diff options
author | Daniel Stefan Haischt <dsh@pfsense.org> | 2006-08-05 00:41:06 +0000 |
---|---|---|
committer | Daniel Stefan Haischt <dsh@pfsense.org> | 2006-08-05 00:41:06 +0000 |
commit | 150d67e7a98cba87ccc235d88ccc190fba968cba (patch) | |
tree | fea3894648bd624d5d1a8209b1c2ef1a5110766a /packages/p3scan-pf | |
parent | 1d92e1c0b9b7f8c43ff9e1e3caf8b28ecfa3cb69 (diff) | |
download | pfsense-packages-150d67e7a98cba87ccc235d88ccc190fba968cba.tar.gz pfsense-packages-150d67e7a98cba87ccc235d88ccc190fba968cba.tar.bz2 pfsense-packages-150d67e7a98cba87ccc235d88ccc190fba968cba.zip |
This is a more up to date p3scan package (stable version), that utilizes the OpenBSD packet filter for transparant proxying. Also includes a GUI.
Diffstat (limited to 'packages/p3scan-pf')
-rw-r--r-- | packages/p3scan-pf/p3scan-pf-emer.xml | 82 | ||||
-rw-r--r-- | packages/p3scan-pf/p3scan-pf-msg.xml | 153 | ||||
-rw-r--r-- | packages/p3scan-pf/p3scan-pf-spam.xml | 73 | ||||
-rw-r--r-- | packages/p3scan-pf/p3scan-pf-vir.xml | 117 | ||||
-rw-r--r-- | packages/p3scan-pf/p3scan-pf.inc | 348 | ||||
-rw-r--r-- | packages/p3scan-pf/p3scan-pf.xml | 164 |
6 files changed, 937 insertions, 0 deletions
diff --git a/packages/p3scan-pf/p3scan-pf-emer.xml b/packages/p3scan-pf/p3scan-pf-emer.xml new file mode 100644 index 00000000..d4c0e3ff --- /dev/null +++ b/packages/p3scan-pf/p3scan-pf-emer.xml @@ -0,0 +1,82 @@ +<?xml version="1.0" encoding="utf-8" ?> +<packagegui> + <!-- change this if configpath works --> + <name>p3scanpfemer</name> + <version>1.0</version> + <title>Services: POP3 Proxy: Emergency Contact</title> + <include_file>/usr/local/pkg/p3scan-pf.inc</include_file> + <tabs> + <tab> + <text>Daemon Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf.xml&id=0</url> + </tab> + <tab> + <text>Message Processing</text> + <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&id=0</url> + </tab> + <tab> + <text>Emergency Contact</text> + <url>/pkg.php?xml=p3scan-pf-emer.xml</url> + <active /> + </tab> + <tab> + <text>Virus Scanner Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-vir.xml&id=0</url> + </tab> + <tab> + <text>SPAM Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-spam.xml&id=0</url> + </tab> + </tabs> + <!-- + configpath gets expanded out automatically and config items + will be stored in that location + --> + <configpath>['installedpackages']['p3scanpf']['config']['contacts']</configpath> + <!-- + adddeleteeditpagefields items will appear on the first page where you can + add / delete or edit items. An example of this would be the nat page where + you add new nat redirects + --> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Email Address</fielddescr> + <fieldname>emailaddress</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + </adddeleteeditpagefields> + <!-- + fields gets invoked when the user adds or edits a item. The following items + will be parsed and rendered for the user as a gui with input, and selectboxes. + --> + <fields> + <field> + <fielddescr>Email Address</fielddescr> + <fieldname>emailaddress</fieldname> + <description> + In the event p3scan encounters a catastrophic problem and has to terminate, + it will send an email to these email addresses just before setting up to + close down on the next iteration of a child process. + </description> + <type>input</type> + </field> + <field> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + <description>Description.</description> + <type>input</type> + </field> + </fields> + <!-- + Arbitrary PHP Code, that gets executed if a certain event gets triggered. + --> + <custom_delete_php_command> + sync_package_p3scan(); + </custom_delete_php_command> + <custom_php_resync_config_command> + sync_package_p3scan(); + </custom_php_resync_config_command> +</packagegui> diff --git a/packages/p3scan-pf/p3scan-pf-msg.xml b/packages/p3scan-pf/p3scan-pf-msg.xml new file mode 100644 index 00000000..65042715 --- /dev/null +++ b/packages/p3scan-pf/p3scan-pf-msg.xml @@ -0,0 +1,153 @@ +<?xml version="1.0" encoding="utf-8" ?> +<packagegui> + <!-- change this if configpath works --> + <name>p3scanpfmsg</name> + <version>1.0</version> + <title>Services: POP3 Proxy: Message Processing</title> + <note> + This <acronym title="Hypertext Markup Language">HTML</acronym> page uses default values, hence even if each field is + set, you are still required to save this page if you are editing this page + for the very first time! + </note> + <include_file>/usr/local/pkg/p3scan-pf.inc</include_file> + <aftersaveredirect>pkg_edit.php?xml=p3scan-pf-msg.xml&id=0</aftersaveredirect> + <tabs> + <tab> + <text>Daemon Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf.xml&id=0</url> + </tab> + <tab> + <text>Message Processing</text> + <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&id=0</url> + <active /> + </tab> + <tab> + <text>Emergency Contact</text> + <url>/pkg.php?xml=p3scan-pf-emer.xml</url> + </tab> + <tab> + <text>Virus Scanner Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-vir.xml&id=0</url> + </tab> + <tab> + <text>SPAM Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-spam.xml&id=0</url> + </tab> + </tabs> + <!-- + configpath gets expanded out automatically and config items + will be stored in that location + --> + <configpath>['installedpackages']['p3scanpf']['config']['messaging']</configpath> + <!-- + fields gets invoked when the user adds or edits a item. The following items + will be parsed and rendered for the user as a gui with input, and selectboxes. + --> + <fields> + <field> + <fielddescr>Just Delete</fielddescr> + <fieldname>justdelete</fieldname> + <description> + Instead of keeping an infected message in the Virus Directory, delete it + after reporting it to the user. + </description> + <type>checkbox</type> + <donotdisable>true</donotdisable> + </field> + <field> + <fielddescr>Bytes Free</fielddescr> + <fieldname>bytesfree</fieldname> + <description>The number of KB's there must be free before processing any mail.</description> + <type>input</type> + <default_value>10000</default_value> + <required /> + </field> + <field> + <fielddescr>Broken Email Clients</fielddescr> + <fieldname>brokenec</fieldname> + <description> + Some email clients may require special processing. + </description> + <type>checkbox</type> + <donotdisable>true</donotdisable> + </field> + <field> + <fielddescr>ISP Spam</fielddescr> + <fieldname>ispspam</fieldname> + <description> + This option allows you to set the string your <acronym title="Internet Service Provider">ISP</acronym> uses if it processes + your email for SPAM. Leave this field blank if you are not going to use + this option. + </description> + <type>input</type> + <default_value>-- Spam --</default_value> + </field> + <field> + <fielddescr>Subject</fielddescr> + <fieldname>subject</fieldname> + <description> + This option can be used to change the default subject line when + reporting a virus infected message. + </description> + <type>input</type> + <size>60</size> + <default_value>Subject: "[Virus] found in a mail to you:" <virus name></default_value> + <required /> + </field> + <field> + <fielddescr>Notify</fielddescr> + <fieldname>notify</fieldname> + <description> + This option can be used to change the default file deleted notification + that is displayed in the virus notification message when the + "justdelete" option is used. + </description> + <type>input</type> + <size>60</size> + <default_value>Per instruction, the message has been deleted.</default_value> + <required /> + </field> + <field> + <fielddescr>SMTP Reject</fielddescr> + <fieldname>smtpreject</fieldname> + <description> + This option can be used to change the default lt;acronym title="Simple Mail Transfer Protocol">SMTP</acronym> Reject message that + is sent to the client in the event a message is rejected due to a virus. + The error message will have a prefix of "554". + </description> + <type>input</type> + <size>60</size> + <default_value>Virus detected! P3scan rejected message!</default_value> + <required /> + </field> + <field> + <fielddescr>Check SMTP size</fielddescr> + <fieldname>checksize</fieldname> + <description> + This option can be used to set the maximum message size (in KBytes) + that p3scan will use to determine if it should scan an smtp submission. + Leave this field blank if you are not going to use this option. + </description> + <type>input</type> + <default_value>1024</default_value> + </field> + <field> + <fielddescr>Footer</fielddescr> + <fieldname>footer</fieldname> + <description> + This option is used to add the virus definition info from your scanner + to an SMTP message. Leave this field blank if you are not going to use + this option. + </description> + <type>input</type> + <size>40</size> + <default_value>/usr/local/bin/clamdscan -V</default_value> + </field> + </fields> + <!-- + Arbitrary PHP Code, that gets executed if a certain event gets triggered. + --> + <custom_php_resync_config_command> + sync_package_p3scan(); + </custom_php_resync_config_command> +</packagegui> diff --git a/packages/p3scan-pf/p3scan-pf-spam.xml b/packages/p3scan-pf/p3scan-pf-spam.xml new file mode 100644 index 00000000..5e5bd683 --- /dev/null +++ b/packages/p3scan-pf/p3scan-pf-spam.xml @@ -0,0 +1,73 @@ +<?xml version="1.0" encoding="utf-8" ?> +<packagegui> + <!-- change this if configpath works --> + <name>p3scanpfspam</name> + <version>1.0</version> + <title>Services: POP3 Proxy: SPAM Settings</title> + <note> + This <acronym title="Hypertext Markup Language">HTML</acronym> page uses default values, hence even if each field is + set, you are still required to save this page if you are editing this page + for the very first time! + </note> + <include_file>/usr/local/pkg/p3scan-pf.inc</include_file> + <aftersaveredirect>pkg_edit.php?xml=p3scan-pf-spam.xml&id=0</aftersaveredirect> + <tabs> + <tab> + <text>Daemon Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf.xml&id=0</url> + </tab> + <tab> + <text>Message Processing</text> + <url>pkg_edit.php?xml=p3scan-pf-msg.xml&id=0</url> + </tab> + <tab> + <text>Emergency Contact</text> + <url>/pkg.php?xml=p3scan-pf-emer.xml</url> + </tab> + <tab> + <text>Virus Scanner Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-vir.xml&id=0</url> + </tab> + <tab> + <text>SPAM Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-spam.xml&id=0</url> + <active /> + </tab> + </tabs> + <!-- + configpath gets expanded out automatically and config items + will be stored in that location + --> + <configpath>['installedpackages']['p3scanpf']['config']['spam']</configpath> + <!-- + fields gets invoked when the user adds or edits a item. The following items + will be parsed and rendered for the user as a gui with input, and selectboxes. + --> + <fields> + <field> + <fielddescr>Enable Spam Checking</fielddescr> + <fieldname>checkspam</fieldname> + <description> + If set, will scan for Spam before scanning for a virus. + </description> + <type>checkbox</type> + <donotdisable>true</donotdisable> + <enablefields>spamcheck</enablefields> + </field> + <field> + <fielddescr>SPAM Executable Command</fielddescr> + <fieldname>spamcheck</fieldname> + <description>The command (plus arguments) that should be invoked to check for SPAM messages.</description> + <type>input</type> + <size>70</size> + <!-- the below tag plus its inline text must be on one single line. --> + <default_value>/usr/local/bin/dspam --user dspamuser --mode=teft --stdout --deliver=innocent,spam --feature=ch,no,wh</default_value> + </field> + </fields> + <!-- + Arbitrary PHP Code, that gets executed if a certain event gets triggered. + --> + <custom_php_resync_config_command> + sync_package_p3scan(); + </custom_php_resync_config_command> +</packagegui> diff --git a/packages/p3scan-pf/p3scan-pf-vir.xml b/packages/p3scan-pf/p3scan-pf-vir.xml new file mode 100644 index 00000000..e1d23ace --- /dev/null +++ b/packages/p3scan-pf/p3scan-pf-vir.xml @@ -0,0 +1,117 @@ +<?xml version="1.0" encoding="utf-8" ?> +<packagegui> + <!-- change this if configpath works --> + <name>p3scanpfvir</name> + <version>1.0</version> + <title>Services: POP3 Proxy: Virus Scanner Settings</title> + <note> + This <acronym title="Hypertext Markup Language">HTML</acronym> page uses default values, hence even if each field is + set, you are still required to save this page if you are editing this page + for the very first time! + </note> + <include_file>/usr/local/pkg/p3scan-pf.inc</include_file> + <aftersaveredirect>pkg_edit.php?xml=p3scan-pf-vir.xml&id=0</aftersaveredirect> + <tabs> + <tab> + <text>Daemon Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf.xml&id=0</url> + </tab> + <tab> + <text>Message Processing</text> + <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&id=0</url> + </tab> + <tab> + <text>Emergency Contact</text> + <url>/pkg.php?xml=p3scan-pf-emer.xml</url> + </tab> + <tab> + <text>Virus Scanner Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-vir.xml&id=0</url> + <active /> + </tab> + <tab> + <text>SPAM Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-spam.xml&id=0</url> + </tab> + </tabs> + <!-- + configpath gets expanded out automatically and config items + will be stored in that location + --> + <configpath>['installedpackages']['p3scanpf']['config']['virus']</configpath> + <!-- + fields gets invoked when the user adds or edits a item. The following items + will be parsed and rendered for the user as a gui with input, and selectboxes. + --> + <fields> + <field> + <fielddescr>Scanner Type</fielddescr> + <fieldname>scannertype</fieldname> + <description>Select here which type of scanner you want to use.</description> + <type>select</type> + <default_value>clamd</default_value> + <size>1</size> + <options> + <option><value>avpd</value><name>Kaspersky Anti-Virus for Linux</name></option> + <option><value>avpd_new</value><name>Kaspersky Anti-Virus for Linux (New)</name></option> + <option><value>bash</value><name>Shell Script</name></option> + <option><value>basic</value><name>Default Scanner Type</name></option> + <option><value>clamd</value><name>Clam Anti-Virus</name></option> + <option><value>trophie</value><name>Trophie Daemon</name></option> + </options> + </field> + <field> + <fielddescr>Virusscanner</fielddescr> + <fieldname>scanner</fieldname> + <description>Depends on scannertype.</description> + <type>input</type> + <default_value>127.0.0.1:3310</default_value> + <required /> + </field> + <field> + <fielddescr>Scanner Returncode</fielddescr> + <fieldname>viruscode</fieldname> + <description> + Specify the returncode(s) which the scanner returns when + the mail is infected. + </description> + <type>input</type> + <default_value>1</default_value> + </field> + <field> + <fielddescr>Good Scanner return codes</fielddescr> + <fieldname>goodcode</fieldname> + <description> + Some scanners can report more than good or infected. Place valid return + codes here that will enable the message to be delivered without a warning. + </description> + <type>input</type> + </field> + <field> + <fielddescr>Regular Expression for Virusname</fielddescr> + <fieldname>virusregexp</fieldname> + <description> + Specify here a regular expression which describes where the name of + the virus can be found. + </description> + <type>input</type> + <default_value>.*: (.*) FOUND</default_value> + </field> + <field> + <fielddescr>deMIME Setting</fielddescr> + <fieldname>demime</fieldname> + <description> + Tick this if we should parse all lt;acronym title="Multipurpose Internet Mail Extensions">MIME</acronym>-sections instead of passing the + message as-is to the scanner. + </description> + <type>checkbox</type> + <donotdisable>true</donotdisable> + </field> + </fields> + <!-- + Arbitrary PHP Code, that gets executed if a certain event gets triggered. + --> + <custom_php_resync_config_command> + sync_package_p3scan(); + </custom_php_resync_config_command> +</packagegui> diff --git a/packages/p3scan-pf/p3scan-pf.inc b/packages/p3scan-pf/p3scan-pf.inc new file mode 100644 index 00000000..b7359b49 --- /dev/null +++ b/packages/p3scan-pf/p3scan-pf.inc @@ -0,0 +1,348 @@ +<?php +/* $Id$ */ +/* + $RCSfile$ + Copyright (C) 2006 Daniel S. Haischt <me@daniel.stefan.haischt.name> + All rights reserved. + + Copyright (C) 2006 Fernando Lemos + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notices, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notices, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +/* ====================== USAGE NOTE: ====================== */ +/* Depending on your use case scenario, this software may */ +/* depend on the following software packages: */ +/* */ +/* - renatach (part of the FreeBSD ports collection) */ +/* - a virus scanner (e.g. ClamAV) */ +/* - a spam filter (e.g. DSPAM or SpamAssassin) */ +/* ========================================================= */ + + +/* include all configuration functions */ +require_once("functions.inc"); + +function sync_package_p3scan() { + global $config, $g; + conf_mount_rw(); + config_lock(); + $fd = fopen("/etc/p3scan.conf","w"); + + /* shorten the config path */ + $cfg = $config['installedpackages']['p3scanpf']['config'][0]; + $cfgmsg = $config['installedpackages']['p3scanpfmsg']['config'][0]; + $cfgemer = $config['installedpackages']['p3scanpfemer']['config']; + $cfgvir = $config['installedpackages']['p3scanpfvir']['config'][0]; + $cfgspam = $config['installedpackages']['p3scanpfspam']['config'][0]; + + fwrite($fd, "## p3scan-pf config file - generated by pfSense.\n##\n"); + fwrite($fd, "## at: " . date("l dS of F Y h:i:s A") . "\n##\n"); + /* ================================================================ */ + /* == Tab: Daemon Settings == */ + /* ================================================================ */ + fwrite($fd, "## Daemon Settings.\n"); + fwrite($fd, "pidfile = /var/run/p3scan/p3scan.pid\n"); + if (isset($cfg['maxchilds']) && $cfg['maxchilds'] <> "") + fwrite($fd, "maxchilds = {$cfg['maxchilds']}\n"); + else + fwrite($fd, "maxchilds = 10\n"); + if (isset($cfg['ipaddr']) && $cfg['ipaddr'] <> "") + fwrite($fd, "ip = {$cfg['ipaddr']}\n"); + else + fwrite($fd, "ip = 127.0.0.1\n"); + if (isset($cfg['port']) && $cfg['port'] <> "") + fwrite($fd, "port = {$cfg['port']}\n"); + else + fwrite($fd, "port = 8110\n"); + if (isset($cfg['sslport']) && $cfg['sslport'] <> "") + fwrite($fd, "sslport = {$cfg['sslport']}\n"); + else + fwrite($fd, "sslport = 995\n"); + if (isset($cfg['targetip']) && $cfg['targetip'] <> "") { + if ($cfg['targetip'] == "0.0.0.0") + setup_transparency(); + else + remove_transparency() + fwrite($fd, "targetip = {$cfg['targetip']}\n"); + } else { + setup_transparency(); + fwrite($fd, "targetip = 0.0.0.0\n"); + } + if (isset($cfg['targetport']) && $cfg['targetport'] <> "") + fwrite($fd, "targetport = {$cfg['targetport']}\n"); + else + fwrite($fd, "targetport = 8110\n"); + if (isset($cfg['emailport']) && $cfg['emailport'] <> "") + fwrite($fd, "emailport = {$cfg['emailport']}\n"); + else + fwrite($fd, "emailport = 25\n"); + if (isset($cfg['daemonuser']) && $cfg['daemonuser'] <> "") + fwrite($fd, "user = {$cfg['daemonuser']}\n"); + else + fwrite($fd, "user = root\n"); + fwrite($fd, "notifydir = /var/spool/p3scan/notify\n"); + fwrite($fd, "virusdir = /var/spool/p3scan\n"); + fwrite($fd, "template = /usr/local/etc/p3scan/p3scan.mail\n"); + + /* ================================================================ */ + /* == Tab: Message Processing == */ + /* ================================================================ */ + fwrite($fd, "## Message Processing Settings.\n"); + if (isset($cfgmsg['justdelete']) && $cfgmsg['justdelete'] <> "") + fwrite($fd, "justdelete\n"); + if (isset($cfgmsg['bytesfree']) && $cfgmsg['bytesfree'] <> "") + fwrite($fd, "bytesfree = {$cfgmsg['bytesfree']}\n"); + else + fwrite($fd, "bytesfree = 10000\n"); + if (isset($cfgmsg['broken']) && $cfgmsg['broken'] <> "") + fwrite($fd, "broken\n"); + if (isset($cfgmsg['timeout']) && $cfgmsg['timeout'] <> "") + fwrite($fd, "timeout = {$cfgmsg['timeout']}\n"); + else + fwrite($fd, "timeout = 30\n"); + if (isset($cfgmsg['ispspam']) && $cfgmsg['ispspam'] <> "") + fwrite($fd, "ispspam = {$cfgmsg['ispspam']}\n"); + if (file_exists("/usr/local/bin/renattach")) + fwrite($fd, "renattach = /usr/local/bin/renattach\n"); + if (isset($cfgmsg['subject']) && $cfgmsg['subject'] <> "") + fwrite($fd, "subject = {$cfgmsg['subject']}\n"); + else + fwrite($fd, "subject = Subject: \"[Virus] found in a mail to you:\" <virus name>\n"); + if (isset($cfgmsg['notify']) && $cfgmsg['notify'] <> "") + fwrite($fd, "notify = {$cfgmsg['notify']}\n"); + else + fwrite($fd, "notify = Per instruction, the message has been deleted.\n"); + if (isset($cfgmsg['smtpreject']) && $cfgmsg['smtpreject'] <> "") + fwrite($fd, "smtprset = {$cfgmsg['smtpreject']}\n"); + else + fwrite($fd, "smtprset = Virus detected! P3scan rejected message!\n"); + if (isset($cfgmsg['checksize']) && $cfgmsg['checksize'] <> "") + fwrite($fd, "checksize = {$cfgmsg['checksize']}\n"); + if (isset($cfgmsg['footer']) && $cfgmsg['footer'] <> "") + fwrite($fd, "footer = {$cfgmsg['footer']}\n"); + + /* ================================================================ */ + /* == Tab: Emergency Contact == */ + /* ================================================================ */ + fwrite($fd, "## Emergency Contacts.\n"); + if (is_array($cfgemer)) { + foreach ($cfgemer as $addr) { + $contact .= "{$addr['emailaddress']} "; + } + if (isset($contact) && $contact <> "") + fwrite($fd, "emergcon = {$contact}\n"); + } + + /* ================================================================ */ + /* == Tab: Virus Scanner Settings == */ + /* ================================================================ */ + fwrite($fd, "## Virus Scanner Settings.\n"); + if (isset($cfgvir['scannertype']) && $cfgvir['scannertype'] <> "") + fwrite($fd, "scannertype = {$cfgvir['scannertype']}\n"); + else + fwrite($fd, "scannertype = clamd\n"); + if (isset($cfgvir['scanner']) && $cfgvir['scanner'] <> "") + fwrite($fd, "scanner = {$cfgvir['scanner']}\n"); + else + fwrite($fd, "scanner = 127.0.0.1:3310\n"); + if (isset($cfgvir['viruscode']) && $cfgvir['viruscode'] <> "") + fwrite($fd, "viruscode = {$cfgvir['viruscode']}\n"); + else + fwrite($fd, "viruscode = 1\n"); + if (isset($cfgvir['goodcode']) && $cfgvir['goodcode'] <> "") + fwrite($fd, "goodcode = {$cfgvir['goodcode']}\n"); + if (isset($cfgvir['virusregexp']) && $cfgvir['virusregexp'] <> "") + fwrite($fd, "virusregexp = {$cfgvir['virusregexp']}\n"); + if (isset($cfgvir['demime']) && $cfgvir['demime'] <> "") + fwrite($fd, "demime\n"); + + /* ================================================================ */ + /* == Tab: SPAM Settings == */ + /* ================================================================ */ + if ((isset($cfgspam['checkspam']) && $cfgspam['checkspam'] <> "") || + $config['installedpackages']['sassassin']['config'][0]['enable'] == 'on') { + fwrite($fd, "## SPAM Settings.\n"); + fwrite($fd, "checkspam\n"); + if (isset($cfgspam['spamcheck']) && $cfgspam['spamcheck'] <> "") { + /* most times the command line for the spam binary becomes + * quite lengthy, which my be the reason that users are + * the XML tag and the command line itself into several + * lines. Thus strip whitespaces. + */ + $cfgspam['spamcheck'] = trim($cfgspam['spamcheck']); + fwrite($fd, "spamcheck = {$cfgspam['spamcheck']}\n"); + } else { + if ($config['installedpackages']['sassassin']['config'][0]['enable'] == 'on') { + fwrite($fd, "spamcheck = /usr/bin/spamc\n"); + } else { + fwrite($fd, "spamcheck = /usr/local/bin/dspam --user dspamuser --mode=teft --stdout --deliver=innocent,spam --feature=ch,no,wh\n"); + } + } + } + + fclose($fd); + + /* NOTE: The following code requires the p3scan-pf.inc file to + * be saved with UNIX Linefeeds. LF that is and NOT CR LF. + */ + $start = <<<EOD +test_p3scan_user=`cat /etc/passwd | grep p3scan` +test_p3scan_group=`cat /etc/passwd | grep p3scan` + +if [ -z "\${test_p3scan_group}" ]; then + pw groupadd p3scan -g 108 +fi + +if [ -z "\${test_p3scan_user}" ]; then + pw useradd p3scan -u 108 -g p3scan -d /var/spool/p3scan -s /sbin/nologin -c 'P3Scan Daemon' +fi + +if [ ! -d "/var/spool/p3scan" ]; then + mkdir /var/spool/p3scan && chown p3scan:p3scan /var/spool/p3scan +fi + +if [ ! -d "/var/spool/p3scan/children" ]; then + mkdir /var/spool/p3scan/children && chown p3scan:p3scan /var/spool/p3scan/children +fi + +if [ ! -d "/var/spool/p3scannotify" ]; then + mkdir /var/spool/p3scannotify && chown p3scan:p3scan /var/spool/p3scannotify +fi + +if [ ! -d "/var/run/p3scan" ]; then + mkdir /var/run/p3scan && chown p3scan:p3scan /var/run/p3scan +fi + +/sbin/mount_fdescfs fdescfs /dev/fd +/usr/local/sbin/p3scan --configfile=/usr/local/etc/p3scan/p3scan.conf & + +EOD; + + $stop = "/usr/bin/killall p3scan\n" . + "sleep 2"; + + write_rcfile(array( + "file" => "030.p3scan.sh", + "start" => $start, + "stop" => $stop + ) + ); + + conf_mount_ro(); + config_unlock(); + + if (! file_exists("/usr/local/etc/p3scan")) { + mkdir("/usr/local/etc/p3scan"); + } + if (! file_exists("/usr/local/etc/p3scan/p3scan.conf")) { + mwexec("ln -s /etc/p3scan.conf /usr/local/etc/p3scan/p3scan.conf"); + } + if (! file_exists("/usr/local/etc/p3scan/p3scan.mail")) { + $fd = fopen("/usr/local/etc/p3scan/p3scan.mail","w"); + + $p3scanmail = <<<EOD +MIME-Version: 1.0 +Content-Transfer-Encoding: 8bit +Content-Type: text/plain; + charset="iso-8859-1" + +Hello %USERNAME%. +This message body was generated automatically from P3Scan, which runs on +%HOSTNAME%.%DOMAINNAME% for scanning all incoming email. + +It replaces the body of a message sent to you that contained a VIRUS! + +Instead of the infected email this message has been sent to you. + +You may look at the message header of this message for the complete +email header information of the infected message. + +Virus name: + %VIRUSNAME% +(Supposed) Sender of the email: + %MAILFROM% +Sent To: + %MAILTO% +On Date: + %MAILDATE% +Subject: + %SUBJECT% +Connection data: + %PROTOCOL% from %CLIENTIP%:%CLIENTPORT% to %SERVERIP%:%SERVERPORT% +Message File: + %P3SCANID% +Virus Definition Info: + %VDINFO% +-- +%PROGNAME% %VERSION% +by Jack S. Lai <laitcg@cox.net> + +EOD; + + fwrite($fd, $p3scanmail); + fclose($fd); + } + + mwexec("/usr/local/etc/rc.d/030.p3scan.sh stop"); + mwexec("/usr/local/etc/rc.d/030.p3scan.sh start"); + + return 0; +} + +function custom_php_install_command() { + global $config, $g; + sync_package_p3scan(); +} + +function custom_php_deinstall_command() { + global $config, $g; + conf_mount_rw(); + unlink_if_exists("/usr/local/pkg/pf/p3scan_rules.php"); + unlink_if_exists("/usr/local/www/p3scan_rules.php"); + unlink_if_exists("/usr/local/etc/p3scan/p3scan.conf"); + unlink_if_exists("/usr/local/etc/p3scan/p3scan.mail"); + unlink_if_exists("/usr/local/etc/rc.d/030.p3scan.sh"); + rmdir("/usr/local/etc/p3scan"); + conf_mount_ro(); +} + +function remove_transparency() { + $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -t p3scan -T flush'); + if($havp_pf_result <> 0) { + file_notice("P3SCAN", "There were error(s) flushing the exclude table", "P3SCAN", ""); +} + +function setup_transparency() { + global $config; + $cfg = $config['installedpackages']['p3scanpf']['config'][0]; + $trans_file = fopen("/tmp/p3scan_pf.rules","w"); + fwrite($trans_file, "table <p3scan> persist\n"); + fwrite($trans_file, "rdr on " . $config['interfaces']['lan']['if'] . " inet proto tcp from !<p3scan> to ! " . $config['interfaces']['lan']['ipaddr'] . " port = pop3 -> {$cfg['ip']} port {$cfg['port']} \n"); + fclose($trans_file); + $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -f /tmp/p3scan_pf.rules'); + if($p3scan_pf_result <> 0) { + file_notice("P3SCAN", "There were error(s) loading the transparency rules", "P3SCAN", ""); + } +} +?>
\ No newline at end of file diff --git a/packages/p3scan-pf/p3scan-pf.xml b/packages/p3scan-pf/p3scan-pf.xml new file mode 100644 index 00000000..d311a122 --- /dev/null +++ b/packages/p3scan-pf/p3scan-pf.xml @@ -0,0 +1,164 @@ +<?xml version="1.0" encoding="utf-8" ?> +<packagegui> + <name>p3scanpf</name> + <version>1.0</version> + <title>Services: POP3 Proxy: Main</title> + <note> + This <acronym title="Hypertext Markup Language">HTML</acronym> page uses default values, hence even if each field is + set, you are still required to save this page if you are editing this page + for the very first time! + </note> + <include_file>/usr/local/pkg/p3scan-pf.inc</include_file> + <aftersaveredirect>pkg_edit.php?xml=p3scan-pf.xml&id=0</aftersaveredirect> + <!-- Menu is where this packages menu will appear --> + <menu> + <name>POP3 Proxy</name> + <section>Services</section> + <configfile>p3scan-pf.xml</configfile> + <url>/pkg_edit.php?xml=p3scan-pf.xml&id=0</url> + <tooltiptext>A transparent POP3-Proxy with virus-scanning capabilities</tooltiptext> + </menu> + <service> + <name>p3scan-pf</name> + <rcfile>/usr/local/etc/rc.d/030.p3scan.sh</rcfile> + <executable>p3scan</executable> + <description>POP3 virus/spam scanner.</description> + </service> + <tabs> + <tab> + <text>Daemon Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf.xml&id=0</url> + <active /> + </tab> + <tab> + <text>Message Processing</text> + <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&id=0</url> + </tab> + <tab> + <text>Emergency Contact</text> + <url>/pkg.php?xml=p3scan-pf-emer.xml</url> + </tab> + <tab> + <text>Virus Scanner Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-vir.xml&id=0</url> + </tab> + <tab> + <text>SPAM Settings</text> + <url>/pkg_edit.php?xml=p3scan-pf-spam.xml&id=0</url> + </tab> + </tabs> + <!-- + configpath gets expanded out automatically and config items + will be stored in that location + --> + <configpath>['installedpackages']['p3scanpf']['config']</configpath> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/p3scan-pf-msg.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/p3scan-pf-emer.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/p3scan-pf-vir.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/p3scan-pf-spam.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/p3scan-pf.inc</item> + </additional_files_needed> + <!-- + fields gets invoked when the user adds or edits a item. The following items + will be parsed and rendered for the user as a gui with input, and selectboxes. + --> + <fields> + <field> + <fielddescr>Max Child's</fielddescr> + <fieldname>maxchilds</fieldname> + <description>The maximum number of connections we will handle at once.</description> + <type>input</type> + <default_value>10</default_value> + </field> + <field> + <fielddescr>IP Address</fielddescr> + <fieldname>ipaddr</fieldname> + <description>The <acronym title="Internet Protocol">IP</acronym> Address we listen on.</description> + <type>input</type> + <default_value>0.0.0.0</default_value> + <required /> + </field> + <field> + <fielddescr>Port</fielddescr> + <fieldname>port</fieldname> + <description>The <acronym title="Transmission Control Protocol">TCP</acronym> port on we should listen.</description> + <type>input</type> + <default_value>8110</default_value> + <required /> + </field> + <field> + <fielddescr>SSL Port</fielddescr> + <fieldname>sslport</fieldname> + <description>The TCP <acronym title="Secure Sockets Layer">SSL</acronym> port on we should listen.</description> + <type>input</type> + <default_value>995</default_value> + <required /> + </field> + <field> + <fielddescr>Target IP</fielddescr> + <fieldname>targetip</fieldname> + <description>Target IP is the IP to connect (0.0.0.0 enables transparent mode).</description> + <type>input</type> + <default_value>0.0.0.0</default_value> + <required /> + </field> + <field> + <fielddescr>Target Port</fielddescr> + <fieldname>targetport</fieldname> + <description>Target Port is the port to connect.</description> + <default_value>8110</default_value> + <type>input</type> + <required /> + </field> + <field> + <fielddescr>Email Port</fielddescr> + <fieldname>emailport</fieldname> + <description>The port we should listen on to scan outgoing email messages.</description> + <type>input</type> + <default_value>25</default_value> + <required /> + </field> + <field> + <fielddescr>Daemon User</fielddescr> + <fieldname>daemonuser</fieldname> + <description>The username the daemon should run as.</description> + <type>input</type> + <default_value>root</default_value> + <required /> + </field> + </fields> + <!-- + Arbitrary PHP Code, that gets executed if a certain event gets triggered. + --> + <custom_delete_php_command> + sync_package_p3scan(); + </custom_delete_php_command> + <custom_php_resync_config_command> + sync_package_p3scan(); + </custom_php_resync_config_command> + <custom_php_install_command> + custom_php_install_command(); + </custom_php_install_command> + <custom_php_deinstall_command> + custom_php_deinstall_command(); + </custom_php_deinstall_command> +</packagegui> |