcacheage ={$urlcacheage}
+
+
+
+# Cache for content (AV) scan results as 'clean'
+# By default, to save CPU, files scanned and found to be
+# clean are inserted into the clean cache and NOT scanned
+# again for a while. If you don't like this then choose
+# to disable it.
+# on = cache results; do not re-scan
+# off = do not cache; always re-scan
+# (on|off) default = on.
+scancleancache = {$scancleancache}
+
+
+
+# Smart, Raw and Meta/Title phrase content filtering options
+# Smart is where the multiple spaces and HTML are removed before phrase filtering
+# Raw is where the raw HTML including meta tags are phrase filtered
+# Meta/Title is where only meta and title tags are phrase filtered (v. quick)
+# CPU usage can be effectively halved by using setting 0 or 1 compared to 2
+# 0 = raw only
+# 1 = smart only
+# 2 = both of the above (default)
+# 3 = meta/title
+phrasefiltermode = {$phrasefiltermode}
+
+# Lower casing options
+# When a document is scanned the uppercase letters are converted to lower case
+# in order to compare them with the phrases. However this can break Big5 and
+# other 16-bit texts. If needed preserve the case. As of version 2.7.0 accented
+# characters are supported.
+# 0 = force lower case (default)
+# 1 = do not change case
+# 2 = scan first in lower case, then in original case
+preservecase = {$preservecase}
+
+# Note:
+# If phrasefiltermode and preserve case are both 2, this equates to 4 phrase
+# filtering passes. If you have a large enough userbase for this to be a
+# worry, and need to filter pages in exotic character encodings, it may be
+# better to run two instances on separate servers: one with preservecase 1
+# (and possibly forcequicksearch 1) and non ASCII/UTF-8 phrase lists, and one
+# with preservecase 0 and ASCII/UTF-8 lists.
+
+
+
+# Hex decoding options
+# When a document is scanned it can optionally convert %XX to chars.
+# If you find documents are getting past the phrase filtering due to encoding
+# then enable. However this can break Big5 and other 16-bit texts.
+# off = disabled (default)
+# on = enabled
+hexdecodecontent = {$hexdecodecontent}
+
+
+
+# Force Quick Search rather than DFA search algorithm
+# The current DFA implementation is not totally 16-bit character compatible
+# but is used by default as it handles large phrase lists much faster.
+# If you wish to use a large number of 16-bit character phrases then
+# enable this option.
+# off (default) | on (Big5 compatible)
+forcequicksearch = {$forcequicksearch}
+
+
+
+# Reverse lookups for banned site and URLs.
+# If set to on, DansGuardian will look up the forward DNS for an IP URL
+# address and search for both in the banned site and URL lists. This would
+# prevent a user from simply entering the IP for a banned address.
+# It will reduce searching speed somewhat so unless you have a local caching
+# DNS server, leave it off and use the Blanket IP Block option in the
+# bannedsitelist file instead.
+reverseaddresslookups = {$reverseaddresslookups}
+
+
+
+# Reverse lookups for banned and exception IP lists.
+# If set to on, DansGuardian will look up the forward DNS for the IP
+# of the connecting computer. This means you can put in hostnames in
+# the exceptioniplist and bannediplist.
+# If a client computer is matched against an IP given in the lists, then the
+# IP will be recorded in any log entries; if forward DNS is successful and a
+# match occurs against a hostname, the hostname will be logged instead.
+# It will reduce searching speed somewhat so unless you have a local DNS server,
+# leave it off.
+reverseclientiplookups = {$reverseclientiplookups}
+
+
+# Perform reverse lookups on client IPs for successful requests.
+# If set to on, DansGuardian will look up the forward DNS for the IP
+# of the connecting computer, and log host names (where available) rather than
+# IPs against requests.
+# This is not dependent on reverseclientiplookups being enabled; however, if it
+# is, enabling this option does not incur any additional forward DNS requests.
+logclienthostnames = {$logclienthostnames}
+
+
+# Build bannedsitelist and bannedurllist cache files.
+# This will compare the date stamp of the list file with the date stamp of
+# the cache file and will recreate as needed.
+# If a .processed file exists for an item (e.g. domain/URL) list, then that
+# will be used instead, if it is up to date (i.e. newer than the unprocessed
+# list file).
+# This can increase process start speed on slow computers.
+# Fast computers do not need this option.
+# on | off, default = on
+createlistcachefiles = {$createlistcachefiles}
+
+
+# Prefer cached list files
+# If enabled, DansGuardian will always prefer to load ".processed" versions of
+# list files, regardless of their time stamps relative to the original
+# unprocessed lists. This is not generally useful unless you have a specific
+# list update process which results in - for example - up-to-date, pre-sorted
+# ".processed" list files with dummy unprocessed files.
+# on | off, default = off
+prefercachedlists = {$prefercachedlists}
+
+
+
+# POST protection (web upload and forms)
+# does not block forms without any file upload, i.e. this is just for
+# blocking or limiting uploads
+# measured in kibibytes after MIME encoding and header bumph
+# use 0 for a complete block
+# use higher (e.g. 512 = 512Kbytes) for limiting
+# use -1 for no blocking
+#maxuploadsize = 512
+#maxuploadsize = 0
+maxuploadsize = {$maxuploadsize}
+
+
+
+# Max content filter size
+# Sometimes web servers label binary files as text which can be very
+# large which causes a huge drain on memory and cpu resources.
+# To counter this, you can limit the size of the document to be
+# filtered and get it to just pass it straight through.
+# This setting also applies to content regular expression modification.
+# The value must not be higher than maxcontentramcachescansize
+# The size is in Kibibytes - eg 2048 = 2Mb
+# use 0 to set it to maxcontentramcachescansize
+maxcontentfiltersize = {$maxcontentfiltersize}
+
+
+
+# Max content ram cache scan size
+# This is only used if you use a content scanner plugin such as AV
+# This is the max size of file that DG will download and cache
+# in RAM. After this limit is reached it will cache to disk
+# This value must be less than or equal to maxcontentfilecachescansize.
+# The size is in Kibibytes - eg 10240 = 10Mb
+# use 0 to set it to maxcontentfilecachescansize
+# This option may be ignored by the configured download manager.
+maxcontentramcachescansize = {$maxcontentramcachescansize}
+
+
+
+# Max content file cache scan size
+# This is only used if you use a content scanner plugin such as AV
+# This is the max size file that DG will download
+# so that it can be scanned or virus checked.
+# This value must be greater or equal to maxcontentramcachescansize.
+# The size is in Kibibytes - eg 10240 = 10Mb
+maxcontentfilecachescansize = {$maxcontentfilecachescansize}
+
+
+
+# File cache dir
+# Where DG will download files to be scanned if too large for the
+# RAM cache.
+filecachedir = '/tmp'
+
+
+
+# Delete file cache after user completes download
+# When a file gets save to temp it stays there until it is deleted.
+# You can choose to have the file deleted when the user makes a sucessful
+# download. This will mean if they click on the link to download from
+# the temp store a second time it will give a 404 error.
+# You should configure something to delete old files in temp to stop it filling up.
+# on|off (defaults to on)
+deletedownloadedtempfiles = {$deletedownloadedtempfiles}
+
+
+
+# Initial Trickle delay
+# This is the number of seconds a browser connection is left waiting
+# before first being sent *something* to keep it alive. The
+# *something* depends on the download manager chosen.
+# Do not choose a value too low or normal web pages will be affected.
+# A value between 20 and 110 would be sensible
+# This may be ignored by the configured download manager.
+initialtrickledelay = {$initialtrickledelay}
+
+
+
+# Trickle delay
+# This is the number of seconds a browser connection is left waiting
+# before being sent more *something* to keep it alive. The
+# *something* depends on the download manager chosen.
+# This may be ignored by the configured download manager.
+trickledelay = {$trickledelay}
+
+
+
+# Download Managers
+# These handle downloads of files to be filtered and scanned.
+# They differ in the method they deal with large downloads.
+# Files usually need to be downloaded 100% before they can be
+# filtered and scanned before being sent on to the browser.
+# Normally the browser can just wait, but with content scanning,
+# for example to AV, the browser may timeout or the user may get
+# confused so the download manager has to do some sort of
+# 'keep alive'.
+#
+# There are various methods possible but not all are included.
+# The author does not have the time to write them all so I have
+# included a plugin systam. Also, not all methods work with all
+# browsers and clients. Specifically some fancy methods don't
+# work with software that downloads updates. To solve this,
+# each plugin can support a regular expression for matching
+# the client's user-agent string, and lists of the mime types
+# and extensions it should manage.
+#
+# Note that these are the matching methods provided by the base plugin
+# code, and individual plugins may override or add to them.
+# See the individual plugin conf files for supported options.
+#
+# The plugins are matched in the order you specify and the last
+# one is forced to match as the default, regardless of user agent
+# and other matching mechanisms.
+#
+downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/fancy.conf'
+##!! Not compiled !! downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/trickle.conf'
+downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/default.conf'
+
+
+
+# Content Scanners (Also known as AV scanners)
+# These are plugins that scan the content of all files your browser fetches
+# for example to AV scan. The options are limitless. Eventually all of
+# DansGuardian will be plugin based. You can have more than one content
+# scanner. The plugins are run in the order you specify.
+# This is one of the few places you can have multiple options of the same name.
+#
+# Some of the scanner(s) require 3rd party software and libraries eg clamav.
+# See the individual plugin conf file for more options (if any).
+#
+{$contentscanners}
+
+
+# Content scanner timeout
+# Some of the content scanners support using a timeout value to stop
+# processing (eg AV scanning) the file if it takes too long.
+# If supported this will be used.
+# The default of 60 seconds is probably reasonable.
+contentscannertimeout = {$contentscannertimeout}
+
+
+
+# Content scan exceptions
+# If 'on' exception sites, urls, users etc will be scanned
+# This is probably not desirable behavour as exceptions are
+# supposed to be trusted and will increase load.
+# Correct use of grey lists are a better idea.
+# (on|off) default = off
+contentscanexceptions = {$contentscanexceptions}
+
+
+
+# Auth plugins
+# These replace the usernameidmethod* options in previous versions. They
+# handle the extraction of client usernames from various sources, such as
+# Proxy-Authorisation headers and ident servers, enabling requests to be
+# handled according to the settings of the user's filter group.
+# Multiple plugins can be specified, and will be used per port in the order
+# filterports are listed.
+#
+# If you do not use multiple filter groups, you need not specify this option.
+#
+#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-basic.conf'
+#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-digest.conf'
+#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-ntlm.conf'
+#authplugin = '/usr/local/etc/dansguardian/authplugins/ident.conf'
+#authplugin = '/usr/local/etc/dansguardian/authplugins/ip.conf'
+{$authplugin}
+
+
+# Re-check replaced URLs
+# As a matter of course, URLs undergo regular expression search/replace (urlregexplist)
+# *after* checking the exception site/URL/regexpURL lists, but *before* checking against
+# the banned site/URL lists, allowing certain requests that would be matched against the
+# latter in their original state to effectively be converted into grey requests.
+# With this option enabled, the exception site/URL/regexpURL lists are also re-checked
+# after replacement, making it possible for URL replacement to trigger exceptions based
+# on them.
+# Defaults to off.
+recheckreplacedurls = {$recheckreplacedurls}
+
+
+
+# Misc settings
+
+# if on it adds an X-Forwarded-For: <clientip> to the HTTP request
+# header. This may help solve some problem sites that need to know the
+# source ip. on | off
+forwardedfor = {$forwardedfor}
+
+
+# if on it uses the X-Forwarded-For: <clientip> to determine the client
+# IP. This is for when you have squid between the clients and DansGuardian.
+# Warning - headers are easily spoofed. on | off
+usexforwardedfor = {$usexforwardedfor}
+
+
+# if on it logs some debug info regarding fork()ing and accept()ing which
+# can usually be ignored. These are logged by syslog. It is safe to leave
+# it on or off
+logconnectionhandlingerrors = {$logconnectionhandlingerrors}
+
+
+
+# Fork pool options
+
+# If on, this causes DG to write to the log file whenever child processes are
+# created or destroyed (other than by crashes). This information can help in
+# understanding and tuning the following parameters, but is not generally
+# useful in production.
+logchildprocesshandling = {$logchildprocesshandling}
+
+# sets the maximum number of processes to spawn to handle the incoming
+# connections. Max value usually 250 depending on OS.
+# On large sites you might want to try 180.
+maxchildren = {$maxchildren}
+
+
+# sets the minimum number of processes to spawn to handle the incoming connections.
+# On large sites you might want to try 32.
+minchildren = {$minchildren}
+
+
+# sets the minimum number of processes to be kept ready to handle connections.
+# On large sites you might want to try 8.
+minsparechildren = {$minsparechildren}
+
+
+# sets the minimum number of processes to spawn when it runs out
+# On large sites you might want to try 10.
+preforkchildren = {$preforkchildren}
+
+
+# sets the maximum number of processes to have doing nothing.
+# When this many are spare it will cull some of them.
+# On large sites you might want to try 64.
+maxsparechildren = {$maxsparechildren}
+
+
+# sets the maximum age of a child process before it croaks it.
+# This is the number of connections they handle before exiting.
+# On large sites you might want to try 10000.
+maxagechildren = {$maxagechildren}
+
+
+# Sets the maximum number client IP addresses allowed to connect at once.
+# Use this to set a hard limit on the number of users allowed to concurrently
+# browse the web. Set to 0 for no limit, and to disable the IP cache process.
+maxips = {$maxips}
+
+
+
+# Process options
+# (Change these only if you really know what you are doing).
+# These options allow you to run multiple instances of DansGuardian on a single machine.
+# Remember to edit the log file path above also if that is your intention.
+
+# IPC filename
+#
+# Defines IPC server directory and filename used to communicate with the log process.
+ipcfilename = '/tmp/.dguardianipc'
+
+# URL list IPC filename
+#
+# Defines URL list IPC server directory and filename used to communicate with the URL
+# cache process.
+urlipcfilename = '/tmp/.dguardianurlipc'
+
+# IP list IPC filename
+#
+# Defines IP list IPC server directory and filename, for communicating with the client
+# IP cache process.
+ipipcfilename = '/tmp/.dguardianipipc'
+
+# PID filename
+#
+# Defines process id directory and filename.
+#pidfilename = '/var/run/dansguardian.pid'
+
+# Disable daemoning
+# If enabled the process will not fork into the background.
+# It is not usually advantageous to do this.
+# on|off (defaults to off)
+nodaemon = {$nodaemon}
+
+# Disable logging process
+# on|off (defaults to off)
+nologger = {$nologger}
+
+# Enable logging of "ADs" category blocks
+# on|off (defaults to off)
+logadblocks = {$logadblocks}
+
+# Enable logging of client User-Agent
+# Some browsers will cause a *lot* of extra information on each line!
+# on|off (defaults to off)
+loguseragent = {$loguseragent}
+
+# Daemon runas user and group
+# This is the user that DansGuardian runs as. Normally the user/group nobody.
+# Uncomment to use. Defaults to the user set at compile time.
+# Temp files created during virus scanning are given owner and group read
+# permissions; to use content scanners based on external processes, such as
+# clamdscan, the two processes must run with either the same group or user ID.
+daemonuser = '{$daemonuser}'
+daemongroup = '{$daemongroup}'
+
+# Soft restart
+# When on this disables the forced killing off all processes in the process group.
+# This is not to be confused with the -g run time option - they are not related.
+# on|off (defaults to off)
+softrestart = {$softrestart}
+
+# Mail program
+# Path (sendmail-compatible) email program, with options.
+# Not used if usesmtp is disabled (filtergroup specific).
+#!! Not compiled !!mailer = '/usr/sbin/sendmail -t'
+
+#SSL certificate checking path
+#Path to CA certificates used to validate the certificates of https sites.
+#sslcertificatepath = '/etc/ssl/certs/'
+
+#SSL man in the middle
+#CA certificate path
+#Path to the CA certificate to use as a signing certificate for
+#generated certificates.
+#cacertificatepath = '/home/stephen/dginstall/ca.pem'
+{$ca_pem}
+
+#CA private key path
+#path to the private key that matches the public key in the CA certificate.
+#caprivatekeypath = '/home/stephen/dginstall/ca.key'
+{$ca_pk}
+
+#Cert private key path
+#The public / private key pair used by all generated certificates
+#certprivatekeypath = '/home/stephen/dginstall/cert.key'
+{$cert_key}
+
+#Generated cert path
+#The location where generated certificates will be saved for future use.
+#(must be writable by the dg user)
+#generatedcertpath = '/home/stephen/dginstall/generatedcerts/'
+
+#Generated link path = ''
+#The location where symlinks to certificates will be created.
+#(must be writable by the dg user)
+#generatedlinkpath = '/home/stephen/dginstall/generatedlinks/'
+
+EOF;
+?>
diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc
index bbee18a3..343c38b9 100755
--- a/config/dansguardian/dansguardian.inc
+++ b/config/dansguardian/dansguardian.inc
@@ -37,6 +37,15 @@ function dg_text_area_decode($text){
return preg_replace('/\r\n/', "\n",base64_decode($text));
}
+function dg_get_real_interface_address($iface) {
+ global $config;
+ $iface = convert_friendly_interface_to_real_interface_name($iface);
+ $line = trim(shell_exec("ifconfig $iface | grep inet | grep -v inet6"));
+ $postfix_enabled=$config['installedpackages']['postfix']['config'][0]['enable_postfix'];
+ list($dummy, $ip, $dummy2, $netmask) = explode(" ", $line);
+ return array($ip, long2ip(hexdec($netmask)));
+}
+
function sync_package_dansguardian() {
global $config;
@@ -49,53 +58,58 @@ function sync_package_dansguardian() {
$dansguardian_limits=$config['installedpackages']['dansguardianlimits']['config'][0];
if (is_array($config['installedpackages']['dansguardianlog']))
$dansguardian_log=$config['installedpackages']['dansguardianlog']['config'][0];
-
+ if (is_array($config['installedpackages']['dansguardianusers']))
+ $dansguardian_users=$config['installedpackages']['dansguardianusers']['config'][0];
+ if (is_array($config['installedpackages']['dansguardianblacklist']['config']))
+ $dansguardian_blacklist=$config['installedpackages']['dansguardianblacklist']['config'][0];
+
#daemon options
$dansguardian_enabled=$dansguardian['enable_dg'];
- $filterports=($dansguardian['filterports']?$dansguardian['filterports']:"8080");
+ $filterport=($dansguardian['filterports']?$dansguardian['filterports']:"8080");
$softrestart=(preg_match('/softrestart/',$dansguardian['daemon_options'])?"yes":"no");
- $nodaemon=(preg_match('/nodaemon/',$dansguardian['daemon_options'])?"yes":"no");
- if ($dansguardian['children'])
- list($min_children,$max_children) = split ("/", $dansguardian['children'], 2);
+ $nodaemon=(preg_match('/nodaemon/',$dansguardian['daemon_options'])?"yes":"off");
+ if (preg_match("/\d+\/\d+/",$dansguardian['children']))
+ list($minchildren,$maxchildren) = split ("/", $dansguardian['children'], 2);
else
- list($min_children,$max_children) = split ("/", "8/120", 2);
- if ($dansguardian['sparechildren'])
- list($min_spare_children,$max_spare_children) = split ("/", $dansguardian['sparechildren'], 2);
+ list($minchildren,$maxchildren) = split ("/", "8/120", 2);
+ if (preg_match("/\d+\/\d+/",$dansguardian['sparechildren']))
+ list($minsparechildren,$maxsparechildren) = split ("/", $dansguardian['sparechildren'], 2);
else
- list($min_spare_children,$max_spare_children) = split ("/", "8/64", 2);
+ list($minsparechildren,$maxsparechildren) = split ("/", "8/64", 2);
$maxagechildren=($dansguardian['maxagechildren']?$dansguardian['maxagechildren']:"500");
$maxips=($dansguardian['maxips']?$dansguardian['maxips']:"0");
-
+ $preforkchildren=($dansguardian['preforkchildren']?$dansguardian['preforkchildren']:"10");
#general options
$urlcachenumber=($dansguardian_config['urlcachenumber']?$dansguardian_config['urlcachenumber']:"1000");
$urlcacheage=($dansguardian_config['urlcacheage']?$dansguardian_config['urlcacheage']:"900");
- $scancleancache=(preg_match('/scancleancache/',$dansguardian_config['scan_options'])?"yes":"no");
- $hexdecodecontent=(preg_match('/hexdecodecontent/',$dansguardian_config['scan_options'])?"yes":"no");
- $forcequicksearch=(preg_match('/forcequicksearch/',$dansguardian_config['scan_options'])?"yes":"no");
- $reverseaddresslookups=(preg_match('/reverseaddresslookups/',$dansguardian_config['scan_options'])?"yes":"no");
- $reverseclientiplookups=(preg_match('/reverseclientiplookups/',$dansguardian_config['scan_options'])?"yes":"no");
- $logclienthostnames=(preg_match('/logclienthostnames/',$dansguardian_config['scan_options'])?"yes":"no");
- $createlistcachefiles=(preg_match('/createlistcachefiles/',$dansguardian_config['scan_options'])?"yes":"no");
- $prefercachedlists=(preg_match('/prefercachedlists/',$dansguardian_config['scan_options'])?"yes":"no");
- $deletedownloadedtempfiles=(preg_match('/deletedownloadedtempfiles/',$dansguardian_config['scan_options'])?"yes":"no");
+ $scancleancache=(preg_match('/scancleancache/',$dansguardian_config['scan_options'])?"on":"off");
+ $hexdecodecontent=(preg_match('/hexdecodecontent/',$dansguardian_config['scan_options'])?"on":"off");
+ $forcequicksearch=(preg_match('/forcequicksearch/',$dansguardian_config['scan_options'])?"on":"off");
+ $reverseaddresslookups=(preg_match('/reverseaddresslookups/',$dansguardian_config['scan_options'])?"on":"off");
+ $reverseclientiplookups=(preg_match('/reverseclientiplookups/',$dansguardian_config['scan_options'])?"on":"off");
+ $logclienthostnames=(preg_match('/logclienthostnames/',$dansguardian_config['scan_options'])?"on":"off");
+ $createlistcachefiles=(preg_match('/createlistcachefiles/',$dansguardian_config['scan_options'])?"on":"off");
+ $prefercachedlists=(preg_match('/prefercachedlists/',$dansguardian_config['scan_options'])?"on":"off");
+ $deletedownloadedtempfiles=(preg_match('/deletedownloadedtempfiles/',$dansguardian_config['scan_options'])?"on":"off");
$weightedphrasemode=($dansguardian_config['weightedphrasemode']?$dansguardian_config['weightedphrasemode']:"2");
$phrasefiltermode=($dansguardian_config['phrasefiltermode']?$dansguardian_config['phrasefiltermode']:"2");
$preservecase=($dansguardian_config['preservecase']?$dansguardian_config['preservecase']:"0");
- $clamdscan=(preg_match('/clamdscan/',$dansguardian_config['content_scanners'])?"yes":"no");
- $icapscan=(preg_match('/icapscan/',$dansguardian_config['content_scanners'])?"yes":"no");
+ $clamdscan=(preg_match('/clamdscan/',$dansguardian_config['content_scanners'])?"on":"off");
+ $icapscan=(preg_match('/icapscan/',$dansguardian_config['content_scanners'])?"on":"off");
$contentscannertimeout=($dansguardian_config['contentscannertimeout']?$dansguardian_config['contentscannertimeout']:"60");
$contentscanexceptions=($dansguardian_config['contentscanexceptions']?"on":"off");
- $recheckreplacedurls=(preg_match('/recheckreplacedurls/',$dansguardian_config['misc_options'])?"yes":"no");
- $forwardedfor=(preg_match('/forwardedfor/',$dansguardian_config['misc_options'])?"yes":"no");
- $recheckreplacedurls=(preg_match('/icapscan/',$dansguardian_config['misc_options'])?"yes":"no");
- $usexforwardedfor=(preg_match('/usexforwardedfor/',$dansguardian_config['misc_options'])?"yes":"no");
+ $recheckreplacedurls=(preg_match('/recheckreplacedurls/',$dansguardian_config['misc_options'])?"on":"off");
+ $forwardedfor=(preg_match('/forwardedfor/',$dansguardian_config['misc_options'])?"on":"off");
+ $recheckreplacedurls=(preg_match('/icapscan/',$dansguardian_config['misc_options'])?"on":"off");
+ $usexforwardedfor=(preg_match('/usexforwardedfor/',$dansguardian_config['misc_options'])?"on":"off");
+ $authplugin=(preg_match('/usr/',$dansguardian_config['auth_plugin'])?"authplugin = '".$dansguardian_config['auth_plugin']."'":"");
#limits
$maxuploadsize=($dansguardian_limits['maxuploadsize']?$dansguardian_limits['maxuploadsize']:"-1");
$maxcontentfiltersize=($dansguardian_limits['maxcontentfiltersize']?$dansguardian_limits['maxcontentfiltersize']:"256");
- $maxcontentramcachescansize=($dansguardian_limits['maxcontentramcachescansize']?$dansguardian_limits['maxcontentramcachescansize']:"2000");
- $maxcontentfilecachescansize=($dansguardian_limits['maxcontentfilecachescansize']?$dansguardian_limits['maxcontentfilecachescansize']:"1000");
+ $maxcontentramcachescansize=($dansguardian_limits['maxcontentramcachescansize']?$dansguardian_limits['maxcontentramcachescansize']:"1000");
+ $maxcontentfilecachescansize=($dansguardian_limits['maxcontentfilecachescansize']?$dansguardian_limits['maxcontentfilecachescansize']:"2000");
$initialtrickledelay=($dansguardian_limits['initialtrickledelay']?$dansguardian_limits['initialtrickledelay']:"20");
$trickledelay=($dansguardian_limits['trickledelay']?$dansguardian_limits['trickledelay']:"20");
@@ -117,993 +131,625 @@ function sync_package_dansguardian() {
$logexceptionhits=($dansguardian_log['logexceptionhits']?$dansguardian_log['logexceptionhits']:"2");
$logfileformat=($dansguardian_log['logfileformat']?$dansguardian_log['logfileformat']:"1");
- /*
-Language Strings = %report-dir%/languages.conf
-*/
#check files
- $load_samples=0;
+ #create sample files
+ $files = array( "/dansguardianf1.conf",
+ "/lists/filtergroupslist",
+ "/lists/bannedphraselist",
+ "/lists/exceptionphraselist",
+ "/lists/weightedphraselist",
+ "/lists/exceptionsitelist",
+ "/lists/bannedsitelist",
+ "/lists/greysitelist",
+ "/lists/logsitelist",
+ "/lists/bannedregexpurllist",
+ "/lists/bannedurllist",
+ "/lists/exceptionregexpurllist",
+ "/lists/exceptionurllist",
+ "/lists/greyurllist",
+ "/lists/logregexpurllist",
+ "/lists/logurllist",
+ "/lists/urlregexplist",
+ "/lists/exceptionfilesitelist",
+ "/lists/exceptionfileurllist",
+ "/lists/searchengineregexplist",
+ "/lists/bannedsearchtermlist",
+ "/lists/weightedsearchtermlist",
+ "/lists/exceptionsearchtermlist",
+ "/lists/contentregexplist",
+ "/lists/exceptionextensionlist",
+ "/lists/bannedextensionlist",
+ "/lists/exceptionmimetypelist",
+ "/lists/bannedmimetypelist",
+ "/lists/headerregexplist",
+ "/lists/bannedregexpheaderlist",
+ "/lists/contentscanners/exceptionvirusextensionlist",
+ "/lists/contentscanners/exceptionvirusmimetypelist",
+ "/lists/contentscanners/exceptionvirussitelist",
+ "/lists/contentscanners/exceptionvirusurllist",
+ "/lists/pics");
+
+
$dansguardian_dir="/usr/local/etc/dansguardian";
+ foreach ($files as $file)
+ if (! file_exists($dansguardian_dir.$file.'.sample')){
+ $new_file="";
+ $install_file=file($dansguardian_dir.$file);
+ foreach ($install_file as $line)
+ if (! preg_match("/Include/",$line))
+ $new_file.= $line;
+ file_put_contents($dansguardian_dir.$file.'.sample',$new_file,LOCK_EX);
+ }
+
+ $load_samples=0;
- if($attachments['filename_rules'] == ""){
- $config['installedpackages']['msattachments']['config'][0]['filename_rules']=base64_encode(file_get_contents($dansguardian_dir.'/archives.filename.rules.conf.sample'));
- $load_samples++;
- }
- if($attachments['filetype_rules'] == ""){
- $config['installedpackages']['msattachments']['config'][0]['filetype_rules']=base64_encode(file_get_contents($dansguardian_dir.'/archives.filetype.rules.conf.sample'));
- $load_samples++;
- }
- if($content['phishing_safe'] == ""){
- $config['installedpackages']['mscontent']['config'][0]['phishing_safe']=base64_encode(file_get_contents($dansguardian_dir.'/phishing.safe.sites.conf.sample'));
- $load_samples++;
+ #contentscanners preg_replace patterns
+ $match[0]="/(conf)/";
+ $match[1]="/(\/usr.local)/";
+ $match[2]="/,/";
+ $replace[0]="$1'";
+ $replace[1]="contentscanner = '$1";
+ $replace[2]="\n";
+
+ $contentscanners=preg_replace($match,$replace,$dansguardian_config['content_scanners']);
+
+ #includes preg_replace patterns
+ $match[0]="/(.)$/";
+ $match[1]="/\/usr.local/";
+ $match[2]="/,/";
+ $replace[0]="$1>\n";
+ $replace[1]="\n.Include</usr/local";
+ $replace[2]=">";
+
+ #phrase ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardianphraseacl']['config'])){
+ $banned_file=file("/usr/local/etc/dansguardian/lists/bannedphraselist");
+ foreach($banned_file as $file_line)
+ if (preg_match ("/^.Include<(\S+)>/",$file_line,$matches))
+ $banned_includes .= $matches[1].",";
+
+ $weighted_file=file("/usr/local/etc/dansguardian/lists/weightedphraselist");
+ foreach($weighted_file as $file_line)
+ if (preg_match ("/^.Include<(\S+)>/",$file_line,$matches))
+ $weighted_includes .= $matches[1].",";
+ $config['installedpackages']['dansguardianphraseacl']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default Phrase access list setup',
+ 'banned_enabled'=> "on",
+ 'weighted_enabled'=> "on",
+ 'exception_enabled'=> "on",
+ 'banned_includes' => substr($banned_includes,0,-1),
+ 'weighted_includes' => substr($weighted_includes,0,-1));
}
- if($content['phishing_bad'] == ""){
- $config['installedpackages']['mscontent']['config'][0]['phishing_bad']=base64_encode(file_get_contents($dansguardian_dir.'/phishing.bad.sites.conf.sample'));
- $load_samples++;
+ #loop on array
+ $count=0;
+ if (is_array($config['installedpackages']['dansguardianphraseacl']['config']))
+ foreach($config['installedpackages']['dansguardianphraseacl']['config'] as $dansguardian_phrase){
+ #bannedphraselist
+ if($dansguardian_phrase['banned_phraselist'] == "" && file_exists ($dansguardian_dir.'/lists/bannedphraselist.sample')){
+ $config['installedpackages']['dansguardianphraseacl']['config'][$count]['banned_phraselist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/bannedphraselist.sample'));
+ $load_samples++;
+ }
+ $includes=preg_replace($match,$replace,$dansguardian_phrase['banned_includes']);
+ file_put_contents($dansguardian_dir."/lists/bannedphraselist.".$dansguardian_phrase['name'],($dansguardian_phrase['banned_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianphraseacl']['config'][$count]['banned_phraselist']).$includes:""),LOCK_EX);
+
+ #weightedphraselist
+ if($dansguardian_phrase['weighted_phraselist'] == "" && file_exists ($dansguardian_dir.'/lists/weightedphraselist.sample')){
+ $config['installedpackages']['dansguardianphraseacl']['config'][$count]['weighted_phraselist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/weightedphraselist.sample'));
+ $load_samples++;
+ }
+ $includes=preg_replace($match,$replace,$dansguardian_phrase['weighted_includes']);
+ file_put_contents($dansguardian_dir."/lists/weightedphraselist.".$dansguardian_phrase['name'],($dansguardian_phrase['weighted_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianphraseacl']['config'][$count]['weighted_phraselist']).$includes:""),LOCK_EX);
+
+ #exceptionphraselist
+ if($dansguardian_phrase['exception_phraselist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionphraselist.sample')){
+ $config['installedpackages']['dansguardianphraseacl']['config'][$count]['exception_phraselist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionphraselist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/exceptionphraselist.".$dansguardian_phrase['name'],($dansguardian_phrase['exception_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianphraseacl']['config'][$count]['exception_phraselist']):""),LOCK_EX);
+ $count++;
+ }
+
+ #site ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardiansiteacl']['config']))
+ $config['installedpackages']['dansguardiansiteacl']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default Site access list setup',
+ 'exceptionsite_enabled'=> "on",
+ 'bannedsite_enabled'=> "on",
+ 'greysite_enabled'=> "on",
+ 'urlsite_enabled'=> "on");
+ #loop on array
+ $count=0;
+ foreach($config['installedpackages']['dansguardiansiteacl']['config'] as $dansguardian_site){
+ #exceptionsitelist
+ if($dansguardian_site['exception_sitelist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionsitelist.sample')){
+ $config['installedpackages']['dansguardiansiteacl']['config'][$count]['exception_sitelist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionsitelist.sample'));
+ $load_samples++;
+ }
+ $includes=preg_replace($match,$replace,$dansguardian_site['exception_includes']);
+ file_put_contents($dansguardian_dir."/lists/exceptionsitelist.".$dansguardian_site['name'],($dansguardian_site['exceptionsite_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansiteacl']['config'][$count]['exception_sitelist']).$includes:""),LOCK_EX);
+
+ #exceptionfilesitelist
+ if($dansguardian_site['exceptionfile_sitelist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionfilesitelist.sample')){
+ $config['installedpackages']['dansguardiansiteacl']['config'][$count]['exceptionfile_sitelist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionfilesitelist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/exceptionfilesitelist.".$dansguardian_site['name'],($dansguardian_site['exceptionsite_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansiteacl']['config'][$count]['exceptionfile_sitelist']):""),LOCK_EX);
+
+ #bannedsitelist
+ if($dansguardian_site['banned_sitelist'] == "" && file_exists ($dansguardian_dir.'/lists/bannedsitelist.sample')){
+ $config['installedpackages']['dansguardiansiteacl']['config'][$count]['banned_sitelist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/bannedsitelist.sample'));
+ $load_samples++;
+ }
+ $includes=preg_replace($match,$replace,$dansguardian_site['banned_includes']);
+ file_put_contents($dansguardian_dir."/lists/bannedsitelist.".$dansguardian_site['name'],($dansguardian_site['bannedsite_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansiteacl']['config'][$count]['banned_sitelist']).$includes:""),LOCK_EX);
+
+ #greysitelist
+ if($dansguardian_site['grey_sitelist'] == "" && file_exists ($dansguardian_dir.'/lists/greysitelist.sample')){
+ $config['installedpackages']['dansguardiansiteacl']['config'][$count]['grey_sitelist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/greysitelist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/greysitelist.".$dansguardian_site['name'],($dansguardian_site['greysite_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansiteacl']['config'][$count]['grey_sitelist']):""),LOCK_EX);
+
+ #logsitelist
+ if($dansguardian_site['log_sitelist'] == "" && file_exists ($dansguardian_dir.'/lists/logsitelist.sample')){
+ $config['installedpackages']['dansguardiansiteacl']['config'][$count]['log_sitelist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/logsitelist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/logsitelist.".$dansguardian_site['name'],($dansguardian_site['urlsite_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansiteacl']['config'][$count]['log_sitelist']):""),LOCK_EX);
+ $count++;
}
- if($content['country_domains'] == ""){
- $config['installedpackages']['mscontent']['config'][0]['country_domains']=base64_encode(file_get_contents($dansguardian_dir.'/country.domains.conf.sample'));
- $load_samples++;
- }
- if($antispam['sa_pref_file'] == ""){
- $config['installedpackages']['msantispam']['config'][0]['sa_pref_file']=base64_encode(file_get_contents($dansguardian_dir.'/spam.assassin.prefs.conf.sample'));
- $load_samples++;
- }
- if($antispam['rbl_file'] == ""){
- $config['installedpackages']['msantispam']['config'][0]['rbl_file']=base64_encode(file_get_contents($dansguardian_dir.'/spam.lists.conf.sample'));
- $load_samples++;
- }
- if($antispam['mcp_pref_file'] == ""){
- $config['installedpackages']['msantispam']['config'][0]['mcp_pref_file']=base64_encode(file_get_contents($dansguardian_dir.'/mcp/mcp.spam.assassin.prefs.conf.sample'));
- copy($dansguardian_dir.'/mcp/10_example.cf.sample',$dansguardian_dir.'/mcp/10_example.cf');
- copy($dansguardian_dir.'/mcp/v320.pre.sample',$dansguardian_dir.'/mcp/v320.pre');
- $load_samples++;
- }
- if($antispam['bounce'] == ""){
- $config['installedpackages']['msantispam']['config'][0]['bounce']=base64_encode(file_get_contents($dansguardian_dir.'/rules/bounce.rules.sample'));
- $load_samples++;
- }
- if($antispam['spam_whitelist'] == ""){
- $config['installedpackages']['msantispam']['config'][0]['spam_whitelist']=base64_encode(file_get_contents($dansguardian_dir.'/rules/spam.whitelist.rules.sample'));
- $load_samples++;
- }
- if($antispam['max_message_size'] == ""){
- $config['installedpackages']['msantispam']['config'][0]['max_message_size']=base64_encode(file_get_contents($dansguardian_dir.'/rules/max.message.size.rules.sample'));
- $load_samples++;
- }
-
- $report_dir="/usr/local/share/dansguardian/reports/".strtolower($report['language']);
- #CHECK REPORT FILES
- $report_files= array('deletedbadcontent' => 'deleted.content.message.txt',
- 'deletedbadfilename' => 'deleted.filename.message.txt',
- 'deletedvirus' =>'deleted.virus.message.txt',
- 'deletedsize' => 'deleted.size.message.txt',
- 'storedbadcontent' => 'stored.content.message.txt',
- 'storedbadfilename' => 'stored.filename.message.txt',
- 'storedvirus' => 'stored.virus.message.txt',
- 'storedsize' => 'stored.size.message.txt',
- 'disinfected' => 'disinfected.report.txt',
- 'sendercontent' => 'sender.content.report.txt',
- 'sendererror' => 'sender.error.report.txt',
- 'senderbadfilename' => 'sender.filename.report.txt',
- 'sendervirus' => 'sender.virus.report.txt',
- 'sendersize' => 'sender.size.report.txt',
- 'senderrbl' => 'sender.spam.rbl.report.txt',
- 'sendersa' => 'sender.spam.sa.report.txt',
- 'sendermcp' => 'sender.mcp.report.txt',
- 'senderspam'=>'sender.spam.report.txt',
- 'recipientmcp'=>'recipient.mcp.report.txt',
- 'recipientspam'=>'recipient.spam.report.txt',
- 'rejection' =>'rejection.report.txt');
- foreach ($report_files as $key_r => $file_r){
- if ($report[$key_r] == ""){
- #$input_errors[]= $key;
- $config['installedpackages']['msreport']['config'][0][$key_r]=base64_encode(file_get_contents($report_dir.'/'.$file_r.'.sample'));
- file_put_contents($report_dir.'/'.$file_r,dg_text_area_decode($config['installedpackages']['msreport']['config'][0][$key_r]),LOCK_EX);
+ #URL ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardianurlacl']['config']))
+ $config['installedpackages']['dansguardianurlacl']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default Url access list setup',
+ 'bannedurl_enabled'=> "on",
+ 'exceptionurl_enabled'=> "on",
+ 'contenturl_enabled'=> "on",
+ 'greyurl_enabled'=> "on");
+ #loop on array
+ $count=0;
+ foreach($config['installedpackages']['dansguardianurlacl']['config'] as $dansguardian_url){
+ #bannedurllist
+ if($dansguardian_url['banned_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/bannedurllist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['banned_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/bannedurllist.sample'));
$load_samples++;
- }
- #print $key_r ."X $file_r X". base64_encode(file_get_contents($report_dir.'/'.$file_r.'.sample')) ."<br>";
+ }
+ $includes=preg_replace($match,$replace,$dansguardian_url['banned_includes']);
+ file_put_contents($dansguardian_dir."/lists/bannedurllist.".$dansguardian_url['name'],($dansguardian_url['bannedurl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['banned_urllist']).$includes:""),LOCK_EX);
+
+ #bannedregexpurllist
+ if($dansguardian_url['bannedregexp_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/bannedregexpurllist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['bannedregexp_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/bannedregexpurllist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/bannedregexpurllist.".$dansguardian_url['name'],($dansguardian_url['bannedurl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['bannedregexp_urllist']).$includes:""),LOCK_EX);
+
+ #greyurllist
+ if($dansguardian_url['grey_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/greyurllist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['grey_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/greyurllist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/greyurllist.".$dansguardian_url['name'],($dansguardian_url['greyurl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['grey_urllist']):""),LOCK_EX);
+
+ #exceptionfileurllist
+ if($dansguardian_url['exception_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionfileurllist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['exception_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionfileurllist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/exceptionfileurllist.".$dansguardian_url['name'],($dansguardian_url['exceptionurl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['exception_urllist']):""),LOCK_EX);
- if ($alert['sig']){
- if($alert['sig_html'] == ""){
- $config['installedpackages']['msalerts']['config'][0]['sig_html']=base64_encode(file_get_contents($report_dir.'/inline.sig.html'));
+ #exceptionregexpurllist
+ if($dansguardian_url['exceptionregexp_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionregexpurllist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['exceptionregexp_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionregexpurllist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/exceptionregexpurllist.".$dansguardian_url['name'],($dansguardian_url['exceptionurl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['exceptionregexp_urllist']):""),LOCK_EX);
+
+ #exceptionurllist
+ if($dansguardian_url['exception_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionurllist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['exception_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionurllist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/exceptionurllist.".$dansguardian_url['name'],($dansguardian_url['exceptionurl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['exception_urllist']):""),LOCK_EX);
+
+ #urlregexplist
+ if($dansguardian_url['modify_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/urlregexplist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['modify_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/urlregexplist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/urlregexplist.".$dansguardian_url['name'],($dansguardian_url['contenturl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['modify_urllist']):""),LOCK_EX);
+
+ #logurllist
+ if($dansguardian_url['log_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/logurllist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['log_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/logurllist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/logurllist.".$dansguardian_url['name'],($dansguardian_url['logurl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['log_urllist']):""),LOCK_EX);
+
+ #logregexpurllist
+ if($dansguardian_url['logregexp_urllist'] == "" && file_exists ($dansguardian_dir.'/lists/logregexpurllist.sample')){
+ $config['installedpackages']['dansguardianurlacl']['config'][$count]['logregexp_urllist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/logregexpurllist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/logregexpurllist.".$dansguardian_url['name'],($dansguardian_url['logurl_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianurlacl']['config'][$count]['logregexp_urllist']):""),LOCK_EX);
+ $count++;
+ }
+
+ #Pics ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardianpicsacl']['config']))
+ $config['installedpackages']['dansguardianpicsacl']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default file access list setup');
+ #loop on array
+ $count=0;
+ foreach($config['installedpackages']['dansguardianpicsacl']['config'] as $dansguardian_pics){
+ #pics
+ if($dansguardian_pics['pics'] == "" && file_exists ($dansguardian_dir.'/lists/pics.sample')){
+ $config['installedpackages']['dansguardianpicsacl']['config'][$count]['pics']=base64_encode(file_get_contents($dansguardian_dir.'/lists/pics.sample'));
$load_samples++;
- }
- if($alert['sig_txt'] == ""){
- $config['installedpackages']['msalerts']['config'][0]['sig_txt']=base64_encode(file_get_contents($report_dir.'/inline.sig.txt'));
+ }
+ file_put_contents($dansguardian_dir."/lists/pics.".$dansguardian_pics['name'],($dansguardian_pics['pics_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianpicsacl']['config'][$count]['pics']):""),LOCK_EX);
+ $count++;
+ }
+
+ #Search ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardiansearchacl']['config']))
+ $config['installedpackages']['dansguardiansearchacl']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default search engine list setup');
+ #loop on array
+ $count=0;
+ foreach($config['installedpackages']['dansguardiansearchacl']['config'] as $dansguardian_search){
+ #searchengineregexplist
+ if($dansguardian_search['searchengineregexplist'] == "" && file_exists ($dansguardian_dir.'/lists/searchengineregexplist.sample')){
+ $config['installedpackages']['dansguardiansearchacl']['config'][$count]['searchengineregexplist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/searchengineregexplist.sample'));
$load_samples++;
- }
}
+ file_put_contents($dansguardian_dir."/lists/searchengineregexplist.".$dansguardian_search['name'],($dansguardian_search['regexp_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansearchacl']['config'][$count]['searchengineregexplist']):""),LOCK_EX);
- if ($alert['warning']){
- if($alert['warning_html'] == ""){
- $config['installedpackages']['msalerts']['config'][0]['warning_html']=base64_encode(file_get_contents($report_dir.'/inline.warning.html'));
+ #bannedsearchtermlist
+ if($dansguardian_search['banned_searchtermlist'] == "" && file_exists ($dansguardian_dir.'/lists/bannedsearchtermlist.sample')){
+ $config['installedpackages']['dansguardiansearchacl']['config'][$count]['banned_searchtermlist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/bannedsearchtermlist.sample'));
$load_samples++;
- }
- if($alert['warning_txt'] == ""){
- $config['installedpackages']['msalerts']['config'][0]['warning_txt']=base64_encode(file_get_contents($report_dir.'/inline.warning.txt'));
+ }
+ file_put_contents($dansguardian_dir."/lists/bannedsearchtermlist.".$dansguardian_search['name'],($dansguardian_search['banned_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansearchacl']['config'][$count]['banned_searchtermlist']):""),LOCK_EX);
+
+ #weightedsearchtermlist
+ if($dansguardian_search['weighted_searchtermlist'] == "" && file_exists ($dansguardian_dir.'/lists/weightedsearchtermlist.sample')){
+ $config['installedpackages']['dansguardiansearchacl']['config'][$count]['weighted_searchtermlist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/weightedsearchtermlist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/weightedsearchtermlist.".$dansguardian_search['name'],($dansguardian_search['weighted_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansearchacl']['config'][$count]['weighted_searchtermlist']):""),LOCK_EX);
+
+ #exceptionsearchtermlist
+ if($dansguardian_search['exception_searchtermlist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionsearchtermlist.sample')){
+ $config['installedpackages']['dansguardiansearchacl']['config'][$count]['exception_searchtermlist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionsearchtermlist.sample'));
$load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/exceptionsearchtermlist.".$dansguardian_search['name'],($dansguardian_search['exception_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiansearchacl']['config'][$count]['exception_searchtermlist']):""),LOCK_EX);
+ $count++;
+ }
+
+ #File ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardianfileacl']['config']))
+ $config['installedpackages']['dansguardianfileacl']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default file access list setup',
+ 'exception_enabled'=> "on",
+ 'banned_enabled'=> "on");
+ #loop on array
+ $count=0;
+ foreach($config['installedpackages']['dansguardianfileacl']['config'] as $dansguardian_file){
+ #exceptionextensionlist
+ if($dansguardian_file['exception_extensionlist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionextensionlist.sample')){
+ $config['installedpackages']['dansguardianfileacl']['config'][$count]['exception_extensionlist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionextensionlist.sample'));
+ $load_samples++;
}
+ file_put_contents($dansguardian_dir."/lists/exceptionextensionlist.".$dansguardian_file['name'],($dansguardian_file['exception_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianfileacl']['config'][$count]['exception_extensionlist']):""),LOCK_EX);
+
+ #exceptionmimetypelist
+ if($dansguardian_file['exception_mimetypelist'] == "" && file_exists ($dansguardian_dir.'/lists/exceptionmimetypelist.sample')){
+ $config['installedpackages']['dansguardianfileacl']['config'][$count]['exception_mimetypelist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/exceptionmimetypelist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/exceptionmimetypelist.".$dansguardian_file['name'],($dansguardian_file['exception_enabled']?dg_text_area_decode($config['installedpackages']['exception_mimetypelist']):""),LOCK_EX);
+
+ #bannedextensionlist
+ if($dansguardian_file['banned_extensionlist'] == "" && file_exists ($dansguardian_dir.'/lists/bannedextensionlist.sample')){
+ $config['installedpackages']['dansguardianfileacl']['config'][$count]['banned_extensionlist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/bannedextensionlist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/bannedextensionlist.".$dansguardian_file['name'],($dansguardian_file['banned_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianfileacl']['config'][$count]['banned_extensionlist']):""),LOCK_EX);
+
+ #bannedmimetypelist
+ if($dansguardian_file['banned_mimetypelist'] == "" && file_exists ($dansguardian_dir.'/lists/bannedmimetypelist.sample')){
+ $config['installedpackages']['dansguardianfileacl']['config'][$count]['banned_mimetypelist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/bannedmimetypelist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/bannedmimetypelist.".$dansguardian_file['name'],($dansguardian_file['banned_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianfileacl']['config'][$count]['banned_mimetypelist']):""),LOCK_EX);
+ $count++;
+ }
+
+ #header ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardianheaderacl']['config']))
+ $config['installedpackages']['dansguardianheaderacl']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default header access list setup');
+ #loop on array
+ $count=0;
+ foreach($config['installedpackages']['dansguardianheaderacl']['config'] as $dansguardian_header){
+ #headerregexplist
+ if($dansguardian_header['header_regexplist'] == "" && file_exists ($dansguardian_dir.'/lists/headerregexplist.sample')){
+ $config['installedpackages']['dansguardianheaderacl']['config'][$count]['header_regexplist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/headerregexplist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/headerregexplist.".$dansguardian_header['name'],($dansguardian_header['regexp_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianheaderacl']['config'][$count]['header_regexplist']):""),LOCK_EX);
+
+ #bannedregexpheaderlist
+ if($dansguardian_header['banned_regexpheaderlist'] == "" && file_exists ($dansguardian_dir.'/lists/bannedregexpheaderlist.sample')){
+ $config['installedpackages']['dansguardianheaderacl']['config'][$count]['banned_regexpheaderlist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/bannedregexpheaderlist.sample'));
+ $load_samples++;
}
+ file_put_contents($dansguardian_dir."/lists/bannedregexpheaderlist.".$dansguardian_header['name'],($dansguardian_header['banned_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianheaderacl']['config'][$count]['banned_regexpheaderlist']):""),LOCK_EX);
+ $count++;
+ }
+
+ #Content ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardiancontentacl']['config']))
+ $config['installedpackages']['dansguardiancontentacl']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default content setup');
+ #loop on array
+ $count=0;
+ foreach($config['installedpackages']['dansguardiancontentacl']['config'] as $dansguardian_content){
+ #content_regexplist
+ if($dansguardian_content['content_regexplist'] == "" && file_exists ($dansguardian_dir.'/lists/contentregexplist.sample')){
+ $config['installedpackages']['dansguardiancontentacl']['config'][$count]['content_regexplist']=base64_encode(file_get_contents($dansguardian_dir.'/lists/contentregexplist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/contentregexplist.".$dansguardian_content['name'],($dansguardian_content['content_enabled']?dg_text_area_decode($config['installedpackages']['dansguardiancontentacl']['config'][$count]['content_regexplist']):""),LOCK_EX);
+ $count++;
+ }
+
+ #Antivirus ACL
+ #create a default setup if not exists
+ if (!is_array($config['installedpackages']['dansguardianantivirusacl']['config']))
+ $config['installedpackages']['dansguardianantivirusacl']['config'][0]=array();
+
+ #exceptionvirusmimetypelist
+ if($dansguardian_antivirus['mime_list'] == "" && file_exists ($dansguardian_dir.'/lists/contentscanners/exceptionvirusmimetypelist.sample')){
+ $config['installedpackages']['dansguardianantivirusacl']['config'][0]['mime_list']=base64_encode(file_get_contents($dansguardian_dir.'/lists/contentscanners/exceptionvirusmimetypelist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/contentscanners/exceptionvirusmimetypelist",($dansguardian_antivirus['mime_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianantivirusacl']['config'][0]['mime_list']):""),LOCK_EX);
+ #exceptionvirussitelist
+ if($dansguardian_antivirus['site_list'] == "" && file_exists ($dansguardian_dir.'/lists/contentscanners/exceptionvirussitelist.sample')){
+ $config['installedpackages']['dansguardianantivirusacl']['config'][0]['site_list']=base64_encode(file_get_contents($dansguardian_dir.'/lists/contentscanners/exceptionvirussitelist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/contentscanners/exceptionvirussitelist",($dansguardian_antivirus['site_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianantivirusacl']['config'][0]['site_list']):""),LOCK_EX);
+
+ #exceptionvirusurllist
+ if($dansguardian_antivirus['url_list'] == "" && file_exists ($dansguardian_dir.'/lists/contentscanners/exceptionvirusurllist.sample')){
+ $config['installedpackages']['dansguardianantivirusacl']['config'][0]['url_list']=base64_encode(file_get_contents($dansguardian_dir.'/lists/contentscanners/exceptionvirusurllist.sample'));
+ $load_samples++;
}
- #exit;
+ file_put_contents($dansguardian_dir."/lists/contentscanners/exceptionvirusurllist",($dansguardian_antivirus['url_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianantivirusacl']['config'][0]['url_list']):""),LOCK_EX);
+
+ #exceptionvirusextensionlist
+ if($dansguardian_antivirus['extension_list'] == "" && file_exists ($dansguardian_dir.'/lists/contentscanners/exceptionvirusextensionlist.sample')){
+ $config['installedpackages']['dansguardianantivirusacl']['config'][0]['extension_list']=base64_encode(file_get_contents($dansguardian_dir.'/lists/contentscanners/exceptionvirusextensionlist.sample'));
+ $load_samples++;
+ }
+ file_put_contents($dansguardian_dir."/lists/contentscanners/exceptionvirusextensionlist",($dansguardian_antivirus['extension_enabled']?dg_text_area_decode($config['installedpackages']['dansguardianantivirusacl']['config'][0]['extension_list']):""),LOCK_EX);
+
if($load_samples > 0)
write_config();
+ #Filtergroups
+ if (!is_array($config['installedpackages']['dansguardiangroups']['config']))
+ $config['installedpackages']['dansguardiangroups']['config'][0]=array('name'=>'Default',
+ 'description'=>'Default dansguardian filtergroup',
+ 'picsacl'=> "Default",
+ 'phraseacl'=> "Default",
+ 'siteacl'=> "Default",
+ 'extensionacl'=> "Default",
+ 'headeracl'=> "Default",
+ 'contentacl'=> "Default",
+ 'searchacl'=> "Default",
+ 'urlacl'=> "Default",
+ 'group_options' => "scancleancache,infectionbypasserrorsonly",
+ 'reportinglevel'=>'3',
+ 'mode'=> "1");
+
+ $groups=array("scancleancache","hexdecodecontent","blockdownloads","enablepics","deepurlanalysis","infectionbypasserrorsonly","disablecontentscan","sslcertcheck","sslmitm");
+ #loop on array
+ $count=1;
+ $user_xml="";
+ $filtergroupslist="";
+ foreach($config['installedpackages']['dansguardiangroups']['config'] as $dansguardian_groups){
+ $dansguardian_group_name=strtolower($dansguardian_groups['name']);
+ $dgfg[$count]=$dansguardian_group_name;
+ $dansguardian_groups['blockdownloads']=($dansguardian_groups['blockdownloads']?$dansguardian_groups['blockdownloads']:"off");
+ $dansguardian_groups['weightedphrasemode']=(preg_match("/\d/",$dansguardian_groups['weightedphrasemode'])?$dansguardian_groups['weightedphrasemode']:$dansguardian_config['weightedphrasemode']);
+ $dansguardian_groups['naughtynesslimit']=($dansguardian_groups['naughtynesslimit']?$dansguardian_groups['naughtynesslimit']:"50");
+ $dansguardian_groups['searchtermlimit']=($dansguardian_groups['searchtermlimit']?$dansguardian_groups['searchtermlimit']:"30");
+ $dansguardian_groups['categorydisplaythreshold']=($dansguardian_groups['categorydisplaythreshold']?$dansguardian_groups['categorydisplaythreshold']:"0");
+ $dansguardian_groups['embeddedurlweight']=($dansguardian_groups['embeddedurlweight']?$dansguardian_groups['embeddedurlweight']:"0");
+ $dansguardian_groups['bypass']=($dansguardian_groups['bypass']?$dansguardian_groups['bypass']:"0");
+ $dansguardian_groups['infectionbypass']=($dansguardian_groups['infectionbypass']?$dansguardian_groups['infectionbypass']:"0");
+ foreach ($groups as $group)
+ $dansguardian_groups[$group]=(preg_match("/$group/",$dansguardian_groups['group_options'])?"on":"off");
+ include("/usr/local/pkg/dansguardianfx.conf.template");
+ file_put_contents($dansguardian_dir."/dansguardianf".$count.".conf", $dgf, LOCK_EX);
-#create dansguardian.conf
- $dg=<<<EOF
-# DansGuardian config file for version 2.12.0.0
-
-# **NOTE** as of version 2.7.5 most of the list files are now in dansguardianf1.conf
-
-
-# Web Access Denied Reporting (does not affect logging)
-#
-# -1 = log, but do not block - Stealth mode
-# 0 = just say 'Access Denied'
-# 1 = report why but not what denied phrase
-# 2 = report fully
-# 3 = use HTML template file (accessdeniedaddress ignored) - recommended
-#
-reportinglevel = {$reportlevel}
-
-# Language dir where languages are stored for internationalisation.
-# The HTML template within this dir is only used when reportinglevel
-# is set to 3. When used, DansGuardian will display the HTML file instead of
-# using the perl cgi script. This option is faster, cleaner
-# and easier to customise the access denied page.
-# The language file is used no matter what setting however.
-#
-languagedir = '/usr/local/share/dansguardian/languages'
-
-# language to use from languagedir.
-language = '{$reportlanguage}'
-
-# Logging Settings
-#
-# 0 = none 1 = just denied 2 = all text based 3 = all requests
-loglevel = {$loglevel}
-
-# Log Exception Hits
-# Log if an exception (user, ip, URL, phrase) is matched and so
-# the page gets let through. Can be useful for diagnosing
-# why a site gets through the filter.
-# 0 = never log exceptions
-# 1 = log exceptions, but do not explicitly mark them as such
-# 2 = always log & mark exceptions (default)
-logexceptionhits = {$logexceptionhits}
-
-# Log File Format
-# 1 = DansGuardian format (space delimited)
-# 2 = CSV-style format
-# 3 = Squid Log File Format
-# 4 = Tab delimited
-logfileformat = {$logfileformat}
-
-# truncate large items in log lines
-# 0 = no truncating (default)
-#maxlogitemlength = 0
-
-# anonymize logs (blank out usernames & IPs)
-anonymizelogs = {$anonymizelogs}
-
-
-# Syslog logging
-#
-# Use syslog for access logging instead of logging to the file
-# at the defined or built-in "loglocation"
-#logsyslog = off
-
-# Log file location
-#
-# Defines the log directory and filename.
-#loglocation = '/var/log/access.log'
-
-
-# Statistics log file location
-#
-# Defines the stat file directory and filename.
-# Only used in conjunction with maxips > 0
-# Once every 3 minutes, the current number of IPs in the cache, and the most
-# that have been in the cache since the daemon was started, are written to this
-# file. IPs persist in the cache for 7 days.
-#statlocation = '/var/log/stats'
-
-
-# Network Settings
-#
-# the IP that DansGuardian listens on. If left blank DansGuardian will
-# listen on all IPs. That would include all NICs, loopback, modem, etc.
-# Normally you would have your firewall protecting this, but if you want
-# you can limit it to a certain IP. To bind to multiple interfaces,
-# specify each IP on an individual filterip line.
-# You can have the same IP twice so long as it has a different port.
-filterip = {$filterip}
-
-# the ports that DansGuardian listens to. Specify one line per filterip
-# line. You can specify different authentication mechanisms per port but
-# only if the mechanisms can co-exist (e.g. basic/proxy auth can't)
-filterports = 8080
-#filterports = 8081
-{$filterports}
-
-# the ip of the proxy (default is the loopback - i.e. this server)
-proxyip = 127.0.0.1
-
-# the port DansGuardian connects to proxy on
-proxyport = 3128
-
-# Whether to retrieve the original destination IP in transparent proxy
-# setups and check it against the domain pulled from the HTTP headers.
-#
-# Be aware that when visiting sites which use a certain type of round-robin
-# DNS for load balancing, DG may mark requests as invalid unless DG gets
-# exactly the same answers to its DNS requests as clients. The chances of
-# this happening can be increased if all clients and servers on the same LAN
-# make use of a local, caching DNS server instead of using upstream DNS
-# directly.
-#
-# See http://www.kb.cert.org/vuls/id/435052
-# on (default) | off
-#!! Not compiled !! originalip = on
-
-# accessdeniedaddress is the address of your web server to which the cgi
-# dansguardian reporting script was copied. Only used in reporting levels 1 and 2.
-#
-# This webserver must be either:
-# 1. Non-proxied. Either a machine on the local network, or listed as an exception
-# in your browser's proxy configuration.
-# 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
-# only for users using both transparent proxying and a non-local server
-# to host this script.
-#
-# Individual filter groups can override this setting in their own configuration.
-#
-accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
-
-# Non standard delimiter (only used with accessdeniedaddress)
-# To help preserve the full banned URL, including parameters, the variables
-# passed into the access denied CGI are separated using non-standard
-# delimiters. This can be useful to ensure correct operation of the filter
-# bypass modes. Parameters are split using "::" in place of "&", and "==" in
-# place of "=".
-# Default is enabled, but to go back to the standard mode, disable it.
-nonstandarddelimiter = {$nonstandarddelimiter}
-
-
-
-# Banned image replacement
-# Images that are banned due to domain/url/etc reasons including those
-# in the adverts blacklists can be replaced by an image. This will,
-# for example, hide images from advert sites and remove broken image
-# icons from banned domains.
-# on (default) | off
-usecustombannedimage = {$usecustombannedimage}
-custombannedimagefile = '/usr/local/share/dansguardian/transparent1x1.gif'
-
-
-#Banned flash replacement
-usecustombannedflash = {$usecustombannedflash}
-custombannedflashfile = '/usr/local/share/dansguardian/blockedflash.swf'
-
-
-
-# Filter groups options
-# filtergroups sets the number of filter groups. A filter group is a set of content
-# filtering options you can apply to a group of users. The value must be 1 or more.
-# DansGuardian will automatically look for dansguardianfN.conf where N is the filter
-# group. To assign users to groups use the filtergroupslist option. All users default
-# to filter group 1. You must have some sort of authentication to be able to map users
-# to a group. The more filter groups the more copies of the lists will be in RAM so
-# use as few as possible.
-filtergroups = 1
-filtergroupslist = '/usr/local/etc/dansguardian/lists/filtergroupslist'
-
-
-
-# Authentication files location
-bannediplist = '/usr/local/etc/dansguardian/lists/bannediplist'
-exceptioniplist = '/usr/local/etc/dansguardian/lists/exceptioniplist'
-
-# Per-Room blocking definition directory
-# A directory containing text files containing the room's name followed by IPs or ranges
-# Think of it as bannediplist on crack
-perroomblockingdirectory = '/usr/local/etc/dansguardian/lists/bannedrooms/'
-
-# Show weighted phrases found
-# If enabled then the phrases found that made up the total which excedes
-# the naughtyness limit will be logged and, if the reporting level is
-# high enough, reported. on | off
-showweightedfound = {$showweightedfound}
-
-# Weighted phrase mode
-# There are 3 possible modes of operation:
-# 0 = off = do not use the weighted phrase feature.
-# 1 = on, normal = normal weighted phrase operation.
-# 2 = on, singular = each weighted phrase found only counts once on a page.
-#
-# IMPORTANT: Note that setting this to "0" turns off all features which
-# extract phrases from page content, including banned & exception
-# phrases (not just weighted), search term filtering, and scanning for
-# links to banned URLs.
-#
-weightedphrasemode = {$weightedphrasemode}
-
-
-
-# Positive (clean) result caching for URLs
-# Caches good pages so they don't need to be scanned again.
-# It also works with AV plugins.
-# 0 = off (recommended for ISPs with users with disimilar browsing)
-# 1000 = recommended for most users
-# 5000 = suggested max upper limit
-# If you're using an AV plugin then use at least 5000.
-urlcachenumber = {$urlcachenumber}
-#
-# Age before they are stale and should be ignored in seconds
-# 0 = never
-# 900 = recommended = 15 mins
-urlcacheage ={$urlcacheage}
-
-
-
-# Cache for content (AV) scan results as 'clean'
-# By default, to save CPU, files scanned and found to be
-# clean are inserted into the clean cache and NOT scanned
-# again for a while. If you don't like this then choose
-# to disable it.
-# on = cache results; do not re-scan
-# off = do not cache; always re-scan
-# (on|off) default = on.
-scancleancache = {$scancleancache}
-
-
-
-# Smart, Raw and Meta/Title phrase content filtering options
-# Smart is where the multiple spaces and HTML are removed before phrase filtering
-# Raw is where the raw HTML including meta tags are phrase filtered
-# Meta/Title is where only meta and title tags are phrase filtered (v. quick)
-# CPU usage can be effectively halved by using setting 0 or 1 compared to 2
-# 0 = raw only
-# 1 = smart only
-# 2 = both of the above (default)
-# 3 = meta/title
-phrasefiltermode = {$phrasefiltermode}
-
-# Lower casing options
-# When a document is scanned the uppercase letters are converted to lower case
-# in order to compare them with the phrases. However this can break Big5 and
-# other 16-bit texts. If needed preserve the case. As of version 2.7.0 accented
-# characters are supported.
-# 0 = force lower case (default)
-# 1 = do not change case
-# 2 = scan first in lower case, then in original case
-preservecase = {$preservecase}
-
-# Note:
-# If phrasefiltermode and preserve case are both 2, this equates to 4 phrase
-# filtering passes. If you have a large enough userbase for this to be a
-# worry, and need to filter pages in exotic character encodings, it may be
-# better to run two instances on separate servers: one with preservecase 1
-# (and possibly forcequicksearch 1) and non ASCII/UTF-8 phrase lists, and one
-# with preservecase 0 and ASCII/UTF-8 lists.
-
-
-
-# Hex decoding options
-# When a document is scanned it can optionally convert %XX to chars.
-# If you find documents are getting past the phrase filtering due to encoding
-# then enable. However this can break Big5 and other 16-bit texts.
-# off = disabled (default)
-# on = enabled
-hexdecodecontent = {$hexdecodecontent}
-
-
-
-# Force Quick Search rather than DFA search algorithm
-# The current DFA implementation is not totally 16-bit character compatible
-# but is used by default as it handles large phrase lists much faster.
-# If you wish to use a large number of 16-bit character phrases then
-# enable this option.
-# off (default) | on (Big5 compatible)
-forcequicksearch = {$forcequicksearch}
-
-
-
-# Reverse lookups for banned site and URLs.
-# If set to on, DansGuardian will look up the forward DNS for an IP URL
-# address and search for both in the banned site and URL lists. This would
-# prevent a user from simply entering the IP for a banned address.
-# It will reduce searching speed somewhat so unless you have a local caching
-# DNS server, leave it off and use the Blanket IP Block option in the
-# bannedsitelist file instead.
-reverseaddresslookups = {$reverseaddresslookups}
-
-
-
-# Reverse lookups for banned and exception IP lists.
-# If set to on, DansGuardian will look up the forward DNS for the IP
-# of the connecting computer. This means you can put in hostnames in
-# the exceptioniplist and bannediplist.
-# If a client computer is matched against an IP given in the lists, then the
-# IP will be recorded in any log entries; if forward DNS is successful and a
-# match occurs against a hostname, the hostname will be logged instead.
-# It will reduce searching speed somewhat so unless you have a local DNS server,
-# leave it off.
-reverseclientiplookups = {$reverseclientiplookups}
-
-
-# Perform reverse lookups on client IPs for successful requests.
-# If set to on, DansGuardian will look up the forward DNS for the IP
-# of the connecting computer, and log host names (where available) rather than
-# IPs against requests.
-# This is not dependent on reverseclientiplookups being enabled; however, if it
-# is, enabling this option does not incur any additional forward DNS requests.
-logclienthostnames = {$logclienthostnames}
-
-
-# Build bannedsitelist and bannedurllist cache files.
-# This will compare the date stamp of the list file with the date stamp of
-# the cache file and will recreate as needed.
-# If a .processed file exists for an item (e.g. domain/URL) list, then that
-# will be used instead, if it is up to date (i.e. newer than the unprocessed
-# list file).
-# This can increase process start speed on slow computers.
-# Fast computers do not need this option.
-# on | off, default = on
-createlistcachefiles = {$createlistcachefiles}
-
-
-# Prefer cached list files
-# If enabled, DansGuardian will always prefer to load ".processed" versions of
-# list files, regardless of their time stamps relative to the original
-# unprocessed lists. This is not generally useful unless you have a specific
-# list update process which results in - for example - up-to-date, pre-sorted
-# ".processed" list files with dummy unprocessed files.
-# on | off, default = off
-prefercachedlists = {$prefercachedlists}
-
-
-
-# POST protection (web upload and forms)
-# does not block forms without any file upload, i.e. this is just for
-# blocking or limiting uploads
-# measured in kibibytes after MIME encoding and header bumph
-# use 0 for a complete block
-# use higher (e.g. 512 = 512Kbytes) for limiting
-# use -1 for no blocking
-#maxuploadsize = 512
-#maxuploadsize = 0
-maxuploadsize = {$maxuploadsize}
-
-
-
-# Max content filter size
-# Sometimes web servers label binary files as text which can be very
-# large which causes a huge drain on memory and cpu resources.
-# To counter this, you can limit the size of the document to be
-# filtered and get it to just pass it straight through.
-# This setting also applies to content regular expression modification.
-# The value must not be higher than maxcontentramcachescansize
-# The size is in Kibibytes - eg 2048 = 2Mb
-# use 0 to set it to maxcontentramcachescansize
-maxcontentfiltersize = {$maxcontentfiltersize}
-
-
-
-# Max content ram cache scan size
-# This is only used if you use a content scanner plugin such as AV
-# This is the max size of file that DG will download and cache
-# in RAM. After this limit is reached it will cache to disk
-# This value must be less than or equal to maxcontentfilecachescansize.
-# The size is in Kibibytes - eg 10240 = 10Mb
-# use 0 to set it to maxcontentfilecachescansize
-# This option may be ignored by the configured download manager.
-maxcontentramcachescansize = {$maxcontentramcachescansize}
-
-
-
-# Max content file cache scan size
-# This is only used if you use a content scanner plugin such as AV
-# This is the max size file that DG will download
-# so that it can be scanned or virus checked.
-# This value must be greater or equal to maxcontentramcachescansize.
-# The size is in Kibibytes - eg 10240 = 10Mb
-maxcontentfilecachescansize = {$maxcontentfilecachescansize}
-
-
-
-# File cache dir
-# Where DG will download files to be scanned if too large for the
-# RAM cache.
-filecachedir = '/tmp'
-
-
-
-# Delete file cache after user completes download
-# When a file gets save to temp it stays there until it is deleted.
-# You can choose to have the file deleted when the user makes a sucessful
-# download. This will mean if they click on the link to download from
-# the temp store a second time it will give a 404 error.
-# You should configure something to delete old files in temp to stop it filling up.
-# on|off (defaults to on)
-deletedownloadedtempfiles = {$deletedownloadedtempfiles}
-
-
-
-# Initial Trickle delay
-# This is the number of seconds a browser connection is left waiting
-# before first being sent *something* to keep it alive. The
-# *something* depends on the download manager chosen.
-# Do not choose a value too low or normal web pages will be affected.
-# A value between 20 and 110 would be sensible
-# This may be ignored by the configured download manager.
-initialtrickledelay = {$initialtrickledelay}
-
-
-
-# Trickle delay
-# This is the number of seconds a browser connection is left waiting
-# before being sent more *something* to keep it alive. The
-# *something* depends on the download manager chosen.
-# This may be ignored by the configured download manager.
-trickledelay = {$trickledelay}
-
-
-
-# Download Managers
-# These handle downloads of files to be filtered and scanned.
-# They differ in the method they deal with large downloads.
-# Files usually need to be downloaded 100% before they can be
-# filtered and scanned before being sent on to the browser.
-# Normally the browser can just wait, but with content scanning,
-# for example to AV, the browser may timeout or the user may get
-# confused so the download manager has to do some sort of
-# 'keep alive'.
-#
-# There are various methods possible but not all are included.
-# The author does not have the time to write them all so I have
-# included a plugin systam. Also, not all methods work with all
-# browsers and clients. Specifically some fancy methods don't
-# work with software that downloads updates. To solve this,
-# each plugin can support a regular expression for matching
-# the client's user-agent string, and lists of the mime types
-# and extensions it should manage.
-#
-# Note that these are the matching methods provided by the base plugin
-# code, and individual plugins may override or add to them.
-# See the individual plugin conf files for supported options.
-#
-# The plugins are matched in the order you specify and the last
-# one is forced to match as the default, regardless of user agent
-# and other matching mechanisms.
-#
-downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/fancy.conf'
-##!! Not compiled !! downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/trickle.conf'
-downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/default.conf'
-
-
-
-# Content Scanners (Also known as AV scanners)
-# These are plugins that scan the content of all files your browser fetches
-# for example to AV scan. The options are limitless. Eventually all of
-# DansGuardian will be plugin based. You can have more than one content
-# scanner. The plugins are run in the order you specify.
-# This is one of the few places you can have multiple options of the same name.
-#
-# Some of the scanner(s) require 3rd party software and libraries eg clamav.
-# See the individual plugin conf file for more options (if any).
-#
-#contentscanner = '/usr/local/etc/dansguardian/contentscanners/clamdscan.conf'
-#!! Not compiled !! contentscanner = '/usr/local/etc/dansguardian/contentscanners/avastdscan.conf'
-#!! Not compiled !! contentscanner = '/usr/local/etc/dansguardian/contentscanners/kavdscan.conf'
-#contentscanner = '/usr/local/etc/dansguardian/contentscanners/icapscan.conf'
-#!! Not compiled !! contentscanner = '/usr/local/etc/dansguardian/contentscanners/commandlinescan.conf'
-
-
-
-# Content scanner timeout
-# Some of the content scanners support using a timeout value to stop
-# processing (eg AV scanning) the file if it takes too long.
-# If supported this will be used.
-# The default of 60 seconds is probably reasonable.
-contentscannertimeout = {$contentscannertimeout}
-
-
-
-# Content scan exceptions
-# If 'on' exception sites, urls, users etc will be scanned
-# This is probably not desirable behavour as exceptions are
-# supposed to be trusted and will increase load.
-# Correct use of grey lists are a better idea.
-# (on|off) default = off
-contentscanexceptions = {$contentscanexceptions}
-
-
-
-# Auth plugins
-# These replace the usernameidmethod* options in previous versions. They
-# handle the extraction of client usernames from various sources, such as
-# Proxy-Authorisation headers and ident servers, enabling requests to be
-# handled according to the settings of the user's filter group.
-# Multiple plugins can be specified, and will be used per port in the order
-# filterports are listed.
-#
-# If you do not use multiple filter groups, you need not specify this option.
-#
-#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-basic.conf'
-#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-digest.conf'
-#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-ntlm.conf'
-#authplugin = '/usr/local/etc/dansguardian/authplugins/ident.conf'
-#authplugin = '/usr/local/etc/dansguardian/authplugins/ip.conf'
-
-
-
-# Re-check replaced URLs
-# As a matter of course, URLs undergo regular expression search/replace (urlregexplist)
-# *after* checking the exception site/URL/regexpURL lists, but *before* checking against
-# the banned site/URL lists, allowing certain requests that would be matched against the
-# latter in their original state to effectively be converted into grey requests.
-# With this option enabled, the exception site/URL/regexpURL lists are also re-checked
-# after replacement, making it possible for URL replacement to trigger exceptions based
-# on them.
-# Defaults to off.
-recheckreplacedurls = {$recheckreplacedurls}
-
-
-
-# Misc settings
-
-# if on it adds an X-Forwarded-For: <clientip> to the HTTP request
-# header. This may help solve some problem sites that need to know the
-# source ip. on | off
-forwardedfor = {$forwardedfor}
-
-
-# if on it uses the X-Forwarded-For: <clientip> to determine the client
-# IP. This is for when you have squid between the clients and DansGuardian.
-# Warning - headers are easily spoofed. on | off
-usexforwardedfor = {usexforwardedfor}
-
-
-# if on it logs some debug info regarding fork()ing and accept()ing which
-# can usually be ignored. These are logged by syslog. It is safe to leave
-# it on or off
-logconnectionhandlingerrors = {$logconnectionhandlingerrors}
-
-
-
-# Fork pool options
-
-# If on, this causes DG to write to the log file whenever child processes are
-# created or destroyed (other than by crashes). This information can help in
-# understanding and tuning the following parameters, but is not generally
-# useful in production.
-logchildprocesshandling = {$logchildprocesshandling}
-
-# sets the maximum number of processes to spawn to handle the incoming
-# connections. Max value usually 250 depending on OS.
-# On large sites you might want to try 180.
-maxchildren = {$maxchildren}
-
-
-# sets the minimum number of processes to spawn to handle the incoming connections.
-# On large sites you might want to try 32.
-minchildren = {$minchildren}
-
-
-# sets the minimum number of processes to be kept ready to handle connections.
-# On large sites you might want to try 8.
-minsparechildren = {$minsparechildren}
-
-
-# sets the minimum number of processes to spawn when it runs out
-# On large sites you might want to try 10.
-preforkchildren = {$preforkchildren}
-
-
-# sets the maximum number of processes to have doing nothing.
-# When this many are spare it will cull some of them.
-# On large sites you might want to try 64.
-maxsparechildren = {$maxsparechildren}
-
-
-# sets the maximum age of a child process before it croaks it.
-# This is the number of connections they handle before exiting.
-# On large sites you might want to try 10000.
-maxagechildren = {$maxagechildren}
-
-
-# Sets the maximum number client IP addresses allowed to connect at once.
-# Use this to set a hard limit on the number of users allowed to concurrently
-# browse the web. Set to 0 for no limit, and to disable the IP cache process.
-maxips = {$maxips}
-
-
-
-# Process options
-# (Change these only if you really know what you are doing).
-# These options allow you to run multiple instances of DansGuardian on a single machine.
-# Remember to edit the log file path above also if that is your intention.
-
-# IPC filename
-#
-# Defines IPC server directory and filename used to communicate with the log process.
-ipcfilename = '/tmp/.dguardianipc'
-
-# URL list IPC filename
-#
-# Defines URL list IPC server directory and filename used to communicate with the URL
-# cache process.
-urlipcfilename = '/tmp/.dguardianurlipc'
-
-# IP list IPC filename
-#
-# Defines IP list IPC server directory and filename, for communicating with the client
-# IP cache process.
-ipipcfilename = '/tmp/.dguardianipipc'
-
-# PID filename
-#
-# Defines process id directory and filename.
-#pidfilename = '/var/run/dansguardian.pid'
-
-# Disable daemoning
-# If enabled the process will not fork into the background.
-# It is not usually advantageous to do this.
-# on|off (defaults to off)
-nodaemon = {$nodaemon}
-
-# Disable logging process
-# on|off (defaults to off)
-nologger = {$nologger}
-
-# Enable logging of "ADs" category blocks
-# on|off (defaults to off)
-logadblocks = {$logadblocks}
-
-# Enable logging of client User-Agent
-# Some browsers will cause a *lot* of extra information on each line!
-# on|off (defaults to off)
-loguseragent = {$loguseragent}
-
-# Daemon runas user and group
-# This is the user that DansGuardian runs as. Normally the user/group nobody.
-# Uncomment to use. Defaults to the user set at compile time.
-# Temp files created during virus scanning are given owner and group read
-# permissions; to use content scanners based on external processes, such as
-# clamdscan, the two processes must run with either the same group or user ID.
-#daemonuser = 'nobody'
-#daemongroup = 'nobody'
-
-# Soft restart
-# When on this disables the forced killing off all processes in the process group.
-# This is not to be confused with the -g run time option - they are not related.
-# on|off (defaults to off)
-softrestart = {softrestart}
-
-# Mail program
-# Path (sendmail-compatible) email program, with options.
-# Not used if usesmtp is disabled (filtergroup specific).
-#!! Not compiled !!mailer = '/usr/sbin/sendmail -t'
-
-#SSL certificate checking path
-#Path to CA certificates used to validate the certificates of https sites.
-#sslcertificatepath = '/etc/ssl/certs/'
-
-#SSL man in the middle
-#CA certificate path
-#Path to the CA certificate to use as a signing certificate for
-#generated certificates.
-#cacertificatepath = '/home/stephen/dginstall/ca.pem'
-
-#CA private key path
-#path to the private key that matches the public key in the CA certificate.
-#caprivatekeypath = '/home/stephen/dginstall/ca.key'
-
-#Cert private key path
-#The public / private key pair used by all generated certificates
-#certprivatekeypath = '/home/stephen/dginstall/cert.key'
-
-#Generated cert path
-#The location where generated certificates will be saved for future use.
-#(must be writable by the dg user)
-#generatedcertpath = '/home/stephen/dginstall/generatedcerts/'
+ if ($config['installedpackages']['dansguardianusers']['config'][0][$dansguardian_group_name]!=""){
+ $import_users = explode("\n", base64_decode($config['installedpackages']['dansguardianusers']['config'][0][$dansguardian_group_name]));
+ asort($import_users);
+ $config['installedpackages']['dansguardianusers']['config'][0][$dansguardian_group_name]=base64_encode(implode("\n", $import_users));
+ foreach ($import_users as $new_user){
+ if (preg_match("/(\S+)\s+(\S+)/",$new_user,$matches))
+ $filtergroupslist.=$matches[1]."=filter".$count." #".$matches[2]."\n";
+ elseif (preg_match("/(\S+)/",$new_user,$matches))
+ $filtergroupslist.=$matches[1]."=filter".$count."\n";
+ }
+ }
+ $filtergroup_count=count($import_users);
+ #Default group catch all unauth groups as well non listed users
+ if($count > 1)
+ $user_xml .=<<<EOF
+ <field>
+ <name>{$dansguardian_groups['description']} ({$filtergroup_count})</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fieldname>{$dansguardian_group_name}</fieldname>
+ <fielddescr>{$dansguardian_groups['name']}</fielddescr>
+ <description><![CDATA[Include users for this group one per line<br>Hint:PFSENSE\marcelloc #Marcello Coutinho]]></description>
+ <type>textarea</type>
+
+ <cols>80</cols><rows>12</rows>
+ <encoding>base64</encoding>
+ </field>
+EOF;
+
+ $count++;
+ }
+ #Create/update filtergroupslist
+ file_put_contents($dansguardian_dir."/lists/filtergroupslist",$filtergroupslist,LOCK_EX);
+ #Create/update userlist xml file
+ $user_xml_header=file_get_contents("/usr/local/pkg/dansguardian_users_header.xml");
+ $user_xml_footer=file_get_contents("/usr/local/pkg/dansguardian_users_footer.xml");
+ file_put_contents("/usr/local/pkg/dansguardian_users.xml",$user_xml_header.$user_xml.$user_xml_footer,LOCK_EX);
+
+ #check blacklist download files
+ if ($dansguardian_blacklist['cron']=="now" && $dansguardian_blacklist['blacklist']){
+ $config['installedpackages']['dansguardianblacklist']['config'][0]['cron']="never";
+ log_error("Blacklist udpate process started");
+ file_notice("Dansguardian - Blacklist udpate process started","");
+ file_put_contents("/root/dansguardian_custom.script",base64_decode($dansguardian_blacklist['custom_script']),LOCK_EX);
+ if ($dansguardian_blacklist['enable_custom_script'] && $dansguardian_blacklist['custom_script'] != "")
+ mwexec_bg("/root/dansguardian_custom.script");
+ else
+ mwexec_bg("/usr/local/bin/php /usr/local/www/dansguardian.php fetch_blacklist");
+ mwexec_bg("/usr/local/bin/php /usr/local/www/dansguardian.php udpate_lists");
+ }
+
+ #get clamav user
+ $cconf="/usr/local/etc/clamd.conf";
+ $cconf_file=file_get_contents($cconf);
+ if (preg_match("/User (\w+)/",$cconf_file,$matches)){
+ $daemonuser = $matches[1];
+ $daemongroup = 'nobody';
+ }
+ else{
+ $daemonuser = 'nobody';
+ $daemongroup = 'nobody';
+ }
+ $filtergroups=($count > 1?($count -1):1);
+
+ $filterip="";
+ $filterports="";
+ foreach (explode(",", $dansguardian['interface']) as $i => $iface) {
+ $real_ifaces[] = dg_get_real_interface_address($iface);
+ if($real_ifaces[$i][0])
+ $filterip .="filterip = ".$real_ifaces[$i][0]."\n";
+ $filterports.="filterports = ".$filterport."\n";
+ }
+ $filterip=($filterip==""?"filterip = ":$filterip);
+ $filterports=($filterports==""?"filterports = $filterport":$filterports);
+ include("/usr/local/pkg/dansguardian.conf.template");
-#Generated link path = ''
-#The location where symlinks to certificates will be created.
-#(must be writable by the dg user)
-#generatedlinkpath = '/home/stephen/dginstall/generatedlinks/'
-EOF;
#write files
conf_mount_rw();
- $mlang=strtolower($report['language']);
- $mfiles[]="/usr/local/etc/dansguardian/virus.scanners.conf";
- $mfiles[]="/usr/local/share/dansguardian/reports/{$mlang}/inline.spam.warning.txt";
- $mfiles[]="/usr/local/share/dansguardian/reports/{$mlang}/languages.conf";
-
- foreach ($mfiles as $mfile)
- if (! file_exists ($mfile))
- copy($mfile.".sample",$mfile);
-
-
write_config();
+ #update file owner
+ mwexec("chown -R $daemonuser:$daemongroup /usr/loca/etc/dansguardian");
+ mwexec("chown -R $daemonuser:$daemongroup /var/log/dansguardian");
- file_put_contents($dansguardian_dir."/dansguardian.conf", $mc, LOCK_EX);
- file_put_contents($dansguardian_dir."/filename.rules.conf",dg_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filename_rules']),LOCK_EX);
- file_put_contents($dansguardian_dir."/filetype.rules.conf",dg_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filetype_rules']),LOCK_EX);
- file_put_contents($dansguardian_dir."/archives.filename.rules.conf",dg_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filename_rules']),LOCK_EX);
- file_put_contents($dansguardian_dir."/archives.filetype.rules.conf",dg_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filetype_rules']),LOCK_EX);
- file_put_contents($dansguardian_dir."/phishing.safe.sites.conf",dg_text_area_decode($config['installedpackages']['mscontent']['config'][0]['phishing_safe']),LOCK_EX);
- file_put_contents($dansguardian_dir."/phishing.bad.sites.conf",dg_text_area_decode($config['installedpackages']['mscontent']['config'][0]['phishing_bad']),LOCK_EX);
- file_put_contents($dansguardian_dir."/country.domains.conf",dg_text_area_decode($config['installedpackages']['mscontent']['config'][0]['country_domains']),LOCK_EX);
- file_put_contents($dansguardian_dir.'/spam.assassin.prefs.conf',$sa_temp,LOCK_EX);
- file_put_contents($dansguardian_dir.'/spam.lists.conf',dg_text_area_decode($config['installedpackages']['msantispam']['config'][0]['rbl_file']),LOCK_EX);
- file_put_contents($dansguardian_dir.'/mcp/mcp.spam.assassin.prefs.conf',dg_text_area_decode($config['installedpackages']['msantispam']['config'][0]['mcp_pref_file']),LOCK_EX);
- file_put_contents($dansguardian_dir.'/rules/bounce.rules',dg_text_area_decode($config['installedpackages']['msantispam']['config'][0]['bounce']),LOCK_EX);
- file_put_contents($dansguardian_dir.'/rules/max.message.size.rules',dg_text_area_decode($config['installedpackages']['msantispam']['config'][0]['max_message_size']),LOCK_EX);
- file_put_contents($dansguardian_dir.'/rules/spam.whitelist.rules',dg_text_area_decode($config['installedpackages']['msantispam']['config'][0]['spam_whitelist']),LOCK_EX);
-
- foreach ($report_files as $key_r => $file_r)
- file_put_contents($report_dir.'/'.$file_r,dg_text_area_decode($config['installedpackages']['msreport']['config'][0][$key_r]),LOCK_EX);
-
- if ($alert['sig']){
- $sig_html=dg_text_area_decode($config['installedpackages']['msalerts']['config'][0]['sig_html']);
- $sig_txt=dg_text_area_decode($config['installedpackages']['msalerts']['config'][0]['sig_txt']);}
- else{
- $sig_html="";
- $sig_txt="";}
- file_put_contents($report_dir.'/inline.sig.txt',$sig_txt,LOCK_EX);
- file_put_contents($report_dir.'/inline.sig.html',$sig_html,LOCK_EX);
-
- if ($alert['warning']){
- $warning_html=dg_text_area_decode($config['installedpackages']['msalerts']['config'][0]['warning_html']);
- $warning_txt=dg_text_area_decode($config['installedpackages']['msalerts']['config'][0]['warning_txt']);}
- else{
- $warning_html="";
- $warning_txt="";}
- file_put_contents($report_dir.'/inline.warning.txt',$warning_txt,LOCK_EX);
- file_put_contents($report_dir.'/inline.warning.html',$warning_html,LOCK_EX);
+ #create config files
+ file_put_contents($dansguardian_dir."/dansguardian.conf", $dg, LOCK_EX);
#check virus_scanner options
$libexec_dir="/usr/local/libexec/dansguardian/";
- if ($virus_scanning == "yes"){
- if ($antivirus['virus_scanner'] =="none"){
- unlink_if_exists($libexec_dir.'clamav-autoupdate');
- unlink_if_exists($libexec_dir.'clamav-wrapper');
- }
- else{
- if (file_exists('/var/run/clamav/'))
- chown('/var/run/clamav/', 'dansguardian');
- if (file_exists('/var/log/clamav/'))
- chown('/var/log/clamav/', 'dansguardian');
- if (file_exists('/var/db/clamav/'))
- chown('/var/db/clamav/', 'dansguardian');
- if (file_exists('/var/db/clamav/bytecode.cld'))
- chown('/var/db/clamav/bytecode.cld', 'dansguardian');
- if (file_exists('/var/db/clamav/daily.cld'))
- chown('/var/db/clamav/daily.cld', 'dansguardian');
- if (file_exists('/var/db/clamav/main.cvd'))
- chown('/var/db/clamav/main.cvd', 'dansguardian');
- if (file_exists('/var/db/clamav/mirrors.dat'))
- chown('/var/db/clamav/mirrors.dat', 'dansguardian');
- if (file_exists('/var/log/clamav/clamd.log'))
- chown('/var/log/clamav/clamd.log', 'dansguardian');
- if (file_exists('/var/log/clamav/freshclam.log'))
- chown('/var/log/clamav/freshclam.log', 'dansguardian');
+ if (preg_match("/clamd/",$dansguardian_config['content_scanners'])){
- copy($libexec_dir.'clamav-autoupdate.sample',$libexec_dir.'clamav-autoupdate');
- chmod ($libexec_dir.'clamav-autoupdate',0755);
- copy($libexec_dir.'clamav-wrapper.sample',$libexec_dir.'clamav-wrapper');
- chmod ($libexec_dir.'clamav-autoupdate',0755);
- if (!file_exists('/var/db/clamav/main.cvd')){
- log_error('No clamav database found, running freshclam in background.');
- mwexec_bg('/usr/local/bin/freshclam');
- }
- #clamav-wrapper file
- $cconf=$libexec_dir."clamav-wrapper";
- $cconf_file=file_get_contents($cconf);
- if (preg_match('/"clamav"/',$cconf_file)){
- $cconf_file=preg_replace('/"clamav"/','"dansguardian"',$cconf_file);
- file_put_contents($cconf, $cconf_file, LOCK_EX);
- }
+ if (!file_exists('/var/db/clamav/main.cvd')){
+ log_error('No clamav database found for dansguardian, running freshclam in background.');
+ mwexec_bg('/usr/local/bin/freshclam');
+ }
- #freshclam conf file
- $cconf="/usr/local/etc/freshclam.conf";
+ $match=array();
+ $match[0]='/NO/';
+ $replace=array();
+ $replace[0]='YES';
+
+ #clamdscan.conf dansguardian file
+ $cconf="/usr/local/etc/dansguardian/contentscanners/clamdscan.conf";
$cconf_file=file_get_contents($cconf);
- if (preg_match('/DatabaseOwner clamav/',$cconf_file)){
- $cconf_file=preg_replace("/DatabaseOwner clamav/","DatabaseOwner dansguardian",$cconf_file);
- file_put_contents($cconf, $cconf_file, LOCK_EX);
+ if (!preg_match('/clamav/',$cconf_file)){
+ file_put_contents($cconf, $cconf_file."\nclamdudsfile = '/var/run/clamav/clamd.sock'", LOCK_EX);
}
-
+
#clamd conf file
$cconf="/usr/local/etc/clamd.conf";
$cconf_file=file_get_contents($cconf);
- if (preg_match('/User clamav/',$cconf_file)){
- $cconf_file=preg_replace("/User clamav/","User dansguardian",$cconf_file);
- file_put_contents($cconf, $cconf_file, LOCK_EX);
- }
- #clamd script file
- $script='/usr/local/etc/rc.d/clamav-clamd';
- $script_file=file($script);
- foreach ($script_file as $script_line){
- if(preg_match("/command=/",$script_line)){
- $new_clamav_startup.= "/bin/mkdir /var/run/clamav\n";
- $new_clamav_startup.= "chown dansguardian /var/run/clamav\n";
- $new_clamav_startup.=$script_line;
+ if (preg_match("/User (\w+)/",$cconf_file,$matches)){
+ #clamd script file
+ $script='/usr/local/etc/rc.d/clamav-clamd';
+ $script_file=file($script);
+ foreach ($script_file as $script_line){
+ if(preg_match("/command=/",$script_line)){
+ $new_clamav_startup.= "/bin/mkdir /var/run/clamav\n";
+ $new_clamav_startup.= "chown ".$matches[1]." /var/run/clamav\n";
+ $new_clamav_startup.=$script_line;
+ }
+ elseif(!preg_match("/(mkdir|chown|sleep|mailscanner)/",$script_line)) {
+ $new_clamav_startup.=preg_replace("/NO/","YES",$script_line);
+ }
}
- elseif(!preg_match("/(mkdir|chown|sleep|dansguardian)/",$script_line)) {
- $new_clamav_startup.=preg_replace("/NO/","YES",$script_line);
- }
- }
- file_put_contents($script, $new_clamav_startup, LOCK_EX);
- chmod ($script,0755);
- mwexec("$script stop");
- mwexec_bg("$script start");
- }
- }
- else{
- unlink_if_exists($libexec_dir.'clamav-autoupdate');
- unlink_if_exists($libexec_dir.'clamav-wrapper');
- }
-
- #check dcc startup script
- $script='/usr/local/etc/rc.d/dccifd';
- $script_file=file_get_contents($script);
- if (preg_match('/NO/',$script_file)){
- $script_file=preg_replace("/NO/","YES",$script_file);
- file_put_contents($script, $script_file, LOCK_EX);
+ file_put_contents($script, $new_clamav_startup, LOCK_EX);
chmod ($script,0755);
- }
- #check dcc config file
- $script='/usr/local/dcc/dcc_conf';
- $script_file=file_get_contents($script);
- if (preg_match('/DCCIFD_ENABLE=off/',$script_file)){
- $script_file=preg_replace("/DCCIFD_ENABLE=off/","DCCIFD_ENABLE=on",$script_file);
- file_put_contents($script, $script_file, LOCK_EX);
- }
- mwexec("$script stop");
- mwexec_bg("$script start");
-
- $script='/usr/local/etc/rc.d/dansguardian';
+ mwexec("$script stop");
+ unlink_if_exists("/tmp/.dguardianipc");
+ unlink_if_exists("/tmp/.dguardianurlipc");
+ mwexec_bg("$script start");
+ }
+ }
- #fix MIME::ToolUtils deprecated function and usecure dependency calls in /usr/local/sbin/dansguardian
- $cconf="/usr/local/sbin/dansguardian";
- $cconf_file=file_get_contents($cconf);
- $pattern2[0]='/perl\W+I/';
- $pattern2[1]='/\smy .current = config MIME::ToolUtils/';
- $replacement2[0]='perl -U -I';
- $replacement2[1]=' #my $current = config MIME::ToolUtils';
- if (preg_match('/perl\W+I/',$cconf_file)){
- $cconf_file=preg_replace($pattern2,$replacement2,$cconf_file);
- file_put_contents($cconf, $cconf_file, LOCK_EX);
- #force old process stop
- mwexec("$script stop");
- }
-
- $script_file=file_get_contents($script);
- if (preg_match('/NO/',$script_file)){
- $script_file=preg_replace("/NO/","YES",$script_file);
- file_put_contents($script, $script_file, LOCK_EX);
- chmod ($script,0755);
- }
+ $dirs=array('/usr/local/etc/dansguardian/lists/bannedrooms/',
+ '/var/log/dansguardian');
+ foreach ($dirs as $dir)
+ if (!is_dir($dir))
+ mkdir ($dir,0755,true);
+
+ $script='/usr/local/etc/rc.d/dansguardian';
if($config['installedpackages']['dansguardian']['config'][0]['enable']){
- log_error("Reload dansguardian");
+ $script_file=file_get_contents($script);
+ if (preg_match('/NO/',$script_file)){
+ $script_file=preg_replace("/NO/","YES",$script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ }
chmod ($script,0755);
- mwexec("$script stop");
- sleep(2);
- mwexec_bg("$script start");
+ mwexec("$script stop");
+ mwexec_bg("$script start");
}
else{
- log_error("Stopping dansguardian if running");
mwexec("$script stop");
- chmod ($script,0444);
+ chmod ($script,0444);
}
+
+ if (!file_exists('/usr/local/etc/dansguardian/lists/phraselists/pornography/weighted_russian_utf8'))
+ file_put_contents('/usr/local/etc/dansguardian/lists/phraselists/pornography/weighted_russian_utf8',"",LOCK_EX);
+
conf_mount_ro();
$synconchanges = $config['installedpackages']['dansguardiansync']['config'][0]['synconchanges'];
if(!$synconchanges && !$syncondbchanges)
@@ -1124,17 +770,10 @@ EOF;
function dansguardian_validate_input($post, &$input_errors) {
foreach ($post as $key => $value) {
- if (empty($value))
- continue;
- if (substr($key, 0, 6) == "domain" && is_numeric(substr($key, 6))) {
- if (!is_domain($value))
- $input_errors[] = "{$value} is not a valid domain name.";
- } else if (substr($key, 0, 12) == "mailserverip" && is_numeric(substr($key, 12))) {
- if (empty($post['domain' . substr($key, 12)]))
- $input_errors[] = "Domain for {$value} cannot be blank.";
- if (!is_ipaddr($value) && !is_hostname($value))
- $input_errors[] = "{$value} is not a valid IP address or host name.";
- }
+ if ($key == "name" && $value == "")
+ $input_errors[] = "{$key} could not be empty.";
+ else if ($key == "name" && $value=="sample")
+ $input_errors[] = "{$value} cannot be used as name.";
}
}
@@ -1146,7 +785,7 @@ function dansguardian_php_deinstall_command() {
mwexec("/usr/local/etc/rc.d/dansguardian.sh stop");
sleep(1);
conf_mount_rw();
- unlink_if_exists("/usr/local/etc/rc.d/dansguardian.sh");
+ unlink_if_exists("/usr/local/etc/rc.d/dansguardian");
conf_mount_ro();
}
@@ -1180,12 +819,22 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) {
if ($sync_xml){
log_error("Include dansguardian config");
$xml['dansguardian'] = $config['installedpackages']['dansguardian'];
- $xml['msreport'] = $config['installedpackages']['msreport'];
- $xml['mscontent'] = $config['installedpackages']['mscontent'];
- $xml['msantivirus'] = $config['installedpackages']['msantivirus'];
- $xml['msantispam'] = $config['installedpackages']['msantispam'];
- $xml['msalerts'] = $config['installedpackages']['msalerts'];
- }
+ $xml['dansguardianantivirusacl'] = $config['installedpackages']['dansguardianantivirusacl'];
+ $xml['dansguardianconfig'] = $config['installedpackages']['dansguardianconfig'];
+ $xml['dansguardiancontentacl'] = $config['installedpackages']['dansguardiancontentacl'];
+ $xml['dansguardianfileacl'] = $config['installedpackages']['dansguardianfileacl'];
+ $xml['dansguardiangroups'] = $config['installedpackages']['dansguardiangroups'];
+ $xml['dansguardianheaderacl'] = $config['installedpackages']['dansguardianheaderacl'];
+ $xml['dansguardianlimits'] = $config['installedpackages']['dansguardianlimits'];
+ $xml['dansguardianlog'] = $config['installedpackages']['dansguardianlog'];
+ $xml['dansguardianphraseacl'] = $config['installedpackages']['dansguardianphraseacl'];
+ $xml['dansguardianpicsacl'] = $config['installedpackages']['dansguardianpicsacl'];
+ $xml['dansguardiansearchacl'] = $config['installedpackages']['dansguardiansearchacl'];
+ $xml['dansguardiansiteacl'] = $config['installedpackages']['dansguardiansiteacl'];
+ $xml['dansguardianurlacl'] = $config['installedpackages']['dansguardianurlacl'];
+ $xml['dansguardianusers'] = $config['installedpackages']['dansguardianusers'];
+
+ }
if (count($xml) > 0){
/* assemble xmlrpc payload */
$params = array(
diff --git a/config/dansguardian/dansguardian.php b/config/dansguardian/dansguardian.php
new file mode 100644
index 00000000..8998d1f8
--- /dev/null
+++ b/config/dansguardian/dansguardian.php
@@ -0,0 +1,114 @@
+<?php
+/* $Id$ */
+/* ========================================================================== */
+/*
+ dansguardian.php
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+
+require_once("/etc/inc/util.inc");
+require_once("/etc/inc/functions.inc");
+require_once("/etc/inc/pkg-utils.inc");
+require_once("/etc/inc/globals.inc");
+require_once("/usr/local/pkg/dansguardian.inc");
+
+function fetch_blacklist(){
+ global $config,$g;
+ $url=$config['installedpackages']['dansguardianblacklist']['config'][0]['url'];
+ if (is_url($url)){
+ conf_mount_rw();
+ print "file download start..";
+ exec("/usr/bin/fetch -o /usr/local/etc/dansguardian/lists/blacklist.tgz ".escapeshellarg($url));
+ chdir ("/usr/local/etc/dansguardian/lists");
+ if (is_dir ("blacklists.old"))
+ exec ('rm -rf /usr/local/etc/dansguardian/lists/blacklists.old');
+ rename("blacklists","blacklists.old");
+ exec('/usr/bin/tar -xvzf /usr/local/etc/dansguardian/lists/blacklist.tgz 2>&1',$output,$return);
+ if (preg_match("/x (\w+)/",$output[0],$matches)){
+ if ($matches[1] != "blacklists")
+ rename("./".$matches[1],"blacklists");
+ read_lists();
+ file_notice("Dansguardian - Blacklist applied, check site and URL access lists for categories","");
+ }
+ else
+ file_notice("Dansguardian - Could not determine Blacklist extract dir. Categories not updated","");
+ }
+ else{
+ file_notice("Dansguardian - Blacklist url is invalid.","");
+ }
+}
+function read_lists(){
+ global $config,$g;
+ $group_type=array();
+ $dir="/usr/local/etc/dansguardian/lists";
+ #read dansguardian lists dirs
+ $groups= array("phraselists", "blacklists", "whitelists");
+ #assigns know list files
+ $types=array('domains','urls','banned','weighted','exception','expression');
+ #clean previous xml config for dansguardian lists
+ foreach ($groups as $group)
+ foreach ($types as $clean)
+ $config['installedpackages']['dansguardian'.$group.$clean]['config']=array();
+
+ #clean previous xml config for dansguardian lists
+ foreach ($groups as $group)
+ if (is_dir("$dir/$group/")){
+ #read dir content and find lists
+ $lists= scandir("$dir/$group/");
+ foreach ($lists as $list)
+ if (!preg_match ("/^\./",$list)){
+ $category= scandir("$dir/$group/$list/");
+ foreach ($category as $file)
+ if (!preg_match ("/^\./",$file)){
+ #assign list to array
+ $type=split("_",$file);
+ print $type[0]." --- $list --- $file\n";
+ if (!in_array($type[0],$group_type))
+ $list_type[]=$type[0];
+ $xml_group=($list=="whitelist"?"whitelists":$group);
+ $xml_type=($type[0]=="domains.processed"?"domains":$type[0]);
+ $config['installedpackages']['dansguardian'.$xml_group.$xml_type]['config'][]=array("descr"=> "$list $file","list" => $list,"file" => "$dir/$group/$list/$file");
+ }
+ }
+ }
+
+ #var_dump($config['installedpackages']['dansguardian']['config']);
+ #foreach ($types as $clean)
+ #var_dump($config['installedpackages']['dansguardianfiles'.$clean]['config']);
+ write_config();
+}
+
+if ($argv[1]=="update_lists")
+ read_lists();
+
+if ($argv[1]=="fetch_blacklist")
+ fetch_blacklist();
+
+?> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian.xml b/config/dansguardian/dansguardian.xml
index c8b630d1..22315ef8 100644
--- a/config/dansguardian/dansguardian.xml
+++ b/config/dansguardian/dansguardian.xml
@@ -44,7 +44,7 @@
<faq>Currently there are no FAQ items provided.</faq>
<name>dansguardian</name>
<version>1.0</version>
- <title>Services: Sansguardian</title>
+ <title>Services: Dansguardian</title>
<include_file>/usr/local/pkg/dansguardian.inc</include_file>
<menu>
<name>dansguardian</name>
@@ -53,31 +53,36 @@
<url>pkg_edit.php?xml=dansguardian.xml</url>
</menu>
<additional_files_needed>
- <item>http:/www.pfsense.org/packages/config/pf-blocker/dansguardian.inc</item>
+ <item>http:/www.pfsense.org/packages/config/dansguardian/dansguardian.inc</item>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>http://www.pfsense.org/packages/config/pf-blocker/dansguardian.php</item>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian.php</item>
<prefix>/usr/local/www/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>http://www.pfsense.org/packages/config/pf-blocker/dansguardian.widget.php</item>
- <prefix>/usr/local/www/widgets/widgets/</prefix>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_limits.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_limits.xml</item>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_header.xml</item>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_lists.xml</item>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_footer.xml</item>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_about.php</item>
+ <prefix>/usr/local/www/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
<item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_config.xml</item>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
@@ -87,6 +92,76 @@
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardianfx.conf.template</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_url_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_site_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_search_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_pics_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_phrase_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_log.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_header_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_groups.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_file_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_content_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_blacklist.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_antivirus_acl.xml</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian.conf.template</item>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ </additional_files_needed>
<tabs>
<tab>
<text>Daemon</text>
@@ -102,11 +177,23 @@
<url>/pkg_edit.php?xml=dansguardian_limits.xml&amp;id=0</url>
</tab>
<tab>
- <text>Filter Groups</text>
- <url>/pkg.php?xml=dansguardian_lists.xml</url>
+ <text>Blacklist</text>
+ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Access Lists</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
</tab>
<tab>
- <text>Report and Log</text>
+ <text>Report and log</text>
<url>/pkg_edit.php?xml=dansguardian_log.xml&amp;id=0</url>
</tab>
<tab>
@@ -114,8 +201,8 @@
<url>/pkg_edit.php?xml=dansguardian_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
- <url>/pkg_edit.php?xml=dansguardian.php&amp;id=0</url>
+ <text>Help</text>
+ <url>/dansguardian_about.php</url>
</tab>
</tabs>
<fields>
@@ -125,13 +212,13 @@
</field>
<field>
<fielddescr>Enable dansguardian</fielddescr>
- <fieldname>enable_dg</fieldname>
+ <fieldname>enable</fieldname>
<type>checkbox</type>
- <description></description>
+ <description><![CDATA[<a target=_new href='http://dansguardian.org/?page=copyright2'>I agree with dansguardian terms and licence.</a>]]></description>
</field>
<field>
<fielddescr>Listen Interface(s)</fielddescr>
- <fieldname>inbound_interface</fieldname>
+ <fieldname>interface</fieldname>
<description><![CDATA[Default: <strong>WAN</strong><br>Select interface(s) that you want to block incoming traffic.]]></description>
<type>interfaces_selection</type>
<required/>
@@ -176,6 +263,14 @@
On large sites you might want to try 8/64.]]></description>
</field>
<field>
+ <fielddescr>Prefork Children</fielddescr>
+ <fieldname>preforkchildren</fieldname>
+ <type>input</type>
+ <size>10</size>
+ <description><![CDATA[sets the minimum number of processes to spawn when it runs out<br>
+ On large sites you might want to try 10]]></description>
+ </field>
+ <field>
<fielddescr>Max Age Children</fielddescr>
<fieldname>maxagechildren</fieldname>
<type>input</type>
diff --git a/config/dansguardian/dansguardian_about.php b/config/dansguardian/dansguardian_about.php
new file mode 100755
index 00000000..306ddc3e
--- /dev/null
+++ b/config/dansguardian/dansguardian_about.php
@@ -0,0 +1,114 @@
+<?php
+/*
+ mailscanner_about.php
+ part of pfSense (http://www.pfsense.com/)
+ Copyright (C) 2011 Marcello Coutinho <marcellocoutinho@gmail.com>
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+$pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
+if(strstr($pfSversion, "1.2"))
+ $one_two = true;
+
+$pgtitle = "About: Dansguardian Package";
+include("head.inc");
+
+?>
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("fbegin.inc"); ?>
+
+<?php if($one_two): ?>
+<p class="pgtitle"><?=$pgtitle?></font></p>
+<?php endif; ?>
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+
+
+<div id="mainlevel">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td>
+ <?php
+ $tab_array = array();
+ $tab_array[] = array(gettext("Daemon"), false, "/pkg_edit.php?xml=dansguardian.xml&id=0");
+ $tab_array[] = array(gettext("General"), false, "/pkg_edit.php?xml=dansguardian_general.xml&id=0");
+ $tab_array[] = array(gettext("Limits"), false, "/pkg_edit.php?xml=dansguardian_limits.xml&id=0");
+ $tab_array[] = array(gettext("Blacklist"), false, "/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0");
+ $tab_array[] = array(gettext("Access Lists"), false, "/pkg_edit.php?xml=dansguardian_antivirus.xml&id=0");
+ $tab_array[] = array(gettext("Groups"), false, "/pkg.php?xml=dansguardian_groups.xml&id=0");
+ $tab_array[] = array(gettext("Users"), false, "/pkg.php?xml=dansguardian_users.xml&id=0");
+ $tab_array[] = array(gettext("Report and Log"), false, "/pkg_edit.php?xml=dansguardian_log.xml&id=0");
+ $tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=dansguardian_sync.xml&id=0");
+ $tab_array[] = array(gettext("Help"), true, "/dansguardian_about.php");
+ display_top_tabs($tab_array);
+?>
+ </td></tr>
+ <tr>
+
+ <td>
+ <div id="mainarea">
+ <table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0">
+ <tr><td></td></tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic"><?=gettext("Help docs"); ?></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("Copyright");?></td>
+ <td width="78%" class="vtable"><?=gettext("<a target=_new href='http://dansguardian.org/?page=copyright2'>Copyright and licensing for Dansguardian 2</a><br><br>");?>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("Blacklists");?></td>
+ <td width="78%" class="vtable"><?=gettext("<a target=_new href='http://www.squidguard.org/blacklists.html'>Dansguardian Blacklists</a><br><br>");?>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("Whatis");?></td>
+ <td width="78%" class="vtable"><?=gettext("<a target=_new href='http://dansguardian.org/?page=whatisdg'>What is Dansguardian</a><br><br>");?>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic"><?=gettext("About dansguardian package"); ?></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("Credits ");?></td>
+ <td width="78%" class="vtable"><?=gettext("Package Created by <a target=_new href='http://forum.pfsense.org/index.php?action=profile;u=4710'>Marcello Coutinho</a><br><br>");?></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("Donatios ");?></td>
+ <td width="78%" class="vtable"><?=gettext("If you like this package, please <a target=_new href='http://www.pfsense.org/index.php?option=com_content&task=view&id=47&Itemid=77'>donate to pfSense project</a>.<br><br>
+ If you want that your donation goes to this package developer, make a note on donation forwarding it to me.<br><br>");?></td>
+ </tr>
+ </table>
+
+ </div>
+ </td>
+ </tr>
+
+
+ </table>
+ <br>
+ <div id="search_results"></div>
+</div>
+<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/dansguardian/dansguardian_antivirus_acl.xml b/config/dansguardian/dansguardian_antivirus_acl.xml
new file mode 100755
index 00000000..21c5c17e
--- /dev/null
+++ b/config/dansguardian/dansguardian_antivirus_acl.xml
@@ -0,0 +1,193 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ dansguardian_file_acl.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardianantivirusacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_content_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ </tabs>
+ <fields>
+ <field>
+ <name>Extension</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>extension_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>extension_list</fieldname>
+ <description><![CDATA[Enter extension exception virus scanner list.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Mime</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>mime_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>mime_list</fieldname>
+ <description><![CDATA[Enter mime type exception virus scanner list.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Site</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>site_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>site_list</fieldname>
+ <description><![CDATA[Enter site exception virus scanner list.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+<field>
+ <name>URL</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>url_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>url_list</fieldname>
+ <description><![CDATA[Enter url exception virus scanner list.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_blacklist.xml b/config/dansguardian/dansguardian_blacklist.xml
new file mode 100644
index 00000000..d518f531
--- /dev/null
+++ b/config/dansguardian/dansguardian_blacklist.xml
@@ -0,0 +1,156 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ dansguardian_limits.xml
+ part of the dansguardian for pfSense
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardianblacklist</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Daemon</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>General</text>
+ <url>/pkg_edit.php?xml=dansguardian_config.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Limits</text>
+ <url>/pkg_edit.php?xml=dansguardian_limits.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Blacklist</text>
+ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Access Lists</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ <tab>
+ <text>Report and log</text>
+ <url>/pkg_edit.php?xml=dansguardian_log.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>XMLRPC Sync</text>
+ <url>/pkg_edit.php?xml=dansguardian_sync.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Help</text>
+ <url>/dansguardian_about.php</url>
+ </tab>
+</tabs>
+ <fields>
+ <field>
+ <name>Blacklist options</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>blacklist</fieldname>
+ <type>checkbox</type>
+ </field>
+ <field>
+ <fielddescr>Update frequency</fielddescr>
+ <fieldname>cron</fieldname>
+ <description><![CDATA[Default:<strong>Never</strong><br>
+ Select how often pfsense will re download Blacklist files]]></description>
+ <type>select</type>
+ <options>
+ <option><name>Never</name><value>never</value></option>
+ <option><name>Now</name><value>now</value></option>
+ <option><name>Every day</name><value>day</value></option>
+ <option><name>Every 2 days</name><value>02days</value></option>
+ <option><name>Once a week</name><value>week</value></option>
+ </options>
+ </field>
+ <field>
+ <fielddescr>Blacklist URL</fielddescr>
+ <fieldname>url</fieldname>
+ <description><![CDATA[Enter FTP, HTTP or LOCAL (pfSense) URL blacklist archive.<br>
+ File must be in tar.gz or tgz format.]]></description>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <name>Custom update script</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>enable_custom_script</fieldname>
+ <type>checkbox</type>
+ </field>
+ <field>
+ <fielddescr>script</fielddescr>
+ <fieldname>update_script</fieldname>
+ <description><![CDATA[Enter custom script to update Blacklists<br>
+ This script will be called by update frequency schedule.]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>15</rows>
+ <encoding>base64</encoding>
+ </field>
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui>
diff --git a/config/dansguardian/dansguardian_config.xml b/config/dansguardian/dansguardian_config.xml
index d3ed5277..7e4eda17 100644
--- a/config/dansguardian/dansguardian_config.xml
+++ b/config/dansguardian/dansguardian_config.xml
@@ -61,11 +61,23 @@
<url>/pkg_edit.php?xml=dansguardian_limits.xml&amp;id=0</url>
</tab>
<tab>
- <text>Filter Groups</text>
- <url>/pkg.php?xml=dansguardian_lists.xml</url>
+ <text>Blacklist</text>
+ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
</tab>
<tab>
- <text>Report and Log</text>
+ <text>Access Lists</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ <tab>
+ <text>Report and log</text>
<url>/pkg_edit.php?xml=dansguardian_log.xml&amp;id=0</url>
</tab>
<tab>
@@ -73,8 +85,8 @@
<url>/pkg_edit.php?xml=dansguardian_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
- <url>/pkg_edit.php?xml=dansguardian.php&amp;id=0</url>
+ <text>Help</text>
+ <url>/dansguardian_about.php</url>
</tab>
</tabs>
<fields>
@@ -83,24 +95,19 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>Url cache number</fielddescr>
- <fieldname>urlcachenumber</fieldname>
- <type>input</type>
- <size>10</size>
- <description><![CDATA[Positive (clean) result caching for URLs Caches good pages so they don't need to be scanned again.It also works with AV plugins.<br>
- 0 = off (recommended for ISPs with users with disimilar browsing)<br>
- <strong>1000 = recommended for most user</strong><br>
- 5000 = suggested max upper limit<br>
- If you're using an AV plugin then use at least 5000.]]></description>
- </field>
- <field>
- <fielddescr>Url cache age</fielddescr>
- <fieldname>urlcacheage</fieldname>
- <type>input</type>
- <size>10</size>
- <description><![CDATA[Age before cache are stale and should be ignored in seconds<br>
- <strong>900 = 15 mins(recommended)</strong><br>
- 0 = never]]></description>
+ <fielddescr>Auth Plugin</fielddescr>
+ <fieldname>auth_plugin</fieldname>
+ <description><![CDATA[This option handle the extraction of client usernames from various sources, such as Proxy-Authorisation headers and ident servers,
+ enabling requests to be handled according to the settings of the user's filter group.]]></description>
+ <type>select</type>
+ <options>
+ <option><name>Proxy-Basic</name><value>/usr/local/etc/dansguardian/authplugins/proxy-basic.conf</value></option>
+ <option><name>Proxy-Digest</name><value>/usr/local/etc/dansguardian/authplugins/proxy-digest.conf</value></option>
+ <option><name>Proxy-Ntlm</name><value>/usr/local/etc/dansguardian/authplugins/proxy-ntlm.conf</value></option>
+ <option><name>Ident</name><value>/usr/local/etc/dansguardian/authplugins/ident.conf</value></option>
+ <option><name>Ip Address</name><value>/usr/local/etc/dansguardian/authplugins/ip.conf</value></option>
+ <option><name>none</name><value></value></option>
+ </options>
</field>
<field>
<fielddescr>Scan Options</fielddescr>
@@ -134,6 +141,18 @@
</options>
</field>
<field>
+ <fielddescr>Lower casing options</fielddescr>
+ <fieldname>preservecase</fieldname>
+ <description><![CDATA[When a document is scanned the uppercase letters are converted to lower case in order to compare them with the phrases.<br>
+ However this can break Big5 and other 16-bit texts. If needed preserve the case.]]></description>
+ <type>select</type>
+ <options>
+ <option><name>Force lower case (default)</name><value>0</value></option>
+ <option><name>Do not change case</name><value>1</value></option>
+ <option><name>Scan first in lower case, then in original case</name><value>2</value></option>
+ </options>
+ </field>
+ <field>
<fielddescr>Phrase filter mode</fielddescr>
<fieldname>phrasefiltermode</fieldname>
<description><![CDATA[Smart, Raw and Meta/Title phrase content filtering options<br>
@@ -149,30 +168,62 @@
<option><name>raw only</name><value>0</value></option>
</options>
</field>
+ <field>
+ <fielddescr>Url cache number</fielddescr>
+ <fieldname>urlcachenumber</fieldname>
+ <type>input</type>
+ <size>10</size>
+ <description><![CDATA[Positive (clean) result caching for URLs Caches good pages so they don't need to be scanned again.It also works with AV plugins.<br>
+ 0 = off (recommended for ISPs with users with disimilar browsing)<br>
+ <strong>1000 = recommended for most user</strong><br>
+ 5000 = suggested max upper limit<br>
+ If you're using an AV plugin then use at least 5000.]]></description>
+ </field>
<field>
- <fielddescr>Lower casing options</fielddescr>
- <fieldname>preservecase</fieldname>
- <description><![CDATA[When a document is scanned the uppercase letters are converted to lower case in order to compare them with the phrases.<br>
- However this can break Big5 and other 16-bit texts. If needed preserve the case.]]></description>
- <type>select</type>
- <options>
- <option><name>Force lower case (default)</name><value>0</value></option>
- <option><name>Do not change case</name><value>1</value></option>
- <option><name>Scan first in lower case, then in original case</name><value>2</value></option>
- </options>
+ <fielddescr>Url cache age</fielddescr>
+ <fieldname>urlcacheage</fieldname>
+ <type>input</type>
+ <size>10</size>
+ <description><![CDATA[Age before cache are stale and should be ignored in seconds<br>
+ <strong>900 = 15 mins(recommended)</strong><br>
+ 0 = never]]></description>
+ </field>
+ <field>
+ <name>SSL man in the middle Filtering</name>
+ <type>listtopic</type>
</field>
- <field>
+ <field>
+ <fielddescr>CA</fielddescr>
+ <fieldname>ca</fieldname>
+ <description><![CDATA[Select Certificate Authority to use when SSL filtering is enabled on Group options<br>
+ To create a CA on pfsense, go to <strong>system -> Cert Manager<strong>]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['ca']]]></source>
+ <source_name>descr</source_name>
+ <source_value>refid</source_value>
+ </field>
+ <field>
+ <fielddescr>Cert</fielddescr>
+ <fieldname>cert</fieldname>
+ <description><![CDATA[Select Certificate pair to use when SSL filtering is enabled on Group options<br>
+ To create a Certificate on pfsense, go to <strong>system -> Cert Manager<strong>]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['cert']]]></source>
+ <source_name>descr</source_name>
+ <source_value>refid</source_value>
+ </field>
+ <field>
<name>Content Scanner</name>
<type>listtopic</type>
</field>
<field>
- <fielddescr>Content Scanners</fielddescr>
+ <fielddescr>Content Scanners (antivirus)</fielddescr>
<fieldname>content_scanners</fieldname>
<description><![CDATA[Content Scanners options. Default values are in ( )]]></description>
<type>select</type>
<options>
- <option><name>clamdscan (on)</name><value>clamdscan</value></option>
- <option><name>icapscan (on)</name><value>icapscan</value></option>
+ <option><name>clamdscan (off)</name><value>/usr/local/etc/dansguardian/contentscanners/clamdscan.conf</value></option>
+ <option><name>icapscan (off)</name><value>/usr/local/etc/dansguardian/contentscanners/icapscan.conf</value></option>
</options>
<multiple/>
<size>3</size>
@@ -196,6 +247,15 @@
Correct use of grey lists are a better idea.]]></description>
</field>
<field>
+ <fielddescr>ICAP URL</fielddescr>
+ <fieldname>contentscannertimeout</fieldname>
+ <type>input</type>
+ <size>40</size>
+ <description><![CDATA[Enter ICAP URL in <strong>icap://icapserver:1344/avscan</strong> format<br>
+ Use hostname rather than IP address and Always specify the port]]></description>
+ </field>
+
+ <field>
<name>Misc settings</name>
<type>listtopic</type>
</field>
diff --git a/config/dansguardian/dansguardian_content_acl.xml b/config/dansguardian/dansguardian_content_acl.xml
new file mode 100755
index 00000000..14524b8d
--- /dev/null
+++ b/config/dansguardian/dansguardian_content_acl.xml
@@ -0,0 +1,160 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ dansguardian_content_acl.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardiancontentacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to Config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_content_acl.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ </tabs>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Group name</fielddescr>
+ <fieldname>name</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Description</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <name>File Access Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description></description>
+ <type>input</type>
+ <size>25</size>
+ </field>
+ <field>
+ <fielddescr>description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <name>Banned</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>content_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>content_regexplist</fieldname>
+ <description><![CDATA[Enter content regexp for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>30</rows>
+ <encoding>base64</encoding>
+ </field>
+</fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_file_acl.xml b/config/dansguardian/dansguardian_file_acl.xml
new file mode 100755
index 00000000..4dba7567
--- /dev/null
+++ b/config/dansguardian/dansguardian_file_acl.xml
@@ -0,0 +1,200 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ dansguardian_file_acl.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardianfileacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to Config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_content_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ </tabs>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Group name</fielddescr>
+ <fieldname>name</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Description</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <name>File Access Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description></description>
+ <type>input</type>
+ <size>25</size>
+ </field>
+ <field>
+ <fielddescr>description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <name>Banned</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>banned_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Extension</fielddescr>
+ <fieldname>banned_extensionlist</fieldname>
+ <description><![CDATA[Enter banned extension List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <fielddescr>Mime</fielddescr>
+ <fieldname>banned_mimetypelist</fieldname>
+ <description><![CDATA[Enter banned mimetype List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Exception</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>exception_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Extension</fielddescr>
+ <fieldname>exception_extensionlist</fieldname>
+ <description><![CDATA[Enter banned extension List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <fielddescr>Mime</fielddescr>
+ <fieldname>exception_mimetypelist</fieldname>
+ <description><![CDATA[Enter banned mimetype List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_filters.xml b/config/dansguardian/dansguardian_filters.xml
deleted file mode 100755
index 42f1c0ae..00000000
--- a/config/dansguardian/dansguardian_filters.xml
+++ /dev/null
@@ -1,241 +0,0 @@
-<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
-<packagegui>
- <copyright>
- <![CDATA[
-/* ========================================================================== */
-/*
- pfblocker_lists.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
- Copyright (C) 2011 Marcello Coutinho
-
- All rights reserved.
-*/
-/* ========================================================================== */
-/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
- <name>pfblockerlists</name>
- <version>1.0</version>
- <title>Firewall: pfBlocker</title>
- <include_file>/usr/local/pkg/pfblocker.inc</include_file>
- <menu>
- <name>pfBlocker </name>
- <tooltiptext></tooltiptext>
- <section>Firewall</section>
- <configfile>pfblocker_lists.xml</configfile>
- </menu>
-<tabs>
- <tab>
- <text>General</text>
- <url>/pkg_edit.php?xml=pfblocker.xml&amp;id=0</url>
- </tab>
- <tab>
- <text>Lists</text>
- <url>/pkg.php?xml=pfblocker_lists.xml</url>
- <active/>
- </tab>
-
- <tab>
- <text>Top Spammers</text>
- <url>/pkg_edit.php?xml=pfblocker_topspammers.xml&amp;id=0</url>
- </tab>
-
- <tab>
- <text>Africa</text>
- <url>/pkg_edit.php?xml=pfblocker_Africa.xml&amp;id=0</url>
-
- </tab>
- <tab>
- <text>Asia</text>
- <url>/pkg_edit.php?xml=pfblocker_Asia.xml&amp;id=0</url>
-
- </tab>
- <tab>
- <text>Europe</text>
- <url>/pkg_edit.php?xml=pfblocker_Europe.xml&amp;id=0</url>
- </tab>
- <tab>
- <text>North America</text>
- <url>/pkg_edit.php?xml=pfblocker_NorthAmerica.xml&amp;id=0</url>
- </tab>
- <tab>
- <text>Oceania</text>
- <url>/pkg_edit.php?xml=pfblocker_Oceania.xml&amp;id=0</url>
- </tab>
- <tab>
- <text>South America</text>
- <url>/pkg_edit.php?xml=pfblocker_SouthAmerica.xml&amp;id=0</url>
- </tab>
- <tab>
- <text>XMLRPC Sync</text>
- <url>/pkg_edit.php?xml=pfblocker_sync.xml&amp;id=0</url>
- </tab>
-</tabs>
- <adddeleteeditpagefields>
- <columnitem>
- <fielddescr>Alias</fielddescr>
- <fieldname>aliasname</fieldname>
- </columnitem>
- <columnitem>
- <fielddescr>Description</fielddescr>
- <fieldname>description</fieldname>
- </columnitem>
-
- <columnitem>
- <fielddescr>Action</fielddescr>
- <fieldname>action</fieldname>
- </columnitem>
- <columnitem>
- <fielddescr>Update Frequency</fielddescr>
- <fieldname>cron</fieldname>
- </columnitem>
- </adddeleteeditpagefields>
- <fields>
- <field>
- <name>Network ranges / CIDR lists</name>
- <type>listtopic</type>
- </field>
- <field>
- <fielddescr>Alias Name</fielddescr>
- <fieldname>aliasname</fieldname>
- <description><![CDATA[Enter lists Alias Names.<br>
- Example: Badguys<br>
- Do not include pfBlocker name, it's done by package.<br>
- <strong>International, special or space caracters will be ignored in pfsense alias name.</strong><br>]]></description>
- <type>input</type>
- <size>20</size>
- </field>
- <field>
- <fielddescr>List Description</fielddescr>
- <fieldname>description</fieldname>
- <type>input</type>
- <size>90</size>
- </field>
- <field>
- <fielddescr><![CDATA[Lists]]></fielddescr>
- <fieldname>none</fieldname>
- <description><![CDATA['Format' - Choose the file format that url will retrieve or local file format.<br>
- 'Url or local file' - Add direct link to list (Example: <a target=_new href='http://list.iblocklist.com/?list=bt_ads&fileformat=p2p&archiveformat=gz'>Ads</a>,
- <a target=_new href='http://list.iblocklist.com/?list=bt_spyware&fileformat=p2p&archiveformat=gz'>Spyware</a>,
- <a target=_new href='http://list.iblocklist.com/?list=bt_proxy&fileformat=p2p&archiveformat=gz'>Proxies</a> )<br>
- <br><strong>Note: </strong><br>
- Compressed lists must be in gz format.<br>
- Downloaded or local file must have only one network per line and could follows PeerBlock syntax or this below:<br>
- Network ranges: <strong>172.16.1.0-172.16.1.255</strong><br>
- IP Address: <strong>172.16.1.10</strong><br>
- CIDR: <strong>172.16.1.0/24</strong>
- ]]></description>
- <type>rowhelper</type>
- <rowhelper>
- <rowhelperfield>
- <fielddescr>Format</fielddescr>
- <fieldname>format</fieldname>
- <type>select</type>
- <options>
- <option><name>gz</name><value>gz</value></option>
- <option><name>txt</name><value>txt</value></option>
- </options>
- </rowhelperfield>
- <rowhelperfield>
- <fielddescr>Url or localfile</fielddescr>
- <fieldname>url</fieldname>
- <type>input</type>
- <size>75</size>
- </rowhelperfield>
- </rowhelper>
- </field>
- <field>
- <fielddescr>List Action</fielddescr>
- <description><![CDATA[Default:<strong>Deny Inbound</strong><br>
- Select action for network on lists you have selected.<br><br>
- <strong>Note: </strong><br>'Deny Both' - Will deny access on Both directions.<br>
- 'Deny Inbound' - Will deny access from selected lists to your network.<br>
- 'Deny Outbound' - Will deny access from your users to ip lists you selected to block.<br>
- 'Permit Inbound' - Will allow access from selected lists to your network.<br>
- 'Permit Outbound' - Will allow access from your users to ip lists you selected to block.<br>
- 'Disabled' - Will just keep selection and do nothing to selected Lists.<br>
- 'Alias Only' - Will create an alias with selected Lists to help custom rule assignments.<br><br>
- <strong>While creating rules with this list, keep aliasname in the beggining of rule description and do not end description with 'rule'.<br></strong>
- custom rules with 'Aliasname something rule' description will be removed by package.]]></description>
- <fieldname>action</fieldname>
- <type>select</type>
- <options>
- <option><name>Deny Inbound</name><value>Deny_Inbound</value></option>
- <option><name>Deny Outbound</name><value>Deny_Outbound</value></option>
- <option><name>Deny Both</name><value>Deny_Both</value></option>
- <option><name>Permit Inbound</name><value>Permit_Inbound</value></option>
- <option><name>Permit Outbound</name><value>Permit_Outbound</value></option>
- <option><name>Alias only</name><value>Alias_only</value></option>
- <option><name>Disabled</name><value>Disabled</value></option>
- </options>
- </field>
- <field>
- <fielddescr>Update frequency</fielddescr>
- <fieldname>cron</fieldname>
- <description><![CDATA[Default:<strong>Never</strong><br>
- Select how often pfsense will download List files]]></description>
- <type>select</type>
- <options>
- <option><name>Never</name><value>Never</value></option>
- <option><name>Every Hour</name><value>01hour</value></option>
- <option><name>Every 4 Hours</name><value>04hours</value></option>
- <option><name>Every 12 Hours</name><value>12hours</value></option>
- <option><name>Once a day</name><value>EveryDay</value></option>
- </options>
- </field>
- <field>
- <name>Custom list</name>
- <type>listtopic</type>
- </field>
- <field>
- <fielddescr>CIDR</fielddescr>
- <fieldname>custom</fieldname>
- <description><![CDATA[Enter networks you want to include in this alias. One network per line in CIDR format.<br>
- Example: 192.168.1.0/24]]></description>
- <type>textarea</type>
- <cols>50</cols>
- <rows>10</rows>
- <encoding>base64</encoding>
- </field>
- </fields>
- <custom_php_install_command>
- pfblocker_php_install_command();
- </custom_php_install_command>
- <custom_php_deinstall_command>
- pfblocker_php_deinstall_command();
- </custom_php_deinstall_command>
- <custom_php_validation_command>
- pfblocker_validate_input($_POST, &amp;$input_errors);
- </custom_php_validation_command>
- <custom_php_resync_config_command>
- sync_package_pfblocker();
- </custom_php_resync_config_command>
-</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_lists.xml b/config/dansguardian/dansguardian_groups.xml
index e78658cd..4f56601f 100755
--- a/config/dansguardian/dansguardian_lists.xml
+++ b/config/dansguardian/dansguardian_groups.xml
@@ -6,7 +6,7 @@
<![CDATA[
/* ========================================================================== */
/*
- dansguardian_lists.xml
+ dansguardian_groups.xml
part of pfSense (http://www.pfSense.com)
Copyright (C) 2012 Marcello Coutinho
@@ -41,7 +41,7 @@
<description>Describe your package here</description>
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
- <name>dansguardianlists</name>
+ <name>dansguardiangroups</name>
<version>1.0</version>
<title>Services: Dansguardian</title>
<include_file>/usr/local/pkg/dansguardian.inc</include_file>
@@ -59,12 +59,24 @@
<url>/pkg_edit.php?xml=dansguardian_limits.xml&amp;id=0</url>
</tab>
<tab>
- <text>Filter Groups</text>
- <url>/pkg.php?xml=dansguardian_lists.xml</url>
+ <text>Blacklist</text>
+ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Access Lists</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
<active/>
</tab>
<tab>
- <text>Report and Log</text>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ <tab>
+ <text>Report and log</text>
<url>/pkg_edit.php?xml=dansguardian_log.xml&amp;id=0</url>
</tab>
<tab>
@@ -72,8 +84,8 @@
<url>/pkg_edit.php?xml=dansguardian_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
- <url>/pkg_edit.php?xml=dansguardian.php&amp;id=0</url>
+ <text>Help</text>
+ <url>/dansguardian_about.php</url>
</tab>
</tabs>
<adddeleteeditpagefields>
@@ -90,15 +102,6 @@
<fielddescr>Description</fielddescr>
<fieldname>description</fieldname>
</columnitem>
-
- <columnitem>
- <fielddescr>Action</fielddescr>
- <fieldname>action</fieldname>
- </columnitem>
- <columnitem>
- <fielddescr>Update Frequency</fielddescr>
- <fieldname>cron</fieldname>
- </columnitem>
</adddeleteeditpagefields>
<fields>
<field>
@@ -107,17 +110,120 @@
</field>
<field>
<fielddescr>Filter Group Name</fielddescr>
- <fieldname>groupname</fieldname>
- <description><![CDATA[Enter lists Alias Names.<br>
- Example: Badguys<br>
- Do not include pfBlocker name, it's done by package.<br>
- <strong>International, special or space caracters will be ignored in pfsense alias name.</strong><br>]]></description>
+ <fieldname>name</fieldname>
+ <description><![CDATA[Enter Group Names.]]></description>
<type>input</type>
<size>20</size>
</field>
+ <field>
+ <fielddescr>List Description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>60</size>
+ </field>
+ <field>
+ <name>Acess Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Group Options</fielddescr>
+ <fieldname>group_options</fieldname>
+ <description><![CDATA[Select options to apply on this group. Default values are in ( )]]></description>
+ <type>select</type>
+ <options>
+ <option><name>Scan clean cache (on)</name><value>scancleancache</value></option>
+ <option><name>Hex decode content (off)</name><value>hexdecodecontent</value></option>
+ <option><name>Block Download not in Exception Lists (off)</name><value>blockdownloads</value></option>
+ <option><name>Enable PICS rating support (off)</name><value>enablepics</value></option>
+ <option><name>Enable Deep URL Analysis (off)</name><value>deepurlanalysis</value></option>
+ <option><name>Infection/Scan Error Bypass on Scan Errors Only (on)</name><value>infectionbypasserrorsonly</value></option>
+ <option><name>Disable content scanning (off)</name><value>disablecontentscan</value></option>
+ <option><name>Check servers ssl certificates (off)</name><value>sslcertcheck</value></option>
+ <option><name>Filter ssl sites forging SSL Certificates (off)</name><value>sslmitm</value></option>
+ </options>
+ <multiple/>
+ <size>10</size>
+ </field>
+
+ <field>
+ <fielddescr>Pics</fielddescr>
+ <fieldname>picsacl</fieldname>
+ <description><![CDATA[Select Pics Access List to apply on this group.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianpicsacl']['config']]]></source>
+ <source_name>name</source_name>
+ <source_value>name</source_value>
+ </field>
+ <field>
+ <fielddescr>Phrase</fielddescr>
+ <fieldname>phraseacl</fieldname>
+ <description><![CDATA[Select Phrase ACL to apply on this group.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianphraseacl']['config']]]></source>
+ <source_name>name</source_name>
+ <source_value>name</source_value>
+ </field>
+ <field>
+ <fielddescr>Site</fielddescr>
+ <fieldname>siteacl</fieldname>
+ <description><![CDATA[Select Site Access List to apply on this group.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardiansiteacl']['config']]]></source>
+ <source_name>name</source_name>
+ <source_value>name</source_value>
+ </field>
+ <field>
+ <fielddescr>URL</fielddescr>
+ <fieldname>urlacl</fieldname>
+ <description><![CDATA[Select URL Access List to apply on this group.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianurlacl']['config']]]></source>
+ <source_name>name</source_name>
+ <source_value>name</source_value>
+ </field>
+ <field>
+ <fielddescr>Extension</fielddescr>
+ <fieldname>extensionacl</fieldname>
+ <description><![CDATA[Select Extension Access List to apply on this group.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianfileacl']['config']]]></source>
+ <source_name>name</source_name>
+ <source_value>name</source_value>
+ </field>
+ <field>
+ <fielddescr>Header</fielddescr>
+ <fieldname>headeracl</fieldname>
+ <description><![CDATA[Select Header Access List to apply on this group.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianheaderacl']['config']]]></source>
+ <source_name>name</source_name>
+ <source_value>name</source_value>
+ </field>
+ <field>
+ <fielddescr>Content</fielddescr>
+ <fieldname>contentacl</fieldname>
+ <description><![CDATA[Select Content Access List to apply on this group.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardiancontentacl']['config']]]></source>
+ <source_name>name</source_name>
+ <source_value>name</source_value>
+ </field>
+ <field>
+ <fielddescr>Search</fielddescr>
+ <fieldname>searchacl</fieldname>
+ <description><![CDATA[Select Search Access list to apply on this group.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardiansearchacl']['config']]]></source>
+ <source_name>name</source_name>
+ <source_value>name</source_value>
+ </field>
+ <field>
+ <name>Values</name>
+ <type>listtopic</type>
+ </field>
<field>
<fielddescr>Filter Group Mode</fielddescr>
- <fieldname>groupmode</fieldname>
+ <fieldname>mode</fieldname>
<description><![CDATA[ This option determines whether members of this group have their web access unfiltered, filtered, or banned.<br>
This mechanism replaces the "banneduserlist"]]></description>
<type>select</type>
@@ -127,19 +233,9 @@
<option><name>banned</name><value>0</value></option>
</options>
</field>
- <field>
- <fielddescr>List Description</fielddescr>
- <fieldname>description</fieldname>
- <type>input</type>
- <size>90</size>
- </field>
- <field>
- <name>Values</name>
- <type>listtopic</type>
- </field>
<field>
<fielddescr>Reporting Level</fielddescr>
- <fieldname>report_level</fieldname>
+ <fieldname>reportinglevel</fieldname>
<description><![CDATA[Web Access Denied Reporting (does not affect logging)<br>
If defined, this overrides the global setting in dansguardian.conf for members of this filter group.]]></description>
<type>select</type>
@@ -154,10 +250,15 @@
<field>
<fielddescr>Weighted phrase mode</fielddescr>
<fieldname>weightedphrasemode</fieldname>
- <description><![CDATA[Optional; overrides the weightedphrasemode option in dansguardian.conf for this particular group.<br>
- See documentation for supported values in that file.]]></description>
- <type>input</type>
- <size>10</size>
+ <description><![CDATA[IMPORTANT: Note that setting this to "0" turns off all features which extract phrases from page content,
+ including banned & exception phrases (not just weighted), search term filtering, and scanning for links to banned URLs.]]></description>
+ <type>select</type>
+ <options>
+ <option><name>Use Weighted phrase mode value from general config</name><value>default</value></option>
+ <option><name>Singular = each weighted phrase found only counts once on a page.</name><value>2</value></option>
+ <option><name>Normal = normal weighted phrase operation.</name><value>1</value></option>
+ <option><name>Off = do not use the weighted phrase feature.</name><value>0</value></option>
+ </options>
</field>
<field>
<fielddescr>Naughtiness limite</fielddescr>
@@ -223,107 +324,17 @@
<type>input</type>
<size>10</size>
</field>
- <field>
- <name>Lists</name>
- <type>listtopic</type>
- </field>
- <field>
- <fielddescr>Group Options</fielddescr>
- <fieldname>group_options</fieldname>
- <description><![CDATA[Select options to apply on this group. Default values are in ( )]]></description>
- <type>select</type>
- <options>
- <option><name>Scan clean cache (on)</name><value>scancleancache</value></option>
- <option><name>Hex decode content (off)</name><value>hexdecodecontent</value></option>
- <option><name>Block Download not in Exception Lists (off)</name><value>blockdownloads</value></option>
- <option><name>Enable PICS rating support (off)</name><value>enablepics</value></option>
- <option><name>Enable Deep URL Analysis (off)</name><value>deepurlanalysis</value></option>
- <option><name>Infection/Scan Error Bypass on Scan Errors Only (on)</name><value>infectionbypasserrorsonly</value></option>
- <option><name>Disable content scanning (off)</name><value>disablecontentscan</value></option>
- <option><name>Check servers ssl certificates (off)</name><value>sslcertcheck</value></option>
- <option><name>Filter ssl sites forging SSL Certificates (off)</name><value>sslmitm</value></option>
- </options>
- <multiple/>
- <size>10</size>
- </field>
- <field>
- <fielddescr>Content filtering</fielddescr>
- <fieldname>group_options</fieldname>
- <description><![CDATA[Select List you want to apply on this group.]]></description>
- <type>select</type>
- <options>
- <option><name>Banned Phrase List</name><value>bannedphraselist</value></option>
- <option><name>Weighted Phrase List</name><value>weightedphraselist</value></option>
- <option><name>Exception Phrase List</name><value>exceptionphraselist</value></option>
- <option><name>Banned Site List</name><value>bannedsitelist</value></option>
- <option><name>Grey Site List</name><value>greysitelist</value></option>
- <option><name>Exception Site List</name><value>exceptionsitelist</value></option>
- <option><name>Grey Url List</name><value>greyurllist</value></option>
- <option><name>Exception Url List</name><value>exceptionurllist</value></option>
- <option><name>Exception Regexp Url List</name><value>exceptionregexpurllist</value></option>
- <option><name>Banned Regexp Url List</name><value>bannedregexpurllist</value></option>
- <option><name>Content Regexp List</name><value>contentregexplist</value></option>
- <option><name>Pics File</name><value>picsfile</value></option>
- <option><name>Url Regexp List</name><value>urlregexplist</value></option>
- </options>
- <multiple/>
- <size>14</size>
- </field>
- <field>
- <fielddescr>File type filtering</fielddescr>
- <fieldname>file_options</fieldname>
- <description><![CDATA[Select List you want to apply on this group.]]></description>
- <type>select</type>
- <options>
- <option><name>Exception Extension List</name><value>exceptionextensionlist</value></option>
- <option><name>Exception Mime Type List</name><value>exceptionmimetypelist</value></option>
- <option><name>Exception Phrase List</name><value>exceptionphraselist</value></option>
- <option><name>Banned Extension List</name><value>bannedextensionlist</value></option>
- <option><name>Banned Mime Type List</name><value>bannedmimetypelist</value></option>
- <option><name>Exception File Site ist</name><value>exceptionfileurllist</value></option>
- </options>
- <multiple/>
- <size>7</size>
- </field>
- <field>
- <fielddescr>search engine filtering</fielddescr>
- <fieldname>file_options</fieldname>
- <description><![CDATA[Select search engine filtering you want to apply on this group.]]></description>
- <type>select</type>
- <options>
- <option><name>Search Engine Regexp List</name><value>searchengineregexplist</value></option>
- <option><name>Banned Search Termlist</name><value>exceptionmimetypelist</value></option>
- <option><name>Weightd Search Term List</name><value>weightedsearchtermlist</value></option>
- <option><name>Exception Search Term List</name><value>exceptionsearchtermlist</value></option>
- </options>
- <multiple/>
- <size>5</size>
- </field>
- <field>
- <name>Custom list</name>
- <type>listtopic</type>
- </field>
- <field>
- <fielddescr>CIDR</fielddescr>
- <fieldname>custom</fieldname>
- <description><![CDATA[Enter networks you want to include in this alias. One network per line in CIDR format.<br>
- Example: 192.168.1.0/24]]></description>
- <type>textarea</type>
- <cols>50</cols>
- <rows>10</rows>
- <encoding>base64</encoding>
- </field>
</fields>
<custom_php_install_command>
- pfblocker_php_install_command();
+ dansguardian_php_install_command();
</custom_php_install_command>
<custom_php_deinstall_command>
- pfblocker_php_deinstall_command();
+ dansguardian_php_deinstall_command();
</custom_php_deinstall_command>
<custom_php_validation_command>
- pfblocker_validate_input($_POST, &amp;$input_errors);
+ dansguardian_validate_input($_POST, &amp;$input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
- sync_package_pfblocker();
+ sync_package_dansguardian();
</custom_php_resync_config_command>
</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_header_acl.xml b/config/dansguardian/dansguardian_header_acl.xml
new file mode 100755
index 00000000..2a07af24
--- /dev/null
+++ b/config/dansguardian/dansguardian_header_acl.xml
@@ -0,0 +1,180 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ dansguardian_header_acl.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardianheaderacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to Config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_content_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ </tabs>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Group name</fielddescr>
+ <fieldname>name</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Description</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <name>Header Access Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description></description>
+ <type>input</type>
+ <size>25</size>
+ </field>
+ <field>
+ <fielddescr>description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <name>Banned</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>banned_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>banned_regexpheaderlist</fieldname>
+ <description><![CDATA[Enter banned regexp header List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Replace</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>regexp_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>header_regexplist</fieldname>
+ <description><![CDATA[Enter header regexp replace List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_limits.xml b/config/dansguardian/dansguardian_limits.xml
index 2a1be7d6..e28393a1 100644
--- a/config/dansguardian/dansguardian_limits.xml
+++ b/config/dansguardian/dansguardian_limits.xml
@@ -61,11 +61,23 @@
<active/>
</tab>
<tab>
- <text>Filter Groups</text>
- <url>/pkg.php?xml=dansguardian_lists.xml</url>
+ <text>Blacklist</text>
+ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
</tab>
<tab>
- <text>Report and Log</text>
+ <text>Access Lists</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ <tab>
+ <text>Report and log</text>
<url>/pkg_edit.php?xml=dansguardian_log.xml&amp;id=0</url>
</tab>
<tab>
@@ -73,8 +85,8 @@
<url>/pkg_edit.php?xml=dansguardian_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
- <url>/pkg_edit.php?xml=dansguardian.php&amp;id=0</url>
+ <text>Help</text>
+ <url>/dansguardian_about.php</url>
</tab>
</tabs>
<fields>
diff --git a/config/dansguardian/dansguardian_log.xml b/config/dansguardian/dansguardian_log.xml
index 386fe159..ceb7ccb0 100644
--- a/config/dansguardian/dansguardian_log.xml
+++ b/config/dansguardian/dansguardian_log.xml
@@ -60,11 +60,23 @@
<url>/pkg_edit.php?xml=dansguardian_limits.xml&amp;id=0</url>
</tab>
<tab>
- <text>Filter Groups</text>
- <url>/pkg.php?xml=dansguardian_lists.xml</url>
+ <text>Blacklist</text>
+ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
</tab>
<tab>
- <text>Report and Log</text>
+ <text>Access Lists</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+ <tab>
+ <text>Report and log</text>
<url>/pkg_edit.php?xml=dansguardian_log.xml&amp;id=0</url>
<active/>
</tab>
@@ -73,8 +85,8 @@
<url>/pkg_edit.php?xml=dansguardian_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
- <url>/pkg_edit.php?xml=dansguardian.php&amp;id=0</url>
+ <text>Help</text>
+ <url>/dansguardian_about.php</url>
</tab>
</tabs>
<fields>
diff --git a/config/dansguardian/dansguardian_phrase_acl.xml b/config/dansguardian/dansguardian_phrase_acl.xml
new file mode 100755
index 00000000..1d49ef9e
--- /dev/null
+++ b/config/dansguardian/dansguardian_phrase_acl.xml
@@ -0,0 +1,223 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ dansguardian_phrase_acl.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardianphraseacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to Config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_content_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+</tabs>
+<adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Access List name</fielddescr>
+ <fieldname>name</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Access List Descriptions</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <name>Phrase Access List</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description></description>
+ <type>input</type>
+ <size>25</size>
+ </field>
+ <field>
+ <fielddescr>Description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <name>Banned Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>banned_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Include</fielddescr>
+ <fieldname>banned_includes</fieldname>
+ <description><![CDATA[Select Include files to banned phrase filter.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianphraselistsbanned']['config']]]></source>
+ <source_name>descr</source_name>
+ <source_value>file</source_value>
+ <multiple/>
+ <size>10</size>
+ </field>
+ <field>
+ <fielddescr>Config file</fielddescr>
+ <fieldname>banned_phraselist</fieldname>
+ <description><![CDATA[Enter Banned Pharase List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Weighted Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>weighted_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Include</fielddescr>
+ <fieldname>weighted_includes</fieldname>
+ <description><![CDATA[Select Include files to weighted phrase filter.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianphraselistsweighted']['config']]]></source>
+ <source_name>descr</source_name>
+ <source_value>file</source_value>
+ <multiple/>
+ <size>20</size>
+ </field>
+ <field>
+ <fielddescr>Config file</fielddescr>
+ <fieldname>weighted_phraselist</fieldname>
+ <description><![CDATA[Enter Weighted Pharase List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Exception Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>exception_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+
+ <field>
+ <fielddescr>Config file</fielddescr>
+ <fieldname>exception_phraselist</fieldname>
+ <description><![CDATA[Enter exception Pharase List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_pics_acl.xml b/config/dansguardian/dansguardian_pics_acl.xml
new file mode 100644
index 00000000..016d360e
--- /dev/null
+++ b/config/dansguardian/dansguardian_pics_acl.xml
@@ -0,0 +1,157 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ dansguardian_limits.xml
+ part of the dansguardian for pfSense
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardianpicsacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to Config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_content_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+</tabs>
+<adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Access List Name</fielddescr>
+ <fieldname>name</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Access List Description</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+</adddeleteeditpagefields>
+ <fields>
+ <field>
+ <name>Pics</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description></description>
+ <type>input</type>
+ <size>25</size>
+ </field>
+ <field>
+ <fielddescr>description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>pics_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>pics</fieldname>
+ <description><![CDATA[Enter pics config for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>70</rows>
+ <encoding>base64</encoding>
+ </field>
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui>
diff --git a/config/dansguardian/dansguardian_search_acl.xml b/config/dansguardian/dansguardian_search_acl.xml
new file mode 100755
index 00000000..8ed714f3
--- /dev/null
+++ b/config/dansguardian/dansguardian_search_acl.xml
@@ -0,0 +1,217 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ dansguardian_search_acl.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardiansearchacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to Config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_content_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+</tabs>
+<adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Access List Name</fielddescr>
+ <fieldname>name</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Access List Description</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <name>Description</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description></description>
+ <type>input</type>
+ <size>25</size>
+ </field>
+ <field>
+ <fielddescr>description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <name>Banned</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>banned_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>banned_searchtermlist</fieldname>
+ <description><![CDATA[Enter banned Search engine regexp List for this group.]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Exception</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>exception_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>exception_searchtermlist</fieldname>
+ <description><![CDATA[Enter exception search term List for this group.]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Weighted</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>weighted_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>weighted_searchtermlist</fieldname>
+ <description><![CDATA[Enter Search engine weighted List for this group.]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Regexp</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>regexp_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>searchengineregexplist</fieldname>
+ <description><![CDATA[Enter Search engine regexp List for this group.]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_site_acl.xml b/config/dansguardian/dansguardian_site_acl.xml
new file mode 100755
index 00000000..69f4fa80
--- /dev/null
+++ b/config/dansguardian/dansguardian_site_acl.xml
@@ -0,0 +1,253 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ dansguardian_site_acl.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardiansiteacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to Config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_content_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+</tabs>
+<adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Access List Name</fielddescr>
+ <fieldname>name</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Access List Description</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <name>Site Access Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description></description>
+ <type>input</type>
+ <size>25</size>
+ </field>
+ <field>
+ <fielddescr>description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <name>Banned</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>bannedsite_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Include</fielddescr>
+ <fieldname>banned_includes</fieldname>
+ <description><![CDATA[Select Include files to banned phrase filter.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianblacklistsdomains']['config']]]></source>
+ <source_name>descr</source_name>
+ <source_value>file</source_value>
+ <multiple/>
+ <size>20</size>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>banned_sitelist</fieldname>
+ <description><![CDATA[Enter Banned Site List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Grey</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>greysite_enable</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>grey_sitelist</fieldname>
+ <description><![CDATA[Enter Weighted Site List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Exception</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>exceptionsite_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Include</fielddescr>
+ <fieldname>exception_includes</fieldname>
+ <description><![CDATA[Select Include files to exception site lists.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianwhitelistsdomains']['config']]]></source>
+ <source_name>descr</source_name>
+ <source_value>file</source_value>
+ <multiple/>
+ <size>5</size>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>exception_sitelist</fieldname>
+ <description><![CDATA[Enter exception Site List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <fielddescr>File</fielddescr>
+ <fieldname>exceptionfile_sitelist</fieldname>
+ <description><![CDATA[Enter exception File Site List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Log</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>logsite_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>log_sitelist</fieldname>
+ <description><![CDATA[Enter log only site List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_sync.xml b/config/dansguardian/dansguardian_sync.xml
index 9fb69102..22e4a879 100755
--- a/config/dansguardian/dansguardian_sync.xml
+++ b/config/dansguardian/dansguardian_sync.xml
@@ -59,8 +59,20 @@
<url>/pkg_edit.php?xml=dansguardian_limits.xml&amp;id=0</url>
</tab>
<tab>
- <text>Filter Groups</text>
- <url>/pkg.php?xml=dansguardian_lists.xml</url>
+ <text>Blacklist</text>
+ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Access Lists</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
</tab>
<tab>
<text>Report and Log</text>
@@ -72,8 +84,8 @@
<active/>
</tab>
<tab>
- <text>About</text>
- <url>/pkg_edit.php?xml=dansguardian.php&amp;id=0</url>
+ <text>Help</text>
+ <url>/dansguardian_about.php</url>
</tab>
</tabs>
<fields>
diff --git a/config/dansguardian/dansguardian_url_acl.xml b/config/dansguardian/dansguardian_url_acl.xml
new file mode 100755
index 00000000..e7fdba14
--- /dev/null
+++ b/config/dansguardian/dansguardian_url_acl.xml
@@ -0,0 +1,293 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ dansguardian_url_acl.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardianurlacl</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian - Access Lists</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Back to Config</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Antivirus</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Pics</text>
+ <url>/pkg.php?xml=dansguardian_pics_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Phase</text>
+ <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Site</text>
+ <url>/pkg.php?xml=dansguardian_site_acl.xml</url>
+ </tab>
+ <tab>
+ <text>URL</text>
+ <url>/pkg.php?xml=dansguardian_url_acl.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Extension</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Content</text>
+ <url>/pkg.php?xml=dansguardian_file_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Header</text>
+ <url>/pkg.php?xml=dansguardian_header_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Searche Engine</text>
+ <url>/pkg.php?xml=dansguardian_search_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ </tab>
+</tabs>
+<adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Access List Name</fielddescr>
+ <fieldname>name</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Access List Description</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <name>URL Access Lists</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description></description>
+ <type>input</type>
+ <size>25</size>
+ </field>
+ <field>
+ <fielddescr>description</fielddescr>
+ <fieldname>description</fieldname>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ <field>
+ <name>Banned</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>bannedurl_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Include</fielddescr>
+ <fieldname>banned_includes</fieldname>
+ <description><![CDATA[Select Include files to URL phrase filter.]]></description>
+ <type>select_source</type>
+ <source><![CDATA[$config['installedpackages']['dansguardianblacklistsurls']['config']]]></source>
+ <source_name>descr</source_name>
+ <source_value>file</source_value>
+ <multiple/>
+ <size>20</size>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>banned_urllist</fieldname>
+ <description><![CDATA[Enter Banned Url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <fielddescr>Regexp</fielddescr>
+ <fieldname>bannedregexp_urllist</fieldname>
+ <description><![CDATA[Enter Banned Regex Url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+
+ <field>
+ <name>Grey</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>greyurl_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Grey</fielddescr>
+ <fieldname>grey_urllist</fieldname>
+ <description><![CDATA[Enter Gray url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Exception</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>exceptionurl_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>Config</fielddescr>
+ <fieldname>exception_urllist</fieldname>
+ <description><![CDATA[Enter exception url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <fielddescr>regexp</fielddescr>
+ <fieldname>exceptionregexp_urllist</fieldname>
+ <description><![CDATA[Enter exception regex url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <fielddescr>file</fielddescr>
+ <fieldname>exceptionfile_urllist</fieldname>
+ <description><![CDATA[Enter exception file url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Modify</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>contenturl_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>modify_urllist</fieldname>
+ <description><![CDATA[Enter Exception url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <name>Log</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>logurl_enabled</fieldname>
+ <type>checkbox</type>
+ <description></description>
+ </field>
+ <field>
+ <fielddescr>config</fielddescr>
+ <fieldname>log_urllist</fieldname>
+ <description><![CDATA[Enter log only url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
+ <fielddescr>regexp</fielddescr>
+ <fieldname>logregexp_urllist</fieldname>
+ <description><![CDATA[Enter log only regexp url List for this group.<br>
+ Leave empty to load dansguardian defaults]]></description>
+ <type>textarea</type>
+ <cols>80</cols>
+ <rows>10</rows>
+ <encoding>base64</encoding>
+ </field>
+
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/dansguardian/dansguardian_users_footer.xml b/config/dansguardian/dansguardian_users_footer.xml
new file mode 100644
index 00000000..1288b919
--- /dev/null
+++ b/config/dansguardian/dansguardian_users_footer.xml
@@ -0,0 +1,14 @@
+ </fields>
+ <custom_php_install_command>
+ dansguardian_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ dansguardian_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ dansguardian_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_dansguardian();
+ </custom_php_resync_config_command>
+</packagegui>
diff --git a/config/dansguardian/dansguardian_users_header.xml b/config/dansguardian/dansguardian_users_header.xml
new file mode 100644
index 00000000..921d7ebf
--- /dev/null
+++ b/config/dansguardian/dansguardian_users_header.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ dansguardian_users.xml
+ part of the dansguardian for pfSense
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>dansguardianusers</name>
+ <version>1.0</version>
+ <title>Services: Dansguardian</title>
+ <include_file>/usr/local/pkg/dansguardian.inc</include_file>
+ <tabs><tab>
+ <text>Daemon</text>
+ <url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>General</text>
+ <url>/pkg_edit.php?xml=dansguardian_config.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Limits</text>
+ <url>/pkg_edit.php?xml=dansguardian_limits.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Blacklist</text>
+ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Access Lists</text>
+ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Groups</text>
+ <url>/pkg.php?xml=dansguardian_groups.xml</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg_edit.php?xml=dansguardian_users.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Report and log</text>
+ <url>/pkg_edit.php?xml=dansguardian_log.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>XMLRPC Sync</text>
+ <url>/pkg_edit.php?xml=dansguardian_sync.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Help</text>
+ <url>/dansguardian_about.php</url>
+ </tab>
+</tabs>
+ <fields>
diff --git a/config/dansguardian/dansguardianfx.conf.template b/config/dansguardian/dansguardianfx.conf.template
new file mode 100644
index 00000000..cb811e21
--- /dev/null
+++ b/config/dansguardian/dansguardianfx.conf.template
@@ -0,0 +1,382 @@
+<?php
+/*
+ dansguardianfx.conf.template
+ part of the Dansguardian package for pfSense
+ Copyright (C) 2012 Marcello Coutinho
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+*/
+
+$dgf= <<<EOF
+# DansGuardian filter group config file for version 2.12.0.0
+
+
+# Filter group mode
+# This option determines whether members of this group have their web access
+# unfiltered, filtered, or banned. This mechanism replaces the "banneduserlist"
+# and "exceptionuserlist" files from previous versions.
+#
+# 0 = banned
+# 1 = filtered
+# 2 = unfiltered (exception)
+#
+# Only filter groups with a mode of 1 need to define phrase, URL, site, extension,
+# mimetype and PICS lists; in other modes, these options are ignored to conserve
+# memory.
+#
+# Defaults to 0 if unspecified.
+# Unauthenticated users are treated as being in the first filter group.
+groupmode = {$dansguardian_groups['mode']}
+
+# Filter group name
+# Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
+# name the group in the access logs
+# Defaults to empty string
+groupname = '{$dansguardian_groups['name']}'
+
+# Content filtering files location
+bannedphraselist = '/usr/local/etc/dansguardian/lists/weightedphraselist.{$dansguardian_groups['phraseacl']}'
+weightedphraselist = '/usr/local/etc/dansguardian/lists/weightedphraselist.{$dansguardian_groups['phraseacl']}'
+exceptionphraselist = '/usr/local/etc/dansguardian/lists/exceptionphraselist.{$dansguardian_groups['phraseacl']}'
+bannedsitelist = '/usr/local/etc/dansguardian/lists/bannedsitelist.{$dansguardian_groups['siteacl']}'
+greysitelist = '/usr/local/etc/dansguardian/lists/greysitelist.{$dansguardian_groups['siteacl']}'
+exceptionsitelist = '/usr/local/etc/dansguardian/lists/exceptionsitelist.{$dansguardian_groups['siteacl']}'
+bannedurllist = '/usr/local/etc/dansguardian/lists/bannedurllist.{$dansguardian_groups['urlacl']}'
+greyurllist = '/usr/local/etc/dansguardian/lists/greyurllist.{$dansguardian_groups['urlacl']}'
+exceptionurllist = '/usr/local/etc/dansguardian/lists/exceptionurllist.{$dansguardian_groups['urlacl']}'
+exceptionregexpurllist = '/usr/local/etc/dansguardian/lists/exceptionregexpurllist.{$dansguardian_groups['urlacl']}'
+bannedregexpurllist = '/usr/local/etc/dansguardian/lists/bannedregexpurllist.{$dansguardian_groups['urlacl']}'
+picsfile = '/usr/local/etc/dansguardian/lists/{$dansguardian_groups['picsacl']}'
+contentregexplist = '/usr/local/etc/dansguardian/lists/contentregexplist.{$dansguardian_groups['contentacl']}'
+urlregexplist = '/usr/local/etc/dansguardian/lists/urlregexplist.{$dansguardian_groups['urlacl']}'
+
+# Filetype filtering
+#
+# Blanket download blocking
+# If enabled, all files will be blocked, unless they match the
+# exceptionextensionlist or exceptionmimetypelist.
+# These lists do not override virus scanning.
+# Exception lists defined above override all types of filtering, including
+# the blanket download block.
+# Defaults to disabled.
+# (on | off)
+#
+blockdownloads = {$dansguardian_groups['blockdownloads']}
+exceptionextensionlist = '/usr/local/etc/dansguardian/lists/exceptionextensionlist.{$dansguardian_groups['extensionacl']}'
+exceptionmimetypelist = '/usr/local/etc/dansguardian/lists/exceptionmimetypelist.{$dansguardian_groups['extensionacl']}'
+#
+# Use the following lists to block specific kinds of file downloads.
+# The two exception lists above can be used to override these.
+#
+bannedextensionlist = '/usr/local/etc/dansguardian/lists/bannedextensionlist.{$dansguardian_groups['extensionacl']}'
+bannedmimetypelist = '/usr/local/etc/dansguardian/lists/bannedmimetypelist.{$dansguardian_groups['extensionacl']}'
+#
+# In either file filtering mode, the following list can be used to override
+# MIME type & extension blocks for particular domains & URLs (trusted download sites).
+#
+exceptionfilesitelist = '/usr/local/etc/dansguardian/lists/exceptionfilesitelist.{$dansguardian_groups['siteacl']}'
+exceptionfileurllist = '/usr/local/etc/dansguardian/lists/exceptionfileurllist.{$dansguardian_groups['urlacl']}'
+
+# Categorise without blocking:
+# Supply categorised lists here and the category string shall be logged against
+# matching requests, but matching these lists does not perform any filtering
+# action.
+logsitelist = '/usr/local/etc/dansguardian/lists/logsitelist.{$dansguardian_groups['siteacl']}'
+logurllist = '/usr/local/etc/dansguardian/lists/logurllist.{$dansguardian_groups['urlacl']}'
+logregexpurllist = '/usr/local/etc/dansguardian/lists/logregexpurllist.{$dansguardian_groups['urlacl']}'
+
+# Outgoing HTTP header rules:
+# Optional lists for blocking based on, and modification of, outgoing HTTP
+# request headers. Format for headerregexplist is one modification rule per
+# line, similar to content/URL modifications. Format for
+# bannedregexpheaderlist is one regular expression per line, with matching
+# headers causing a request to be blocked.
+# Headers are matched/replaced on a line-by-line basis, not as a contiguous
+# block.
+# Use for example, to remove cookies or prevent certain user-agents.
+headerregexplist = '/usr/local/etc/dansguardian/lists/headerregexplist.{$dansguardian_groups['headeracl']}'
+bannedregexpheaderlist = '/usr/local/etc/dansguardian/lists/bannedregexpheaderlist.{$dansguardian_groups['headeracl']}'
+
+# Weighted phrase mode
+# Optional; overrides the weightedphrasemode option in dansguardian.conf
+# for this particular group. See documentation for supported values in
+# that file.
+weightedphrasemode = {$dansguardian_groups['weightedphrasemode']}
+
+# Naughtiness limit
+# This the limit over which the page will be blocked. Each weighted phrase is given
+# a value either positive or negative and the values added up. Phrases to do with
+# good subjects will have negative values, and bad subjects will have positive
+# values. See the weightedphraselist file for examples.
+# As a guide:
+# 50 is for young children, 100 for old children, 160 for young adults.
+naughtynesslimit = {$dansguardian_groups['naughtynesslimit']}
+
+# Search term blocking
+# Search terms can be extracted from search URLs and filtered using the
+# bannedphraselist, weightedphraselist and exceptionphraselist, with a separate
+# threshold for blocking than that used for normal page content.
+# To do this, the first two options below must be enabled.
+#
+# Search engine regular expression list
+# List of regular expressions for matching search engine URLs. It is assumed
+# that the search terms themselves will be contained within the first submatch
+# of each expression.
+searchengineregexplist = '/usr/local/etc/dansguardian/lists/searchengineregexplist.{$dansguardian_groups['searchacl']}'
+#
+# Search term limit
+# The limit over which requests will be blocked for containing search terms
+# which match the weightedphraselist. This should usually be lower than the
+# 'naughtynesslimit' value above, because the amount of text being filtered
+# is only a few words, rather than a whole page.
+# This option must be uncommented if searchengineregexplist is uncommented.
+# A value of 0 here indicates that search terms should be extracted,
+# for logging/reporting purposes, but no filtering should be performed
+# on the resulting text.
+searchtermlimit = {$dansguardian_groups['searchtermlimit']}
+#
+# Search term lists
+# If the three lines below are uncommented, search term blocking will use
+# the banned, weighted & exception phrases from these lists, instead of using
+# the same phrase lists as for page content. This is optional but recommended,
+# as weights for individual phrases in the "normal" lists may not be
+# appropriate for blocking when those phrases appear in a much smaller block
+# of text.
+# Please note that all or none of the below should be uncommented, not a
+# mixture.
+bannedsearchtermlist = '/usr/local/etc/dansguardian/lists/bannedsearchtermlist.{$dansguardian_groups['searchacl']}'
+weightedsearchtermlist = '/usr/local/etc/dansguardian/lists/weightedsearchtermlist.{$dansguardian_groups['searchacl']}'
+exceptionsearchtermlist = '/usr/local/etc/dansguardian/lists/exceptionsearchtermlist.{$dansguardian_groups['searchacl']}'
+
+# Category display threshold
+# This option only applies to pages blocked by weighted phrase filtering.
+# Defines the minimum score that must be accumulated within a particular
+# category in order for it to show up on the block pages' category list.
+# All categories under which the page scores positively will be logged; those
+# that were not displayed to the user appear in brackets.
+#
+# -1 = display only the highest scoring category
+# 0 = display all categories (default)
+# > 0 = minimum score for a category to be displayed
+categorydisplaythreshold = {$dansguardian_groups['categorydisplaythreshold']}
+
+# Embedded URL weighting
+# When set to something greater than zero, this option causes URLs embedded within a
+# page's HTML (from links, image tags, etc.) to be extracted and checked against the
+# bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
+# here to be added to the page's weighting.
+# The behaviour of this option with regards to multiple occurrences of a site/URL is
+# affected by the weightedphrasemode setting.
+#
+# NB: Currently, this feature uses regular expressions that require the PCRE library.
+# As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'.
+# You can check compile-time options by running 'dansguardian -v'.
+#
+# Set to 0 to disable.
+# Defaults to 0.
+# WARNING: This option is highly CPU intensive!
+embeddedurlweight = {$dansguardian_groups['embeddedurlweight']}
+
+# Enable PICS rating support
+#
+# Defaults to disabled
+# (on | off)
+enablepics = {$dansguardian_groups['enablepics']}
+
+# Temporary Denied Page Bypass
+# This provides a link on the denied page to bypass the ban for a few minutes. To be
+# secure it uses a random hashed secret generated at daemon startup. You define the
+# number of seconds the bypass will function for before the deny will appear again.
+# To allow the link on the denied page to appear you will need to edit the template.html
+# or dansguardian.pl file for your language.
+# 300 = enable for 5 minutes
+# 0 = disable ( defaults to 0 )
+# -1 = enable but you require a separate program/CGI to generate a valid link
+bypass = {$dansguardian_groups['bypass']}
+
+# Temporary Denied Page Bypass Secret Key
+# Rather than generating a random key you can specify one. It must be more than 8 chars.
+# '' = generate a random one (recommended and default)
+# 'Mary had a little lamb.' = an example
+# '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
+bypasskey = '{$dansguardian_groups['bypasskey']}'
+
+# Infection/Scan Error Bypass
+# Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
+# to be infected, or files that trigger scanner errors - for example, archive types with
+# recognised but unsupported compression schemes, or corrupt archives.
+# The option specifies the number of seconds for which the bypass link will be valid.
+# 300 = enable for 5 minutes
+# 0 = disable (default)
+# -1 = enable, but require a separate program/CGI to generate a valid link
+infectionbypass = {$dansguardian_groups['infectionbypass']}
+
+# Infection/Scan Error Bypass Secret Key
+# Same as the 'bypasskey' option, but used for infection bypass mode.
+infectionbypasskey = '{$dansguardian_groups['infectionbypasskey']}'
+
+# Infection/Scan Error Bypass on Scan Errors Only
+# Enable this option to allow infectionbypass links only when virus scanning fails,
+# not when a file is found to contain a virus.
+# on = enable (default and highly recommended)
+# off = disable
+infectionbypasserrorsonly = {$dansguardian_groups['infectionbypasserrorsonly']}
+
+# Disable content scanning
+# If you enable this option you will disable content scanning for this group.
+# Content scanning primarily is AV scanning (if enabled) but could include
+# other types.
+# (on|off) default = off.
+disablecontentscan = {$dansguardian_groups['disablecontentscan']}
+
+# Enable Deep URL Analysis
+# When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
+# bannedurllist. This can be used, for example, to block images originating from banned
+# sites from appearing in Google Images search results, as the original URLs are
+# embedded in the thumbnail GET requests.
+# (on|off) default = off
+deepurlanalysis = {$dansguardian_groups['deepurlanalysis']}
+
+# reportinglevel
+#
+# -1 = log, but do not block - Stealth mode
+# 0 = just say 'Access Denied'
+# 1 = report why but not what denied phrase
+# 2 = report fully
+# 3 = use HTML template file (accessdeniedaddress ignored) - recommended
+#
+# If defined, this overrides the global setting in dansguardian.conf for
+# members of this filter group.
+#
+#reportinglevel = {$dansguardian_groups['reportinglevel']}
+
+# accessdeniedaddress is the address of your web server to which the cgi
+# dansguardian reporting script was copied. Only used in reporting levels
+# 1 and 2.
+#
+# This webserver must be either:
+# 1. Non-proxied. Either a machine on the local network, or listed as an
+# exception in your browser's proxy configuration.
+# 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
+# only for users using both transparent proxying and a non-local server
+# to host this script.
+#
+# If defined, this overrides the global setting in dansguardian.conf for
+# members of this filter group.
+#
+#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
+
+# HTML Template override
+# If defined, this specifies a custom HTML template file for members of this
+# filter group, overriding the global setting in dansguardian.conf. This is
+# only used in reporting level 3.
+#
+# The default template file path is <languagedir>/<language>/template.html
+# e.g. /usr/local/share/dansguardian/languages/ukenglish/template.html when using 'ukenglish'
+# language.
+#
+# This option generates a file path of the form:
+# <languagedir>/<language>/<htmltemplate>
+# e.g. /usr/local/share/dansguardian/languages/ukenglish/custom.html
+#
+#htmltemplate = 'custom.html'
+
+# Email reporting - original patch by J. Gauthier
+
+# Use SMTP
+# If on, will enable system wide events to be reported by email.
+# need to configure mail program (see 'mailer' in global config)
+# and email recipients
+# default usesmtp = off
+#!! Not compiled !!usesmtp = off
+
+# mailfrom
+# who the email would come from
+# example: mailfrom = 'dansguardian@mycompany.com'
+#!! Not compiled !!mailfrom = ''
+
+# avadmin
+# who the virus emails go to (if notify av is on)
+# example: avadmin = 'admin@mycompany.com'
+#!! Not compiled !!avadmin = ''
+
+# contentdmin
+# who the content emails go to (when thresholds are exceeded)
+# and contentnotify is on
+# example: contentadmin = 'admin@mycompany.com'
+#!! Not compiled !!contentadmin = ''
+
+# avsubject
+# Subject of the email sent when a virus is caught.
+# only applicable if notifyav is on
+# default avsubject = 'dansguardian virus block'
+#!! Not compiled !!avsubject = 'dansguardian virus block'
+
+# content
+# Subject of the email sent when violation thresholds are exceeded
+# default contentsubject = 'dansguardian violation'
+#!! Not compiled !!contentsubject = 'dansguardian violation'
+
+# notifyAV
+# This will send a notification, if usesmtp/notifyav is on, any time an
+# infection is found.
+# Important: If this option is off, viruses will still be recorded like a
+# content infraction.
+#!! Not compiled !!notifyav = off
+
+# notifycontent
+# This will send a notification, if usesmtp is on, based on thresholds
+# below
+#!! Not compiled !!notifycontent = off
+
+# thresholdbyuser
+# results are only predictable with user authenticated configs
+# if enabled the violation/threshold count is kept track of by the user
+#!! Not compiled !!thresholdbyuser = off
+
+#violations
+# number of violations before notification
+# setting to 0 will never trigger a notification
+#!! Not compiled !!violations = 0
+
+#threshold
+# this is in seconds. If 'violations' occur in 'threshold' seconds, then
+# a notification is made.
+# if this is set to 0, then whenever the set number of violations are made a
+# notifaction will be sent.
+#!! Not compiled !!threshold = 0
+
+#SSL certificate checking
+# Check that ssl certificates for servers on https connections are valid
+# and signed by a ca in the configured path
+sslcertcheck = {$dansguardian_groups['sslcertcheck']}
+
+#SSL man in the middle
+# Forge ssl certificates for all sites, decrypt the data then re encrypt it
+# using a different private key. Used to filter ssl sites
+sslmitm = {$dansguardian_groups['sslmitm']}
+
+EOF;
+
+?> \ No newline at end of file
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index d794c970..d54b1b59 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -415,6 +415,27 @@
<build_port_path>/usr/ports/mail/postfix</build_port_path>
<build_options>WITH_PCRE=true WITH_SPF=true WITH_SASL2=true WITH_TLS=true</build_options>
</package>
+ <package>
+ <name>Dansguardian</name>
+ <website>http://www.dansguardian.org/</website>
+ <descr><![CDATA[DansGuardian is an award winning Open Source web content filter.<br>
+ It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering.<br>
+ It does not purely filter based on a banned list of sites like lesser totally commercial filters.<br>
+ For all non-commercial it's free, without cost.<br>
+ For all commercial use visit dansguardian website to get a licence.]]></descr>
+ <category>Services</category>
+ <config_file>http://www.pfsense.com/packages/config/dansguardian/dansguardian.xml</config_file>
+ <pkginfolink>http://forum.pfsense.org/index.php/topic,43786.0.html</pkginfolink>
+ <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url>
+ <depends_on_package>dansguardian-2.12.0.0_1.tbz</depends_on_package>
+ <depends_on_package>clamav-0.97.3_1.tbz</depends_on_package>
+ <version>2.12.0.0 pkg v.0.1</version>
+ <status>beta</status>
+ <required_version>2.0</required_version>
+ <configurationfile>dansguardian.xml</configurationfile>
+ <build_port_path>/usr/ports/www/dansguardian-devel</build_port_path>
+ <build_options>WITHOUT_APACHE=true WITHOUT_TRICKLE=false WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true</build_options>
+ </package>
<package>
<name>mailscanner-dev</name>
<website>www.mailscanner.info</website>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 41345091..93e0e1e5 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -527,6 +527,27 @@
<build_port_path>/usr/ports/mail/mailscanner</build_port_path>
<build_options></build_options>
</package>
+ <package>
+ <name>Dansguardian</name>
+ <website>http://www.dansguardian.org/</website>
+ <descr><![CDATA[DansGuardian is an award winning Open Source web content filter.<br>
+ It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering.<br>
+ It does not purely filter based on a banned list of sites like lesser totally commercial filters.<br>
+ For all non-commercial it's free, without cost.<br>
+ For all commercial use visit dansguardian website to get a licence.]]></descr>
+ <category>Services</category>
+ <config_file>http://www.pfsense.com/packages/config/dansguardian/dansguardian.xml</config_file>
+ <pkginfolink>http://forum.pfsense.org/index.php/topic,43786.0.html</pkginfolink>
+ <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url>
+ <depends_on_package>dansguardian-2.12.0.0_1.tbz</depends_on_package>
+ <depends_on_package>clamav-0.97.3_1.tbz</depends_on_package>
+ <version>2.12.0.0 pkg v.0.1</version>
+ <status>beta</status>
+ <required_version>2.0</required_version>
+ <configurationfile>dansguardian.xml</configurationfile>
+ <build_port_path>/usr/ports/www/dansguardian-devel</build_port_path>
+ <build_options>WITHOUT_APACHE=true WITHOUT_TRICKLE=false WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true</build_options>
+ </package>
<package>
<name>siproxd</name>
<website>http://siproxd.sourceforge.net/</website>