aboutsummaryrefslogtreecommitdiffstats
path: root/config/dansguardian/dansguardian.inc
diff options
context:
space:
mode:
authormarcelloc <marcellocoutinho@gmail.com>2012-02-15 02:04:50 -0200
committermarcelloc <marcellocoutinho@gmail.com>2012-02-15 02:04:50 -0200
commit7c48df32d96480318c75273fb292a2ed8822f508 (patch)
tree8fc229ad2e0798808f9a5a90422343d0f195836a /config/dansguardian/dansguardian.inc
parent1eedb7b88b530e602866051c952bc2ccbd46a2b3 (diff)
downloadpfsense-packages-7c48df32d96480318c75273fb292a2ed8822f508.tar.gz
pfsense-packages-7c48df32d96480318c75273fb292a2ed8822f508.tar.bz2
pfsense-packages-7c48df32d96480318c75273fb292a2ed8822f508.zip
dansguardian - include ssl filtering code on inc file
thanks again ermal to help on package compilation
Diffstat (limited to 'config/dansguardian/dansguardian.inc')
-rwxr-xr-xconfig/dansguardian/dansguardian.inc27
1 files changed, 27 insertions, 0 deletions
diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc
index 3708e98c..6c6d6e93 100755
--- a/config/dansguardian/dansguardian.inc
+++ b/config/dansguardian/dansguardian.inc
@@ -214,6 +214,32 @@ function sync_package_dansguardian() {
$load_samples=0;
+ #ssl men-in-the-middle feature
+ $dirs=array($dansguardian_dir."/ssl",$dansguardian_dir."/ssl/generatedcerts",$dansguardian_dir."/ssl/generatedlinks");
+ foreach ($dirs as $dir)
+ if (!is_dir($dir))
+ mkdir ($dir,0700,true);
+ $ca_cert = lookup_ca($dansguardian_config["ca"][0]);
+ if ($ca_cert != false) {
+ if(base64_decode($ca_cert['prv'])) {
+ file_put_contents($dansguardian_dir. "/ssl/ssl_ca_key.pem",base64_decode($ca_cert['prv']));
+ $ca_pk = "caprivatekeypath = ".$dansguardian_dir . "/ssl/ssl_ca_key.pem";
+ }
+ if(base64_decode($ca_cert['crt'])) {
+ file_put_contents($dansguardian_dir . "/ssl/ssl_ca_cert.pem",base64_decode($ca_cert['crt']));
+ $ca_pem = "cacertificatepath = ".$dansguardian_dir . "/ssl/ssl_ca_cert.pem";
+ $generatedcertpath= "generatedcertpath = ".$dansguardian_dir . "/ssl/generatedcerts";
+ $generatedlinkpath= "generatedlinkpath = ".$dansguardian_dir . "/ssl/generatedlinks";
+ }
+ $svr_cert = lookup_cert($dansguardian_config["cert"][0]);
+ if ($svr_cert != false) {
+ if(base64_decode($svr_cert['prv'])) {
+ file_put_contents($dansguardian_dir . "/ssl/ssl_server_key.pem",base64_decode($svr_cert['prv'])."\n".base64_decode($svr_cert['crt']));
+ $cert_key = "certprivatekeypath = ".$dansguardian_dir . '/ssl/ssl_server_key.pem';
+ }
+ }
+ }
+
#contentscanners preg_replace patterns
$match[0]="/(conf)/";
$match[1]="/(\/usr.local)/";
@@ -626,6 +652,7 @@ function sync_package_dansguardian() {
$dansguardian_groups['embeddedurlweight']=($dansguardian_groups['embeddedurlweight']?$dansguardian_groups['embeddedurlweight']:"0");
$dansguardian_groups['bypass']=($dansguardian_groups['bypass']?$dansguardian_groups['bypass']:"0");
$dansguardian_groups['infectionbypass']=($dansguardian_groups['infectionbypass']?$dansguardian_groups['infectionbypass']:"0");
+ $dansguardian_groups['mitmkey']=($dansguardian_groups['mitmkey']?$dansguardian_groups['mitmkey']:"dgs3dD3da");
foreach ($groups as $group)
$dansguardian_groups[$group]=(preg_match("/$group/",$dansguardian_groups['group_options'])?"on":"off");
include("/usr/local/pkg/dansguardianfx.conf.template");