diff options
author | D. V. Serg <dvserg@pfsense.org> | 2007-11-09 14:46:25 +0000 |
---|---|---|
committer | D. V. Serg <dvserg@pfsense.org> | 2007-11-09 14:46:25 +0000 |
commit | a0d0a547b3f925b43a93a47ac52c562d824c3deb (patch) | |
tree | d4ef579741c8f839a1de7de94b2adc823c66d493 /packages/squidGuard/squidguard_cls.inc | |
parent | 0b03fa5a6cd05bf3de3ce02cb61f9a35e411dec2 (diff) | |
download | pfsense-packages-a0d0a547b3f925b43a93a47ac52c562d824c3deb.tar.gz pfsense-packages-a0d0a547b3f925b43a93a47ac52c562d824c3deb.tar.bz2 pfsense-packages-a0d0a547b3f925b43a93a47ac52c562d824c3deb.zip |
New ver update
Diffstat (limited to 'packages/squidGuard/squidguard_cls.inc')
-rw-r--r-- | packages/squidGuard/squidguard_cls.inc | 1176 |
1 files changed, 0 insertions, 1176 deletions
diff --git a/packages/squidGuard/squidguard_cls.inc b/packages/squidGuard/squidguard_cls.inc deleted file mode 100644 index 34bf8c2a..00000000 --- a/packages/squidGuard/squidguard_cls.inc +++ /dev/null @@ -1,1176 +0,0 @@ -<?php -# ---------------------------------------------------------------------------------------------------------------------~ -/* squidguard_cls.inc - (C)2006 Serg Dvoriancev - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ -# --------------------------------------------------------------------------------------------------------------------- -# SquidGuardConfigClass -# Generator SquidGuard configuration -# email: dv_serg@mail.ru -# --------------------------------------------------------------------------------------------------------------------- -# squidGuard command: -# squidGuard -C all - apdate database -# squidGuard -c <configfile> - create squidGuard with specified config file -# --------------------------------------------------------------------------------------------------------------------- -# Directories: -# work path - $workdir -# log path - $workdir + $logdir -# --------------------------------------------------------------------------------------------------------------------- - -define('FILES_DB_HEADER', ' -# ----------------------------------------------------------------------------- -# File created by squidGuard package GUI -# (C)2006 Serg Dvoriancev -# ----------------------------------------------------------------------------- -'); - -define('ACL_WARNING_ABSENSE_PASS', "!WARNING! Absence PASS 'all' or 'none' added as 'none'"); - -# --------------------------------------------------------------------------------------------------------------------- -define('REDIRECTOR_OPTIONS_REM', '# squidGuard options'); -define('REDIRECTOR_PROGRAM_OPT', 'redirect_program'); -define('REDIRECT_BYPASS_OPT', 'redirector_bypass'); -define('REDIRECT_CHILDREN_OPT', 'redirect_children'); -define('REDIRECTOR_PROCESS_COUNT', '3'); -define('SQUID_CONFIG_FILE', '/usr/local/etc/squid/squid.conf'); -define('SQUIDGUARD_CONFIG_FILE', '/squidGuard.conf'); -define('TMP_DIR', '/var/tmp'); -define('SQUIDGUARD_LOG_FILE', '/squidGuard_webgui.log'); -define('SQUIDGUARD_ACCESSBLOCK_FILE', 'squidguard_accessblock.log'); -define('SQUIDGUARD_BLK_ENTRIES', '/squidguard_blk_entries.ini'); -define('BLACKLIST_ARCHIVE', '/blacklists.tar.gz'); - -define('REDIRECT_BASE_URL', 'http://10.62.0.3/sgerror.php'); - -// debug options -define('DEBUG_UPDATE_SQUID_CONF', 'true'); -define('DEBUG_UPDATE_SQUIDGUARD_DB', 'true'); -define('DEBUG_MAKE_SQUIDGUARD_CONFIG', 'true'); - -define('SQUIDGUARD_LOG_DIR', '/log'); -define('SQUIDGUARD_BACKUP_DIR', '/backup'); - -// options -define('SQUIDGUARD_LOG_MAX_COUNT', '500'); // max log lines - -define('FLT_AD', 'ads'); -define('FLT_AGGRESSIVE', 'aggressive'); -define('FLT_AUDIOVIDEO', 'audio-video'); -define('FLT_DRUGGS', 'druggs'); -define('FLT_GAMBLING', 'gambling'); -define('FLT_HACKING', 'hacking'); -define('FLT_MAIL', 'mail'); -define('FLT_PORN', 'porn'); -define('FLT_PROXY', 'proxy'); -define('FLT_VIOLENCE', 'viol'); -define('FLT_WAREZ', 'warez'); - -define('FLT_DEFAULT_ALL', 'all'); - -define('OWNER_NAME', 'proxy'); // owner user name - -define('DEBUG_ON', 'true'); -# ------------------------------------------------------------------------------ -# -# ------------------------------------------------------------------------------ -function scan_dir($dir) { - $files = array(); - if (file_exists($dir)) { - $dh = opendir($dir); - while (false !== ($filename = readdir($dh))) - $files[] = $filename; - sort($files); - } - return $files; -} - -function std_blacklist_get_description() { - $dst_std = array(); - $dst_std[FLT_AD] = 'Reclama & banners filter'; - $dst_std[FLT_AGGRESSIVE] = 'Agressive content sites filter'; - $dst_std[FLT_AUDIOVIDEO] = 'Audio and Video sites filter'; - $dst_std[FLT_DRUGGS] = 'Druggs filter'; - $dst_std[FLT_GAMBLING] = 'Games sites filter'; - $dst_std[FLT_HACKING] = 'Hacking sites filter'; - $dst_std[FLT_MAIL] = 'Mail sites filter'; - $dst_std[FLT_PORN] = 'Porno sites filter'; - $dst_std[FLT_PROXY] = 'Proxy sites filter'; - $dst_std[FLT_VIOLENCE] = 'Violence content sites filter'; - $dst_std[FLT_WAREZ] = 'Wares, soft, downloads sites filter'; - return $dst_std; -} - -# ------------------------------------------------------------------------------ - -class SquidGuardConfigClass { - // variables - var $work_dir; - var $dbhome; - var $bin_path; - var $log_dir; // $work_dir + SQUIDGUARD_BACKUP_DIR - var $log_file; // $log_dir + SQUIDGUARD_LOG_FILE - - var $enabled; - var $blacklist_enabled; - - var $debug_history; - - // objects - var $sources; - var $dests; - var $blacklist; - var $times; - var $rewr; - var $acls; - var $acldef; - var $enable_deflog; // TODO: check for delete - - // temporary objects - var $expr; // temporary expressions list - not apply to config! - var $redir; // temporary expressions list - not apply to config! - - function __construct() { - $this->work_dir = ''; - $this->dbhome = ''; - $this->bin_path = ''; - $this->log_dir = ''; - $this->log_file = ''; - $this->init(); - } - - function init() { - $this->enabled = true; - $thus->blacklist_enabled = true; - - $this->acls = Array(); - $this->enable_deflog = ''; - $this->acldef = new ACLClass(); - $this->acldef->ini("default", "", "default acl"); - $this->acldef->assign("all"); - - $this->redir = Array(); - $this->expr = Array(); - $this->rewr = Array(); - $this->times = Array(); - $this->sources = Array(); - $this->dests = Array(); - $this->blacklist = Array(); - - // log - $this->add_log("Init squidGuard object."); - } - - function set_options($bin_path, $work_dir, $dbhome) { - $this->bin_path = $bin_path; - $this->work_dir = $work_dir; - $this->dbhome = $dbhome; - - $this->backup_dir = $work_dir . SQUIDGUARD_BACKUP_DIR; - $this->log_dir = $work_dir . SQUIDGUARD_LOG_DIR; - $this->log_file = $this->log_dir . SQUIDGUARD_LOG_FILE; - - // log - $this->add_log("Set bin path " . $this->bin_path, DEBUG_ON); - $this->add_log("Set work path " . $this->work_dir, DEBUG_ON); - $this->add_log("Set db path " . $this->dbhome, DEBUG_ON); - - $this->update(); - } - - function update() { - $this->add_log("Update squidGuard object."); - - // check work_dir, log_dir & create if not exists - if (!empty($this->work_dir)) { - $this->add_log("Check work directory."); - // check dir's - if (!file_exists($this->work_dir)) { - mwexec("mkdir " . $this->work_dir); - $this->add_log("Create work dir " . $this->work_dir, DEBUG_ON); - } - if (!file_exists($this->log_dir)) { - mwexec("mkdir " . $this->log_dir); - $this->add_log("Create log dir " . $this->log_dir, DEBUG_ON); - } - // set access right - set_file_access($this->work_dir, OWNER_NAME, 0755); - } - - // check squidguard db - if (!empty($this->dbhome)) { - $this->add_log("Check db directory."); - if (!file_exists($this->dbhome)) { - mwexec("mkdir " . $this->dbhome); - $this->add_log("Create db dir " . $this->dbhome, DEBUG_ON); - } - // set access right - set_file_access($this->dbhome, OWNER_NAME, 0755); - } - - // load blacklist configuration - if ($this->blacklist_enabled) { - $this->add_log("Load blacklist configuration."); - - if (file_exists($this->work_dir . SQUIDGUARD_BLK_ENTRIES)) { - $db_items = array(); - $blk_entries = explode("\n", file_get_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES)); - - // check files as dir's - $std_blk = std_blacklist_get_description(); - foreach($blk_entries as $df) { - if (($df != ".") && ($df != "..") && (is_dir($this->dbhome . "/" . $df))) { - $this->add_blacklist($df, $str_blk[$df]); - $this->add_log("Create $df", DEBUG_ON); - } - } - } - else $this->add_log("File " . $this->work_dir . SQUIDGUARD_BLK_ENTRIES . " not found."); - } - else $this->add_log("Blacklist disabled."); - } - - function reconfigure() { // TODO: check restart function order - $this->update(); - - // check and rebuild squidguard db - $this->add_log("Reconfigure squidGuard object"); - $this->update_destination_files(); - $this->remove_unused_db_entries(); - - // update only user dest items; blacklist rebuilded with when updated - if(!empty($this->dests)){ - $dblist = array(); - foreach($this->dests as $dst) - $dblist[] = $dst->name; - $this->rebuild_squidguard_db($dblist); - } - // generate squidGuard config - $this->add_log("Generate squidGuard config."); - $conf = $this->make_config(); - file_put_contents($this->work_dir . SQUIDGUARD_CONFIG_FILE, $conf); - file_put_contents('/usr/local/etc/squid' . SQUIDGUARD_CONFIG_FILE, $conf); // << my squidGuard want config '/usr/local/etc/squid' by default - set_file_access($this->work_dir, OWNER_NAME, 0755); - - // update squid config - $this->update_squid_conf(); - - // restart squid - squid automaticly restart redirector too - mwexec('squid'); - if (!mwexec('killall -HUP squid')) - $this->add_log("Restart squid .. success."); - else $this->add_log("Restart squid .. error."); - } - - # -------------------------------------------------------------------------------------------------------------- - # BLACKLIST - # If backup list set 'disable' - all his entries not used for filtering - # -------------------------------------------------------------------------------------------------------------- - - # - # Update blacklist db from file - # - function update_blacklist($upload_file) { - $this->add_log("Upload file $upload_file."); - if ($upload_file) { - // 1. unpack blacklist file - $this->add_log("Unpack file $upload_file .. "); - $bl_temp = '/var/tmp/blacklists'; - if (!mwexec('tar zxvf ' . $upload_file . ' -C /var/tmp/')) - $this->add_log("Success."); - else $this->add_log("Error!"); - - // 2. copy blacklist to squidGuard base - if (file_exists($bl_temp)) { - $this->add_log("Copy files to db.. "); - - // - copy blacklist & create entries list - $blk_files = scan_dir($bl_temp); - $blk_entries = array(); - foreach($blk_files as $bf) { - if (($bf != '.') && ($bf != '..')) { - $blk_entries[] = $bf; - if (!mwexec("cp -Rf $bl_temp/$bf " . $this->dbhome)) { - $this->add_log(" copy $bf success."); - } else $this->add_log(" copy $bl_temp/$bf -> $this->dbhome error."); - } - } - - // create entries list - if (count($blk_entries)) { - file_put_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES, implode("\n", $blk_entries)); - set_file_access($this->work_dir . SQUIDGUARD_BLK_ENTRIES, OWNER_NAME, 0755); - } - $this->remove_unused_db_entries(); - - // clearing temp - mwexec("rm -R $bl_temp"); - } - set_file_access($this->dbhome, OWNER_NAME, 0755); - } - } - - # - # remove unused DB entries - # - function remove_unused_db_entries() { - $this->add_log("Remove unused db entries."); - $db_entries = array(); - $file_list = ''; - // blk entries - if (file_exists($this->work_dir . SQUIDGUARD_BLK_ENTRIES)) { - $db_entries = explode("\n", file_get_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES)); - - // user entries - foreach($this->dests as $dst) - $db_entries[] = $dst->name; - - $file_list = scan_dir($this->dbhome); - $file_for_del = array_diff($file_list, $db_entries); - - foreach($file_for_del as $fd) { - $file_fd = $this->dbhome . "/" . $fd; - if (($fd != "") && ($fd != ".") && ($fd != "..")) { - if (file_exists($file_fd)) { - if (!mwexec("rm -R . $file_fd")) - $this->add_log("Delete $file_fd"); - else $this->add_log("Error delete $file_fd"); - } else $this->add_log("File $file_fd not found"); - } - } - } - - } - - # - # Update squidGuard DB from user defined destinations - # - function update_destination_files() { - $this->add_log("Update destination files to db."); - if(!empty($this->dests)){ - foreach($this->dests as $dst) { - $log = $dst->update_destination_files($this->dbhome); - $this->add_log($log); - } - } - $this->add_log($log); - set_file_access($this->dbhome, OWNER_NAME, 0755); - } - - # - # rebuild db: All ($dblist == '') or from listing ($dblist is array) - # - function rebuild_squidguard_db($dblist='') { - - set_file_access($this->dbhome, OWNER_NAME, 0755); // before - - $this->add_log("Start rebuild database."); - if (is_array($dblist)) { - foreach($dblist as $dbn) { - if (($dbn !== ".") && ($dbn !== "..") && file_exists($this->dbhome . "/$dbn")) { - if (!mwexec($this->bin_path . "/squidGuard -C"))// $dbn")) - $this->add_log("Rebuild $dbn - success."); - else $this->add_log("Rebuild $dbn - error."); - } else - $this->add_log("Error rebuild database! Dir " . $this->dbhome . "/$dbn not found."); - } - } else { - // rebuild squidGuard DB - // -C - create db files; -u - update '.diff' files to db - if (!mwexec($this->bin_path . '/squidGuard -C all')/* && - !mwexec($this->bin_path . '/squidGuard -u')*/) - $this->add_log("Rebuild all db - success."); - else $this->add_log("Rebuild all db - error!"); - } - // set_file_access($this->dbhome, OWNER_NAME, 0755); // after - } - - // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - // Insert to '/usr/local/squid/etc/squid.conf' options: - // redirector_bypass on - // redirect_program /usr/local/squidGuard/bin/squidGuard -c /path_to_config_file - // redirect_children 1 - // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - // Command for restart squid with all redirectors - // # killall -HUP squid - // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - - function update_squid_conf() { - $this->add_log("Update 'squid.conf' file"); - $opt = ''; - $squid_conf_file = SQUID_CONFIG_FILE; - $redirector_path = $this->bin_path . '/squidGuard'; - $redirector_conf = $this->work_dir . SQUIDGUARD_CONFIG_FILE; - $this->add_log("Redirector path=$redirector_path", DEBUG_ON); - - // update squid.conf file - if (file_exists($squid_conf_file)) { - $conf = file_get_contents($squid_conf_file); - - // remove redirector options from 'squid.conf' - $conf = explode("\n", $conf); - for($i=0; $i<count($conf); $i++) { - $s = trim($conf[$i]); - if (strpos($s, REDIRECTOR_OPTIONS_REM) === 0) $conf[$i] = ''; - if (strpos($s, REDIRECTOR_PROGRAM_OPT) === 0) $conf[$i] = ''; - if (strpos($s, REDIRECT_BYPASS_OPT) === 0) $conf[$i] = ''; - if (strpos($s, REDIRECT_CHILDREN_OPT) === 0) $conf[$i] = ''; - } - $conf = implode("\n", $conf); - $conf = rtrim($conf); - - if ($this->enabled) { - // add redirector options from 'squid.conf' - $conf .= "\n"; - $conf .= "\n" . REDIRECTOR_OPTIONS_REM; - $conf .= "\n" . REDIRECTOR_PROGRAM_OPT . " $redirector_path -c $redirector_conf"; - $conf .= "\n" . REDIRECT_BYPASS_OPT . ' on'; - $conf .= "\n" . REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT; - } - $conf .= "\n"; - file_put_contents($squid_conf_file, $conf); - } - else { - $this->add_log("File '$squid_conf_file' not found"); - } - } - - # ------------------------------------------------------------------------------------------------------------- - # Operations - # ------------------------------------------------------------------------------------------------------------- - - function set_default_acl($time, $desc, - $ontime_rule, /*[pass][$rewr][$redir][$log]*/ - $overtime_rule = '', /*[$overpass][$overrew][$overredir][$overlog]*/ - $disabled = '', $enable_deflog = '') - { - $this->enable_deflog = $enable_deflog; - $this->acldef->ini("default", $time, $desc, $disabled); - if (is_array($ontime_rule)) - $this->acldef->assign($ontime_rule['pass'], $ontime_rule['redirect'], $ontime_rule['rewrite'], $ontime_rule['log']); - - if (is_array($overtime_rule)) - $this->acldef->assign_over($overtime_rule['pass'], $overtime_rule['redirect'], $overtime_rule['rewrite'], $overtime_rule['log']); - } - - function & add_acl($src_name, $time, $desc, - $ontime_rule, /*[pass][$rewr][$redir][$log]*/ - $overtime_rule = '', /*[$overpass][$overrew][$overredir][$overlog]*/ - $disabled = '') - { - $item = new ACLClass(); - $item->ini($src_name, $time, $desc, $disabled); - if (is_array($ontime_rule)) - $item->assign($ontime_rule['pass'], $ontime_rule['redirect'], $ontime_rule['rewrite'], $ontime_rule['log']); - - if (is_array($overtime_rule)) - $item->assign_over($overtime_rule['pass'], $overtime_rule['redirect'], $overtime_rule['rewrite'], $overtime_rule['log']); - - $this->acls[$src_name] = $item; - return $this->acls[$src_name]; - } - - function del_acl($name, $time, $desc) { - $this->acls[$name] = ''; - } - - function & add_src($name, $ip, $desc, $enablelog) { - $item = new SrcClass(); - $item->ini($name, $ip, $desc, $enablelog); - $this->sources[$name] = $item; - return $this->sources[$name]; - } - - function del_src($name) { - $this->sources[$name] = ""; - } - - function & add_dest($name, $domains, $urls, $expr, $redir, $desc, $enablelog) { - $item = new DestClass(); - $item->ini($name, $domains, $urls, $expr, $redir, $desc, $enablelog); - $this->dests[$name] = $item; - return $this->dests[$name]; - } - - function del_dest($name) { - $this->dests[$name] = ""; - } - - function & add_blacklist($name, $desc) { - $item = new DestClass(); - $item->ini($name, "", "", "", "", $desc); - $this->blacklist[$name] = $item; - return $this->blacklist[$name]; - } - - function & add_time($name, $desc) { - $item = new TimeClass(); - $item->ini($name, $desc); - $this->times[$name] = $item; - return $this->times[$name]; - } - - function del_time($name) { - $this->times[$name] = ""; - } - - function & add_rewrite($name, $desc, $enablelog) { - $item = new RewrClass(); - $item->ini($name, $desc, $enablelog); - $this->rewr[$name] = $item; - return $this->rewr[$name]; - } - - function del_rewrite($name) { - $this->rewr[$name] = ''; - } - - function goto_dir($workdir, $subdir) { - $res = false; - $dir = @chdir($workdir); - if ($dir) { // workdir exists - $dir = "$workdir \\ $subdir"; - if (@chdir($dir)) // dir exists - $res = true; - elseif (@mkdir($dir, 0755)) // need create dir - $res = true; - else $this->add_log("ERROR: Can't create dir $dir"); - } else $this->add_log("ERROR: Work path $workdir not found."); - return $res; - } - - # - # Make config - # - function make_config() { - $conf = ''; - // header - // ================================================================================================================= - $conf .= "\n# " . str_repeat("=", 119); - $conf .= "\n# SquidGuard configuration file"; - $conf .= "\n# "; - $conf .= "\n# This file generated automaticly with SquidGuardClass"; - $conf .= "\n# "; - $conf .= "\n# SquidGuardConfigClass (C)2006 Serg Dvoriancev"; - $conf .= "\n# email: dv_serg@mail.ru"; - $conf .= "\n# "; - $conf .= "\n# " . str_repeat("=", 119); - $conf .= "\n"; - // ================================================================================================================= - - if(!empty($this->log_dir)) - $conf .= "\nlogdir " . $this->log_dir; - - if(!empty($this->dbhome)) - $conf .= "\ndbhome " . $this->dbhome; - - $conf .= "\n"; - - // make times - if(!empty($this->times)){ - foreach($this->times as $time) { - $conf .= $time->make_config($this); - } - } - - // make sources - if(!empty($this->sources)){ - foreach($this->sources as $src) { - $conf .= $src->make_config($this); - } - } - - // make blacklist - $conf .= "\n# Blacklist"; - if($this->blacklist_enabled) { - if (!empty($this->blacklist)) { - foreach($this->blacklist as $dest) - $conf .= $dest->make_config($this); - } else $conf .= "\n# Blacklist empty\n"; - } else $conf .= "\n# Blacklist disabled\n"; - - // make destinations - $conf .= "\n# User destinations"; - if(!empty($this->dests)){ - foreach($this->dests as $dest) { - $conf .= $dest->make_config($this); - } - } - - // make rewrites - if (!empty($this->rewr)) { - foreach($this->rewr as $rewr) { - $conf .= $rewr->make_config($this); - } - } - - // make acls - $conf .= "\nacl {"; - if (!empty($this->acls)) { - foreach($this->acls as $acl) { - $conf .= $acl->make_config($this); - } - } - $conf .= $this->acldef->make_config($this); - $conf .= "\n }"; - - return $conf; - } - - # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - # Log - # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - function add_log($str, $is_debug = '') { - - // if set $is_debug as value, but ($is_debug != 'on') then return - // this defined for include debug info to log; - // add_log('str') - simple log, add_log('str', 'on') - debig log; - // looking constant 'DEBUG_ON' - if ($is_debug && ($is_debug != 'on')) return; - - if (file_exists($this->log_dir)) { - if (file_exists($this->log_file)) - $log = file_get_contents($this->log_file); - $log = explode("\n", $log); - - $s = trim($str); - if (!empty($s)) $log[] = date("d.m.Y H:i:s") . ": $s"; - - // check log lines count - while(count($log) > SQUIDGUARD_LOG_MAX_COUNT) : - $log = array_shift($log); - endwhile; - - if ($log) - $log = implode("\n", $log); - file_put_contents($this->log_file, $log); - set_file_access($this->log_file, OWNER_NAME, 0755); - } - } - - function get_log() { - $log = ''; - if (file_exists($this->log_file)) - $log = file_get_contents($this->log_file); - return $log; - } - - function get_log_html() { - $log = $this->get_log(); - return str_replace("\n", "<br>", $this->get_log()); - } - - function test_work($urls_src) { - $result = ''; - $urls = ''; - if (is_array($urls_src)) - $urls = implode("\n", $urls_src); - else $urls = $urls_src; - $test_file = "/var/tmp/test.urls"; - file_put_contents($test_file, $urls); - $result = exec ("/usr/local/bin/squidGuard < $test_file"); - file_put_contents("$test_file.result", $result); - return $result; - } - -} - -// ===================================================================================================================== -// RewrClass -// ===================================================================================================================== - -class RewrClass { - var $name; - var $desc; - var $rewrites; - var $enablelog; - - function __construct() { - $this->name = ''; - $this->desc = ''; - $this->rewrites = Array(); - $this->enablelog = ''; - } - - function ini($name, $desc, $enablelog = '') { - $this->name = $name; - $this->desc = $desc; - $this->enablelog = $enablelog; - } - - function add_item($target_url, $replace_to, $case_ins='', $http_301='', $http_302='') { - $item .= "s@$target_url@$replace_to@"; - if (!empty($case_ins)) $item .= 'i'; - if (!empty($case_ins)) $item .= 'r'; // TODO: r and R - check work options? - if (!empty($case_ins)) $item .= 'R'; // -//- - $this->rewrites[] = $item; - } - - function make_config($owner) { - $name = $this->name; - $desc = $this->desc; - $enablelog = $this->enablelog; - $conf = ''; - $conf .= "\nrew $name { "; - if (!empty($desc)) - $conf .= "\t# $desc"; - - if (is_array($this->rewrites)) { - foreach($this->rewrites as $rew) { - $conf .= "\n $rew"; - } - } - if ($enablelog) - $conf .= "\n log = $name"; - $conf .= "\n }"; - $conf .= "\n"; - return $conf; - } -} - -class TimeClass { - var $name; - var $items; - var $desc; - - function __construct() { - $this->name = ''; - $this->desc = ''; - $this->items = Array(); - } - - function ini($name, $desc) { - $this->name = $name; - $this->desc = $desc; - } - - function & add_date($daterange, $timerange) { - $item = new TimeItem(); - $item->ini("date", '', $daterange, $timerange); - $this->items[] = $item; -// return $this->items[count($this->items-1)]; - } - - function & add_weekly($days, $timerange) { - $item = new TimeItem(); - $item->ini("weekly", $days, '', $timerange); - $this->items[] = $item; -// return $this->items[count($this->items-1)]; - } - - function make_config($owner) { - $conf = ''; - $name = $this->name; - $desc = $this->desc; - $conf .= "\ntime $name { "; - if ($desc != "") - $conf .= "\t# $desc"; - if (is_array($this->items)) { - foreach($this->items as $item) { - $type = $item->type; - $days = $item->days; - $dates = $item->dates; - $hours = $item->hours; - if ($item->type == "date") - $conf .= "\n date $dates $hours"; - else $conf .= "\n weekly $days $hours"; - } - } - $conf .= "\n }"; - $conf .= "\n"; - return $conf; - } -} - -class TimeItem { - var $type; - var $days; - var $dates; - var $hours; - - function __construct() { - $this->type = ''; - $this->days = ''; - $this->dates = ''; - $this->hours = ''; - } - - function ini($type, $days, $dates, $hours) { - $this->type = $type; - $this->days = $days; - $this->dates = $dates; - $this->hours = $hours; - } -} - -class DestClass { - var $name; - var $domains; // array - var $urls; // array - var $expr; // array - var $redir; - var $desc; - var $enablelog; - - function __construct() { - $this->name = ''; - $this->domains = array(); - $this->urls = array(); - $this->expr = array(); - $this->redir = ''; - $this->desc = ''; - $this->enablelog = ''; - } - - function ini($name, $domains, $urls, $expr, $redir, $desc, $enablelog = '') { - $this->name = $name; - $this->domains = explode(' ', $domains); - $this->urls = explode(' ', $urls); - $this->expr = explode(' ', $expr); - $this->redir = $redir; - $this->desc = $desc; - $this->enablelog = $enablelog; - } - - // create custom destination files - function update_destination_files($dbcatalog) { - $log = "\n\nUpdate destination file " . $this->name; - $path = $dbcatalog . '/' . $this->name . '/'; - $log .= "\npath = $path"; - - // 1 - set/check destination catalog - if (!file_exists($path)) { - if (!mkdir ($path, 0755)) { - $log .= "\nError create dir $path"; - return $log; // error create dir - } else $log .= "\nCreate dir."; - } - - // 2 - build domains file - if (!empty($this->domains)) { - $content = ''; - foreach($this->domains as $dm) { - $content .= "\n$dm"; - } - - $content = trim($content); - if (!empty($content)) { - file_put_contents($path . '/domains', $content); - $log .= "\nadd domains"; - } - } - - // 3 - build urls file - if (!empty($this->urls)) { - $content = ''; - foreach($this->urls as $url) { - $content .= "\n$url"; - } - - $content = trim($content); - if (!empty($content)) { - file_put_contents($path . '/urls', $content); - $log .= "\nadd urls"; - } - } - - // 4 - build expression file - if (!empty($this->expr)) { - $content = ''; - foreach($this->expr as $ex) { - $content .= "\n$ex"; - } - - $content = trim($content); - if (!empty($content)) { - file_put_contents($path . '/expressions', $content); - $log .= "\nadd expressions"; - } - } - - return $log; - } - - function make_config($owner) { - $file = ''; - $conf = ''; - $name = $this->name; - $dbhome = $owner->dbhome; - $domains = $this->domains; - $urls = $this->urls; - $expr = $this->expr; - $redir = $this->redir; - $desc = $this->desc; - $enablelog = $this->enablelog; - - $conf .= "\ndest $name { "; - - # description - if ($desc != "") - $conf .= "\t# $desc"; - - # domains - if ($domains != "") { - $file = $dbhome . "/$name/domains"; - if (file_exists($file)) - $conf .= "\n domainlist $name/domains"; - } - - # expressions - if ($expr != "") { - $file = $dbhome . "/$name/expressions"; - if (file_exists($file)) - $conf .= "\n expressionlist $name/expressions"; - } - - # urls - if ($urls != "") { - $file = $dbhome . "/$name/urls"; - if (file_exists($file)) - $conf .= "\n urllist $name/urls"; - } - - if ($redir != "") - $conf .= "\n redirect $redir"; - - if ($enablelog) - $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE; - - $conf .= "\n }"; - $conf .= "\n"; - - return $conf; - } -} - -class SrcClass { - var $name; - var $ip; - var $domain; - var $users; - var $desc; - var $enablelog; - - function __construct() { - $this->name = ''; - $this->ip = ''; - $this->domain = ''; - $this->desc = ''; - $this->enablelog = ''; - $this->users = Array(); - } - - function ini($name, $ip, $desc, $enablelog = '') { - $this->name = $name; - $this->ip = $ip; - $this->domain = ''; - $this->desc = $desc; - $this->enablelog = $enablelog; - } - - function make_config($owner) { - $conf = ''; - $name = $this->name; - $ip = $this->ip; - $desc = $this->desc; - $enablelog = $this->enablelog; - $conf .= "\nsrc $name { "; - if ($desc != "") - $conf .= "\t# $desc"; - $conf .= "\n ip $ip"; - if ($enablelog) - $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE; - $conf .= "\n }"; - $conf .= "\n"; - return $conf; - } -} - -class ACLClass { - var $src; - var $time; - var $desc; - var $disabled; - - var $pass; // pass array. if last item = 'all' then 'pass all' or 'pass none' - var $redir; - var $rewr; - var $log; - - var $over_pass; // array of overtime dest's - var $over_redir; - var $over_rewr; - var $over_log; - - function __construct() { - $this->src = ''; - $this->time = ''; - $this->desc = ''; - $this->disabled = ''; - } - - function ini($src, $time, $desc, $disabled='') { - $this->src = $src; - $this->time = $time; - $this->desc = $desc; - $this->disabled = $disabled; - } - - function assign($pass, $redir='', $rewr='', $log='') { - $this->pass = $pass; - // check and fix absence of "all" and "none" - if (!empty($pass) && (substr_count($pass, "all") == 0) && (substr_count($pass, "none") == 0)) { - $this->pass .= " none"; - $this->desc .= " <Uptime> " . ACL_WARNING_ABSENSE_PASS . " "; - } - - $this->redir = $redir; - $this->rewr = $rewr; - $this->log = $log; - } - - function assign_over($pass, $redir='', $rewr='', $log='') { // used only if assigned time - $this->over_pass = $pass; - // check and fix absence of "all" and "none" - if (!empty($pass) && (substr_count($pass, "all") == 0) && (substr_count($pass, "none") == 0)) { - $this->over_pass .= " none"; - $this->desc .= " <Overtime> " . ACL_WARNING_ABSENSE_PASS; - } - - $this->over_redir = $redir; - $this->over_rewr = $rewr; - $this->over_log = $log; - } - - function make_config($owner) { - $conf = ''; - $src = $this->src; - $time = $this->time; - $desc = $this->desc; - - // if item disabled - skip make_config - if ($this->disabled == 'on') { - $conf .= "\n\n # rule $src disabled"; - return $conf; - } - - $conf .= "\n"; - $conf .= "\n $src $time { "; - if (!empty($desc)) - $conf .= "\t# $desc"; - $err_comment = ''; - $pass = $this->pass; - if (is_array($pass)) { - // check dest's - foreach ($pass as $dst) { - if (($dst != 'all') && ($dst != 'none')) { - $obj = $owner->dests[$dst]; - if (!is_object($obj)) $err_comment .= " $dst"; - } - } - $err_comment .= "***!!!***"; - if (!empty($err_comment)) - $err_comment .= " error: dest's '$err_comment' not found"; - $pass = implode(" ", $pass); - } - - $conf .= "\n pass $pass"; - if (!empty($err_comment)) $conf .= " # $err_comment"; - unset($err_comment); - - $redir = $this->redir; - if (!empty($redir)) { - $rstr = strtolower(trim($redir)); - if ((strpos($rstr, 'http://') !== false) || - (strpos($rstr, 'https://') !== false) || - (strpos($rstr, 'ftp://') !== false)) - $conf .= "\n redirect " . REDIRECT_BASE_URL . "?url=" . $rstr; - else $conf .= "\n redirect " . REDIRECT_BASE_URL . "?msg=" . urlencode($redir); - } - - $rewr = $this->rewr; - if (!empty($rewr)) { - // check redirection name for exists - $err_comment = ''; - $obj = $owner->rewr[$rewr]; - if (empty($obj) || !is_object($obj)) - $err_comment = " rewrite '$rewr' not found"; - - $conf .= "\n rewrite $rewr # $err_comment"; - } - - $log = $this->log; - if (!empty($log) && ($src=='default')) - $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE; - - $conf .= "\n }"; - - // alternative - $pass = $this->over_pass; - $redir = $this->over_redir; - $rewr = $this->over_rewr; - $log = $this->over_log; - if (!empty($time) && !empty($pass)) { - $conf .= " else {"; - $conf .= "\n pass $pass"; - if (empty($this->pass) || ($this->pass[count($this->pass) - 1] != 'all')) - $conf .= " none"; - if (!empty($redir)) - $conf .= "\n redirect $redir"; - if (!empty($rewr)) - $conf .= "\n rewrite $rewrite"; - // log only for default - if (!empty($log) && ($src=='default')) - $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE; - $conf .= "\n }"; - } - - return $conf; - } -} - -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# Set file access -# -function set_file_access($dir, $owner, $mod) { - chown($dir, $owner); - chgrp($dir, $owner); - chmod($dir, $mod); - - if (is_dir($dir)) { - $hd = opendir($dir); - while (($item = readdir($hd)) !== false) { - if (($item != ".") && ($item != "..")) { - $path = "$dir/$item"; - if (is_dir($path)) - set_file_access($path, $owner, $mod); - else { - chown($path, $owner); - chgrp($path, $owner); - chmod($path, $mod); - } - } - } - } -} - -?> |