diff options
author | D. V. Serg <dvserg@pfsense.org> | 2007-11-08 12:12:39 +0000 |
---|---|---|
committer | D. V. Serg <dvserg@pfsense.org> | 2007-11-08 12:12:39 +0000 |
commit | 691da8b941d64ac8fe78c5517da00c453f2bab24 (patch) | |
tree | c0a706521de8989bcb445709afb3f30c5b413044 /packages/squidGuard | |
parent | 8a9ea051b652fdc909693f5e4b053a0bc6d509a6 (diff) | |
download | pfsense-packages-691da8b941d64ac8fe78c5517da00c453f2bab24.tar.gz pfsense-packages-691da8b941d64ac8fe78c5517da00c453f2bab24.tar.bz2 pfsense-packages-691da8b941d64ac8fe78c5517da00c453f2bab24.zip |
*** empty log message ***
Diffstat (limited to 'packages/squidGuard')
-rw-r--r-- | packages/squidGuard/squidguard.inc | 1177 | ||||
-rw-r--r-- | packages/squidGuard/squidguard_acl.xml | 148 | ||||
-rw-r--r-- | packages/squidGuard/squidguard_cls.inc | 1176 | ||||
-rw-r--r-- | packages/squidGuard/squidguard_default.xml | 104 | ||||
-rw-r--r-- | packages/squidGuard/squidguard_dest.xml | 147 | ||||
-rw-r--r-- | packages/squidGuard/squidguard_log.xml | 68 | ||||
-rw-r--r-- | packages/squidGuard/squidguard_rewr.xml | 131 | ||||
-rw-r--r-- | packages/squidGuard/squidguard_src.xml | 109 | ||||
-rw-r--r-- | packages/squidGuard/squidguard_time.xml | 127 |
9 files changed, 3187 insertions, 0 deletions
diff --git a/packages/squidGuard/squidguard.inc b/packages/squidGuard/squidguard.inc new file mode 100644 index 00000000..9f044574 --- /dev/null +++ b/packages/squidGuard/squidguard.inc @@ -0,0 +1,1177 @@ +<?php + +# --------------------------------------------------------------------------------------------------------------------- +# squidguard.inc +# (C)2006 Serg Dvoriancev +/* Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +# --------------------------------------------------------------------------------------------------------------------- + +if ($_SERVER['SCRIPT_FILENAME'] == '/usr/local/www/packages/config/squidguard.inc') { + exit; +} + +require_once('globals.inc'); +require_once('config.inc'); +require_once('util.inc'); +require_once('pfsense-utils.inc'); +require_once('pkg-utils.inc'); +require_once('filter.inc'); +require_once('service-utils.inc'); +require_once('squidguard_cls.inc'); +# --------------------------------------------------------------------------------------------------------------------- +define('SQUIDGUARD_CONFBASE', '/usr/local/etc/squid'); +define('SQUIDGUARD_CONFFILE', '/squidguard.conf.test'); +define('SQUIDGUARD_BINPATH', '/usr/local/bin'); +define('SQUIDGUARD_WORKDIR', '/usr/local/etc/squidGuard'); +define('SQUIDGUARD_DBHOME', '/var/db/squidGuard'); + +define('SQUIDGUARD_WEBGUI_LOG', '/squidguard_gui.log'); +define('SQUIDGUARD_WEBGUI_HISTORY_LOG', '/squidguard_gui_history.log'); + +# --------------------------------------------------------------------------------------------------------------------- + +define('FLD_NAME', 'name'); +define('FLD_DEST', 'dest'); +define('FLD_SOURCE', 'source'); +define('FLD_DESTINATION', 'dest'); +define('FLD_REWRITE', 'rewrite'); +define('FLD_REDIRECT', 'redirect'); +define('FLD_TIME', 'time'); +define('FLD_OVERDESTINATION', 'overdestination'); +define('FLD_OVERREWRITE', 'overrewrite'); +define('FLD_OVERREDIRECT', 'overredirect'); +define('FLD_TARGETURL', 'targeturl'); +define('FLD_REPLACETO', 'replaceto'); +define('FLD_TIMETYPE', 'timetype'); +define('FLD_TIMEDAYS', 'timedays'); +define('FLD_DATERANGE', 'daterange'); +define('FLD_TIMERANGE', 'timerange'); +define('FLD_IPLIST', 'iplist'); +define('FLD_DESCRIPTION', 'description'); +define('FLD_EXPRESSIONS', 'expressions'); +define('FLD_DOMAINS', 'domains'); +define('FLD_URLS', 'urls'); +define('FLD_DISABLED', 'disabled'); +define('FLD_ENABLELOG', 'enablelog'); + +define('PREFLD_UPTIME', 'uptime_'); +define('PREFLD_UPTIME_DENY', 'uptimedeny_'); +define('PREFLD_OVERTIME', 'overtime_'); +define('PREFLD_OVERTIME_DENY', 'overtimedeny_'); + +define('MODULE_GENERAL', 'squidguardgeneral'); +define('MODULE_DEFAULT', 'squidguarddefault'); +define('MODULE_ACL', 'squidguardacl'); +define('MODULE_DESTINATION', 'squidguarddest'); +define('MODULE_REWRITE', 'squidguardrewrite'); +define('MODULE_SOURCE', 'squidguardsrc'); +define('MODULE_TIME', 'squidguardtime'); +define('MODULE_LOG', 'squidguardlog'); + +define('BLACKLIST_DEFAULT_URL', 'http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz'); // 360Kb +//define('BLACKLIST_DEFAULT_URL', 'http://squidguard.mesd.k12.or.us/blacklists.tgz'); // 3.5Mb +// define('BLACKLIST_DEFAULT_URL', 'http://blacklist.dansguardian.org/cgi-bin/download.pl?type=download&file=bigblacklist'); +define('BLACKLIST_TMP_FILE', '/var/tmp/blacklists.tar.gz'); +define('BLACKLIST_BTN_STD', 'Upload Std'); +define('BLACKLIST_BTN_URL', 'Upload Url'); +define('BLACKLIST_BTN_FILE', 'Upload File'); +define('BLACKLIST_LOGFILE', 'blacklist.log'); + +define('APPLY_BTN', 'Apply'); + +define('WEBGUI_HISTORY_LOG', 'on'); + +define('TEST_LOG', '/var/tmp/sqtest.test'); + +# --------------------------------------------------------------------------------------------------------------------- +# squidguard_object +# --------------------------------------------------------------------------------------------------------------------- +$squidguard_object = create_squidguard_object(); + + +# --------------------------------------------------------------------------------------------------------------------- +# functions +# --------------------------------------------------------------------------------------------------------------------- + +function create_squidguard_object() { + $sg_object = new SquidGuardConfigClass(); + $sg_object->debug_history .= "->create_squidguard_object"; + $sg_object->set_options(SQUIDGUARD_BINPATH, SQUIDGUARD_WORKDIR, SQUIDGUARD_DBHOME); + + squidguard_ini_object(&$sg_object); + return $sg_object; +} + +function squidguard_ini_object($sg_object) { + global $config; + + $sg_object->debug_history .= "->squidguard_ini_object"; + $sg_object->init(); + if ($config['installedpackages'][MODULE_GENERAL]['config'][0]['squidguard_enable'] != '') + $sg_object->enabled = true; + else $sg_object->enabled = false; + + if ($config['installedpackages'][MODULE_GENERAL]['config'][0]['blacklist'] != '') + $sg_object->blacklist_enabled = true; + else $sg_object->blacklist_enabled = false; + + // rewrite's + $rewrite = $config['installedpackages'][MODULE_REWRITE]; // ['config']; + if (is_array($rewrite)) { + foreach($rewrite['config'] as $rew) { + // rewrite object + $sg_rew =& $sg_object->add_rewrite($rew[FLD_NAME], $rew[FLD_DESCRIPTION], $rew[FLD_ENABLELOG]); + if (is_array($rew) and count($rew['row'])) { + foreach($rew['row'] as $row) { + // rewrite items + $sg_rew->add_item($row[FLD_TARGETURL], $row[FLD_REPLACETO]); + } + } + } + } + + // time's + $time = $config['installedpackages'][MODULE_TIME]['config']; + if (is_array($time)) { + foreach($time as $tm) { + // time object + $sg_time =& $sg_object->add_time($tm[FLD_NAME], $tm[FLD_DESCRIPTION]); + foreach($tm['row'] as $row) { + // time items + if ($row[FLD_TIMETYPE] == 'date') // 0 - "date"$FLD_TIMETYPE + $sg_time->add_date ($row[FLD_DATERANGE], $row[FLD_TIMERANGE]); + else $sg_time->add_weekly ($row[FLD_TIMEDAYS], /* $row[FLD_DATERANGE], */$row[FLD_TIMERANGE]); + } + } + } + + // source's + $source = $config['installedpackages'][MODULE_SOURCE]['config']; + if (is_array($source)) { + foreach($source as $src) { + // source object + $sg_src =& $sg_object->add_src($src[FLD_NAME], $src[FLD_IPLIST], + $src[FLD_DESCRIPTION], $src[FLD_ENABLELOG]); + } + } + + // destination's + $destination = $config['installedpackages'][MODULE_DESTINATION]['config']; + if (is_array($destination)) { + foreach($destination as $dest) { + // destination object + $sg_ds =& $sg_object->add_dest($dest[FLD_NAME], $dest[FLD_DOMAINS], $dest[FLD_URLS], + $dest[FLD_EXPRESSIONS], $dest[FLD_REDIRECT], $dest[FLD_DESCRIPTION], + $dest[FLD_ENABLELOG]); + } + } + + // acl's + $acl = $config['installedpackages'][MODULE_ACL]['config']; + if (is_array($acl)) { + foreach($acl as $ac) { + $passes = str_replace("]", "", trim($ac[FLD_DESTINATION])); + $passes = explode("[", $passes); + $pass = ""; + $overpass = ""; + if (is_array($passes)) { + $pass = $passes[0]; + $overpass = $passes[1]; + } + // acl object; log defined only for default acl + $sg_acl =& $sg_object->add_acl( + $ac[FLD_SOURCE], $ac[FLD_TIME], $ac[FLD_DESCRIPTION], + array('pass' => $pass, 'rewrite'=>$ac[FLD_REWRITE], 'redirect'=>$ac[FLD_REDIRECT], 'log'=>''), + array('pass' => $overpass, 'rewrite'=>$ac[FLD_REWRITE], 'redirect'=>$ac[FLD_REDIRECT], 'log'=>''), + $ac[FLD_DISABLED] + ); + } + } + + // default acl; log defined only for default acl + $acdef = $config['installedpackages'][MODULE_DEFAULT]['config'][0]; + if (is_array($acdef)) { + $passes = str_replace("]", "", trim($acdef[FLD_DESTINATION])); + $passes = explode("[", $passes); + $pass = ""; + $overpass = ""; + if (is_array($passes)) { + $pass = $passes[0]; + $overpass = $passes[1]; + } + // default acl object + $sg_object->set_default_acl( + $acdef[FLD_TIME], $acdef[FLD_DESCRIPTION], + array('pass' => $pass, 'rewrite'=>$acdef[FLD_REWRITE], 'redirect'=>$acdef[FLD_REDIRECT], 'log'=>$acdef[FLD_ENABLELOG]), + array('pass' => $overpass, 'rewrite'=>$acdef[FLD_REWRITE], 'redirect'=>$acdef[FLD_REDIRECT], 'log'=>$acdef[FLD_ENABLELOG]), + $acdef[FLD_DISABLED] + ); + } + + // update squidguard object + $sg_object->update(); +} + + +# --------------------------------------------------------------------------------------------------------------------- +# install/deinstall +# --------------------------------------------------------------------------------------------------------------------- +function squidguard_deinstall() { + +} + +# --------------------------------------------------------------------------------------------------------------------- +# Upload file to /var/tmp directory +# --------------------------------------------------------------------------------------------------------------------- +function upload_file($file) { + global $squidguard_object; + + $res = ''; + $cat = '/var/tmp/'; + +$squidguard_object->add_log("FILES: " . count($_FILES)); + + if (isset($_FILES[$file])) { // if file exists + if (move_uploaded_file($_FILES[$file]['tmp_name'], $cat . $_FILES[$file]['name'])) { + $res = true; + } // else blacklist_add_log('Нифига нет Files=' . count($_FILES)); + } + return $res; +} + + +# --------------------------------------------------------------------------------------------------------------------- +# default squidguard blacklist +# http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz +# --------------------------------------------------------------------------------------------------------------------- +// upload file and put them to temp catalog +function upload_file_from_url($url_file, $destination_file, $proxy) { + global $squidguard_object; + + // open destination file + $upload_tmp = '/var/tmp/blacklists.tar.gz'; + $result = ''; + $squidguard_object->add_log("Begin upload from URL $url_file"); + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL,BLACKLIST_DEFAULT_URL); + curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); + if ($proxy != '') { + $ip = ''; + $login = ''; + $s = trim($proxy); + if (strpos($s, ' ')) { + $ip = substr($s, 0, strpos($s, ' ')); + $login = substr($s, strpos($s, ' ') + 1); + } else $ip = $s; + + if($ip != '') { + $s_log = "Host[$ip] "; + curl_setopt($ch, CURLOPT_PROXY, $ip); + if($login != '') { + $s_log .= "Login[$login]"; + curl_setopt($ch, CURLOPT_PROXYUSERPWD, $login); + } + $squidguard_object->add_log("Proxy settings: $s_log"); + } + } else $squidguard_object->add_log("Proxy: not defined"); + $result=curl_exec ($ch); + curl_close ($ch); + + // TODO: check uploaded content for '.gz' file format + + if (file_put_contents($upload_tmp, $result) > 0) { + $squidguard_object->add_log("Uploaded success."); + } else $squidguard_object->add_log("Upload error."); + return $upload_tmp; +} + +# --------------------------------------------------------------------------------------------------------------------- +# Validates +# --------------------------------------------------------------------------------------------------------------------- +function squidguard_validate_default($post, $input_errors) { + squidguard_validate_acl($post, &$input_errors); +} + +function squidguard_validate_acl($post, $input_errors) { + global $config; + $pass_up = array(); + $deny_up = array(); + $pass_up_val = ''; + $pass_over = array(); + $deny_over = array(); + $pass_over_val = ''; + + // ===== store destinations to 'dest' value ===== + foreach ($post as $key => $val) { + if (substr_count($key, PREFLD_UPTIME) != 0) { + $name = str_replace(PREFLD_UPTIME, '', $key); + if ($name) + $pass_up[$name] = 'on'; + } + elseif (substr_count($key, PREFLD_UPTIME_DENY) != 0) { + $name = str_replace(PREFLD_UPTIME_DENY, '', $key); + if ($name) + $deny_up[$name] = 'on'; + } + elseif (substr_count($key, PREFLD_OVERTIME) != 0) { + $name = str_replace(PREFLD_OVERTIME, '', $key); + if ($name) + $pass_over[$name] = 'on'; + } + elseif (substr_count($key, PREFLD_OVERTIME_DENY) != 0) { + $name = str_replace(PREFLD_OVERTIME_DENY, '', $key); + if ($name) + $deny_over[$name] = 'on'; + } + } + + foreach ($pass_up as $key => $val) { + if ($deny_up[$key]) + $pass_up_val .= " !$key"; + else $pass_up_val .= " $key"; + } + + foreach ($pass_over as $key => $val) { + if ($deny_over[$key]) + $pass_over_val .= " !$key"; + else $pass_over_val .= " $key"; + } + + // if not exists key 'all', then add '!all' - default 'deny all' (equiqalence 'none') + if ((substr_count($pass_up_val, 'all') == 0)) { + $pass_up_val .= ' !all'; + } + + if (!empty($pass_over_val) && (substr_count($pass_over_val, 'all') == 0)) { + $pass_over_val .= ' !all'; + } + + if (empty($pass_over_val)) + $post[FLD_DEST] = "$pass_up_val"; + else $post[FLD_DEST] = "$pass_up_val [$pass_over_val]"; +} + +function squidguard_validate_times($post, $input_errors) { + + // check name + $name = trim($post[FLD_NAME]); + if(!empty($name)) { + $err = check_name($name); + if (!empty($err)) + $input_errors[] = $err; + } + + // check unique name + if (!check_unique_name(MODULE_TIME, $name)) + $input_errors[] = "Name '$name' already exists"; + + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + # Format: + # date: <date(or range)><time (or range)> -- days not parsed (reset to *) + # weekly: <day or *><time or range> -- dates not parsed (reset to '') + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + $err = ''; + for ($i=0; $post[FLD_TIMETYPE . "$i"] != ''; $i++) { + $timetype = strtolower($post[FLD_TIMETYPE . "$i"]); + if ($timetype == 'date') { + // set timedays to '*' + $post[FLD_TIMEDAYS . "$i"] = '*'; + + // check date and time + $date = trim($post[FLD_DATERANGE."$i"]); + $time = trim($post[FLD_TIMERANGE."$i"]); + $err = check_date($date); + if (!empty($err)) $input_errors[] = $err; + $err = check_time($time); + if (!empty($err)) $input_errors[] = $err; + } else { + // set daterange to '' + $post[FLD_DATERANGE . "$i"] = ''; + + // check time + $time = trim($post[FLD_TIMERANGE."$i"]); + $err = check_time($time); + if (!empty($err)) $input_errors[] = $err; + } + } + + if (!empty($err)) + $input_errors .= $err; +} + +function squidguard_validate_source($post, $input_errors) { + // check name + $name = trim($post[FLD_NAME]); + if(!empty($name)) { + $err = check_name($name); // validate name content + if (!empty($err)) + $input_errors[] = $err; + + // check unique name + if (!check_unique_name(MODULE_SOURCE, $name)) + $input_errors[] = "Name '$name' already exists"; + } +} + +function squidguard_validate_destination($post, $input_errors) { + // check name + $name = trim($post[FLD_NAME]); + if(!empty($name)) { + $err = check_name($name); // validate name content + if (!empty($err)) + $input_errors[] = $err; + + // check unique name + if (!check_unique_name(MODULE_DESTINATION, $name)) + $input_errors[] = "Name '$name' already exists"; + } +} + +function squidguard_validate_rewrite($post, $input_errors) { + // check name + $name = trim($post[FLD_NAME]); + if(!empty($name)) { + // check name format <char><symbols without space> - Ab123 + $err = check_name($name); + if (!empty($err)) + $input_errors[] = $err; + + // check unique name + if (!check_unique_name(MODULE_REWRITE, $name)) + $input_errors[] = "Name '$name' already exists"; + } +} + +// --------------------------------------------------------------------------------------------------------------------- +// Resync & Make +// --------------------------------------------------------------------------------------------------------------------- + +function squidguard_resync() { + global $squidguard_object; + $sg_object; + if (is_null($squidguard_object)) { + $squidguard_object = create_squidguard_object(); + } + $sg_object = $squidguard_object; + $sg_object->debug_history .= "->squidguard_resync"; + squidguard_ini_object(&$sg_object); + + $conf = ''; + $upload_file = ''; + + if ($_POST['submit'] == BLACKLIST_BTN_STD) { + // upload from std url + $proxy = $_POST['blacklist_proxy']; + $upload_file = upload_file_from_url(BLACKLIST_DEFAULT_URL, BLACKLIST_TMP_FILE, $proxy); + $sg_object->update_blacklist($upload_file); + } else + + if ($_POST['submit'] == BLACKLIST_BTN_URL) { + // upload from another url + $url = $_POST['blacklist_url']; + $proxy = $_POST['blacklist_proxy']; + if ($url) + $upload_file = upload_file_from_url($url, BLACKLIST_TMP_FILE, $proxy); + $sg_object->update_blacklist($upload_file); + } else + + if ($_POST['submit'] == BLACKLIST_BTN_FILE) { + /* $upload_file = $_POST['blacklist_file']; + blacklist_add_log('Begin upload from file ' . $upload_file . '.\r'); + if (upload_file('')) + blacklist_add_log('Success.\r'); + else { + blacklist_add_log('Error.\r'); + $upload_file = ''; + } + $sg_object->update_blacklist($upload_file); */ + // $sg_object->update_blacklist('/var/tmp/blacklists.tar'); +upload_file(''); + } else + + // apply changes + if ($_POST['submit'] == APPLY_BTN) { + // reconfigure service + $sg_object->reconfigure(); + } else + + // start test squidGuard + /*if ($_POST['test_squidguard'] != '')*/ { + $result = ''; + $src_urls = $_POST['test_squidguard_urls']; + $result = $sg_object->test_work($src_urls); + file_put_contents(TEST_LOG, $result); + } + +} +// ----------------------------------------------------------------------------- +// common functions +// ----------------------------------------------------------------------------- +function get_pkg_items_list($pkg_gui_name, $fieldname) { + $res = ''; + global $config; + $conf = $config['installedpackages'][$pkg_gui_name]['config']; + foreach($conf as $cf) + $res[] = $cf[$fieldname]; + return $res; +} + +// ----------------------------------------------------------------------------- +// Resync +// ----------------------------------------------------------------------------- + +function squidguard_resync_rewrite() { // rewrite + $conf = ""; + // ----- nothing for do ----- + return $conf; +} + +function squidguard_resync_time() { // resync time + global $config; + + $conf = ''; + $times = $config['installedpackages']['squidguardtime']['config']; + + if (is_array($times)) { + foreach($times as $tm) { + $timevalue = ''; + $conf .= "\n time " . $tm['timename'] . " {"; + foreach($tm['row'] as $rw) { + if ($rw['timetype'] == 'date') { + $timevalue .= $rw['timetype'] . ' ' . $rw['timelist']; + $conf .= "\n date" . $rw['timelist']; + } else { + $timevalue .= $rw['timetype'] . ' ' . $rw['timedays'] . ' ' . $rw['timelist']; + $conf .= "\n weekly " . $rw['timedays'] . ' ' . $rw['timelist']; + } + } + $conf .= "\n } \n"; + $config['installedpackages']['squidguardtime']['config']['timevalue'] = "1110";//$timevalue; + } + } + +// file_put_contents("/var/tmp/squidguard.test", $conf); + + return $conf; +} + +function squidguard_resync_src() { // source + $conf = ""; + // ----- nothing for do ----- + return $conf; +} + +function squidguard_resync_std_dest() { // standart destinations + global $config; + $settings = $config['installedpackages']['squidguard']['config'][0]; + $conf = ""; + + // ads + $conf .= make_dest(FLT_ADS, "ads/domains", "ads/urls", "", ""); + // aggressive + $conf .= make_dest(FLT_AGGRESSIVE, "aggressive/domains", "aggressive/urls", "", ""); + // audio & video + $conf .= make_dest(FLT_AUDIOVIDEO, "audio-video/domains", "audio-video/urls", "", ""); + // Druggs + $conf .= make_dest(FLT_DRUGGS, "drugs/domains", "drugs/urls", "", ""); + // Gambling + $conf .= make_dest(FLT_GAMBLING, "gambling/domains", "gambling/urls", "", ""); + // Hacking + $conf .= make_dest(FLT_HACKING, "hacking/domains", "hacking/urls", "", ""); + // Mail + $conf .= make_dest(FLT_MAIL, "mail/domains", "mail/urls", "", ""); + // Porn + $conf .= make_dest(FLT_PORN, "porn/domains", "porn/urls", "", ""); + // proxy + $conf .= make_dest(FLT_PROXY, "proxy/domains", "proxy/urls", "", ""); + // Violence + $conf .= make_dest(FLT_VIOLENCE, "violence/domains", "violence/urls", "", ""); + // Warez + $conf .= make_dest(FLT_WAREZ, "warez/domains", "warez/urls", "", ""); + + return $conf; +} + +function squidguard_resync_user_dst() { // user destinations +} + +function squidguard_resync_dest() { // destination + $conf = ""; + // ----- nothing for do ----- + return $conf; +} + +function squidguard_resync_acl() { // acl + $conf = ""; + // ----- nothing for do ----- + return $conf; +} + +// ----------------------------------------------------------------------------- +// Before form +// ----------------------------------------------------------------------------- + +function squidguard_before_form_dest($pkg) { + global $config; + $expr_names = ''; + $expressions = ''; + + // update expressions list + $expressions = $config['installedpackages']['squidguardexpr']['config']; + if (is_array($expressions )) { + foreach($expressions as $expr) + $expr_names[] = $expr['name']; + } + + $i = 0; + foreach($pkg['fields']['field'] as $field) { + if ($field['fieldname'] == 'exprname') { + $fld = &$pkg['fields']['field'][$i]; + $fld['options']['option'][] = array('name'=>'none (expressions not defined)', 'value'=>''); + foreach ($expr_names as $nm) { + $fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm); + } + break; + } + $i++; + } +} + +function squidguard_before_form($pkg) { + $i=0; + +// <encType>multipart/form-data</encType>; + + foreach($pkg['fields']['field'] as $field) { + // blacklist controls + if ($field['fieldname'] == 'blacklist') { + $fld = &$pkg['fields']['field'][$i]; + $fld['description'] .= make_grid_blacklist(); // insert to description custom controls + } + // Apply button + if ($field['fieldname'] == 'squidguard_enable'){ + $fld = &$pkg['fields']['field'][$i]; + $fld['description'] .= make_grid_general_items(); // insert to description custom controls + } + // GUI log + if ($field['fieldname'] == 'view_gui_log') { + $fld = &$pkg['fields']['field'][$i]; + $fld['description'] .= make_grid_general_items('gui_log'); // insert to description custom controls + } + $i++; + } +} + + +function squidguard_before_form_acl($pkg) { + global $config; + global $squidguard_object; + $current_id = ''; + + $sources = ''; + $source_items = ''; + $destinations = ''; + $dest_items = ''; + $rewrites = ''; + $rewr_names = ''; + $times = ''; + $time_names = ''; + $acls_up = ''; + $acls_over = ''; + + $current_id = $_GET['id']; + if ($current_id == '') + $current_id = $_POST['id']; + if ($current_id == '') + $current_id = 0; + + // sources + $sources = $config['installedpackages']['squidguardsrc']['config']; + if (is_array($sources)) { + foreach($sources as $src) { + $source_items[] = $src['name']; + } + } + + // generate sources list TODO: exclude used names from list, source name used in ACL unique + $i=0; + foreach($pkg['fields']['field'] as $field) { + if ($field['fieldname'] == 'source') { + $fld = &$pkg['fields']['field'][$i]; + foreach($source_items as $nm) { + $fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm); + } + } + $i++; + } + + // destinations + // acls pass ---> prepare data for destinations; dest format 'uptime_dests_list [overtime_dests_list]' + $acl_dest = ''; + if ($pkg['name'] == MODULE_DEFAULT) { + $current_id = 0; + $acl_dest = $config['installedpackages'][MODULE_DEFAULT]['config'][$current_id]['dest']; + } + else $acl_dest = $config['installedpackages'][MODULE_ACL]['config'][$current_id]['dest']; + + if ($acl_dest) { + $overtime = ''; + $pss = str_replace(']', '', $acl_dest); + $pss = explode(' ', $pss); + foreach($pss as $val) { + $name = str_replace('!', '', $val); + if ($val == '[') { $overtime = 'yes'; continue; } + elseif ($val == ']') { break; } + if (empty($overtime)) { + if($val[0] != '!') + $acls_up[$name] = 'pass'; + else $acls_up[$name] = 'deny'; + } else { + if($val[0] != '!') + $acls_over[$name] = 'pass'; + else $acls_over[$name] = 'deny'; + } + } + } + + # -------------------------------------------------------------------------------------------------------------- + # destinations + # -------------------------------------------------------------------------------------------------------------- + if ($squidguard_object->blacklist_enabled) { + foreach($squidguard_object->blacklist as $dst) + $dest_items[] = array ('name'=>$dst->name, 'upt_value'=>$acls_up[$dst->name], + 'ovt_value'=>$acls_over[$dst->name], 'description'=>$dst->desc); + } + + if ($squidguard_object->dests) { + foreach($squidguard_object->dests as $dst) + $dest_items[] = array ('name'=>$dst->name, 'upt_value'=>$acls_up[$dst->name], + 'ovt_value'=>$acls_over[$dst->name], 'description'=>$dst->desc); + } + + // default all + $dest_items[] = array('name'=>FLT_DEFAULT_ALL, 'upt_value'=>$acls_up[FLT_DEFAULT_ALL], + 'ovt_value'=>$acls_over[FLT_DEFAULT_ALL], 'description'=>'Default access'); + + $i=0; + foreach($pkg['fields']['field'] as $field) { + if (($field['fieldname'] == 'dest')/* || ($field['fieldname'] == 'overdest')*/) { + $fld = &$pkg['fields']['field'][$i]; + $fld['description'] .= make_grid_controls('checkbox', $dest_items); // insert to description custom controls + } + $i++; + } + + // rewrites + $rewrites = $config['installedpackages'][MODULE_REWRITE]['config']; + if (is_array($rewrites)) { + foreach($rewrites as $rewr) { + $rewr_names[] = $rewr['name']; + } + } + + $i=0; + foreach($pkg['fields']['field'] as $field) { + if (($field['fieldname'] == 'rewrite') || ($field['fieldname'] == 'overrewrite')) { + $fld = &$pkg['fields']['field'][$i]; + $fld['options']['option'][] = array('name'=>'none (rewrite not defined)', 'value'=>''); + if (is_array($rewr_names)) { + foreach($rewr_names as $nm) + $fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm); + } + } + $i++; + } + + // times + $times = $config['installedpackages']['squidguardtime']['config']; + if (is_array($times)) { + foreach($times as $tm) { + $time_names[] = $tm['name']; + } + } + + $i=0; + foreach($pkg['fields']['field'] as $field) { + if ($field['fieldname'] == 'time') { + $fld = &$pkg['fields']['field'][$i]; + $fld['options']['option'][] = array('name'=>'none (time not defined)', 'value'=>''); + if (is_array($time_names)) { + foreach($time_names as $nm) + $fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm); + } + break; + } + $i++; + } +} + +function squidguard_before_form_log($pkg) { + global $config; + global $squidguard_object; + $i=0; + foreach($pkg['fields']['field'] as $field) { + if ($field['fieldname'] == 'logtype') { + $slog = ''; + $mlog = $config['installedpackages'][MODULE_LOG]['config'][0]; + + $filename = ''; + $fld = &$pkg['fields']['field'][$i]; + if ($mlog['logtype'] == 'access_log') { + $filename = $squidguard_object->log_dir . "/" . SQUIDGUARD_ACCESSBLOCK_FILE; + if (file_exists($filename)) { + $s = file_get_contents($filename); + $s = explode("\n", $s); + + $slog .= "<table cellSpacing=1 cellPadding=1 width='100%'>"; + $slog .= "<tr><th>DateTime</th><th>IP</th><th>URL</th><th>Filter</th><th>ID</th><th>Method</th></tr>"; + foreach($s as $vs) { + $slog .= "<tr>"; + $sx = $vs; + $sx = str_replace("/- -", "", $sx); + $sx = str_replace("/-", "", $sx); + $sx = str_replace("Request", "", $sx); + $sx = str_replace("request", "", $sx); + $sx = str_replace("(", "", $sx); + $sx = str_replace(")", "", $sx); + $sx = str_replace("[", "", $sx); + $sx = str_replace("]", "", $sx); + $sx = explode(" ", $sx); + if (!empty($vs)) + $slog .= "<tr> + <td style='vertical-align: top; white-space: nowrap;'>$sx[0] $sx[1]</td> + <td style='vertical-align: top;'>$sx[5]</td> + <td style='vertical-align: top;'>$sx[4]</td> + <td style='vertical-align: top;'>$sx[3]</td> + <td style='vertical-align: top;'>$sx[2]</td> + <td style='vertical-align: top;'>$sx[6]</td></tr>"; + } + $slog .= "</table>"; + } + } else + if ($mlog['logtype'] == 'webgui_log') { + $filename = $squidguard_object->log_dir . SQUIDGUARD_LOG_FILE; + if (file_exists($filename)) { + $slog .= file_get_contents($filename); + $slog = str_replace("\n", "<br>", $slog); + $slog = "<tr><td>$slog</td></tr>"; + } + } else + if ($mlog['logtype'] == 'squidguard_log') { + $filename = $squidguard_object->log_dir . "/squidGuard.log"; + if (file_exists($filename)) { + $slog .= file_get_contents($filename); + $slog = str_replace("\n", "<br>", $slog); + $slog = "<tr><td>$slog</td></tr>"; + } + } + +// $slog .= $filename . "\n"; // debug + + $fld['description'] .= + "</tr><tr><td><br></td> + <td><table width='100%' class=tabcont cellSpacing=0 cellPadding=1 border=1>$slog</table>"; +// "<table class=tabcont cellSpacing=0 cellPadding=0 border=1 width='100%'>$slog</table></td>"; + } + $i++; + } +} + +function squidguard_update_acl_dest($acl_name, $post) { + global $config; + $post['dest'] = 'fig vam'; + #s='TST'; + foreach($post as $k => $p) + $s .= $k . '=' . $p; +} + +function make_grid_general_items($id = '') +{ + global $squidguard_object; + global $config; + + $res = ''; + $res .= "<table width='100%'>"; + + if ($id == '') { + // Apply + $res .= "<tr><td>After changing configuration Squid or squidGuard you must + <b>apply all changes</b></td><td><input name='submit' + type='submit' value='Apply'></td></tr>"; + } else + if ($id == 'gui_log') { + if ($config['installedpackages']['squidguardgeneral']['config'][0]['view_gui_log'] == 'on') { + $log_content = $squidguard_object->get_log(); + $res .= "<tr><td><br></td></tr>"; + $res .= "<tr><td>Web GUI log</td></tr>"; + $res .= "<tr><td vAlign=top width='100%'> + <textarea name='Name' rows=7 cols=65 wrap='on' readonly='on'>$log_content</textarea></td></tr>"; + } + } + + $res .= "</table>"; + return $res; +} + +function make_grid_blacklist() { + global $squidguard_object; + + $style1 = 'class=vtable'; // 'class=vncell' ;// 'style="background-color: #FFF0E2;"'; + $style2 = 'class=vtable'; + $style2 = ''; + $e_size = '80'; + + $res = ''; + $res .= "<table width='100%'>"; + $res .= "<tr><td><b>Proxy</b> settings</b></td> <td>Blacklist upload proxy - enter here, or leave blank.<br> + Format: host:[port login:pass] . Default proxy port 1080. Example: '192.168.0.1:8080 user:pass'</td><td> </td></tr>"; + $res .= "<tr><td $style1> </td><td $style1><input name='blacklist_proxy' id='blacklist_proxy' type='text' size='$e_size'></td><td $style1><br></td></tr>"; + $res .= "<tr><td $style3>Load from <b>Default</b></td> <td $style3><b>" . /*BLACKLIST_DEFAULT_URL .*/ "</b></td> <td $style3><input name='submit' value='" . + BLACKLIST_BTN_STD . "' type='submit'></td></tr>"; + $res .= "<tr><td $style3>Load from <b>Url </b></td> <td $style3><input name='blacklist_url' id='blacklist_url' + type='text' size='$e_size'></td> <td $style3><input name='submit' value='" . BLACKLIST_BTN_URL . "' type='submit'> + </td></tr>"; +// $res .= "<tr><td $style1>Load from <b>File</b></td> <td $style1><input name='blacklist_file' id='blacklist_file' +// type='file' size='$e_size'></td> <td $style1><input name='submit' value='" . BLACKLIST_BTN_FILE . +// "' type='submit'></td></tr>"; + $res .= "</table>"; + return $res; +} + +function make_grid_controls($type, $items) { + $res = ''; + $tbl = ''; + $color = ''; + $color2 = ''; + $x = 0; + + foreach($items as $item) { + if ($x == 0) { + $color = 'style="background-color: #FFF0E2;"'; + $color2 = ''; + $x = 1; + } else { + $color = ''; + $color2 = 'style="background-color: #FFF0E2;"'; + $x = 0; + } + + $name = $item['name']; + $upt_val = $item['upt_value']; + $ovt_val = $item['ovt_value']; + $description = $item['description']; + $upt_on = ''; + $upt_deny = ''; + $ovt_on = ''; + $ovt_deny = ''; + + if ($upt_val) $upt_on = 'CHECKED'; + if ($upt_val == 'deny') $upt_deny = 'CHECKED'; + + if ($ovt_val) $ovt_on = 'CHECKED'; + if ($ovt_val == 'deny') $ovt_deny = 'CHECKED'; + + $tbl .= "<tr>"; + $tbl .= "<td $color><input type=\"$type\" name=\"" . PREFLD_UPTIME . "$name\" $upt_on></td>"; + $tbl .= "<td width=\"35%\" $color >$description [$name]</td>"; + $tbl .= "<td $color><input type=\"$type\" name=\"" . PREFLD_UPTIME_DENY . "$name\" $upt_deny></td>"; + $tbl .= "<td $color>deny access</td>"; + + $tbl .= "<td $color><input type=\"$type\" name=\"" . PREFLD_OVERTIME . "$name\" $ovt_on></td>"; + $tbl .= "<td $color width=\"35%\" >$description [$name]</td>"; + $tbl .= "<td $color><input type=\"$type\" name=\"" . PREFLD_OVERTIME_DENY . "$name\" $ovt_deny></td>"; + $tbl .= "<td $color>deny access</td>"; + $tbl .= "</tr>"; + } + + if (!empty($tbl)) { + $tbl = "<th/><th>Destinations in uptime</th><th/><th/><th/><th>Destinations in overtime</th><th/><th/>" . + "<tr><td/><td>Select destinations for uptime rule</td><td/><td/> + <td/><td>Select destination for overtime rule.<br>If time not defined, this part must be ignored</td><td/><td/></tr>" + . $tbl; + + $res .= "<table>" . $tbl . "</table>"; + } + return $res; +} + +// ----------------------------------------------------------------------------- + +function check_name ($name) { + $err = ''; + $val = trim($name); + + if ((strlen($val) < 2) || (strlen($val) > 16)) + $err .= " Size of name must be between [2..16]."; + + // All symbols must be [a-zA-Z_0-9\-] First symbol = letter. + if (!eregi("^([a-zA-Z]{1})([a-zA-Z_0-9\-]+)$", $val)) + $err .= " Invalid name $name. Valid name symbols: ['a-Z', '_', '0-9', '-']. First symbol must be a letter."; + + return $err; +} + +// --- Check unique name --- +function check_unique_name($module_id, $name, $log='') { + $res = true; + $count_names = 0; + $is_self ='notself'; + + $id = $_GET['id']; + if (!isset($id)) + $id = $_POST['id']; + + $name_list = get_pkg_items_list($module_id, 'name'); + $name_list_count = count($name_list); + + for($j=0; $j<$name_list_count; $j++) { + $val = $name_list[$j]; + if ($val == $name) { + $count_names++; + if ($j==$id) $is_self='self'; + } + } + + // if count names = 1, then check if add new record with this name(not valid) / or this is a self record(valid) + // else if count names > 1 - not valid + if ($count_names == 1) { + if ($id == name_list_count) { // this new record + $res = false; + $log = "*ID*"; + } + elseif($is_self != 'self') { // not self record + $res = false; + $log = '*NOT SELF*'; + } + } + elseif($count_names > 1) { + $res = false; + $log = '*COUNT*'; + } + $log .= " id=$id is_self=$is_self count=$name_list_count"; + return $res; +} + +function check_date($date) { + $err = ''; + $val = trim($date); + // date or date range format: 'yyyy-mm-dd', 'yyyy-m-d', 'yyyy.mm.dd' 'yyyy.mm.dd-yyyy.mm.dd' + if (!eregi("^([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})$", $val) && + !eregi("^([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})-([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})$", $val)) + $err .= " Invalid date " . $date . + " You mast use date or date range format: 'yyyy.mm.dd' and 'yyyy.mm.dd-yyyy.mm.dd' . + Any symbol in date can be set to *(any number). Example: '*-10-01', '199*-*1-*1' ." . $val ; + return $err; +} + +function check_time($time) { + $err = ''; + $val = trim($time); + // time range format: 'HH:MM-HH:MM' + if (!eregi("^([0-9]{2})\:([0-9]{2})-([0-9]{2})\:([0-9]{2})$", $val)) + $err = '';//" Invalid time range time . You must use 'HH:MM-HH:MM' time range format. "; + return $err; +} + +function check_ip($ip) { + +} + + +function squidguard_print_javascript_main() { +} + +# --------------------------------------------------------------------------------------------------------------------- +# Install & deinstall +# --------------------------------------------------------------------------------------------------------------------- + +function squidguard_install_command() { + global $squidguard_object; +} + +function squidguard_deinstall_command() { + mwexec('rm -rf ' . SQUIDGUARD_WORKDIR); + mwexec('rm -rf ' . SQUIDGUARD_DBHOME); +} + +# --------------------------------------------------------------------------------------------------------------------- +# SquidGuard print JavaSrcript +# --------------------------------------------------------------------------------------------------------------------- + +function squidGuard_print_javascript() { + $javascript = ''; + + $xml = $_GET["xml"]; + if ($xml == "") + $xml = $_POST["xml"]; + + // squidguard_default.xml + if ($xml == "squidguard_default.xml") { + $javascript .= "\n<script language='JavaScript'>"; + $javascript .= "\n<!--"; + $javascript .= "\n document.iform.dest.disabled=1;"; + $javascript .= "\n//-->"; + $javascript .= "\n</script>"; + } // if + + // squidguard_acl.xml + if ($xml == "squidguard_acl.xml") { + $javascript .= "\n<script language='JavaScript'>"; + $javascript .= "\n<!--"; + $javascript .= "\n document.iform.dest.disabled=1;"; + $javascript .= "\n//-->"; + $javascript .= "\n</script>"; + + } // if + + if ($xml == "squidguard_time.xml") { + $javascript .= "\n<script language='JavaScript'>"; + $javascript .= "\n<!--"; + $javascript .= "\n function on_updatecontrols() {"; + $javascript .= "\n for (var i=0; i<99; i++) {"; + $javascript .= "\n var elm = document.iform.elements['timetype' + i];"; + $javascript .= "\n if (elm) {"; + $javascript .= "\n document.iform.elements['timetype' + i].onclick = on_updatecontrols;"; + $javascript .= "\n if (document.iform.elements['timetype' + i].value == 'weekly') {"; + $javascript .= "\n document.iform.elements['timedays' + i].disabled = 0;"; + $javascript .= "\n document.iform.elements['daterange' + i].disabled = 1;"; + $javascript .= "\n }"; + $javascript .= "\n else {"; + $javascript .= "\n document.iform.elements['timedays' + i].disabled = 1;"; + $javascript .= "\n document.iform.elements['daterange' + i].disabled = 0;"; + $javascript .= "\n }"; + $javascript .= "\n }"; + $javascript .= "\n }"; + $javascript .= "\n }"; + $javascript .= "\n on_updatecontrols();"; + $javascript .= "\n "; + $javascript .= "\n//-->"; + $javascript .= "\n</script>"; + } + + print($javascript); +} + +?> diff --git a/packages/squidGuard/squidguard_acl.xml b/packages/squidGuard/squidguard_acl.xml new file mode 100644 index 00000000..cd62fc2f --- /dev/null +++ b/packages/squidGuard/squidguard_acl.xml @@ -0,0 +1,148 @@ +<?xml version="1.0" encoding="utf-8"?> +<packagegui> + <include_file>squidguard.inc</include_file> + <name>squidguardacl</name> + <title>Proxy server filter SquidGuard: Access Control List (ACL)</title> + <delete_string>A proxy server user has been deleted.</delete_string> + <addedit_string>A proxy server user has been created/modified.</addedit_string> + <tabs> + <tab> + <text>General settings</text> + <url>/pkg_edit.php?xml=squidguard.xml&id=0</url> + </tab> + <tab> + <text>Default</text> + <url>/pkg_edit.php?xml=squidguard_default.xml&id=0</url> + </tab> + <tab> + <text>ACL</text> + <url>/pkg.php?xml=squidguard_acl.xml</url> + <active/> + </tab> + <tab> + <text>Sources</text> + <url>/pkg.php?xml=squidguard_src.xml</url> + </tab> + <tab> + <text>Destinations</text> + <url>/pkg.php?xml=squidguard_dest.xml</url> + </tab> + <tab> + <text>Times</text> + <url>/pkg.php?xml=squidguard_time.xml</url> + </tab> + <tab> + <text>Rewrites</text> + <url>/pkg.php?xml=squidguard_rewr.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/pkg_edit.php?xml=squidguard_log.xml</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fieldname>source</fieldname> + <fielddescr>Source</fielddescr> + </columnitem> + <columnitem> + <fieldname>dest</fieldname> + <fielddescr>Destinations</fielddescr> + </columnitem> + <columnitem> + <fieldname>time</fieldname> + <fielddescr>Uptime</fielddescr> + </columnitem> + <columnitem> + <fieldname>redirect</fieldname> + <fielddescr>Redirect</fielddescr> + </columnitem> + <columnitem> + <fieldname>rewrite</fieldname> + <fielddescr>Rewrite</fielddescr> + </columnitem> + <columnitem> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <fieldname>disabled</fieldname> + <fielddescr>Disabled</fielddescr> + <description>Check this for disable this ACL rule.</description> + <type>checkbox</type> + </field> + <field> + <fieldname>source</fieldname> + <fielddescr>Source name</fielddescr> + <description>Select source name here (required). Any ACL must have unique source name.</description> + <required/> + <type>select</type> + </field> + <field> + <fieldname>time</fieldname> + <fielddescr>Time</fielddescr> + <type>select</type> + <description>Enter time name in current which this rule permitted.</description> + </field> + <field> + <fieldname>dest</fieldname> + <fielddescr>Destination</fielddescr> + <description></description> + <type>input</type> + <size>114</size> + </field> + <field> + <fieldname>redirect</fieldname> + <fielddescr>Redirect</fielddescr> + <description>Enter redirection URL or Error page message for this rule, or leave blank.</description> + <type>textarea</type> + <cols>70</cols> + <rows>5</rows> + </field> + <field> + <fieldname>overredirect</fieldname> + <fielddescr>Overtime redirect</fielddescr> + <description>Enter redirection URL or Error page message for this rule, or leave blank.</description> + <type>textarea</type> + <cols>70</cols> + <rows>5</rows> + </field> + <field> + <fieldname>rewrite</fieldname> + <fielddescr>Rewrite</fielddescr> + <type>select</type> + <description>Enter rewrite condition name for this rule, or leave blank.</description> + </field> + <field> + <fieldname>overrewrite</fieldname> + <fielddescr>Overtime rewrite</fielddescr> + <type>select</type> + <description>Enter rewrite condition name for this rule, or leave blank.</description> + </field> + <field> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + <description>You may enter a description here for your reference (not parsed).</description> + <type>input</type> + <size>114</size> + </field> + </fields> + <custom_php_validation_command> + squidguard_validate_acl(&$_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_command_before_form> + squidguard_before_form_acl(&$pkg); + </custom_php_command_before_form> + <custom_php_after_form_command> + squidGuard_print_javascript(); + </custom_php_after_form_command> + <custom_php_resync_config_command> +// squidguard_resync_time(); + </custom_php_resync_config_command> + <custom_add_php_command> + </custom_add_php_command> + <custom_add_php_command_late> + </custom_add_php_command_late> +</packagegui> diff --git a/packages/squidGuard/squidguard_cls.inc b/packages/squidGuard/squidguard_cls.inc new file mode 100644 index 00000000..34bf8c2a --- /dev/null +++ b/packages/squidGuard/squidguard_cls.inc @@ -0,0 +1,1176 @@ +<?php +# ---------------------------------------------------------------------------------------------------------------------~ +/* squidguard_cls.inc + (C)2006 Serg Dvoriancev + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +# --------------------------------------------------------------------------------------------------------------------- +# SquidGuardConfigClass +# Generator SquidGuard configuration +# email: dv_serg@mail.ru +# --------------------------------------------------------------------------------------------------------------------- +# squidGuard command: +# squidGuard -C all - apdate database +# squidGuard -c <configfile> - create squidGuard with specified config file +# --------------------------------------------------------------------------------------------------------------------- +# Directories: +# work path - $workdir +# log path - $workdir + $logdir +# --------------------------------------------------------------------------------------------------------------------- + +define('FILES_DB_HEADER', ' +# ----------------------------------------------------------------------------- +# File created by squidGuard package GUI +# (C)2006 Serg Dvoriancev +# ----------------------------------------------------------------------------- +'); + +define('ACL_WARNING_ABSENSE_PASS', "!WARNING! Absence PASS 'all' or 'none' added as 'none'"); + +# --------------------------------------------------------------------------------------------------------------------- +define('REDIRECTOR_OPTIONS_REM', '# squidGuard options'); +define('REDIRECTOR_PROGRAM_OPT', 'redirect_program'); +define('REDIRECT_BYPASS_OPT', 'redirector_bypass'); +define('REDIRECT_CHILDREN_OPT', 'redirect_children'); +define('REDIRECTOR_PROCESS_COUNT', '3'); +define('SQUID_CONFIG_FILE', '/usr/local/etc/squid/squid.conf'); +define('SQUIDGUARD_CONFIG_FILE', '/squidGuard.conf'); +define('TMP_DIR', '/var/tmp'); +define('SQUIDGUARD_LOG_FILE', '/squidGuard_webgui.log'); +define('SQUIDGUARD_ACCESSBLOCK_FILE', 'squidguard_accessblock.log'); +define('SQUIDGUARD_BLK_ENTRIES', '/squidguard_blk_entries.ini'); +define('BLACKLIST_ARCHIVE', '/blacklists.tar.gz'); + +define('REDIRECT_BASE_URL', 'http://10.62.0.3/sgerror.php'); + +// debug options +define('DEBUG_UPDATE_SQUID_CONF', 'true'); +define('DEBUG_UPDATE_SQUIDGUARD_DB', 'true'); +define('DEBUG_MAKE_SQUIDGUARD_CONFIG', 'true'); + +define('SQUIDGUARD_LOG_DIR', '/log'); +define('SQUIDGUARD_BACKUP_DIR', '/backup'); + +// options +define('SQUIDGUARD_LOG_MAX_COUNT', '500'); // max log lines + +define('FLT_AD', 'ads'); +define('FLT_AGGRESSIVE', 'aggressive'); +define('FLT_AUDIOVIDEO', 'audio-video'); +define('FLT_DRUGGS', 'druggs'); +define('FLT_GAMBLING', 'gambling'); +define('FLT_HACKING', 'hacking'); +define('FLT_MAIL', 'mail'); +define('FLT_PORN', 'porn'); +define('FLT_PROXY', 'proxy'); +define('FLT_VIOLENCE', 'viol'); +define('FLT_WAREZ', 'warez'); + +define('FLT_DEFAULT_ALL', 'all'); + +define('OWNER_NAME', 'proxy'); // owner user name + +define('DEBUG_ON', 'true'); +# ------------------------------------------------------------------------------ +# +# ------------------------------------------------------------------------------ +function scan_dir($dir) { + $files = array(); + if (file_exists($dir)) { + $dh = opendir($dir); + while (false !== ($filename = readdir($dh))) + $files[] = $filename; + sort($files); + } + return $files; +} + +function std_blacklist_get_description() { + $dst_std = array(); + $dst_std[FLT_AD] = 'Reclama & banners filter'; + $dst_std[FLT_AGGRESSIVE] = 'Agressive content sites filter'; + $dst_std[FLT_AUDIOVIDEO] = 'Audio and Video sites filter'; + $dst_std[FLT_DRUGGS] = 'Druggs filter'; + $dst_std[FLT_GAMBLING] = 'Games sites filter'; + $dst_std[FLT_HACKING] = 'Hacking sites filter'; + $dst_std[FLT_MAIL] = 'Mail sites filter'; + $dst_std[FLT_PORN] = 'Porno sites filter'; + $dst_std[FLT_PROXY] = 'Proxy sites filter'; + $dst_std[FLT_VIOLENCE] = 'Violence content sites filter'; + $dst_std[FLT_WAREZ] = 'Wares, soft, downloads sites filter'; + return $dst_std; +} + +# ------------------------------------------------------------------------------ + +class SquidGuardConfigClass { + // variables + var $work_dir; + var $dbhome; + var $bin_path; + var $log_dir; // $work_dir + SQUIDGUARD_BACKUP_DIR + var $log_file; // $log_dir + SQUIDGUARD_LOG_FILE + + var $enabled; + var $blacklist_enabled; + + var $debug_history; + + // objects + var $sources; + var $dests; + var $blacklist; + var $times; + var $rewr; + var $acls; + var $acldef; + var $enable_deflog; // TODO: check for delete + + // temporary objects + var $expr; // temporary expressions list - not apply to config! + var $redir; // temporary expressions list - not apply to config! + + function __construct() { + $this->work_dir = ''; + $this->dbhome = ''; + $this->bin_path = ''; + $this->log_dir = ''; + $this->log_file = ''; + $this->init(); + } + + function init() { + $this->enabled = true; + $thus->blacklist_enabled = true; + + $this->acls = Array(); + $this->enable_deflog = ''; + $this->acldef = new ACLClass(); + $this->acldef->ini("default", "", "default acl"); + $this->acldef->assign("all"); + + $this->redir = Array(); + $this->expr = Array(); + $this->rewr = Array(); + $this->times = Array(); + $this->sources = Array(); + $this->dests = Array(); + $this->blacklist = Array(); + + // log + $this->add_log("Init squidGuard object."); + } + + function set_options($bin_path, $work_dir, $dbhome) { + $this->bin_path = $bin_path; + $this->work_dir = $work_dir; + $this->dbhome = $dbhome; + + $this->backup_dir = $work_dir . SQUIDGUARD_BACKUP_DIR; + $this->log_dir = $work_dir . SQUIDGUARD_LOG_DIR; + $this->log_file = $this->log_dir . SQUIDGUARD_LOG_FILE; + + // log + $this->add_log("Set bin path " . $this->bin_path, DEBUG_ON); + $this->add_log("Set work path " . $this->work_dir, DEBUG_ON); + $this->add_log("Set db path " . $this->dbhome, DEBUG_ON); + + $this->update(); + } + + function update() { + $this->add_log("Update squidGuard object."); + + // check work_dir, log_dir & create if not exists + if (!empty($this->work_dir)) { + $this->add_log("Check work directory."); + // check dir's + if (!file_exists($this->work_dir)) { + mwexec("mkdir " . $this->work_dir); + $this->add_log("Create work dir " . $this->work_dir, DEBUG_ON); + } + if (!file_exists($this->log_dir)) { + mwexec("mkdir " . $this->log_dir); + $this->add_log("Create log dir " . $this->log_dir, DEBUG_ON); + } + // set access right + set_file_access($this->work_dir, OWNER_NAME, 0755); + } + + // check squidguard db + if (!empty($this->dbhome)) { + $this->add_log("Check db directory."); + if (!file_exists($this->dbhome)) { + mwexec("mkdir " . $this->dbhome); + $this->add_log("Create db dir " . $this->dbhome, DEBUG_ON); + } + // set access right + set_file_access($this->dbhome, OWNER_NAME, 0755); + } + + // load blacklist configuration + if ($this->blacklist_enabled) { + $this->add_log("Load blacklist configuration."); + + if (file_exists($this->work_dir . SQUIDGUARD_BLK_ENTRIES)) { + $db_items = array(); + $blk_entries = explode("\n", file_get_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES)); + + // check files as dir's + $std_blk = std_blacklist_get_description(); + foreach($blk_entries as $df) { + if (($df != ".") && ($df != "..") && (is_dir($this->dbhome . "/" . $df))) { + $this->add_blacklist($df, $str_blk[$df]); + $this->add_log("Create $df", DEBUG_ON); + } + } + } + else $this->add_log("File " . $this->work_dir . SQUIDGUARD_BLK_ENTRIES . " not found."); + } + else $this->add_log("Blacklist disabled."); + } + + function reconfigure() { // TODO: check restart function order + $this->update(); + + // check and rebuild squidguard db + $this->add_log("Reconfigure squidGuard object"); + $this->update_destination_files(); + $this->remove_unused_db_entries(); + + // update only user dest items; blacklist rebuilded with when updated + if(!empty($this->dests)){ + $dblist = array(); + foreach($this->dests as $dst) + $dblist[] = $dst->name; + $this->rebuild_squidguard_db($dblist); + } + // generate squidGuard config + $this->add_log("Generate squidGuard config."); + $conf = $this->make_config(); + file_put_contents($this->work_dir . SQUIDGUARD_CONFIG_FILE, $conf); + file_put_contents('/usr/local/etc/squid' . SQUIDGUARD_CONFIG_FILE, $conf); // << my squidGuard want config '/usr/local/etc/squid' by default + set_file_access($this->work_dir, OWNER_NAME, 0755); + + // update squid config + $this->update_squid_conf(); + + // restart squid - squid automaticly restart redirector too + mwexec('squid'); + if (!mwexec('killall -HUP squid')) + $this->add_log("Restart squid .. success."); + else $this->add_log("Restart squid .. error."); + } + + # -------------------------------------------------------------------------------------------------------------- + # BLACKLIST + # If backup list set 'disable' - all his entries not used for filtering + # -------------------------------------------------------------------------------------------------------------- + + # + # Update blacklist db from file + # + function update_blacklist($upload_file) { + $this->add_log("Upload file $upload_file."); + if ($upload_file) { + // 1. unpack blacklist file + $this->add_log("Unpack file $upload_file .. "); + $bl_temp = '/var/tmp/blacklists'; + if (!mwexec('tar zxvf ' . $upload_file . ' -C /var/tmp/')) + $this->add_log("Success."); + else $this->add_log("Error!"); + + // 2. copy blacklist to squidGuard base + if (file_exists($bl_temp)) { + $this->add_log("Copy files to db.. "); + + // - copy blacklist & create entries list + $blk_files = scan_dir($bl_temp); + $blk_entries = array(); + foreach($blk_files as $bf) { + if (($bf != '.') && ($bf != '..')) { + $blk_entries[] = $bf; + if (!mwexec("cp -Rf $bl_temp/$bf " . $this->dbhome)) { + $this->add_log(" copy $bf success."); + } else $this->add_log(" copy $bl_temp/$bf -> $this->dbhome error."); + } + } + + // create entries list + if (count($blk_entries)) { + file_put_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES, implode("\n", $blk_entries)); + set_file_access($this->work_dir . SQUIDGUARD_BLK_ENTRIES, OWNER_NAME, 0755); + } + $this->remove_unused_db_entries(); + + // clearing temp + mwexec("rm -R $bl_temp"); + } + set_file_access($this->dbhome, OWNER_NAME, 0755); + } + } + + # + # remove unused DB entries + # + function remove_unused_db_entries() { + $this->add_log("Remove unused db entries."); + $db_entries = array(); + $file_list = ''; + // blk entries + if (file_exists($this->work_dir . SQUIDGUARD_BLK_ENTRIES)) { + $db_entries = explode("\n", file_get_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES)); + + // user entries + foreach($this->dests as $dst) + $db_entries[] = $dst->name; + + $file_list = scan_dir($this->dbhome); + $file_for_del = array_diff($file_list, $db_entries); + + foreach($file_for_del as $fd) { + $file_fd = $this->dbhome . "/" . $fd; + if (($fd != "") && ($fd != ".") && ($fd != "..")) { + if (file_exists($file_fd)) { + if (!mwexec("rm -R . $file_fd")) + $this->add_log("Delete $file_fd"); + else $this->add_log("Error delete $file_fd"); + } else $this->add_log("File $file_fd not found"); + } + } + } + + } + + # + # Update squidGuard DB from user defined destinations + # + function update_destination_files() { + $this->add_log("Update destination files to db."); + if(!empty($this->dests)){ + foreach($this->dests as $dst) { + $log = $dst->update_destination_files($this->dbhome); + $this->add_log($log); + } + } + $this->add_log($log); + set_file_access($this->dbhome, OWNER_NAME, 0755); + } + + # + # rebuild db: All ($dblist == '') or from listing ($dblist is array) + # + function rebuild_squidguard_db($dblist='') { + + set_file_access($this->dbhome, OWNER_NAME, 0755); // before + + $this->add_log("Start rebuild database."); + if (is_array($dblist)) { + foreach($dblist as $dbn) { + if (($dbn !== ".") && ($dbn !== "..") && file_exists($this->dbhome . "/$dbn")) { + if (!mwexec($this->bin_path . "/squidGuard -C"))// $dbn")) + $this->add_log("Rebuild $dbn - success."); + else $this->add_log("Rebuild $dbn - error."); + } else + $this->add_log("Error rebuild database! Dir " . $this->dbhome . "/$dbn not found."); + } + } else { + // rebuild squidGuard DB + // -C - create db files; -u - update '.diff' files to db + if (!mwexec($this->bin_path . '/squidGuard -C all')/* && + !mwexec($this->bin_path . '/squidGuard -u')*/) + $this->add_log("Rebuild all db - success."); + else $this->add_log("Rebuild all db - error!"); + } + // set_file_access($this->dbhome, OWNER_NAME, 0755); // after + } + + // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + // Insert to '/usr/local/squid/etc/squid.conf' options: + // redirector_bypass on + // redirect_program /usr/local/squidGuard/bin/squidGuard -c /path_to_config_file + // redirect_children 1 + // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + // Command for restart squid with all redirectors + // # killall -HUP squid + // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + function update_squid_conf() { + $this->add_log("Update 'squid.conf' file"); + $opt = ''; + $squid_conf_file = SQUID_CONFIG_FILE; + $redirector_path = $this->bin_path . '/squidGuard'; + $redirector_conf = $this->work_dir . SQUIDGUARD_CONFIG_FILE; + $this->add_log("Redirector path=$redirector_path", DEBUG_ON); + + // update squid.conf file + if (file_exists($squid_conf_file)) { + $conf = file_get_contents($squid_conf_file); + + // remove redirector options from 'squid.conf' + $conf = explode("\n", $conf); + for($i=0; $i<count($conf); $i++) { + $s = trim($conf[$i]); + if (strpos($s, REDIRECTOR_OPTIONS_REM) === 0) $conf[$i] = ''; + if (strpos($s, REDIRECTOR_PROGRAM_OPT) === 0) $conf[$i] = ''; + if (strpos($s, REDIRECT_BYPASS_OPT) === 0) $conf[$i] = ''; + if (strpos($s, REDIRECT_CHILDREN_OPT) === 0) $conf[$i] = ''; + } + $conf = implode("\n", $conf); + $conf = rtrim($conf); + + if ($this->enabled) { + // add redirector options from 'squid.conf' + $conf .= "\n"; + $conf .= "\n" . REDIRECTOR_OPTIONS_REM; + $conf .= "\n" . REDIRECTOR_PROGRAM_OPT . " $redirector_path -c $redirector_conf"; + $conf .= "\n" . REDIRECT_BYPASS_OPT . ' on'; + $conf .= "\n" . REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT; + } + $conf .= "\n"; + file_put_contents($squid_conf_file, $conf); + } + else { + $this->add_log("File '$squid_conf_file' not found"); + } + } + + # ------------------------------------------------------------------------------------------------------------- + # Operations + # ------------------------------------------------------------------------------------------------------------- + + function set_default_acl($time, $desc, + $ontime_rule, /*[pass][$rewr][$redir][$log]*/ + $overtime_rule = '', /*[$overpass][$overrew][$overredir][$overlog]*/ + $disabled = '', $enable_deflog = '') + { + $this->enable_deflog = $enable_deflog; + $this->acldef->ini("default", $time, $desc, $disabled); + if (is_array($ontime_rule)) + $this->acldef->assign($ontime_rule['pass'], $ontime_rule['redirect'], $ontime_rule['rewrite'], $ontime_rule['log']); + + if (is_array($overtime_rule)) + $this->acldef->assign_over($overtime_rule['pass'], $overtime_rule['redirect'], $overtime_rule['rewrite'], $overtime_rule['log']); + } + + function & add_acl($src_name, $time, $desc, + $ontime_rule, /*[pass][$rewr][$redir][$log]*/ + $overtime_rule = '', /*[$overpass][$overrew][$overredir][$overlog]*/ + $disabled = '') + { + $item = new ACLClass(); + $item->ini($src_name, $time, $desc, $disabled); + if (is_array($ontime_rule)) + $item->assign($ontime_rule['pass'], $ontime_rule['redirect'], $ontime_rule['rewrite'], $ontime_rule['log']); + + if (is_array($overtime_rule)) + $item->assign_over($overtime_rule['pass'], $overtime_rule['redirect'], $overtime_rule['rewrite'], $overtime_rule['log']); + + $this->acls[$src_name] = $item; + return $this->acls[$src_name]; + } + + function del_acl($name, $time, $desc) { + $this->acls[$name] = ''; + } + + function & add_src($name, $ip, $desc, $enablelog) { + $item = new SrcClass(); + $item->ini($name, $ip, $desc, $enablelog); + $this->sources[$name] = $item; + return $this->sources[$name]; + } + + function del_src($name) { + $this->sources[$name] = ""; + } + + function & add_dest($name, $domains, $urls, $expr, $redir, $desc, $enablelog) { + $item = new DestClass(); + $item->ini($name, $domains, $urls, $expr, $redir, $desc, $enablelog); + $this->dests[$name] = $item; + return $this->dests[$name]; + } + + function del_dest($name) { + $this->dests[$name] = ""; + } + + function & add_blacklist($name, $desc) { + $item = new DestClass(); + $item->ini($name, "", "", "", "", $desc); + $this->blacklist[$name] = $item; + return $this->blacklist[$name]; + } + + function & add_time($name, $desc) { + $item = new TimeClass(); + $item->ini($name, $desc); + $this->times[$name] = $item; + return $this->times[$name]; + } + + function del_time($name) { + $this->times[$name] = ""; + } + + function & add_rewrite($name, $desc, $enablelog) { + $item = new RewrClass(); + $item->ini($name, $desc, $enablelog); + $this->rewr[$name] = $item; + return $this->rewr[$name]; + } + + function del_rewrite($name) { + $this->rewr[$name] = ''; + } + + function goto_dir($workdir, $subdir) { + $res = false; + $dir = @chdir($workdir); + if ($dir) { // workdir exists + $dir = "$workdir \\ $subdir"; + if (@chdir($dir)) // dir exists + $res = true; + elseif (@mkdir($dir, 0755)) // need create dir + $res = true; + else $this->add_log("ERROR: Can't create dir $dir"); + } else $this->add_log("ERROR: Work path $workdir not found."); + return $res; + } + + # + # Make config + # + function make_config() { + $conf = ''; + // header + // ================================================================================================================= + $conf .= "\n# " . str_repeat("=", 119); + $conf .= "\n# SquidGuard configuration file"; + $conf .= "\n# "; + $conf .= "\n# This file generated automaticly with SquidGuardClass"; + $conf .= "\n# "; + $conf .= "\n# SquidGuardConfigClass (C)2006 Serg Dvoriancev"; + $conf .= "\n# email: dv_serg@mail.ru"; + $conf .= "\n# "; + $conf .= "\n# " . str_repeat("=", 119); + $conf .= "\n"; + // ================================================================================================================= + + if(!empty($this->log_dir)) + $conf .= "\nlogdir " . $this->log_dir; + + if(!empty($this->dbhome)) + $conf .= "\ndbhome " . $this->dbhome; + + $conf .= "\n"; + + // make times + if(!empty($this->times)){ + foreach($this->times as $time) { + $conf .= $time->make_config($this); + } + } + + // make sources + if(!empty($this->sources)){ + foreach($this->sources as $src) { + $conf .= $src->make_config($this); + } + } + + // make blacklist + $conf .= "\n# Blacklist"; + if($this->blacklist_enabled) { + if (!empty($this->blacklist)) { + foreach($this->blacklist as $dest) + $conf .= $dest->make_config($this); + } else $conf .= "\n# Blacklist empty\n"; + } else $conf .= "\n# Blacklist disabled\n"; + + // make destinations + $conf .= "\n# User destinations"; + if(!empty($this->dests)){ + foreach($this->dests as $dest) { + $conf .= $dest->make_config($this); + } + } + + // make rewrites + if (!empty($this->rewr)) { + foreach($this->rewr as $rewr) { + $conf .= $rewr->make_config($this); + } + } + + // make acls + $conf .= "\nacl {"; + if (!empty($this->acls)) { + foreach($this->acls as $acl) { + $conf .= $acl->make_config($this); + } + } + $conf .= $this->acldef->make_config($this); + $conf .= "\n }"; + + return $conf; + } + + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + # Log + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + function add_log($str, $is_debug = '') { + + // if set $is_debug as value, but ($is_debug != 'on') then return + // this defined for include debug info to log; + // add_log('str') - simple log, add_log('str', 'on') - debig log; + // looking constant 'DEBUG_ON' + if ($is_debug && ($is_debug != 'on')) return; + + if (file_exists($this->log_dir)) { + if (file_exists($this->log_file)) + $log = file_get_contents($this->log_file); + $log = explode("\n", $log); + + $s = trim($str); + if (!empty($s)) $log[] = date("d.m.Y H:i:s") . ": $s"; + + // check log lines count + while(count($log) > SQUIDGUARD_LOG_MAX_COUNT) : + $log = array_shift($log); + endwhile; + + if ($log) + $log = implode("\n", $log); + file_put_contents($this->log_file, $log); + set_file_access($this->log_file, OWNER_NAME, 0755); + } + } + + function get_log() { + $log = ''; + if (file_exists($this->log_file)) + $log = file_get_contents($this->log_file); + return $log; + } + + function get_log_html() { + $log = $this->get_log(); + return str_replace("\n", "<br>", $this->get_log()); + } + + function test_work($urls_src) { + $result = ''; + $urls = ''; + if (is_array($urls_src)) + $urls = implode("\n", $urls_src); + else $urls = $urls_src; + $test_file = "/var/tmp/test.urls"; + file_put_contents($test_file, $urls); + $result = exec ("/usr/local/bin/squidGuard < $test_file"); + file_put_contents("$test_file.result", $result); + return $result; + } + +} + +// ===================================================================================================================== +// RewrClass +// ===================================================================================================================== + +class RewrClass { + var $name; + var $desc; + var $rewrites; + var $enablelog; + + function __construct() { + $this->name = ''; + $this->desc = ''; + $this->rewrites = Array(); + $this->enablelog = ''; + } + + function ini($name, $desc, $enablelog = '') { + $this->name = $name; + $this->desc = $desc; + $this->enablelog = $enablelog; + } + + function add_item($target_url, $replace_to, $case_ins='', $http_301='', $http_302='') { + $item .= "s@$target_url@$replace_to@"; + if (!empty($case_ins)) $item .= 'i'; + if (!empty($case_ins)) $item .= 'r'; // TODO: r and R - check work options? + if (!empty($case_ins)) $item .= 'R'; // -//- + $this->rewrites[] = $item; + } + + function make_config($owner) { + $name = $this->name; + $desc = $this->desc; + $enablelog = $this->enablelog; + $conf = ''; + $conf .= "\nrew $name { "; + if (!empty($desc)) + $conf .= "\t# $desc"; + + if (is_array($this->rewrites)) { + foreach($this->rewrites as $rew) { + $conf .= "\n $rew"; + } + } + if ($enablelog) + $conf .= "\n log = $name"; + $conf .= "\n }"; + $conf .= "\n"; + return $conf; + } +} + +class TimeClass { + var $name; + var $items; + var $desc; + + function __construct() { + $this->name = ''; + $this->desc = ''; + $this->items = Array(); + } + + function ini($name, $desc) { + $this->name = $name; + $this->desc = $desc; + } + + function & add_date($daterange, $timerange) { + $item = new TimeItem(); + $item->ini("date", '', $daterange, $timerange); + $this->items[] = $item; +// return $this->items[count($this->items-1)]; + } + + function & add_weekly($days, $timerange) { + $item = new TimeItem(); + $item->ini("weekly", $days, '', $timerange); + $this->items[] = $item; +// return $this->items[count($this->items-1)]; + } + + function make_config($owner) { + $conf = ''; + $name = $this->name; + $desc = $this->desc; + $conf .= "\ntime $name { "; + if ($desc != "") + $conf .= "\t# $desc"; + if (is_array($this->items)) { + foreach($this->items as $item) { + $type = $item->type; + $days = $item->days; + $dates = $item->dates; + $hours = $item->hours; + if ($item->type == "date") + $conf .= "\n date $dates $hours"; + else $conf .= "\n weekly $days $hours"; + } + } + $conf .= "\n }"; + $conf .= "\n"; + return $conf; + } +} + +class TimeItem { + var $type; + var $days; + var $dates; + var $hours; + + function __construct() { + $this->type = ''; + $this->days = ''; + $this->dates = ''; + $this->hours = ''; + } + + function ini($type, $days, $dates, $hours) { + $this->type = $type; + $this->days = $days; + $this->dates = $dates; + $this->hours = $hours; + } +} + +class DestClass { + var $name; + var $domains; // array + var $urls; // array + var $expr; // array + var $redir; + var $desc; + var $enablelog; + + function __construct() { + $this->name = ''; + $this->domains = array(); + $this->urls = array(); + $this->expr = array(); + $this->redir = ''; + $this->desc = ''; + $this->enablelog = ''; + } + + function ini($name, $domains, $urls, $expr, $redir, $desc, $enablelog = '') { + $this->name = $name; + $this->domains = explode(' ', $domains); + $this->urls = explode(' ', $urls); + $this->expr = explode(' ', $expr); + $this->redir = $redir; + $this->desc = $desc; + $this->enablelog = $enablelog; + } + + // create custom destination files + function update_destination_files($dbcatalog) { + $log = "\n\nUpdate destination file " . $this->name; + $path = $dbcatalog . '/' . $this->name . '/'; + $log .= "\npath = $path"; + + // 1 - set/check destination catalog + if (!file_exists($path)) { + if (!mkdir ($path, 0755)) { + $log .= "\nError create dir $path"; + return $log; // error create dir + } else $log .= "\nCreate dir."; + } + + // 2 - build domains file + if (!empty($this->domains)) { + $content = ''; + foreach($this->domains as $dm) { + $content .= "\n$dm"; + } + + $content = trim($content); + if (!empty($content)) { + file_put_contents($path . '/domains', $content); + $log .= "\nadd domains"; + } + } + + // 3 - build urls file + if (!empty($this->urls)) { + $content = ''; + foreach($this->urls as $url) { + $content .= "\n$url"; + } + + $content = trim($content); + if (!empty($content)) { + file_put_contents($path . '/urls', $content); + $log .= "\nadd urls"; + } + } + + // 4 - build expression file + if (!empty($this->expr)) { + $content = ''; + foreach($this->expr as $ex) { + $content .= "\n$ex"; + } + + $content = trim($content); + if (!empty($content)) { + file_put_contents($path . '/expressions', $content); + $log .= "\nadd expressions"; + } + } + + return $log; + } + + function make_config($owner) { + $file = ''; + $conf = ''; + $name = $this->name; + $dbhome = $owner->dbhome; + $domains = $this->domains; + $urls = $this->urls; + $expr = $this->expr; + $redir = $this->redir; + $desc = $this->desc; + $enablelog = $this->enablelog; + + $conf .= "\ndest $name { "; + + # description + if ($desc != "") + $conf .= "\t# $desc"; + + # domains + if ($domains != "") { + $file = $dbhome . "/$name/domains"; + if (file_exists($file)) + $conf .= "\n domainlist $name/domains"; + } + + # expressions + if ($expr != "") { + $file = $dbhome . "/$name/expressions"; + if (file_exists($file)) + $conf .= "\n expressionlist $name/expressions"; + } + + # urls + if ($urls != "") { + $file = $dbhome . "/$name/urls"; + if (file_exists($file)) + $conf .= "\n urllist $name/urls"; + } + + if ($redir != "") + $conf .= "\n redirect $redir"; + + if ($enablelog) + $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE; + + $conf .= "\n }"; + $conf .= "\n"; + + return $conf; + } +} + +class SrcClass { + var $name; + var $ip; + var $domain; + var $users; + var $desc; + var $enablelog; + + function __construct() { + $this->name = ''; + $this->ip = ''; + $this->domain = ''; + $this->desc = ''; + $this->enablelog = ''; + $this->users = Array(); + } + + function ini($name, $ip, $desc, $enablelog = '') { + $this->name = $name; + $this->ip = $ip; + $this->domain = ''; + $this->desc = $desc; + $this->enablelog = $enablelog; + } + + function make_config($owner) { + $conf = ''; + $name = $this->name; + $ip = $this->ip; + $desc = $this->desc; + $enablelog = $this->enablelog; + $conf .= "\nsrc $name { "; + if ($desc != "") + $conf .= "\t# $desc"; + $conf .= "\n ip $ip"; + if ($enablelog) + $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE; + $conf .= "\n }"; + $conf .= "\n"; + return $conf; + } +} + +class ACLClass { + var $src; + var $time; + var $desc; + var $disabled; + + var $pass; // pass array. if last item = 'all' then 'pass all' or 'pass none' + var $redir; + var $rewr; + var $log; + + var $over_pass; // array of overtime dest's + var $over_redir; + var $over_rewr; + var $over_log; + + function __construct() { + $this->src = ''; + $this->time = ''; + $this->desc = ''; + $this->disabled = ''; + } + + function ini($src, $time, $desc, $disabled='') { + $this->src = $src; + $this->time = $time; + $this->desc = $desc; + $this->disabled = $disabled; + } + + function assign($pass, $redir='', $rewr='', $log='') { + $this->pass = $pass; + // check and fix absence of "all" and "none" + if (!empty($pass) && (substr_count($pass, "all") == 0) && (substr_count($pass, "none") == 0)) { + $this->pass .= " none"; + $this->desc .= " <Uptime> " . ACL_WARNING_ABSENSE_PASS . " "; + } + + $this->redir = $redir; + $this->rewr = $rewr; + $this->log = $log; + } + + function assign_over($pass, $redir='', $rewr='', $log='') { // used only if assigned time + $this->over_pass = $pass; + // check and fix absence of "all" and "none" + if (!empty($pass) && (substr_count($pass, "all") == 0) && (substr_count($pass, "none") == 0)) { + $this->over_pass .= " none"; + $this->desc .= " <Overtime> " . ACL_WARNING_ABSENSE_PASS; + } + + $this->over_redir = $redir; + $this->over_rewr = $rewr; + $this->over_log = $log; + } + + function make_config($owner) { + $conf = ''; + $src = $this->src; + $time = $this->time; + $desc = $this->desc; + + // if item disabled - skip make_config + if ($this->disabled == 'on') { + $conf .= "\n\n # rule $src disabled"; + return $conf; + } + + $conf .= "\n"; + $conf .= "\n $src $time { "; + if (!empty($desc)) + $conf .= "\t# $desc"; + $err_comment = ''; + $pass = $this->pass; + if (is_array($pass)) { + // check dest's + foreach ($pass as $dst) { + if (($dst != 'all') && ($dst != 'none')) { + $obj = $owner->dests[$dst]; + if (!is_object($obj)) $err_comment .= " $dst"; + } + } + $err_comment .= "***!!!***"; + if (!empty($err_comment)) + $err_comment .= " error: dest's '$err_comment' not found"; + $pass = implode(" ", $pass); + } + + $conf .= "\n pass $pass"; + if (!empty($err_comment)) $conf .= " # $err_comment"; + unset($err_comment); + + $redir = $this->redir; + if (!empty($redir)) { + $rstr = strtolower(trim($redir)); + if ((strpos($rstr, 'http://') !== false) || + (strpos($rstr, 'https://') !== false) || + (strpos($rstr, 'ftp://') !== false)) + $conf .= "\n redirect " . REDIRECT_BASE_URL . "?url=" . $rstr; + else $conf .= "\n redirect " . REDIRECT_BASE_URL . "?msg=" . urlencode($redir); + } + + $rewr = $this->rewr; + if (!empty($rewr)) { + // check redirection name for exists + $err_comment = ''; + $obj = $owner->rewr[$rewr]; + if (empty($obj) || !is_object($obj)) + $err_comment = " rewrite '$rewr' not found"; + + $conf .= "\n rewrite $rewr # $err_comment"; + } + + $log = $this->log; + if (!empty($log) && ($src=='default')) + $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE; + + $conf .= "\n }"; + + // alternative + $pass = $this->over_pass; + $redir = $this->over_redir; + $rewr = $this->over_rewr; + $log = $this->over_log; + if (!empty($time) && !empty($pass)) { + $conf .= " else {"; + $conf .= "\n pass $pass"; + if (empty($this->pass) || ($this->pass[count($this->pass) - 1] != 'all')) + $conf .= " none"; + if (!empty($redir)) + $conf .= "\n redirect $redir"; + if (!empty($rewr)) + $conf .= "\n rewrite $rewrite"; + // log only for default + if (!empty($log) && ($src=='default')) + $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE; + $conf .= "\n }"; + } + + return $conf; + } +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# Set file access +# +function set_file_access($dir, $owner, $mod) { + chown($dir, $owner); + chgrp($dir, $owner); + chmod($dir, $mod); + + if (is_dir($dir)) { + $hd = opendir($dir); + while (($item = readdir($hd)) !== false) { + if (($item != ".") && ($item != "..")) { + $path = "$dir/$item"; + if (is_dir($path)) + set_file_access($path, $owner, $mod); + else { + chown($path, $owner); + chgrp($path, $owner); + chmod($path, $mod); + } + } + } + } +} + +?> diff --git a/packages/squidGuard/squidguard_default.xml b/packages/squidGuard/squidguard_default.xml new file mode 100644 index 00000000..4d118748 --- /dev/null +++ b/packages/squidGuard/squidguard_default.xml @@ -0,0 +1,104 @@ +<?xml version="1.0" encoding="utf-8"?> +<packagegui> + <include_file>squidguard.inc</include_file> + <name>squidguarddefault</name> + <title>Proxy server filter SquidGuard: Default</title> + <tabs> + <tab> + <text>General settings</text> + <url>/pkg_edit.php?xml=squidguard.xml&id=0</url> + </tab> + <tab> + <text>Default</text> + <url>/pkg_edit.php?xml=squidguard_default.xml&id=0</url> + <active/> + </tab> + <tab> + <text>ACL</text> + <url>/pkg.php?xml=squidguard_acl.xml</url> + </tab> + <tab> + <text>Sources</text> + <url>/pkg.php?xml=squidguard_src.xml</url> + </tab> + <tab> + <text>Destinations</text> + <url>/pkg.php?xml=squidguard_dest.xml</url> + </tab> + <tab> + <text>Times</text> + <url>/pkg.php?xml=squidguard_time.xml</url> + </tab> + <tab> + <text>Rewrites</text> + <url>/pkg.php?xml=squidguard_rewr.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/pkg_edit.php?xml=squidguard_log.xml</url> + </tab> + </tabs> + <fields> + <field> + <fieldname>time</fieldname> + <fielddescr>Default Time</fielddescr> + <type>select</type> + <description>Enter time name in current which this rule permitted.</description> + </field> + <field> + <fieldname>dest</fieldname> + <fielddescr>Default destination</fielddescr> + <description></description> + <type>input</type> + <size>115</size> + </field> + <field> + <fieldname>redirect</fieldname> + <fielddescr>Default Redirect</fielddescr> + <description>Enter redirection URL or Error page message for this rule, or leave blank.</description> + <type>textarea</type> + <cols>70</cols> + <rows>5</rows> + </field> + <field> + <fieldname>overredirect</fieldname> + <fielddescr>Default overtime redirect</fielddescr> + <description>Enter redirection URL or Error page message for this rule, or leave blank.</description> + <type>textarea</type> + <cols>70</cols> + <rows>5</rows> + </field> + <field> + <fieldname>rewrite</fieldname> + <fielddescr>Default Rewrite</fielddescr> + <type>select</type> + <description>Enter rewrite condition name for this rule, or leave blank.</description> + </field> + <field> + <fieldname>overrewrite</fieldname> + <fielddescr>Default overtime rewrite</fielddescr> + <type>select</type> + <description>Enter rewrite condition name for this rule, or leave blank.</description> + </field> + <field> + <fieldname>enablelog</fieldname> + <fielddescr>Enable log</fielddescr> + <type>checkbox</type> + <description>Check this for enable log.</description> + </field> + </fields> + <custom_php_validation_command> + squidguard_validate_acl(&$_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_command_before_form> + squidguard_before_form_acl(&$pkg); + </custom_php_command_before_form> + <custom_php_after_form_command> + squidGuard_print_javascript(); + </custom_php_after_form_command> + <custom_add_php_command> </custom_add_php_command> + + <custom_php_resync_config_command> +// squidguard_resync(); + </custom_php_resync_config_command> +</packagegui> diff --git a/packages/squidGuard/squidguard_dest.xml b/packages/squidGuard/squidguard_dest.xml new file mode 100644 index 00000000..213a0406 --- /dev/null +++ b/packages/squidGuard/squidguard_dest.xml @@ -0,0 +1,147 @@ +<?xml version="1.0" encoding="utf-8"?> +<packagegui> + <include_file>squidguard.inc</include_file> + <name>squidguarddest</name> + <title>Proxy server filter SquidGuard: Destinations</title> + <delete_string>A proxy server user has been deleted.</delete_string> + <addedit_string>A proxy server user has been created/modified.</addedit_string> + <tabs> + <tab> + <text>General settings</text> + <url>/pkg_edit.php?xml=squidguard.xml&id=0</url> + </tab> + <tab> + <text>Default</text> + <url>/pkg_edit.php?xml=squidguard_default.xml&id=0</url> + </tab> + <tab> + <text>ACL</text> + <url>/pkg.php?xml=squidguard_acl.xml</url> + </tab> + <tab> + <text>Sources</text> + <url>/pkg.php?xml=squidguard_src.xml</url> + </tab> + <tab> + <text>Destinations</text> + <url>/pkg.php?xml=squidguard_dest.xml</url> + <active/> + </tab> + <tab> + <text>Times</text> + <url>/pkg.php?xml=squidguard_time.xml</url> + </tab> + <tab> + <text>Rewrites</text> + <url>/pkg.php?xml=squidguard_rewr.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/pkg_edit.php?xml=squidguard_log.xml</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fieldname>name</fieldname> + <fielddescr>Destination name</fielddescr> + </columnitem> + <columnitem> + <fieldname>domains</fieldname> + <fielddescr>Domain list</fielddescr> + </columnitem> + <columnitem> + <fieldname>urls</fieldname> + <fielddescr>URL list</fielddescr> + </columnitem> + <columnitem> + <fieldname>expressions</fieldname> + <fielddescr>Expressions</fielddescr> + </columnitem> + <columnitem> + <fieldname>redir</fieldname> + <fielddescr>Redirect</fielddescr> + </columnitem> + <columnitem> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <fieldname>name</fieldname> + <fielddescr>Name</fielddescr> + <description> + You may enter name here. Name must consist of minimum 2 symbols, first from which letter. <br> + All other symbols must be [a-Z_0-9]. + </description> + <type>input</type> + <size>90</size> + <required/> + </field> + <field> + <fieldname>domains</fieldname> + <fielddescr>Domains list</fielddescr> + <description> + Enter destination domains here. For separate domains names use ' '(space). + <p> <b>Example:</b> 'mail.ru e-mail.ru yahoo.com' . + </description> + <type>textarea</type> + <cols>60</cols> + <rows>10</rows> + </field> + <field> + <fielddescr>Expressions</fielddescr> + <fieldname>expressions</fieldname> + <description> + Enter word fragments, what may be contains in destinations URL path. + For separate expression words use '|'. + <p> <b>Example:</b> 'mail|casino|game' . + </description> + <type>textarea</type> + <cols>60</cols> + <rows>10</rows> + </field> + <field> + <fieldname>urls</fieldname> + <fielddescr>URLs list</fielddescr> + <description> + Enter url's here. + For separate urls's use ' '(space). + <p> <b>Example:</b> 'host.com/xxx 12.10.220.125/alisa' . + </description> + <type>textarea</type> + <cols>60</cols> + <rows>10</rows> + </field> + <field> + <fieldname>redir</fieldname> + <fielddescr>Redirect</fielddescr> + <description>Enter redirection URL or Error page message for this rule, or leave blank.</description> + <type>textarea</type> + <cols>60</cols> + <rows>5</rows> + </field> + <field> + <fieldname>enablelog</fieldname> + <fielddescr>Enable log</fielddescr> + <type>checkbox</type> + <description>Check this for enable log.</description> + </field> + <field> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + <description>You may enter a description here for your reference (not parsed).</description> + <type>input</type> + <size>90</size> + </field> + </fields> + <custom_php_validation_command> + squidguard_validate_destination($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> +// squidguard_resync_time(); + </custom_php_resync_config_command> + <custom_php_after_form_command> + squidGuard_print_javascript(); + </custom_php_after_form_command> +</packagegui> diff --git a/packages/squidGuard/squidguard_log.xml b/packages/squidGuard/squidguard_log.xml new file mode 100644 index 00000000..16f06a6a --- /dev/null +++ b/packages/squidGuard/squidguard_log.xml @@ -0,0 +1,68 @@ +<?xml version="1.0" encoding="utf-8"?> +<packagegui> + <include_file>squidguard.inc</include_file> + <name>squidguardlog</name> + <title>Proxy server filter SquidGuard: Log</title> + <delete_string>A proxy server user has been deleted.</delete_string> + <addedit_string>A proxy server user has been created/modified.</addedit_string> + <tabs> + <tab> + <text>General settings</text> + <url>/pkg_edit.php?xml=squidguard.xml&id=0</url> + </tab> + <tab> + <text>Default</text> + <url>/pkg_edit.php?xml=squidguard_default.xml&id=0</url> + </tab> + <tab> + <text>ACL</text> + <url>/pkg.php?xml=squidguard_acl.xml</url> + </tab> + <tab> + <text>Sources</text> + <url>/pkg.php?xml=squidguard_src.xml</url> + </tab> + <tab> + <text>Destinations</text> + <url>/pkg.php?xml=squidguard_dest.xml</url> + </tab> + <tab> + <text>Times</text> + <url>/pkg.php?xml=squidguard_time.xml</url> + </tab> + <tab> + <text>Rewrites</text> + <url>/pkg.php?xml=squidguard_rewr.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/pkg_edit.php?xml=squidguard_log.xml</url> + <active/> + </tab> + </tabs> + <fields> + <field> + <fieldname>logtype</fieldname> + <fielddescr>Log type</fielddescr> + <description>LOG</description> + <type>select</type> + <value>access_log</value> + <options> + <option><value>access_log</value><name>User access log</name></option> + <option><value>webgui_log</value><name>WebGUI log</name></option> + <option><value>squidguard_log</value><name>squidGuard log</name></option> + </options> + </field> + + </fields> + <custom_php_command_before_form> + squidguard_before_form_log(&$pkg); + </custom_php_command_before_form> + <custom_php_after_form_command> + squidGuard_print_javascript(); + </custom_php_after_form_command> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_php_resync_config_command> + </custom_php_resync_config_command> +</packagegui> diff --git a/packages/squidGuard/squidguard_rewr.xml b/packages/squidGuard/squidguard_rewr.xml new file mode 100644 index 00000000..e5290d49 --- /dev/null +++ b/packages/squidGuard/squidguard_rewr.xml @@ -0,0 +1,131 @@ +<?xml version="1.0" encoding="utf-8"?> +<packagegui> + <include_file>squidguard.inc</include_file> + <name>squidguardrewrite</name> + <title>Proxy server filter SquidGuard: Rewrites</title> + <tabs> + <tab> + <text>General settings</text> + <url>/pkg_edit.php?xml=squidguard.xml&id=0</url> + </tab> + <tab> + <text>Default</text> + <url>/pkg_edit.php?xml=squidguard_default.xml&id=0</url> + </tab> + <tab> + <text>ACL</text> + <url>/pkg.php?xml=squidguard_acl.xml</url> + </tab> + <tab> + <text>Sources</text> + <url>/pkg.php?xml=squidguard_src.xml</url> + </tab> + <tab> + <text>Destinations</text> + <url>/pkg.php?xml=squidguard_dest.xml</url> + </tab> + <tab> + <text>Times</text> + <url>/pkg.php?xml=squidguard_time.xml</url> + </tab> + <tab> + <text>Rewrites</text> + <url>/pkg.php?xml=squidguard_rewr.xml</url> + <active/> + </tab> + <tab> + <text>Log</text> + <url>/pkg_edit.php?xml=squidguard_log.xml</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fieldname>name</fieldname> + <fielddescr>Name</fielddescr> + </columnitem> + <columnitem> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <fieldname>name</fieldname> + <fielddescr>Name</fielddescr> + <description> + You may enter name here. Name must consist of minimum 2 symbols, first from which letter. <br> + All other symbols must be [a-Z_0-9]. + </description> + <type>input</type> + <required/> + <size>100</size> + </field> + <field> + <fieldname>enablelog</fieldname> + <fielddescr>Enable log</fielddescr> + <type>checkbox</type> + <description>Check this for enable log.</description> + </field> + <field> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + <description>You may enter a description here for your reference (not parsed).</description> + <type>input</type> + <size>100</size> + </field> + <field> + <fielddescr> + <b>Rewrite rule.</b><br> + Define how url will be replaced.</fielddescr> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>Target URL</fielddescr> + <fieldname>targeturl</fieldname> + <type>input</type> + <size>50</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Replace to</fielddescr> + <fieldname>replaceto</fieldname> + <type>input</type> + <size>69</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Case ins.</fielddescr> + <fieldname>caseins</fieldname> + <type>checkbox</type> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Http 301</fielddescr> + <fieldname>http301</fieldname> + <type>checkbox</type> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Http 302</fielddescr> + <fieldname>http302</fieldname> + <type>checkbox</type> + </rowhelperfield> + </rowhelper> + </field> + <field> + <fieldname>note</fieldname> + <fielddescr>Note</fielddescr> + <type>checkbox</type> + <description> + <b>Rewrite rule</b>-define how url will are replaced.<br> + <b>Target url</b>-contains destination url or his template. Url template example: */cc32e46.exe <br> + <b>Replace to</b>-contains replacing url. + </description> + </field> + </fields> + <custom_php_after_form_command> + squidGuard_print_javascript(); + </custom_php_after_form_command> + <custom_php_validation_command> + squidguard_validate_rewrite($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> +// squidguard_resync_rewrite(); + </custom_php_resync_config_command> +</packagegui> diff --git a/packages/squidGuard/squidguard_src.xml b/packages/squidGuard/squidguard_src.xml new file mode 100644 index 00000000..1b79cb27 --- /dev/null +++ b/packages/squidGuard/squidguard_src.xml @@ -0,0 +1,109 @@ +<?xml version="1.0" encoding="utf-8"?> +<packagegui> + <include_file>squidguard.inc</include_file> + <name>squidguardsrc</name> + <title>Proxy server filter SquidGuard: Sources</title> + <delete_string>A proxy server user has been deleted.</delete_string> + <addedit_string>A proxy server user has been created/modified.</addedit_string> + <tabs> + <tab> + <text>General settings</text> + <url>/pkg_edit.php?xml=squidguard.xml&id=0</url> + </tab> + <tab> + <text>Default</text> + <url>/pkg_edit.php?xml=squidguard_default.xml&id=0</url> + </tab> + <tab> + <text>ACL</text> + <url>/pkg.php?xml=squidguard_acl.xml</url> + </tab> + <tab> + <text>Sources</text> + <url>/pkg.php?xml=squidguard_src.xml</url> + <active/> + </tab> + <tab> + <text>Destinations</text> + <url>/pkg.php?xml=squidguard_dest.xml</url> + </tab> + <tab> + <text>Times</text> + <url>/pkg.php?xml=squidguard_time.xml</url> + </tab> + <tab> + <text>Rewrites</text> + <url>/pkg.php?xml=squidguard_rewr.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/pkg_edit.php?xml=squidguard_log.xml</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fieldname>name</fieldname> + <fielddescr>Source name</fielddescr> + </columnitem> + <columnitem> + <fieldname>iplist</fieldname> + <fielddescr>IP list</fielddescr> + </columnitem> + <columnitem> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <fieldname>name</fieldname> + <fielddescr>Source name</fielddescr> + <description> + You can enter name here. Name consist minimum 2 symbols, first from which letter. <br> + All other symbols is [a-Z_0-9]. Source name must be <b>unique</b> . + </description> + <type>input</type> + <required/> + <size>80</size> + </field> + <field> + <fieldname>iplist</fieldname> + <fielddescr>IP addresses</fielddescr> + <description> + Enter IP addresses here with space(' ') divider. <br> + IP addresses must be in format:<br> + ip xxx.xxx.xxx.xxx [...] or ip xxx.xxx.xxx.xxx/nn [...] or <br> + ip xxx.xxx.xxx.xxx/mmm.mmm.mmm.mmm [...] or ip xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy [...] <br> + where: <br> + xxx.xxx.xxx.xxx is an IP address (host or net, i.e. 10.11.12.13 or 10.11.12.0), /nn a net prefix (i.e. /23), <br> + mmm.mmm.mmm.mmm is a netmask (i.e. 255.255.254.0) and yyy.yyy.yyy.yyy is a host address <br> + (must be >= xxx.xxx.xxx.xxx) + </description> + <type>textarea</type> + <cols>50</cols> + <rows>10</rows> + </field> + <field> + <fieldname>enablelog</fieldname> + <fielddescr>Enable log</fielddescr> + <type>checkbox</type> + <description>Check this for enable log.</description> + </field> + <field> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + <description></description> + <type>input</type> + <size>80</size> + </field> + </fields> + <custom_php_after_form_command> + squidGuard_print_javascript(); + </custom_php_after_form_command> + <custom_php_validation_command> + squidguard_validate_source($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> +// squidguard_resync_time(); + </custom_php_resync_config_command> +</packagegui> diff --git a/packages/squidGuard/squidguard_time.xml b/packages/squidGuard/squidguard_time.xml new file mode 100644 index 00000000..53ebcd2e --- /dev/null +++ b/packages/squidGuard/squidguard_time.xml @@ -0,0 +1,127 @@ +<?xml version="1.0" encoding="utf-8"?> +<packagegui> + <include_file>squidguard.inc</include_file> + <name>squidguardtime</name> + <title>Proxy server filter SquidGuard: Times</title> + <delete_string>A proxy server user has been deleted.</delete_string> + <addedit_string>A proxy server user has been created/modified.</addedit_string> + <tabs> + <tab> + <text>General settings</text> + <url>/pkg_edit.php?xml=squidguard.xml&id=0</url> + </tab> + <tab> + <text>Default</text> + <url>/pkg_edit.php?xml=squidguard_default.xml&id=0</url> + </tab> + <tab> + <text>ACL</text> + <url>/pkg.php?xml=squidguard_acl.xml</url> + </tab> + <tab> + <text>Sources</text> + <url>/pkg.php?xml=squidguard_src.xml</url> + </tab> + <tab> + <text>Destinations</text> + <url>/pkg.php?xml=squidguard_dest.xml</url> + </tab> + <tab> + <text>Times</text> + <url>/pkg.php?xml=squidguard_time.xml</url> + <active/> + </tab> + <tab> + <text>Rewrites</text> + <url>/pkg.php?xml=squidguard_rewr.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/pkg_edit.php?xml=squidguard_log.xml</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fieldname>name</fieldname> + <fielddescr>Timename</fielddescr> + </columnitem> + <columnitem> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <fieldname>name</fieldname> + <fielddescr>Name</fielddescr> + <description>Enter the time name here.</description> + <type>input</type> + <required/> + <size>80</size> + </field> + <field> + <type>rowhelper</type> + <fielddescr>Values</fielddescr> + <rowhelper> + <rowhelperfield> + <fielddescr>Time type</fielddescr> + <fieldname>timetype</fieldname> + <description></description> + <type>select</type> + <value>weekly</value> + <options> + <option><value>weekly</value><name>Weekly</name></option> + <option><value>date</value><name>Date</name></option> + </options> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Days</fielddescr> + <fieldname>timedays</fieldname> + <description></description> + <type>select</type> + <value>*</value> + <options> + <option><value>*</value><name>all</name></option> + <option><value>mon</value><name>mon</name></option> + <option><value>tue</value><name>tue</name></option> + <option><value>wed</value><name>wed</name></option> + <option><value>thu</value><name>thu</name></option> + <option><value>fri</value><name>fri</name></option> + <option><value>sat</value><name>sat</name></option> + <option><value>sun</value><name>sun</name></option> + </options> + </rowhelperfield> + <rowhelperfield> + <type>input</type> + <size>40</size> + <fieldname>daterange</fieldname> + <fielddescr>Date or Date range</fielddescr> + <description>00:00-08:00 15:00-21:00 Format: *.01.01</description> + </rowhelperfield> + <rowhelperfield> + <type>input</type> + <size>20</size> + <fieldname>timerange</fieldname> + <fielddescr>Time range</fielddescr> + <description>00:00-08:00</description> + </rowhelperfield> + </rowhelper> + </field> + <field> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + <description>You may enter a description here for your reference (not parsed).</description> + <type>input</type> + <size>80</size> + </field> + </fields> + <custom_php_after_form_command> + squidGuard_print_javascript(); + </custom_php_after_form_command> + <custom_php_validation_command> + squidguard_validate_times(&$_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> +// squidguard_resync_time(); + </custom_php_resync_config_command> +</packagegui> |