aboutsummaryrefslogtreecommitdiffstats
path: root/packages/squidGuard
diff options
context:
space:
mode:
authorD. V. Serg <dvserg@pfsense.org>2007-11-08 12:12:39 +0000
committerD. V. Serg <dvserg@pfsense.org>2007-11-08 12:12:39 +0000
commit691da8b941d64ac8fe78c5517da00c453f2bab24 (patch)
treec0a706521de8989bcb445709afb3f30c5b413044 /packages/squidGuard
parent8a9ea051b652fdc909693f5e4b053a0bc6d509a6 (diff)
downloadpfsense-packages-691da8b941d64ac8fe78c5517da00c453f2bab24.tar.gz
pfsense-packages-691da8b941d64ac8fe78c5517da00c453f2bab24.tar.bz2
pfsense-packages-691da8b941d64ac8fe78c5517da00c453f2bab24.zip
*** empty log message ***
Diffstat (limited to 'packages/squidGuard')
-rw-r--r--packages/squidGuard/squidguard.inc1177
-rw-r--r--packages/squidGuard/squidguard_acl.xml148
-rw-r--r--packages/squidGuard/squidguard_cls.inc1176
-rw-r--r--packages/squidGuard/squidguard_default.xml104
-rw-r--r--packages/squidGuard/squidguard_dest.xml147
-rw-r--r--packages/squidGuard/squidguard_log.xml68
-rw-r--r--packages/squidGuard/squidguard_rewr.xml131
-rw-r--r--packages/squidGuard/squidguard_src.xml109
-rw-r--r--packages/squidGuard/squidguard_time.xml127
9 files changed, 3187 insertions, 0 deletions
diff --git a/packages/squidGuard/squidguard.inc b/packages/squidGuard/squidguard.inc
new file mode 100644
index 00000000..9f044574
--- /dev/null
+++ b/packages/squidGuard/squidguard.inc
@@ -0,0 +1,1177 @@
+<?php
+
+# ---------------------------------------------------------------------------------------------------------------------
+# squidguard.inc
+# (C)2006 Serg Dvoriancev
+/* Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+# ---------------------------------------------------------------------------------------------------------------------
+
+if ($_SERVER['SCRIPT_FILENAME'] == '/usr/local/www/packages/config/squidguard.inc') {
+ exit;
+}
+
+require_once('globals.inc');
+require_once('config.inc');
+require_once('util.inc');
+require_once('pfsense-utils.inc');
+require_once('pkg-utils.inc');
+require_once('filter.inc');
+require_once('service-utils.inc');
+require_once('squidguard_cls.inc');
+# ---------------------------------------------------------------------------------------------------------------------
+define('SQUIDGUARD_CONFBASE', '/usr/local/etc/squid');
+define('SQUIDGUARD_CONFFILE', '/squidguard.conf.test');
+define('SQUIDGUARD_BINPATH', '/usr/local/bin');
+define('SQUIDGUARD_WORKDIR', '/usr/local/etc/squidGuard');
+define('SQUIDGUARD_DBHOME', '/var/db/squidGuard');
+
+define('SQUIDGUARD_WEBGUI_LOG', '/squidguard_gui.log');
+define('SQUIDGUARD_WEBGUI_HISTORY_LOG', '/squidguard_gui_history.log');
+
+# ---------------------------------------------------------------------------------------------------------------------
+
+define('FLD_NAME', 'name');
+define('FLD_DEST', 'dest');
+define('FLD_SOURCE', 'source');
+define('FLD_DESTINATION', 'dest');
+define('FLD_REWRITE', 'rewrite');
+define('FLD_REDIRECT', 'redirect');
+define('FLD_TIME', 'time');
+define('FLD_OVERDESTINATION', 'overdestination');
+define('FLD_OVERREWRITE', 'overrewrite');
+define('FLD_OVERREDIRECT', 'overredirect');
+define('FLD_TARGETURL', 'targeturl');
+define('FLD_REPLACETO', 'replaceto');
+define('FLD_TIMETYPE', 'timetype');
+define('FLD_TIMEDAYS', 'timedays');
+define('FLD_DATERANGE', 'daterange');
+define('FLD_TIMERANGE', 'timerange');
+define('FLD_IPLIST', 'iplist');
+define('FLD_DESCRIPTION', 'description');
+define('FLD_EXPRESSIONS', 'expressions');
+define('FLD_DOMAINS', 'domains');
+define('FLD_URLS', 'urls');
+define('FLD_DISABLED', 'disabled');
+define('FLD_ENABLELOG', 'enablelog');
+
+define('PREFLD_UPTIME', 'uptime_');
+define('PREFLD_UPTIME_DENY', 'uptimedeny_');
+define('PREFLD_OVERTIME', 'overtime_');
+define('PREFLD_OVERTIME_DENY', 'overtimedeny_');
+
+define('MODULE_GENERAL', 'squidguardgeneral');
+define('MODULE_DEFAULT', 'squidguarddefault');
+define('MODULE_ACL', 'squidguardacl');
+define('MODULE_DESTINATION', 'squidguarddest');
+define('MODULE_REWRITE', 'squidguardrewrite');
+define('MODULE_SOURCE', 'squidguardsrc');
+define('MODULE_TIME', 'squidguardtime');
+define('MODULE_LOG', 'squidguardlog');
+
+define('BLACKLIST_DEFAULT_URL', 'http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz'); // 360Kb
+//define('BLACKLIST_DEFAULT_URL', 'http://squidguard.mesd.k12.or.us/blacklists.tgz'); // 3.5Mb
+// define('BLACKLIST_DEFAULT_URL', 'http://blacklist.dansguardian.org/cgi-bin/download.pl?type=download&file=bigblacklist');
+define('BLACKLIST_TMP_FILE', '/var/tmp/blacklists.tar.gz');
+define('BLACKLIST_BTN_STD', 'Upload Std');
+define('BLACKLIST_BTN_URL', 'Upload Url');
+define('BLACKLIST_BTN_FILE', 'Upload File');
+define('BLACKLIST_LOGFILE', 'blacklist.log');
+
+define('APPLY_BTN', 'Apply');
+
+define('WEBGUI_HISTORY_LOG', 'on');
+
+define('TEST_LOG', '/var/tmp/sqtest.test');
+
+# ---------------------------------------------------------------------------------------------------------------------
+# squidguard_object
+# ---------------------------------------------------------------------------------------------------------------------
+$squidguard_object = create_squidguard_object();
+
+
+# ---------------------------------------------------------------------------------------------------------------------
+# functions
+# ---------------------------------------------------------------------------------------------------------------------
+
+function create_squidguard_object() {
+ $sg_object = new SquidGuardConfigClass();
+ $sg_object->debug_history .= "->create_squidguard_object";
+ $sg_object->set_options(SQUIDGUARD_BINPATH, SQUIDGUARD_WORKDIR, SQUIDGUARD_DBHOME);
+
+ squidguard_ini_object(&$sg_object);
+ return $sg_object;
+}
+
+function squidguard_ini_object($sg_object) {
+ global $config;
+
+ $sg_object->debug_history .= "->squidguard_ini_object";
+ $sg_object->init();
+ if ($config['installedpackages'][MODULE_GENERAL]['config'][0]['squidguard_enable'] != '')
+ $sg_object->enabled = true;
+ else $sg_object->enabled = false;
+
+ if ($config['installedpackages'][MODULE_GENERAL]['config'][0]['blacklist'] != '')
+ $sg_object->blacklist_enabled = true;
+ else $sg_object->blacklist_enabled = false;
+
+ // rewrite's
+ $rewrite = $config['installedpackages'][MODULE_REWRITE]; // ['config'];
+ if (is_array($rewrite)) {
+ foreach($rewrite['config'] as $rew) {
+ // rewrite object
+ $sg_rew =& $sg_object->add_rewrite($rew[FLD_NAME], $rew[FLD_DESCRIPTION], $rew[FLD_ENABLELOG]);
+ if (is_array($rew) and count($rew['row'])) {
+ foreach($rew['row'] as $row) {
+ // rewrite items
+ $sg_rew->add_item($row[FLD_TARGETURL], $row[FLD_REPLACETO]);
+ }
+ }
+ }
+ }
+
+ // time's
+ $time = $config['installedpackages'][MODULE_TIME]['config'];
+ if (is_array($time)) {
+ foreach($time as $tm) {
+ // time object
+ $sg_time =& $sg_object->add_time($tm[FLD_NAME], $tm[FLD_DESCRIPTION]);
+ foreach($tm['row'] as $row) {
+ // time items
+ if ($row[FLD_TIMETYPE] == 'date') // 0 - "date"$FLD_TIMETYPE
+ $sg_time->add_date ($row[FLD_DATERANGE], $row[FLD_TIMERANGE]);
+ else $sg_time->add_weekly ($row[FLD_TIMEDAYS], /* $row[FLD_DATERANGE], */$row[FLD_TIMERANGE]);
+ }
+ }
+ }
+
+ // source's
+ $source = $config['installedpackages'][MODULE_SOURCE]['config'];
+ if (is_array($source)) {
+ foreach($source as $src) {
+ // source object
+ $sg_src =& $sg_object->add_src($src[FLD_NAME], $src[FLD_IPLIST],
+ $src[FLD_DESCRIPTION], $src[FLD_ENABLELOG]);
+ }
+ }
+
+ // destination's
+ $destination = $config['installedpackages'][MODULE_DESTINATION]['config'];
+ if (is_array($destination)) {
+ foreach($destination as $dest) {
+ // destination object
+ $sg_ds =& $sg_object->add_dest($dest[FLD_NAME], $dest[FLD_DOMAINS], $dest[FLD_URLS],
+ $dest[FLD_EXPRESSIONS], $dest[FLD_REDIRECT], $dest[FLD_DESCRIPTION],
+ $dest[FLD_ENABLELOG]);
+ }
+ }
+
+ // acl's
+ $acl = $config['installedpackages'][MODULE_ACL]['config'];
+ if (is_array($acl)) {
+ foreach($acl as $ac) {
+ $passes = str_replace("]", "", trim($ac[FLD_DESTINATION]));
+ $passes = explode("[", $passes);
+ $pass = "";
+ $overpass = "";
+ if (is_array($passes)) {
+ $pass = $passes[0];
+ $overpass = $passes[1];
+ }
+ // acl object; log defined only for default acl
+ $sg_acl =& $sg_object->add_acl(
+ $ac[FLD_SOURCE], $ac[FLD_TIME], $ac[FLD_DESCRIPTION],
+ array('pass' => $pass, 'rewrite'=>$ac[FLD_REWRITE], 'redirect'=>$ac[FLD_REDIRECT], 'log'=>''),
+ array('pass' => $overpass, 'rewrite'=>$ac[FLD_REWRITE], 'redirect'=>$ac[FLD_REDIRECT], 'log'=>''),
+ $ac[FLD_DISABLED]
+ );
+ }
+ }
+
+ // default acl; log defined only for default acl
+ $acdef = $config['installedpackages'][MODULE_DEFAULT]['config'][0];
+ if (is_array($acdef)) {
+ $passes = str_replace("]", "", trim($acdef[FLD_DESTINATION]));
+ $passes = explode("[", $passes);
+ $pass = "";
+ $overpass = "";
+ if (is_array($passes)) {
+ $pass = $passes[0];
+ $overpass = $passes[1];
+ }
+ // default acl object
+ $sg_object->set_default_acl(
+ $acdef[FLD_TIME], $acdef[FLD_DESCRIPTION],
+ array('pass' => $pass, 'rewrite'=>$acdef[FLD_REWRITE], 'redirect'=>$acdef[FLD_REDIRECT], 'log'=>$acdef[FLD_ENABLELOG]),
+ array('pass' => $overpass, 'rewrite'=>$acdef[FLD_REWRITE], 'redirect'=>$acdef[FLD_REDIRECT], 'log'=>$acdef[FLD_ENABLELOG]),
+ $acdef[FLD_DISABLED]
+ );
+ }
+
+ // update squidguard object
+ $sg_object->update();
+}
+
+
+# ---------------------------------------------------------------------------------------------------------------------
+# install/deinstall
+# ---------------------------------------------------------------------------------------------------------------------
+function squidguard_deinstall() {
+
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# Upload file to /var/tmp directory
+# ---------------------------------------------------------------------------------------------------------------------
+function upload_file($file) {
+ global $squidguard_object;
+
+ $res = '';
+ $cat = '/var/tmp/';
+
+$squidguard_object->add_log("FILES: " . count($_FILES));
+
+ if (isset($_FILES[$file])) { // if file exists
+ if (move_uploaded_file($_FILES[$file]['tmp_name'], $cat . $_FILES[$file]['name'])) {
+ $res = true;
+ } // else blacklist_add_log('Нифига нет Files=' . count($_FILES));
+ }
+ return $res;
+}
+
+
+# ---------------------------------------------------------------------------------------------------------------------
+# default squidguard blacklist
+# http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz
+# ---------------------------------------------------------------------------------------------------------------------
+// upload file and put them to temp catalog
+function upload_file_from_url($url_file, $destination_file, $proxy) {
+ global $squidguard_object;
+
+ // open destination file
+ $upload_tmp = '/var/tmp/blacklists.tar.gz';
+ $result = '';
+ $squidguard_object->add_log("Begin upload from URL $url_file");
+
+ $ch = curl_init();
+ curl_setopt($ch, CURLOPT_URL,BLACKLIST_DEFAULT_URL);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
+ if ($proxy != '') {
+ $ip = '';
+ $login = '';
+ $s = trim($proxy);
+ if (strpos($s, ' ')) {
+ $ip = substr($s, 0, strpos($s, ' '));
+ $login = substr($s, strpos($s, ' ') + 1);
+ } else $ip = $s;
+
+ if($ip != '') {
+ $s_log = "Host[$ip] ";
+ curl_setopt($ch, CURLOPT_PROXY, $ip);
+ if($login != '') {
+ $s_log .= "Login[$login]";
+ curl_setopt($ch, CURLOPT_PROXYUSERPWD, $login);
+ }
+ $squidguard_object->add_log("Proxy settings: $s_log");
+ }
+ } else $squidguard_object->add_log("Proxy: not defined");
+ $result=curl_exec ($ch);
+ curl_close ($ch);
+
+ // TODO: check uploaded content for '.gz' file format
+
+ if (file_put_contents($upload_tmp, $result) > 0) {
+ $squidguard_object->add_log("Uploaded success.");
+ } else $squidguard_object->add_log("Upload error.");
+ return $upload_tmp;
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# Validates
+# ---------------------------------------------------------------------------------------------------------------------
+function squidguard_validate_default($post, $input_errors) {
+ squidguard_validate_acl($post, &$input_errors);
+}
+
+function squidguard_validate_acl($post, $input_errors) {
+ global $config;
+ $pass_up = array();
+ $deny_up = array();
+ $pass_up_val = '';
+ $pass_over = array();
+ $deny_over = array();
+ $pass_over_val = '';
+
+ // ===== store destinations to 'dest' value =====
+ foreach ($post as $key => $val) {
+ if (substr_count($key, PREFLD_UPTIME) != 0) {
+ $name = str_replace(PREFLD_UPTIME, '', $key);
+ if ($name)
+ $pass_up[$name] = 'on';
+ }
+ elseif (substr_count($key, PREFLD_UPTIME_DENY) != 0) {
+ $name = str_replace(PREFLD_UPTIME_DENY, '', $key);
+ if ($name)
+ $deny_up[$name] = 'on';
+ }
+ elseif (substr_count($key, PREFLD_OVERTIME) != 0) {
+ $name = str_replace(PREFLD_OVERTIME, '', $key);
+ if ($name)
+ $pass_over[$name] = 'on';
+ }
+ elseif (substr_count($key, PREFLD_OVERTIME_DENY) != 0) {
+ $name = str_replace(PREFLD_OVERTIME_DENY, '', $key);
+ if ($name)
+ $deny_over[$name] = 'on';
+ }
+ }
+
+ foreach ($pass_up as $key => $val) {
+ if ($deny_up[$key])
+ $pass_up_val .= " !$key";
+ else $pass_up_val .= " $key";
+ }
+
+ foreach ($pass_over as $key => $val) {
+ if ($deny_over[$key])
+ $pass_over_val .= " !$key";
+ else $pass_over_val .= " $key";
+ }
+
+ // if not exists key 'all', then add '!all' - default 'deny all' (equiqalence 'none')
+ if ((substr_count($pass_up_val, 'all') == 0)) {
+ $pass_up_val .= ' !all';
+ }
+
+ if (!empty($pass_over_val) && (substr_count($pass_over_val, 'all') == 0)) {
+ $pass_over_val .= ' !all';
+ }
+
+ if (empty($pass_over_val))
+ $post[FLD_DEST] = "$pass_up_val";
+ else $post[FLD_DEST] = "$pass_up_val [$pass_over_val]";
+}
+
+function squidguard_validate_times($post, $input_errors) {
+
+ // check name
+ $name = trim($post[FLD_NAME]);
+ if(!empty($name)) {
+ $err = check_name($name);
+ if (!empty($err))
+ $input_errors[] = $err;
+ }
+
+ // check unique name
+ if (!check_unique_name(MODULE_TIME, $name))
+ $input_errors[] = "Name '$name' already exists";
+
+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ # Format:
+ # date: <date(or range)><time (or range)> -- days not parsed (reset to *)
+ # weekly: <day or *><time or range> -- dates not parsed (reset to '')
+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+ $err = '';
+ for ($i=0; $post[FLD_TIMETYPE . "$i"] != ''; $i++) {
+ $timetype = strtolower($post[FLD_TIMETYPE . "$i"]);
+ if ($timetype == 'date') {
+ // set timedays to '*'
+ $post[FLD_TIMEDAYS . "$i"] = '*';
+
+ // check date and time
+ $date = trim($post[FLD_DATERANGE."$i"]);
+ $time = trim($post[FLD_TIMERANGE."$i"]);
+ $err = check_date($date);
+ if (!empty($err)) $input_errors[] = $err;
+ $err = check_time($time);
+ if (!empty($err)) $input_errors[] = $err;
+ } else {
+ // set daterange to ''
+ $post[FLD_DATERANGE . "$i"] = '';
+
+ // check time
+ $time = trim($post[FLD_TIMERANGE."$i"]);
+ $err = check_time($time);
+ if (!empty($err)) $input_errors[] = $err;
+ }
+ }
+
+ if (!empty($err))
+ $input_errors .= $err;
+}
+
+function squidguard_validate_source($post, $input_errors) {
+ // check name
+ $name = trim($post[FLD_NAME]);
+ if(!empty($name)) {
+ $err = check_name($name); // validate name content
+ if (!empty($err))
+ $input_errors[] = $err;
+
+ // check unique name
+ if (!check_unique_name(MODULE_SOURCE, $name))
+ $input_errors[] = "Name '$name' already exists";
+ }
+}
+
+function squidguard_validate_destination($post, $input_errors) {
+ // check name
+ $name = trim($post[FLD_NAME]);
+ if(!empty($name)) {
+ $err = check_name($name); // validate name content
+ if (!empty($err))
+ $input_errors[] = $err;
+
+ // check unique name
+ if (!check_unique_name(MODULE_DESTINATION, $name))
+ $input_errors[] = "Name '$name' already exists";
+ }
+}
+
+function squidguard_validate_rewrite($post, $input_errors) {
+ // check name
+ $name = trim($post[FLD_NAME]);
+ if(!empty($name)) {
+ // check name format <char><symbols without space> - Ab123
+ $err = check_name($name);
+ if (!empty($err))
+ $input_errors[] = $err;
+
+ // check unique name
+ if (!check_unique_name(MODULE_REWRITE, $name))
+ $input_errors[] = "Name '$name' already exists";
+ }
+}
+
+// ---------------------------------------------------------------------------------------------------------------------
+// Resync & Make
+// ---------------------------------------------------------------------------------------------------------------------
+
+function squidguard_resync() {
+ global $squidguard_object;
+ $sg_object;
+ if (is_null($squidguard_object)) {
+ $squidguard_object = create_squidguard_object();
+ }
+ $sg_object = $squidguard_object;
+ $sg_object->debug_history .= "->squidguard_resync";
+ squidguard_ini_object(&$sg_object);
+
+ $conf = '';
+ $upload_file = '';
+
+ if ($_POST['submit'] == BLACKLIST_BTN_STD) {
+ // upload from std url
+ $proxy = $_POST['blacklist_proxy'];
+ $upload_file = upload_file_from_url(BLACKLIST_DEFAULT_URL, BLACKLIST_TMP_FILE, $proxy);
+ $sg_object->update_blacklist($upload_file);
+ } else
+
+ if ($_POST['submit'] == BLACKLIST_BTN_URL) {
+ // upload from another url
+ $url = $_POST['blacklist_url'];
+ $proxy = $_POST['blacklist_proxy'];
+ if ($url)
+ $upload_file = upload_file_from_url($url, BLACKLIST_TMP_FILE, $proxy);
+ $sg_object->update_blacklist($upload_file);
+ } else
+
+ if ($_POST['submit'] == BLACKLIST_BTN_FILE) {
+ /* $upload_file = $_POST['blacklist_file'];
+ blacklist_add_log('Begin upload from file ' . $upload_file . '.\r');
+ if (upload_file(''))
+ blacklist_add_log('Success.\r');
+ else {
+ blacklist_add_log('Error.\r');
+ $upload_file = '';
+ }
+ $sg_object->update_blacklist($upload_file); */
+ // $sg_object->update_blacklist('/var/tmp/blacklists.tar');
+upload_file('');
+ } else
+
+ // apply changes
+ if ($_POST['submit'] == APPLY_BTN) {
+ // reconfigure service
+ $sg_object->reconfigure();
+ } else
+
+ // start test squidGuard
+ /*if ($_POST['test_squidguard'] != '')*/ {
+ $result = '';
+ $src_urls = $_POST['test_squidguard_urls'];
+ $result = $sg_object->test_work($src_urls);
+ file_put_contents(TEST_LOG, $result);
+ }
+
+}
+// -----------------------------------------------------------------------------
+// common functions
+// -----------------------------------------------------------------------------
+function get_pkg_items_list($pkg_gui_name, $fieldname) {
+ $res = '';
+ global $config;
+ $conf = $config['installedpackages'][$pkg_gui_name]['config'];
+ foreach($conf as $cf)
+ $res[] = $cf[$fieldname];
+ return $res;
+}
+
+// -----------------------------------------------------------------------------
+// Resync
+// -----------------------------------------------------------------------------
+
+function squidguard_resync_rewrite() { // rewrite
+ $conf = "";
+ // ----- nothing for do -----
+ return $conf;
+}
+
+function squidguard_resync_time() { // resync time
+ global $config;
+
+ $conf = '';
+ $times = $config['installedpackages']['squidguardtime']['config'];
+
+ if (is_array($times)) {
+ foreach($times as $tm) {
+ $timevalue = '';
+ $conf .= "\n time " . $tm['timename'] . " {";
+ foreach($tm['row'] as $rw) {
+ if ($rw['timetype'] == 'date') {
+ $timevalue .= $rw['timetype'] . ' ' . $rw['timelist'];
+ $conf .= "\n date" . $rw['timelist'];
+ } else {
+ $timevalue .= $rw['timetype'] . ' ' . $rw['timedays'] . ' ' . $rw['timelist'];
+ $conf .= "\n weekly " . $rw['timedays'] . ' ' . $rw['timelist'];
+ }
+ }
+ $conf .= "\n } \n";
+ $config['installedpackages']['squidguardtime']['config']['timevalue'] = "1110";//$timevalue;
+ }
+ }
+
+// file_put_contents("/var/tmp/squidguard.test", $conf);
+
+ return $conf;
+}
+
+function squidguard_resync_src() { // source
+ $conf = "";
+ // ----- nothing for do -----
+ return $conf;
+}
+
+function squidguard_resync_std_dest() { // standart destinations
+ global $config;
+ $settings = $config['installedpackages']['squidguard']['config'][0];
+ $conf = "";
+
+ // ads
+ $conf .= make_dest(FLT_ADS, "ads/domains", "ads/urls", "", "");
+ // aggressive
+ $conf .= make_dest(FLT_AGGRESSIVE, "aggressive/domains", "aggressive/urls", "", "");
+ // audio & video
+ $conf .= make_dest(FLT_AUDIOVIDEO, "audio-video/domains", "audio-video/urls", "", "");
+ // Druggs
+ $conf .= make_dest(FLT_DRUGGS, "drugs/domains", "drugs/urls", "", "");
+ // Gambling
+ $conf .= make_dest(FLT_GAMBLING, "gambling/domains", "gambling/urls", "", "");
+ // Hacking
+ $conf .= make_dest(FLT_HACKING, "hacking/domains", "hacking/urls", "", "");
+ // Mail
+ $conf .= make_dest(FLT_MAIL, "mail/domains", "mail/urls", "", "");
+ // Porn
+ $conf .= make_dest(FLT_PORN, "porn/domains", "porn/urls", "", "");
+ // proxy
+ $conf .= make_dest(FLT_PROXY, "proxy/domains", "proxy/urls", "", "");
+ // Violence
+ $conf .= make_dest(FLT_VIOLENCE, "violence/domains", "violence/urls", "", "");
+ // Warez
+ $conf .= make_dest(FLT_WAREZ, "warez/domains", "warez/urls", "", "");
+
+ return $conf;
+}
+
+function squidguard_resync_user_dst() { // user destinations
+}
+
+function squidguard_resync_dest() { // destination
+ $conf = "";
+ // ----- nothing for do -----
+ return $conf;
+}
+
+function squidguard_resync_acl() { // acl
+ $conf = "";
+ // ----- nothing for do -----
+ return $conf;
+}
+
+// -----------------------------------------------------------------------------
+// Before form
+// -----------------------------------------------------------------------------
+
+function squidguard_before_form_dest($pkg) {
+ global $config;
+ $expr_names = '';
+ $expressions = '';
+
+ // update expressions list
+ $expressions = $config['installedpackages']['squidguardexpr']['config'];
+ if (is_array($expressions )) {
+ foreach($expressions as $expr)
+ $expr_names[] = $expr['name'];
+ }
+
+ $i = 0;
+ foreach($pkg['fields']['field'] as $field) {
+ if ($field['fieldname'] == 'exprname') {
+ $fld = &$pkg['fields']['field'][$i];
+ $fld['options']['option'][] = array('name'=>'none (expressions not defined)', 'value'=>'');
+ foreach ($expr_names as $nm) {
+ $fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm);
+ }
+ break;
+ }
+ $i++;
+ }
+}
+
+function squidguard_before_form($pkg) {
+ $i=0;
+
+// <encType>multipart/form-data</encType>;
+
+ foreach($pkg['fields']['field'] as $field) {
+ // blacklist controls
+ if ($field['fieldname'] == 'blacklist') {
+ $fld = &$pkg['fields']['field'][$i];
+ $fld['description'] .= make_grid_blacklist(); // insert to description custom controls
+ }
+ // Apply button
+ if ($field['fieldname'] == 'squidguard_enable'){
+ $fld = &$pkg['fields']['field'][$i];
+ $fld['description'] .= make_grid_general_items(); // insert to description custom controls
+ }
+ // GUI log
+ if ($field['fieldname'] == 'view_gui_log') {
+ $fld = &$pkg['fields']['field'][$i];
+ $fld['description'] .= make_grid_general_items('gui_log'); // insert to description custom controls
+ }
+ $i++;
+ }
+}
+
+
+function squidguard_before_form_acl($pkg) {
+ global $config;
+ global $squidguard_object;
+ $current_id = '';
+
+ $sources = '';
+ $source_items = '';
+ $destinations = '';
+ $dest_items = '';
+ $rewrites = '';
+ $rewr_names = '';
+ $times = '';
+ $time_names = '';
+ $acls_up = '';
+ $acls_over = '';
+
+ $current_id = $_GET['id'];
+ if ($current_id == '')
+ $current_id = $_POST['id'];
+ if ($current_id == '')
+ $current_id = 0;
+
+ // sources
+ $sources = $config['installedpackages']['squidguardsrc']['config'];
+ if (is_array($sources)) {
+ foreach($sources as $src) {
+ $source_items[] = $src['name'];
+ }
+ }
+
+ // generate sources list TODO: exclude used names from list, source name used in ACL unique
+ $i=0;
+ foreach($pkg['fields']['field'] as $field) {
+ if ($field['fieldname'] == 'source') {
+ $fld = &$pkg['fields']['field'][$i];
+ foreach($source_items as $nm) {
+ $fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm);
+ }
+ }
+ $i++;
+ }
+
+ // destinations
+ // acls pass ---> prepare data for destinations; dest format 'uptime_dests_list [overtime_dests_list]'
+ $acl_dest = '';
+ if ($pkg['name'] == MODULE_DEFAULT) {
+ $current_id = 0;
+ $acl_dest = $config['installedpackages'][MODULE_DEFAULT]['config'][$current_id]['dest'];
+ }
+ else $acl_dest = $config['installedpackages'][MODULE_ACL]['config'][$current_id]['dest'];
+
+ if ($acl_dest) {
+ $overtime = '';
+ $pss = str_replace(']', '', $acl_dest);
+ $pss = explode(' ', $pss);
+ foreach($pss as $val) {
+ $name = str_replace('!', '', $val);
+ if ($val == '[') { $overtime = 'yes'; continue; }
+ elseif ($val == ']') { break; }
+ if (empty($overtime)) {
+ if($val[0] != '!')
+ $acls_up[$name] = 'pass';
+ else $acls_up[$name] = 'deny';
+ } else {
+ if($val[0] != '!')
+ $acls_over[$name] = 'pass';
+ else $acls_over[$name] = 'deny';
+ }
+ }
+ }
+
+ # --------------------------------------------------------------------------------------------------------------
+ # destinations
+ # --------------------------------------------------------------------------------------------------------------
+ if ($squidguard_object->blacklist_enabled) {
+ foreach($squidguard_object->blacklist as $dst)
+ $dest_items[] = array ('name'=>$dst->name, 'upt_value'=>$acls_up[$dst->name],
+ 'ovt_value'=>$acls_over[$dst->name], 'description'=>$dst->desc);
+ }
+
+ if ($squidguard_object->dests) {
+ foreach($squidguard_object->dests as $dst)
+ $dest_items[] = array ('name'=>$dst->name, 'upt_value'=>$acls_up[$dst->name],
+ 'ovt_value'=>$acls_over[$dst->name], 'description'=>$dst->desc);
+ }
+
+ // default all
+ $dest_items[] = array('name'=>FLT_DEFAULT_ALL, 'upt_value'=>$acls_up[FLT_DEFAULT_ALL],
+ 'ovt_value'=>$acls_over[FLT_DEFAULT_ALL], 'description'=>'Default access');
+
+ $i=0;
+ foreach($pkg['fields']['field'] as $field) {
+ if (($field['fieldname'] == 'dest')/* || ($field['fieldname'] == 'overdest')*/) {
+ $fld = &$pkg['fields']['field'][$i];
+ $fld['description'] .= make_grid_controls('checkbox', $dest_items); // insert to description custom controls
+ }
+ $i++;
+ }
+
+ // rewrites
+ $rewrites = $config['installedpackages'][MODULE_REWRITE]['config'];
+ if (is_array($rewrites)) {
+ foreach($rewrites as $rewr) {
+ $rewr_names[] = $rewr['name'];
+ }
+ }
+
+ $i=0;
+ foreach($pkg['fields']['field'] as $field) {
+ if (($field['fieldname'] == 'rewrite') || ($field['fieldname'] == 'overrewrite')) {
+ $fld = &$pkg['fields']['field'][$i];
+ $fld['options']['option'][] = array('name'=>'none (rewrite not defined)', 'value'=>'');
+ if (is_array($rewr_names)) {
+ foreach($rewr_names as $nm)
+ $fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm);
+ }
+ }
+ $i++;
+ }
+
+ // times
+ $times = $config['installedpackages']['squidguardtime']['config'];
+ if (is_array($times)) {
+ foreach($times as $tm) {
+ $time_names[] = $tm['name'];
+ }
+ }
+
+ $i=0;
+ foreach($pkg['fields']['field'] as $field) {
+ if ($field['fieldname'] == 'time') {
+ $fld = &$pkg['fields']['field'][$i];
+ $fld['options']['option'][] = array('name'=>'none (time not defined)', 'value'=>'');
+ if (is_array($time_names)) {
+ foreach($time_names as $nm)
+ $fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm);
+ }
+ break;
+ }
+ $i++;
+ }
+}
+
+function squidguard_before_form_log($pkg) {
+ global $config;
+ global $squidguard_object;
+ $i=0;
+ foreach($pkg['fields']['field'] as $field) {
+ if ($field['fieldname'] == 'logtype') {
+ $slog = '';
+ $mlog = $config['installedpackages'][MODULE_LOG]['config'][0];
+
+ $filename = '';
+ $fld = &$pkg['fields']['field'][$i];
+ if ($mlog['logtype'] == 'access_log') {
+ $filename = $squidguard_object->log_dir . "/" . SQUIDGUARD_ACCESSBLOCK_FILE;
+ if (file_exists($filename)) {
+ $s = file_get_contents($filename);
+ $s = explode("\n", $s);
+
+ $slog .= "<table cellSpacing=1 cellPadding=1 width='100%'>";
+ $slog .= "<tr><th>DateTime</th><th>IP</th><th>URL</th><th>Filter</th><th>ID</th><th>Method</th></tr>";
+ foreach($s as $vs) {
+ $slog .= "<tr>";
+ $sx = $vs;
+ $sx = str_replace("/- -", "", $sx);
+ $sx = str_replace("/-", "", $sx);
+ $sx = str_replace("Request", "", $sx);
+ $sx = str_replace("request", "", $sx);
+ $sx = str_replace("(", "", $sx);
+ $sx = str_replace(")", "", $sx);
+ $sx = str_replace("[", "", $sx);
+ $sx = str_replace("]", "", $sx);
+ $sx = explode(" ", $sx);
+ if (!empty($vs))
+ $slog .= "<tr>
+ <td style='vertical-align: top; white-space: nowrap;'>$sx[0] $sx[1]</td>
+ <td style='vertical-align: top;'>$sx[5]</td>
+ <td style='vertical-align: top;'>$sx[4]</td>
+ <td style='vertical-align: top;'>$sx[3]</td>
+ <td style='vertical-align: top;'>$sx[2]</td>
+ <td style='vertical-align: top;'>$sx[6]</td></tr>";
+ }
+ $slog .= "</table>";
+ }
+ } else
+ if ($mlog['logtype'] == 'webgui_log') {
+ $filename = $squidguard_object->log_dir . SQUIDGUARD_LOG_FILE;
+ if (file_exists($filename)) {
+ $slog .= file_get_contents($filename);
+ $slog = str_replace("\n", "<br>", $slog);
+ $slog = "<tr><td>$slog</td></tr>";
+ }
+ } else
+ if ($mlog['logtype'] == 'squidguard_log') {
+ $filename = $squidguard_object->log_dir . "/squidGuard.log";
+ if (file_exists($filename)) {
+ $slog .= file_get_contents($filename);
+ $slog = str_replace("\n", "<br>", $slog);
+ $slog = "<tr><td>$slog</td></tr>";
+ }
+ }
+
+// $slog .= $filename . "\n"; // debug
+
+ $fld['description'] .=
+ "</tr><tr><td><br></td>
+ <td><table width='100%' class=tabcont cellSpacing=0 cellPadding=1 border=1>$slog</table>";
+// "<table class=tabcont cellSpacing=0 cellPadding=0 border=1 width='100%'>$slog</table></td>";
+ }
+ $i++;
+ }
+}
+
+function squidguard_update_acl_dest($acl_name, $post) {
+ global $config;
+ $post['dest'] = 'fig vam';
+ #s='TST';
+ foreach($post as $k => $p)
+ $s .= $k . '=' . $p;
+}
+
+function make_grid_general_items($id = '')
+{
+ global $squidguard_object;
+ global $config;
+
+ $res = '';
+ $res .= "<table width='100%'>";
+
+ if ($id == '') {
+ // Apply
+ $res .= "<tr><td>After changing configuration Squid or squidGuard you must
+ <b>apply all changes</b></td><td><input name='submit'
+ type='submit' value='Apply'></td></tr>";
+ } else
+ if ($id == 'gui_log') {
+ if ($config['installedpackages']['squidguardgeneral']['config'][0]['view_gui_log'] == 'on') {
+ $log_content = $squidguard_object->get_log();
+ $res .= "<tr><td><br></td></tr>";
+ $res .= "<tr><td>Web GUI log</td></tr>";
+ $res .= "<tr><td vAlign=top width='100%'>
+ <textarea name='Name' rows=7 cols=65 wrap='on' readonly='on'>$log_content</textarea></td></tr>";
+ }
+ }
+
+ $res .= "</table>";
+ return $res;
+}
+
+function make_grid_blacklist() {
+ global $squidguard_object;
+
+ $style1 = 'class=vtable'; // 'class=vncell' ;// 'style="background-color: #FFF0E2;"';
+ $style2 = 'class=vtable';
+ $style2 = '';
+ $e_size = '80';
+
+ $res = '';
+ $res .= "<table width='100%'>";
+ $res .= "<tr><td><b>Proxy</b> settings</b></td> <td>Blacklist upload proxy - enter here, or leave blank.<br>
+ Format: host:[port login:pass] . Default proxy port 1080. Example: '192.168.0.1:8080 user:pass'</td><td>&nbsp;</td></tr>";
+ $res .= "<tr><td $style1>&nbsp;</td><td $style1><input name='blacklist_proxy' id='blacklist_proxy' type='text' size='$e_size'></td><td $style1><br></td></tr>";
+ $res .= "<tr><td $style3>Load from <b>Default</b></td> <td $style3><b>" . /*BLACKLIST_DEFAULT_URL .*/ "</b></td> <td $style3><input name='submit' value='" .
+ BLACKLIST_BTN_STD . "' type='submit'></td></tr>";
+ $res .= "<tr><td $style3>Load from <b>Url </b></td> <td $style3><input name='blacklist_url' id='blacklist_url'
+ type='text' size='$e_size'></td> <td $style3><input name='submit' value='" . BLACKLIST_BTN_URL . "' type='submit'>
+ </td></tr>";
+// $res .= "<tr><td $style1>Load from <b>File</b></td> <td $style1><input name='blacklist_file' id='blacklist_file'
+// type='file' size='$e_size'></td> <td $style1><input name='submit' value='" . BLACKLIST_BTN_FILE .
+// "' type='submit'></td></tr>";
+ $res .= "</table>";
+ return $res;
+}
+
+function make_grid_controls($type, $items) {
+ $res = '';
+ $tbl = '';
+ $color = '';
+ $color2 = '';
+ $x = 0;
+
+ foreach($items as $item) {
+ if ($x == 0) {
+ $color = 'style="background-color: #FFF0E2;"';
+ $color2 = '';
+ $x = 1;
+ } else {
+ $color = '';
+ $color2 = 'style="background-color: #FFF0E2;"';
+ $x = 0;
+ }
+
+ $name = $item['name'];
+ $upt_val = $item['upt_value'];
+ $ovt_val = $item['ovt_value'];
+ $description = $item['description'];
+ $upt_on = '';
+ $upt_deny = '';
+ $ovt_on = '';
+ $ovt_deny = '';
+
+ if ($upt_val) $upt_on = 'CHECKED';
+ if ($upt_val == 'deny') $upt_deny = 'CHECKED';
+
+ if ($ovt_val) $ovt_on = 'CHECKED';
+ if ($ovt_val == 'deny') $ovt_deny = 'CHECKED';
+
+ $tbl .= "<tr>";
+ $tbl .= "<td $color><input type=\"$type\" name=\"" . PREFLD_UPTIME . "$name\" $upt_on></td>";
+ $tbl .= "<td width=\"35%\" $color >$description [$name]</td>";
+ $tbl .= "<td $color><input type=\"$type\" name=\"" . PREFLD_UPTIME_DENY . "$name\" $upt_deny></td>";
+ $tbl .= "<td $color>deny access</td>";
+
+ $tbl .= "<td $color><input type=\"$type\" name=\"" . PREFLD_OVERTIME . "$name\" $ovt_on></td>";
+ $tbl .= "<td $color width=\"35%\" >$description [$name]</td>";
+ $tbl .= "<td $color><input type=\"$type\" name=\"" . PREFLD_OVERTIME_DENY . "$name\" $ovt_deny></td>";
+ $tbl .= "<td $color>deny access</td>";
+ $tbl .= "</tr>";
+ }
+
+ if (!empty($tbl)) {
+ $tbl = "<th/><th>Destinations in uptime</th><th/><th/><th/><th>Destinations in overtime</th><th/><th/>" .
+ "<tr><td/><td>Select destinations for uptime rule</td><td/><td/>
+ <td/><td>Select destination for overtime rule.<br>If time not defined, this part must be ignored</td><td/><td/></tr>"
+ . $tbl;
+
+ $res .= "<table>" . $tbl . "</table>";
+ }
+ return $res;
+}
+
+// -----------------------------------------------------------------------------
+
+function check_name ($name) {
+ $err = '';
+ $val = trim($name);
+
+ if ((strlen($val) < 2) || (strlen($val) > 16))
+ $err .= " Size of name must be between [2..16].";
+
+ // All symbols must be [a-zA-Z_0-9\-] First symbol = letter.
+ if (!eregi("^([a-zA-Z]{1})([a-zA-Z_0-9\-]+)$", $val))
+ $err .= " Invalid name $name. Valid name symbols: ['a-Z', '_', '0-9', '-']. First symbol must be a letter.";
+
+ return $err;
+}
+
+// --- Check unique name ---
+function check_unique_name($module_id, $name, $log='') {
+ $res = true;
+ $count_names = 0;
+ $is_self ='notself';
+
+ $id = $_GET['id'];
+ if (!isset($id))
+ $id = $_POST['id'];
+
+ $name_list = get_pkg_items_list($module_id, 'name');
+ $name_list_count = count($name_list);
+
+ for($j=0; $j<$name_list_count; $j++) {
+ $val = $name_list[$j];
+ if ($val == $name) {
+ $count_names++;
+ if ($j==$id) $is_self='self';
+ }
+ }
+
+ // if count names = 1, then check if add new record with this name(not valid) / or this is a self record(valid)
+ // else if count names > 1 - not valid
+ if ($count_names == 1) {
+ if ($id == name_list_count) { // this new record
+ $res = false;
+ $log = "*ID*";
+ }
+ elseif($is_self != 'self') { // not self record
+ $res = false;
+ $log = '*NOT SELF*';
+ }
+ }
+ elseif($count_names > 1) {
+ $res = false;
+ $log = '*COUNT*';
+ }
+ $log .= " id=$id is_self=$is_self count=$name_list_count";
+ return $res;
+}
+
+function check_date($date) {
+ $err = '';
+ $val = trim($date);
+ // date or date range format: 'yyyy-mm-dd', 'yyyy-m-d', 'yyyy.mm.dd' 'yyyy.mm.dd-yyyy.mm.dd'
+ if (!eregi("^([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})$", $val) &&
+ !eregi("^([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})-([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})$", $val))
+ $err .= " Invalid date " . $date .
+ " You mast use date or date range format: 'yyyy.mm.dd' and 'yyyy.mm.dd-yyyy.mm.dd' .
+ Any symbol in date can be set to *(any number). Example: '*-10-01', '199*-*1-*1' ." . $val ;
+ return $err;
+}
+
+function check_time($time) {
+ $err = '';
+ $val = trim($time);
+ // time range format: 'HH:MM-HH:MM'
+ if (!eregi("^([0-9]{2})\:([0-9]{2})-([0-9]{2})\:([0-9]{2})$", $val))
+ $err = '';//" Invalid time range time . You must use 'HH:MM-HH:MM' time range format. ";
+ return $err;
+}
+
+function check_ip($ip) {
+
+}
+
+
+function squidguard_print_javascript_main() {
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# Install & deinstall
+# ---------------------------------------------------------------------------------------------------------------------
+
+function squidguard_install_command() {
+ global $squidguard_object;
+}
+
+function squidguard_deinstall_command() {
+ mwexec('rm -rf ' . SQUIDGUARD_WORKDIR);
+ mwexec('rm -rf ' . SQUIDGUARD_DBHOME);
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# SquidGuard print JavaSrcript
+# ---------------------------------------------------------------------------------------------------------------------
+
+function squidGuard_print_javascript() {
+ $javascript = '';
+
+ $xml = $_GET["xml"];
+ if ($xml == "")
+ $xml = $_POST["xml"];
+
+ // squidguard_default.xml
+ if ($xml == "squidguard_default.xml") {
+ $javascript .= "\n<script language='JavaScript'>";
+ $javascript .= "\n<!--";
+ $javascript .= "\n document.iform.dest.disabled=1;";
+ $javascript .= "\n//-->";
+ $javascript .= "\n</script>";
+ } // if
+
+ // squidguard_acl.xml
+ if ($xml == "squidguard_acl.xml") {
+ $javascript .= "\n<script language='JavaScript'>";
+ $javascript .= "\n<!--";
+ $javascript .= "\n document.iform.dest.disabled=1;";
+ $javascript .= "\n//-->";
+ $javascript .= "\n</script>";
+
+ } // if
+
+ if ($xml == "squidguard_time.xml") {
+ $javascript .= "\n<script language='JavaScript'>";
+ $javascript .= "\n<!--";
+ $javascript .= "\n function on_updatecontrols() {";
+ $javascript .= "\n for (var i=0; i<99; i++) {";
+ $javascript .= "\n var elm = document.iform.elements['timetype' + i];";
+ $javascript .= "\n if (elm) {";
+ $javascript .= "\n document.iform.elements['timetype' + i].onclick = on_updatecontrols;";
+ $javascript .= "\n if (document.iform.elements['timetype' + i].value == 'weekly') {";
+ $javascript .= "\n document.iform.elements['timedays' + i].disabled = 0;";
+ $javascript .= "\n document.iform.elements['daterange' + i].disabled = 1;";
+ $javascript .= "\n }";
+ $javascript .= "\n else {";
+ $javascript .= "\n document.iform.elements['timedays' + i].disabled = 1;";
+ $javascript .= "\n document.iform.elements['daterange' + i].disabled = 0;";
+ $javascript .= "\n }";
+ $javascript .= "\n }";
+ $javascript .= "\n }";
+ $javascript .= "\n }";
+ $javascript .= "\n on_updatecontrols();";
+ $javascript .= "\n ";
+ $javascript .= "\n//-->";
+ $javascript .= "\n</script>";
+ }
+
+ print($javascript);
+}
+
+?>
diff --git a/packages/squidGuard/squidguard_acl.xml b/packages/squidGuard/squidguard_acl.xml
new file mode 100644
index 00000000..cd62fc2f
--- /dev/null
+++ b/packages/squidGuard/squidguard_acl.xml
@@ -0,0 +1,148 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+ <include_file>squidguard.inc</include_file>
+ <name>squidguardacl</name>
+ <title>Proxy server filter SquidGuard: Access Control List (ACL)</title>
+ <delete_string>A proxy server user has been deleted.</delete_string>
+ <addedit_string>A proxy server user has been created/modified.</addedit_string>
+ <tabs>
+ <tab>
+ <text>General settings</text>
+ <url>/pkg_edit.php?xml=squidguard.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Default</text>
+ <url>/pkg_edit.php?xml=squidguard_default.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>ACL</text>
+ <url>/pkg.php?xml=squidguard_acl.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Sources</text>
+ <url>/pkg.php?xml=squidguard_src.xml</url>
+ </tab>
+ <tab>
+ <text>Destinations</text>
+ <url>/pkg.php?xml=squidguard_dest.xml</url>
+ </tab>
+ <tab>
+ <text>Times</text>
+ <url>/pkg.php?xml=squidguard_time.xml</url>
+ </tab>
+ <tab>
+ <text>Rewrites</text>
+ <url>/pkg.php?xml=squidguard_rewr.xml</url>
+ </tab>
+ <tab>
+ <text>Log</text>
+ <url>/pkg_edit.php?xml=squidguard_log.xml</url>
+ </tab>
+ </tabs>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fieldname>source</fieldname>
+ <fielddescr>Source</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>dest</fieldname>
+ <fielddescr>Destinations</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>time</fieldname>
+ <fielddescr>Uptime</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>redirect</fieldname>
+ <fielddescr>Redirect</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>rewrite</fieldname>
+ <fielddescr>Rewrite</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <fieldname>disabled</fieldname>
+ <fielddescr>Disabled</fielddescr>
+ <description>Check this for disable this ACL rule.</description>
+ <type>checkbox</type>
+ </field>
+ <field>
+ <fieldname>source</fieldname>
+ <fielddescr>Source name</fielddescr>
+ <description>Select source name here (required). Any ACL must have unique source name.</description>
+ <required/>
+ <type>select</type>
+ </field>
+ <field>
+ <fieldname>time</fieldname>
+ <fielddescr>Time</fielddescr>
+ <type>select</type>
+ <description>Enter time name in current which this rule permitted.</description>
+ </field>
+ <field>
+ <fieldname>dest</fieldname>
+ <fielddescr>Destination</fielddescr>
+ <description></description>
+ <type>input</type>
+ <size>114</size>
+ </field>
+ <field>
+ <fieldname>redirect</fieldname>
+ <fielddescr>Redirect</fielddescr>
+ <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <type>textarea</type>
+ <cols>70</cols>
+ <rows>5</rows>
+ </field>
+ <field>
+ <fieldname>overredirect</fieldname>
+ <fielddescr>Overtime redirect</fielddescr>
+ <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <type>textarea</type>
+ <cols>70</cols>
+ <rows>5</rows>
+ </field>
+ <field>
+ <fieldname>rewrite</fieldname>
+ <fielddescr>Rewrite</fielddescr>
+ <type>select</type>
+ <description>Enter rewrite condition name for this rule, or leave blank.</description>
+ </field>
+ <field>
+ <fieldname>overrewrite</fieldname>
+ <fielddescr>Overtime rewrite</fielddescr>
+ <type>select</type>
+ <description>Enter rewrite condition name for this rule, or leave blank.</description>
+ </field>
+ <field>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ <description>You may enter a description here for your reference (not parsed).</description>
+ <type>input</type>
+ <size>114</size>
+ </field>
+ </fields>
+ <custom_php_validation_command>
+ squidguard_validate_acl(&amp;$_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_command_before_form>
+ squidguard_before_form_acl(&amp;$pkg);
+ </custom_php_command_before_form>
+ <custom_php_after_form_command>
+ squidGuard_print_javascript();
+ </custom_php_after_form_command>
+ <custom_php_resync_config_command>
+// squidguard_resync_time();
+ </custom_php_resync_config_command>
+ <custom_add_php_command>
+ </custom_add_php_command>
+ <custom_add_php_command_late>
+ </custom_add_php_command_late>
+</packagegui>
diff --git a/packages/squidGuard/squidguard_cls.inc b/packages/squidGuard/squidguard_cls.inc
new file mode 100644
index 00000000..34bf8c2a
--- /dev/null
+++ b/packages/squidGuard/squidguard_cls.inc
@@ -0,0 +1,1176 @@
+<?php
+# ---------------------------------------------------------------------------------------------------------------------~
+/* squidguard_cls.inc
+ (C)2006 Serg Dvoriancev
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+# ---------------------------------------------------------------------------------------------------------------------
+# SquidGuardConfigClass
+# Generator SquidGuard configuration
+# email: dv_serg@mail.ru
+# ---------------------------------------------------------------------------------------------------------------------
+# squidGuard command:
+# squidGuard -C all - apdate database
+# squidGuard -c <configfile> - create squidGuard with specified config file
+# ---------------------------------------------------------------------------------------------------------------------
+# Directories:
+# work path - $workdir
+# log path - $workdir + $logdir
+# ---------------------------------------------------------------------------------------------------------------------
+
+define('FILES_DB_HEADER', '
+# -----------------------------------------------------------------------------
+# File created by squidGuard package GUI
+# (C)2006 Serg Dvoriancev
+# -----------------------------------------------------------------------------
+');
+
+define('ACL_WARNING_ABSENSE_PASS', "!WARNING! Absence PASS 'all' or 'none' added as 'none'");
+
+# ---------------------------------------------------------------------------------------------------------------------
+define('REDIRECTOR_OPTIONS_REM', '# squidGuard options');
+define('REDIRECTOR_PROGRAM_OPT', 'redirect_program');
+define('REDIRECT_BYPASS_OPT', 'redirector_bypass');
+define('REDIRECT_CHILDREN_OPT', 'redirect_children');
+define('REDIRECTOR_PROCESS_COUNT', '3');
+define('SQUID_CONFIG_FILE', '/usr/local/etc/squid/squid.conf');
+define('SQUIDGUARD_CONFIG_FILE', '/squidGuard.conf');
+define('TMP_DIR', '/var/tmp');
+define('SQUIDGUARD_LOG_FILE', '/squidGuard_webgui.log');
+define('SQUIDGUARD_ACCESSBLOCK_FILE', 'squidguard_accessblock.log');
+define('SQUIDGUARD_BLK_ENTRIES', '/squidguard_blk_entries.ini');
+define('BLACKLIST_ARCHIVE', '/blacklists.tar.gz');
+
+define('REDIRECT_BASE_URL', 'http://10.62.0.3/sgerror.php');
+
+// debug options
+define('DEBUG_UPDATE_SQUID_CONF', 'true');
+define('DEBUG_UPDATE_SQUIDGUARD_DB', 'true');
+define('DEBUG_MAKE_SQUIDGUARD_CONFIG', 'true');
+
+define('SQUIDGUARD_LOG_DIR', '/log');
+define('SQUIDGUARD_BACKUP_DIR', '/backup');
+
+// options
+define('SQUIDGUARD_LOG_MAX_COUNT', '500'); // max log lines
+
+define('FLT_AD', 'ads');
+define('FLT_AGGRESSIVE', 'aggressive');
+define('FLT_AUDIOVIDEO', 'audio-video');
+define('FLT_DRUGGS', 'druggs');
+define('FLT_GAMBLING', 'gambling');
+define('FLT_HACKING', 'hacking');
+define('FLT_MAIL', 'mail');
+define('FLT_PORN', 'porn');
+define('FLT_PROXY', 'proxy');
+define('FLT_VIOLENCE', 'viol');
+define('FLT_WAREZ', 'warez');
+
+define('FLT_DEFAULT_ALL', 'all');
+
+define('OWNER_NAME', 'proxy'); // owner user name
+
+define('DEBUG_ON', 'true');
+# ------------------------------------------------------------------------------
+#
+# ------------------------------------------------------------------------------
+function scan_dir($dir) {
+ $files = array();
+ if (file_exists($dir)) {
+ $dh = opendir($dir);
+ while (false !== ($filename = readdir($dh)))
+ $files[] = $filename;
+ sort($files);
+ }
+ return $files;
+}
+
+function std_blacklist_get_description() {
+ $dst_std = array();
+ $dst_std[FLT_AD] = 'Reclama & banners filter';
+ $dst_std[FLT_AGGRESSIVE] = 'Agressive content sites filter';
+ $dst_std[FLT_AUDIOVIDEO] = 'Audio and Video sites filter';
+ $dst_std[FLT_DRUGGS] = 'Druggs filter';
+ $dst_std[FLT_GAMBLING] = 'Games sites filter';
+ $dst_std[FLT_HACKING] = 'Hacking sites filter';
+ $dst_std[FLT_MAIL] = 'Mail sites filter';
+ $dst_std[FLT_PORN] = 'Porno sites filter';
+ $dst_std[FLT_PROXY] = 'Proxy sites filter';
+ $dst_std[FLT_VIOLENCE] = 'Violence content sites filter';
+ $dst_std[FLT_WAREZ] = 'Wares, soft, downloads sites filter';
+ return $dst_std;
+}
+
+# ------------------------------------------------------------------------------
+
+class SquidGuardConfigClass {
+ // variables
+ var $work_dir;
+ var $dbhome;
+ var $bin_path;
+ var $log_dir; // $work_dir + SQUIDGUARD_BACKUP_DIR
+ var $log_file; // $log_dir + SQUIDGUARD_LOG_FILE
+
+ var $enabled;
+ var $blacklist_enabled;
+
+ var $debug_history;
+
+ // objects
+ var $sources;
+ var $dests;
+ var $blacklist;
+ var $times;
+ var $rewr;
+ var $acls;
+ var $acldef;
+ var $enable_deflog; // TODO: check for delete
+
+ // temporary objects
+ var $expr; // temporary expressions list - not apply to config!
+ var $redir; // temporary expressions list - not apply to config!
+
+ function __construct() {
+ $this->work_dir = '';
+ $this->dbhome = '';
+ $this->bin_path = '';
+ $this->log_dir = '';
+ $this->log_file = '';
+ $this->init();
+ }
+
+ function init() {
+ $this->enabled = true;
+ $thus->blacklist_enabled = true;
+
+ $this->acls = Array();
+ $this->enable_deflog = '';
+ $this->acldef = new ACLClass();
+ $this->acldef->ini("default", "", "default acl");
+ $this->acldef->assign("all");
+
+ $this->redir = Array();
+ $this->expr = Array();
+ $this->rewr = Array();
+ $this->times = Array();
+ $this->sources = Array();
+ $this->dests = Array();
+ $this->blacklist = Array();
+
+ // log
+ $this->add_log("Init squidGuard object.");
+ }
+
+ function set_options($bin_path, $work_dir, $dbhome) {
+ $this->bin_path = $bin_path;
+ $this->work_dir = $work_dir;
+ $this->dbhome = $dbhome;
+
+ $this->backup_dir = $work_dir . SQUIDGUARD_BACKUP_DIR;
+ $this->log_dir = $work_dir . SQUIDGUARD_LOG_DIR;
+ $this->log_file = $this->log_dir . SQUIDGUARD_LOG_FILE;
+
+ // log
+ $this->add_log("Set bin path " . $this->bin_path, DEBUG_ON);
+ $this->add_log("Set work path " . $this->work_dir, DEBUG_ON);
+ $this->add_log("Set db path " . $this->dbhome, DEBUG_ON);
+
+ $this->update();
+ }
+
+ function update() {
+ $this->add_log("Update squidGuard object.");
+
+ // check work_dir, log_dir & create if not exists
+ if (!empty($this->work_dir)) {
+ $this->add_log("Check work directory.");
+ // check dir's
+ if (!file_exists($this->work_dir)) {
+ mwexec("mkdir " . $this->work_dir);
+ $this->add_log("Create work dir " . $this->work_dir, DEBUG_ON);
+ }
+ if (!file_exists($this->log_dir)) {
+ mwexec("mkdir " . $this->log_dir);
+ $this->add_log("Create log dir " . $this->log_dir, DEBUG_ON);
+ }
+ // set access right
+ set_file_access($this->work_dir, OWNER_NAME, 0755);
+ }
+
+ // check squidguard db
+ if (!empty($this->dbhome)) {
+ $this->add_log("Check db directory.");
+ if (!file_exists($this->dbhome)) {
+ mwexec("mkdir " . $this->dbhome);
+ $this->add_log("Create db dir " . $this->dbhome, DEBUG_ON);
+ }
+ // set access right
+ set_file_access($this->dbhome, OWNER_NAME, 0755);
+ }
+
+ // load blacklist configuration
+ if ($this->blacklist_enabled) {
+ $this->add_log("Load blacklist configuration.");
+
+ if (file_exists($this->work_dir . SQUIDGUARD_BLK_ENTRIES)) {
+ $db_items = array();
+ $blk_entries = explode("\n", file_get_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES));
+
+ // check files as dir's
+ $std_blk = std_blacklist_get_description();
+ foreach($blk_entries as $df) {
+ if (($df != ".") && ($df != "..") && (is_dir($this->dbhome . "/" . $df))) {
+ $this->add_blacklist($df, $str_blk[$df]);
+ $this->add_log("Create $df", DEBUG_ON);
+ }
+ }
+ }
+ else $this->add_log("File " . $this->work_dir . SQUIDGUARD_BLK_ENTRIES . " not found.");
+ }
+ else $this->add_log("Blacklist disabled.");
+ }
+
+ function reconfigure() { // TODO: check restart function order
+ $this->update();
+
+ // check and rebuild squidguard db
+ $this->add_log("Reconfigure squidGuard object");
+ $this->update_destination_files();
+ $this->remove_unused_db_entries();
+
+ // update only user dest items; blacklist rebuilded with when updated
+ if(!empty($this->dests)){
+ $dblist = array();
+ foreach($this->dests as $dst)
+ $dblist[] = $dst->name;
+ $this->rebuild_squidguard_db($dblist);
+ }
+ // generate squidGuard config
+ $this->add_log("Generate squidGuard config.");
+ $conf = $this->make_config();
+ file_put_contents($this->work_dir . SQUIDGUARD_CONFIG_FILE, $conf);
+ file_put_contents('/usr/local/etc/squid' . SQUIDGUARD_CONFIG_FILE, $conf); // << my squidGuard want config '/usr/local/etc/squid' by default
+ set_file_access($this->work_dir, OWNER_NAME, 0755);
+
+ // update squid config
+ $this->update_squid_conf();
+
+ // restart squid - squid automaticly restart redirector too
+ mwexec('squid');
+ if (!mwexec('killall -HUP squid'))
+ $this->add_log("Restart squid .. success.");
+ else $this->add_log("Restart squid .. error.");
+ }
+
+ # --------------------------------------------------------------------------------------------------------------
+ # BLACKLIST
+ # If backup list set 'disable' - all his entries not used for filtering
+ # --------------------------------------------------------------------------------------------------------------
+
+ #
+ # Update blacklist db from file
+ #
+ function update_blacklist($upload_file) {
+ $this->add_log("Upload file $upload_file.");
+ if ($upload_file) {
+ // 1. unpack blacklist file
+ $this->add_log("Unpack file $upload_file .. ");
+ $bl_temp = '/var/tmp/blacklists';
+ if (!mwexec('tar zxvf ' . $upload_file . ' -C /var/tmp/'))
+ $this->add_log("Success.");
+ else $this->add_log("Error!");
+
+ // 2. copy blacklist to squidGuard base
+ if (file_exists($bl_temp)) {
+ $this->add_log("Copy files to db.. ");
+
+ // - copy blacklist & create entries list
+ $blk_files = scan_dir($bl_temp);
+ $blk_entries = array();
+ foreach($blk_files as $bf) {
+ if (($bf != '.') && ($bf != '..')) {
+ $blk_entries[] = $bf;
+ if (!mwexec("cp -Rf $bl_temp/$bf " . $this->dbhome)) {
+ $this->add_log(" copy $bf success.");
+ } else $this->add_log(" copy $bl_temp/$bf -> $this->dbhome error.");
+ }
+ }
+
+ // create entries list
+ if (count($blk_entries)) {
+ file_put_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES, implode("\n", $blk_entries));
+ set_file_access($this->work_dir . SQUIDGUARD_BLK_ENTRIES, OWNER_NAME, 0755);
+ }
+ $this->remove_unused_db_entries();
+
+ // clearing temp
+ mwexec("rm -R $bl_temp");
+ }
+ set_file_access($this->dbhome, OWNER_NAME, 0755);
+ }
+ }
+
+ #
+ # remove unused DB entries
+ #
+ function remove_unused_db_entries() {
+ $this->add_log("Remove unused db entries.");
+ $db_entries = array();
+ $file_list = '';
+ // blk entries
+ if (file_exists($this->work_dir . SQUIDGUARD_BLK_ENTRIES)) {
+ $db_entries = explode("\n", file_get_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES));
+
+ // user entries
+ foreach($this->dests as $dst)
+ $db_entries[] = $dst->name;
+
+ $file_list = scan_dir($this->dbhome);
+ $file_for_del = array_diff($file_list, $db_entries);
+
+ foreach($file_for_del as $fd) {
+ $file_fd = $this->dbhome . "/" . $fd;
+ if (($fd != "") && ($fd != ".") && ($fd != "..")) {
+ if (file_exists($file_fd)) {
+ if (!mwexec("rm -R . $file_fd"))
+ $this->add_log("Delete $file_fd");
+ else $this->add_log("Error delete $file_fd");
+ } else $this->add_log("File $file_fd not found");
+ }
+ }
+ }
+
+ }
+
+ #
+ # Update squidGuard DB from user defined destinations
+ #
+ function update_destination_files() {
+ $this->add_log("Update destination files to db.");
+ if(!empty($this->dests)){
+ foreach($this->dests as $dst) {
+ $log = $dst->update_destination_files($this->dbhome);
+ $this->add_log($log);
+ }
+ }
+ $this->add_log($log);
+ set_file_access($this->dbhome, OWNER_NAME, 0755);
+ }
+
+ #
+ # rebuild db: All ($dblist == '') or from listing ($dblist is array)
+ #
+ function rebuild_squidguard_db($dblist='') {
+
+ set_file_access($this->dbhome, OWNER_NAME, 0755); // before
+
+ $this->add_log("Start rebuild database.");
+ if (is_array($dblist)) {
+ foreach($dblist as $dbn) {
+ if (($dbn !== ".") && ($dbn !== "..") && file_exists($this->dbhome . "/$dbn")) {
+ if (!mwexec($this->bin_path . "/squidGuard -C"))// $dbn"))
+ $this->add_log("Rebuild $dbn - success.");
+ else $this->add_log("Rebuild $dbn - error.");
+ } else
+ $this->add_log("Error rebuild database! Dir " . $this->dbhome . "/$dbn not found.");
+ }
+ } else {
+ // rebuild squidGuard DB
+ // -C - create db files; -u - update '.diff' files to db
+ if (!mwexec($this->bin_path . '/squidGuard -C all')/* &&
+ !mwexec($this->bin_path . '/squidGuard -u')*/)
+ $this->add_log("Rebuild all db - success.");
+ else $this->add_log("Rebuild all db - error!");
+ }
+ // set_file_access($this->dbhome, OWNER_NAME, 0755); // after
+ }
+
+ // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ // Insert to '/usr/local/squid/etc/squid.conf' options:
+ // redirector_bypass on
+ // redirect_program /usr/local/squidGuard/bin/squidGuard -c /path_to_config_file
+ // redirect_children 1
+ // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ // Command for restart squid with all redirectors
+ // # killall -HUP squid
+ // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+ function update_squid_conf() {
+ $this->add_log("Update 'squid.conf' file");
+ $opt = '';
+ $squid_conf_file = SQUID_CONFIG_FILE;
+ $redirector_path = $this->bin_path . '/squidGuard';
+ $redirector_conf = $this->work_dir . SQUIDGUARD_CONFIG_FILE;
+ $this->add_log("Redirector path=$redirector_path", DEBUG_ON);
+
+ // update squid.conf file
+ if (file_exists($squid_conf_file)) {
+ $conf = file_get_contents($squid_conf_file);
+
+ // remove redirector options from 'squid.conf'
+ $conf = explode("\n", $conf);
+ for($i=0; $i<count($conf); $i++) {
+ $s = trim($conf[$i]);
+ if (strpos($s, REDIRECTOR_OPTIONS_REM) === 0) $conf[$i] = '';
+ if (strpos($s, REDIRECTOR_PROGRAM_OPT) === 0) $conf[$i] = '';
+ if (strpos($s, REDIRECT_BYPASS_OPT) === 0) $conf[$i] = '';
+ if (strpos($s, REDIRECT_CHILDREN_OPT) === 0) $conf[$i] = '';
+ }
+ $conf = implode("\n", $conf);
+ $conf = rtrim($conf);
+
+ if ($this->enabled) {
+ // add redirector options from 'squid.conf'
+ $conf .= "\n";
+ $conf .= "\n" . REDIRECTOR_OPTIONS_REM;
+ $conf .= "\n" . REDIRECTOR_PROGRAM_OPT . " $redirector_path -c $redirector_conf";
+ $conf .= "\n" . REDIRECT_BYPASS_OPT . ' on';
+ $conf .= "\n" . REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT;
+ }
+ $conf .= "\n";
+ file_put_contents($squid_conf_file, $conf);
+ }
+ else {
+ $this->add_log("File '$squid_conf_file' not found");
+ }
+ }
+
+ # -------------------------------------------------------------------------------------------------------------
+ # Operations
+ # -------------------------------------------------------------------------------------------------------------
+
+ function set_default_acl($time, $desc,
+ $ontime_rule, /*[pass][$rewr][$redir][$log]*/
+ $overtime_rule = '', /*[$overpass][$overrew][$overredir][$overlog]*/
+ $disabled = '', $enable_deflog = '')
+ {
+ $this->enable_deflog = $enable_deflog;
+ $this->acldef->ini("default", $time, $desc, $disabled);
+ if (is_array($ontime_rule))
+ $this->acldef->assign($ontime_rule['pass'], $ontime_rule['redirect'], $ontime_rule['rewrite'], $ontime_rule['log']);
+
+ if (is_array($overtime_rule))
+ $this->acldef->assign_over($overtime_rule['pass'], $overtime_rule['redirect'], $overtime_rule['rewrite'], $overtime_rule['log']);
+ }
+
+ function & add_acl($src_name, $time, $desc,
+ $ontime_rule, /*[pass][$rewr][$redir][$log]*/
+ $overtime_rule = '', /*[$overpass][$overrew][$overredir][$overlog]*/
+ $disabled = '')
+ {
+ $item = new ACLClass();
+ $item->ini($src_name, $time, $desc, $disabled);
+ if (is_array($ontime_rule))
+ $item->assign($ontime_rule['pass'], $ontime_rule['redirect'], $ontime_rule['rewrite'], $ontime_rule['log']);
+
+ if (is_array($overtime_rule))
+ $item->assign_over($overtime_rule['pass'], $overtime_rule['redirect'], $overtime_rule['rewrite'], $overtime_rule['log']);
+
+ $this->acls[$src_name] = $item;
+ return $this->acls[$src_name];
+ }
+
+ function del_acl($name, $time, $desc) {
+ $this->acls[$name] = '';
+ }
+
+ function & add_src($name, $ip, $desc, $enablelog) {
+ $item = new SrcClass();
+ $item->ini($name, $ip, $desc, $enablelog);
+ $this->sources[$name] = $item;
+ return $this->sources[$name];
+ }
+
+ function del_src($name) {
+ $this->sources[$name] = "";
+ }
+
+ function & add_dest($name, $domains, $urls, $expr, $redir, $desc, $enablelog) {
+ $item = new DestClass();
+ $item->ini($name, $domains, $urls, $expr, $redir, $desc, $enablelog);
+ $this->dests[$name] = $item;
+ return $this->dests[$name];
+ }
+
+ function del_dest($name) {
+ $this->dests[$name] = "";
+ }
+
+ function & add_blacklist($name, $desc) {
+ $item = new DestClass();
+ $item->ini($name, "", "", "", "", $desc);
+ $this->blacklist[$name] = $item;
+ return $this->blacklist[$name];
+ }
+
+ function & add_time($name, $desc) {
+ $item = new TimeClass();
+ $item->ini($name, $desc);
+ $this->times[$name] = $item;
+ return $this->times[$name];
+ }
+
+ function del_time($name) {
+ $this->times[$name] = "";
+ }
+
+ function & add_rewrite($name, $desc, $enablelog) {
+ $item = new RewrClass();
+ $item->ini($name, $desc, $enablelog);
+ $this->rewr[$name] = $item;
+ return $this->rewr[$name];
+ }
+
+ function del_rewrite($name) {
+ $this->rewr[$name] = '';
+ }
+
+ function goto_dir($workdir, $subdir) {
+ $res = false;
+ $dir = @chdir($workdir);
+ if ($dir) { // workdir exists
+ $dir = "$workdir \\ $subdir";
+ if (@chdir($dir)) // dir exists
+ $res = true;
+ elseif (@mkdir($dir, 0755)) // need create dir
+ $res = true;
+ else $this->add_log("ERROR: Can't create dir $dir");
+ } else $this->add_log("ERROR: Work path $workdir not found.");
+ return $res;
+ }
+
+ #
+ # Make config
+ #
+ function make_config() {
+ $conf = '';
+ // header
+ // =================================================================================================================
+ $conf .= "\n# " . str_repeat("=", 119);
+ $conf .= "\n# SquidGuard configuration file";
+ $conf .= "\n# ";
+ $conf .= "\n# This file generated automaticly with SquidGuardClass";
+ $conf .= "\n# ";
+ $conf .= "\n# SquidGuardConfigClass (C)2006 Serg Dvoriancev";
+ $conf .= "\n# email: dv_serg@mail.ru";
+ $conf .= "\n# ";
+ $conf .= "\n# " . str_repeat("=", 119);
+ $conf .= "\n";
+ // =================================================================================================================
+
+ if(!empty($this->log_dir))
+ $conf .= "\nlogdir " . $this->log_dir;
+
+ if(!empty($this->dbhome))
+ $conf .= "\ndbhome " . $this->dbhome;
+
+ $conf .= "\n";
+
+ // make times
+ if(!empty($this->times)){
+ foreach($this->times as $time) {
+ $conf .= $time->make_config($this);
+ }
+ }
+
+ // make sources
+ if(!empty($this->sources)){
+ foreach($this->sources as $src) {
+ $conf .= $src->make_config($this);
+ }
+ }
+
+ // make blacklist
+ $conf .= "\n# Blacklist";
+ if($this->blacklist_enabled) {
+ if (!empty($this->blacklist)) {
+ foreach($this->blacklist as $dest)
+ $conf .= $dest->make_config($this);
+ } else $conf .= "\n# Blacklist empty\n";
+ } else $conf .= "\n# Blacklist disabled\n";
+
+ // make destinations
+ $conf .= "\n# User destinations";
+ if(!empty($this->dests)){
+ foreach($this->dests as $dest) {
+ $conf .= $dest->make_config($this);
+ }
+ }
+
+ // make rewrites
+ if (!empty($this->rewr)) {
+ foreach($this->rewr as $rewr) {
+ $conf .= $rewr->make_config($this);
+ }
+ }
+
+ // make acls
+ $conf .= "\nacl {";
+ if (!empty($this->acls)) {
+ foreach($this->acls as $acl) {
+ $conf .= $acl->make_config($this);
+ }
+ }
+ $conf .= $this->acldef->make_config($this);
+ $conf .= "\n }";
+
+ return $conf;
+ }
+
+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ # Log
+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ function add_log($str, $is_debug = '') {
+
+ // if set $is_debug as value, but ($is_debug != 'on') then return
+ // this defined for include debug info to log;
+ // add_log('str') - simple log, add_log('str', 'on') - debig log;
+ // looking constant 'DEBUG_ON'
+ if ($is_debug && ($is_debug != 'on')) return;
+
+ if (file_exists($this->log_dir)) {
+ if (file_exists($this->log_file))
+ $log = file_get_contents($this->log_file);
+ $log = explode("\n", $log);
+
+ $s = trim($str);
+ if (!empty($s)) $log[] = date("d.m.Y H:i:s") . ": $s";
+
+ // check log lines count
+ while(count($log) > SQUIDGUARD_LOG_MAX_COUNT) :
+ $log = array_shift($log);
+ endwhile;
+
+ if ($log)
+ $log = implode("\n", $log);
+ file_put_contents($this->log_file, $log);
+ set_file_access($this->log_file, OWNER_NAME, 0755);
+ }
+ }
+
+ function get_log() {
+ $log = '';
+ if (file_exists($this->log_file))
+ $log = file_get_contents($this->log_file);
+ return $log;
+ }
+
+ function get_log_html() {
+ $log = $this->get_log();
+ return str_replace("\n", "<br>", $this->get_log());
+ }
+
+ function test_work($urls_src) {
+ $result = '';
+ $urls = '';
+ if (is_array($urls_src))
+ $urls = implode("\n", $urls_src);
+ else $urls = $urls_src;
+ $test_file = "/var/tmp/test.urls";
+ file_put_contents($test_file, $urls);
+ $result = exec ("/usr/local/bin/squidGuard < $test_file");
+ file_put_contents("$test_file.result", $result);
+ return $result;
+ }
+
+}
+
+// =====================================================================================================================
+// RewrClass
+// =====================================================================================================================
+
+class RewrClass {
+ var $name;
+ var $desc;
+ var $rewrites;
+ var $enablelog;
+
+ function __construct() {
+ $this->name = '';
+ $this->desc = '';
+ $this->rewrites = Array();
+ $this->enablelog = '';
+ }
+
+ function ini($name, $desc, $enablelog = '') {
+ $this->name = $name;
+ $this->desc = $desc;
+ $this->enablelog = $enablelog;
+ }
+
+ function add_item($target_url, $replace_to, $case_ins='', $http_301='', $http_302='') {
+ $item .= "s@$target_url@$replace_to@";
+ if (!empty($case_ins)) $item .= 'i';
+ if (!empty($case_ins)) $item .= 'r'; // TODO: r and R - check work options?
+ if (!empty($case_ins)) $item .= 'R'; // -//-
+ $this->rewrites[] = $item;
+ }
+
+ function make_config($owner) {
+ $name = $this->name;
+ $desc = $this->desc;
+ $enablelog = $this->enablelog;
+ $conf = '';
+ $conf .= "\nrew $name { ";
+ if (!empty($desc))
+ $conf .= "\t# $desc";
+
+ if (is_array($this->rewrites)) {
+ foreach($this->rewrites as $rew) {
+ $conf .= "\n $rew";
+ }
+ }
+ if ($enablelog)
+ $conf .= "\n log = $name";
+ $conf .= "\n }";
+ $conf .= "\n";
+ return $conf;
+ }
+}
+
+class TimeClass {
+ var $name;
+ var $items;
+ var $desc;
+
+ function __construct() {
+ $this->name = '';
+ $this->desc = '';
+ $this->items = Array();
+ }
+
+ function ini($name, $desc) {
+ $this->name = $name;
+ $this->desc = $desc;
+ }
+
+ function & add_date($daterange, $timerange) {
+ $item = new TimeItem();
+ $item->ini("date", '', $daterange, $timerange);
+ $this->items[] = $item;
+// return $this->items[count($this->items-1)];
+ }
+
+ function & add_weekly($days, $timerange) {
+ $item = new TimeItem();
+ $item->ini("weekly", $days, '', $timerange);
+ $this->items[] = $item;
+// return $this->items[count($this->items-1)];
+ }
+
+ function make_config($owner) {
+ $conf = '';
+ $name = $this->name;
+ $desc = $this->desc;
+ $conf .= "\ntime $name { ";
+ if ($desc != "")
+ $conf .= "\t# $desc";
+ if (is_array($this->items)) {
+ foreach($this->items as $item) {
+ $type = $item->type;
+ $days = $item->days;
+ $dates = $item->dates;
+ $hours = $item->hours;
+ if ($item->type == "date")
+ $conf .= "\n date $dates $hours";
+ else $conf .= "\n weekly $days $hours";
+ }
+ }
+ $conf .= "\n }";
+ $conf .= "\n";
+ return $conf;
+ }
+}
+
+class TimeItem {
+ var $type;
+ var $days;
+ var $dates;
+ var $hours;
+
+ function __construct() {
+ $this->type = '';
+ $this->days = '';
+ $this->dates = '';
+ $this->hours = '';
+ }
+
+ function ini($type, $days, $dates, $hours) {
+ $this->type = $type;
+ $this->days = $days;
+ $this->dates = $dates;
+ $this->hours = $hours;
+ }
+}
+
+class DestClass {
+ var $name;
+ var $domains; // array
+ var $urls; // array
+ var $expr; // array
+ var $redir;
+ var $desc;
+ var $enablelog;
+
+ function __construct() {
+ $this->name = '';
+ $this->domains = array();
+ $this->urls = array();
+ $this->expr = array();
+ $this->redir = '';
+ $this->desc = '';
+ $this->enablelog = '';
+ }
+
+ function ini($name, $domains, $urls, $expr, $redir, $desc, $enablelog = '') {
+ $this->name = $name;
+ $this->domains = explode(' ', $domains);
+ $this->urls = explode(' ', $urls);
+ $this->expr = explode(' ', $expr);
+ $this->redir = $redir;
+ $this->desc = $desc;
+ $this->enablelog = $enablelog;
+ }
+
+ // create custom destination files
+ function update_destination_files($dbcatalog) {
+ $log = "\n\nUpdate destination file " . $this->name;
+ $path = $dbcatalog . '/' . $this->name . '/';
+ $log .= "\npath = $path";
+
+ // 1 - set/check destination catalog
+ if (!file_exists($path)) {
+ if (!mkdir ($path, 0755)) {
+ $log .= "\nError create dir $path";
+ return $log; // error create dir
+ } else $log .= "\nCreate dir.";
+ }
+
+ // 2 - build domains file
+ if (!empty($this->domains)) {
+ $content = '';
+ foreach($this->domains as $dm) {
+ $content .= "\n$dm";
+ }
+
+ $content = trim($content);
+ if (!empty($content)) {
+ file_put_contents($path . '/domains', $content);
+ $log .= "\nadd domains";
+ }
+ }
+
+ // 3 - build urls file
+ if (!empty($this->urls)) {
+ $content = '';
+ foreach($this->urls as $url) {
+ $content .= "\n$url";
+ }
+
+ $content = trim($content);
+ if (!empty($content)) {
+ file_put_contents($path . '/urls', $content);
+ $log .= "\nadd urls";
+ }
+ }
+
+ // 4 - build expression file
+ if (!empty($this->expr)) {
+ $content = '';
+ foreach($this->expr as $ex) {
+ $content .= "\n$ex";
+ }
+
+ $content = trim($content);
+ if (!empty($content)) {
+ file_put_contents($path . '/expressions', $content);
+ $log .= "\nadd expressions";
+ }
+ }
+
+ return $log;
+ }
+
+ function make_config($owner) {
+ $file = '';
+ $conf = '';
+ $name = $this->name;
+ $dbhome = $owner->dbhome;
+ $domains = $this->domains;
+ $urls = $this->urls;
+ $expr = $this->expr;
+ $redir = $this->redir;
+ $desc = $this->desc;
+ $enablelog = $this->enablelog;
+
+ $conf .= "\ndest $name { ";
+
+ # description
+ if ($desc != "")
+ $conf .= "\t# $desc";
+
+ # domains
+ if ($domains != "") {
+ $file = $dbhome . "/$name/domains";
+ if (file_exists($file))
+ $conf .= "\n domainlist $name/domains";
+ }
+
+ # expressions
+ if ($expr != "") {
+ $file = $dbhome . "/$name/expressions";
+ if (file_exists($file))
+ $conf .= "\n expressionlist $name/expressions";
+ }
+
+ # urls
+ if ($urls != "") {
+ $file = $dbhome . "/$name/urls";
+ if (file_exists($file))
+ $conf .= "\n urllist $name/urls";
+ }
+
+ if ($redir != "")
+ $conf .= "\n redirect $redir";
+
+ if ($enablelog)
+ $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE;
+
+ $conf .= "\n }";
+ $conf .= "\n";
+
+ return $conf;
+ }
+}
+
+class SrcClass {
+ var $name;
+ var $ip;
+ var $domain;
+ var $users;
+ var $desc;
+ var $enablelog;
+
+ function __construct() {
+ $this->name = '';
+ $this->ip = '';
+ $this->domain = '';
+ $this->desc = '';
+ $this->enablelog = '';
+ $this->users = Array();
+ }
+
+ function ini($name, $ip, $desc, $enablelog = '') {
+ $this->name = $name;
+ $this->ip = $ip;
+ $this->domain = '';
+ $this->desc = $desc;
+ $this->enablelog = $enablelog;
+ }
+
+ function make_config($owner) {
+ $conf = '';
+ $name = $this->name;
+ $ip = $this->ip;
+ $desc = $this->desc;
+ $enablelog = $this->enablelog;
+ $conf .= "\nsrc $name { ";
+ if ($desc != "")
+ $conf .= "\t# $desc";
+ $conf .= "\n ip $ip";
+ if ($enablelog)
+ $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE;
+ $conf .= "\n }";
+ $conf .= "\n";
+ return $conf;
+ }
+}
+
+class ACLClass {
+ var $src;
+ var $time;
+ var $desc;
+ var $disabled;
+
+ var $pass; // pass array. if last item = 'all' then 'pass all' or 'pass none'
+ var $redir;
+ var $rewr;
+ var $log;
+
+ var $over_pass; // array of overtime dest's
+ var $over_redir;
+ var $over_rewr;
+ var $over_log;
+
+ function __construct() {
+ $this->src = '';
+ $this->time = '';
+ $this->desc = '';
+ $this->disabled = '';
+ }
+
+ function ini($src, $time, $desc, $disabled='') {
+ $this->src = $src;
+ $this->time = $time;
+ $this->desc = $desc;
+ $this->disabled = $disabled;
+ }
+
+ function assign($pass, $redir='', $rewr='', $log='') {
+ $this->pass = $pass;
+ // check and fix absence of "all" and "none"
+ if (!empty($pass) && (substr_count($pass, "all") == 0) && (substr_count($pass, "none") == 0)) {
+ $this->pass .= " none";
+ $this->desc .= " <Uptime> " . ACL_WARNING_ABSENSE_PASS . " ";
+ }
+
+ $this->redir = $redir;
+ $this->rewr = $rewr;
+ $this->log = $log;
+ }
+
+ function assign_over($pass, $redir='', $rewr='', $log='') { // used only if assigned time
+ $this->over_pass = $pass;
+ // check and fix absence of "all" and "none"
+ if (!empty($pass) && (substr_count($pass, "all") == 0) && (substr_count($pass, "none") == 0)) {
+ $this->over_pass .= " none";
+ $this->desc .= " <Overtime> " . ACL_WARNING_ABSENSE_PASS;
+ }
+
+ $this->over_redir = $redir;
+ $this->over_rewr = $rewr;
+ $this->over_log = $log;
+ }
+
+ function make_config($owner) {
+ $conf = '';
+ $src = $this->src;
+ $time = $this->time;
+ $desc = $this->desc;
+
+ // if item disabled - skip make_config
+ if ($this->disabled == 'on') {
+ $conf .= "\n\n # rule $src disabled";
+ return $conf;
+ }
+
+ $conf .= "\n";
+ $conf .= "\n $src $time { ";
+ if (!empty($desc))
+ $conf .= "\t# $desc";
+ $err_comment = '';
+ $pass = $this->pass;
+ if (is_array($pass)) {
+ // check dest's
+ foreach ($pass as $dst) {
+ if (($dst != 'all') && ($dst != 'none')) {
+ $obj = $owner->dests[$dst];
+ if (!is_object($obj)) $err_comment .= " $dst";
+ }
+ }
+ $err_comment .= "***!!!***";
+ if (!empty($err_comment))
+ $err_comment .= " error: dest's '$err_comment' not found";
+ $pass = implode(" ", $pass);
+ }
+
+ $conf .= "\n pass $pass";
+ if (!empty($err_comment)) $conf .= " # $err_comment";
+ unset($err_comment);
+
+ $redir = $this->redir;
+ if (!empty($redir)) {
+ $rstr = strtolower(trim($redir));
+ if ((strpos($rstr, 'http://') !== false) ||
+ (strpos($rstr, 'https://') !== false) ||
+ (strpos($rstr, 'ftp://') !== false))
+ $conf .= "\n redirect " . REDIRECT_BASE_URL . "?url=" . $rstr;
+ else $conf .= "\n redirect " . REDIRECT_BASE_URL . "?msg=" . urlencode($redir);
+ }
+
+ $rewr = $this->rewr;
+ if (!empty($rewr)) {
+ // check redirection name for exists
+ $err_comment = '';
+ $obj = $owner->rewr[$rewr];
+ if (empty($obj) || !is_object($obj))
+ $err_comment = " rewrite '$rewr' not found";
+
+ $conf .= "\n rewrite $rewr # $err_comment";
+ }
+
+ $log = $this->log;
+ if (!empty($log) && ($src=='default'))
+ $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE;
+
+ $conf .= "\n }";
+
+ // alternative
+ $pass = $this->over_pass;
+ $redir = $this->over_redir;
+ $rewr = $this->over_rewr;
+ $log = $this->over_log;
+ if (!empty($time) && !empty($pass)) {
+ $conf .= " else {";
+ $conf .= "\n pass $pass";
+ if (empty($this->pass) || ($this->pass[count($this->pass) - 1] != 'all'))
+ $conf .= " none";
+ if (!empty($redir))
+ $conf .= "\n redirect $redir";
+ if (!empty($rewr))
+ $conf .= "\n rewrite $rewrite";
+ // log only for default
+ if (!empty($log) && ($src=='default'))
+ $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE;
+ $conf .= "\n }";
+ }
+
+ return $conf;
+ }
+}
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# Set file access
+#
+function set_file_access($dir, $owner, $mod) {
+ chown($dir, $owner);
+ chgrp($dir, $owner);
+ chmod($dir, $mod);
+
+ if (is_dir($dir)) {
+ $hd = opendir($dir);
+ while (($item = readdir($hd)) !== false) {
+ if (($item != ".") && ($item != "..")) {
+ $path = "$dir/$item";
+ if (is_dir($path))
+ set_file_access($path, $owner, $mod);
+ else {
+ chown($path, $owner);
+ chgrp($path, $owner);
+ chmod($path, $mod);
+ }
+ }
+ }
+ }
+}
+
+?>
diff --git a/packages/squidGuard/squidguard_default.xml b/packages/squidGuard/squidguard_default.xml
new file mode 100644
index 00000000..4d118748
--- /dev/null
+++ b/packages/squidGuard/squidguard_default.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+ <include_file>squidguard.inc</include_file>
+ <name>squidguarddefault</name>
+ <title>Proxy server filter SquidGuard: Default</title>
+ <tabs>
+ <tab>
+ <text>General settings</text>
+ <url>/pkg_edit.php?xml=squidguard.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Default</text>
+ <url>/pkg_edit.php?xml=squidguard_default.xml&amp;id=0</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>ACL</text>
+ <url>/pkg.php?xml=squidguard_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Sources</text>
+ <url>/pkg.php?xml=squidguard_src.xml</url>
+ </tab>
+ <tab>
+ <text>Destinations</text>
+ <url>/pkg.php?xml=squidguard_dest.xml</url>
+ </tab>
+ <tab>
+ <text>Times</text>
+ <url>/pkg.php?xml=squidguard_time.xml</url>
+ </tab>
+ <tab>
+ <text>Rewrites</text>
+ <url>/pkg.php?xml=squidguard_rewr.xml</url>
+ </tab>
+ <tab>
+ <text>Log</text>
+ <url>/pkg_edit.php?xml=squidguard_log.xml</url>
+ </tab>
+ </tabs>
+ <fields>
+ <field>
+ <fieldname>time</fieldname>
+ <fielddescr>Default Time</fielddescr>
+ <type>select</type>
+ <description>Enter time name in current which this rule permitted.</description>
+ </field>
+ <field>
+ <fieldname>dest</fieldname>
+ <fielddescr>Default destination</fielddescr>
+ <description></description>
+ <type>input</type>
+ <size>115</size>
+ </field>
+ <field>
+ <fieldname>redirect</fieldname>
+ <fielddescr>Default Redirect</fielddescr>
+ <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <type>textarea</type>
+ <cols>70</cols>
+ <rows>5</rows>
+ </field>
+ <field>
+ <fieldname>overredirect</fieldname>
+ <fielddescr>Default overtime redirect</fielddescr>
+ <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <type>textarea</type>
+ <cols>70</cols>
+ <rows>5</rows>
+ </field>
+ <field>
+ <fieldname>rewrite</fieldname>
+ <fielddescr>Default Rewrite</fielddescr>
+ <type>select</type>
+ <description>Enter rewrite condition name for this rule, or leave blank.</description>
+ </field>
+ <field>
+ <fieldname>overrewrite</fieldname>
+ <fielddescr>Default overtime rewrite</fielddescr>
+ <type>select</type>
+ <description>Enter rewrite condition name for this rule, or leave blank.</description>
+ </field>
+ <field>
+ <fieldname>enablelog</fieldname>
+ <fielddescr>Enable log</fielddescr>
+ <type>checkbox</type>
+ <description>Check this for enable log.</description>
+ </field>
+ </fields>
+ <custom_php_validation_command>
+ squidguard_validate_acl(&amp;$_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_command_before_form>
+ squidguard_before_form_acl(&amp;$pkg);
+ </custom_php_command_before_form>
+ <custom_php_after_form_command>
+ squidGuard_print_javascript();
+ </custom_php_after_form_command>
+ <custom_add_php_command> </custom_add_php_command>
+
+ <custom_php_resync_config_command>
+// squidguard_resync();
+ </custom_php_resync_config_command>
+</packagegui>
diff --git a/packages/squidGuard/squidguard_dest.xml b/packages/squidGuard/squidguard_dest.xml
new file mode 100644
index 00000000..213a0406
--- /dev/null
+++ b/packages/squidGuard/squidguard_dest.xml
@@ -0,0 +1,147 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+ <include_file>squidguard.inc</include_file>
+ <name>squidguarddest</name>
+ <title>Proxy server filter SquidGuard: Destinations</title>
+ <delete_string>A proxy server user has been deleted.</delete_string>
+ <addedit_string>A proxy server user has been created/modified.</addedit_string>
+ <tabs>
+ <tab>
+ <text>General settings</text>
+ <url>/pkg_edit.php?xml=squidguard.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Default</text>
+ <url>/pkg_edit.php?xml=squidguard_default.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>ACL</text>
+ <url>/pkg.php?xml=squidguard_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Sources</text>
+ <url>/pkg.php?xml=squidguard_src.xml</url>
+ </tab>
+ <tab>
+ <text>Destinations</text>
+ <url>/pkg.php?xml=squidguard_dest.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Times</text>
+ <url>/pkg.php?xml=squidguard_time.xml</url>
+ </tab>
+ <tab>
+ <text>Rewrites</text>
+ <url>/pkg.php?xml=squidguard_rewr.xml</url>
+ </tab>
+ <tab>
+ <text>Log</text>
+ <url>/pkg_edit.php?xml=squidguard_log.xml</url>
+ </tab>
+ </tabs>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fieldname>name</fieldname>
+ <fielddescr>Destination name</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>domains</fieldname>
+ <fielddescr>Domain list</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>urls</fieldname>
+ <fielddescr>URL list</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>expressions</fieldname>
+ <fielddescr>Expressions</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>redir</fieldname>
+ <fielddescr>Redirect</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <fieldname>name</fieldname>
+ <fielddescr>Name</fielddescr>
+ <description>
+ You may enter name here. Name must consist of minimum 2 symbols, first from which letter. &lt;br&gt;
+ All other symbols must be [a-Z_0-9].
+ </description>
+ <type>input</type>
+ <size>90</size>
+ <required/>
+ </field>
+ <field>
+ <fieldname>domains</fieldname>
+ <fielddescr>Domains list</fielddescr>
+ <description>
+ Enter destination domains here. For separate domains names use ' '(space).
+ &lt;p&gt; &lt;b&gt;Example:&lt;/b&gt; 'mail.ru e-mail.ru yahoo.com' .
+ </description>
+ <type>textarea</type>
+ <cols>60</cols>
+ <rows>10</rows>
+ </field>
+ <field>
+ <fielddescr>Expressions</fielddescr>
+ <fieldname>expressions</fieldname>
+ <description>
+ Enter word fragments, what may be contains in destinations URL path.
+ For separate expression words use '|'.
+ &lt;p&gt; &lt;b&gt;Example:&lt;/b&gt; 'mail|casino|game' .
+ </description>
+ <type>textarea</type>
+ <cols>60</cols>
+ <rows>10</rows>
+ </field>
+ <field>
+ <fieldname>urls</fieldname>
+ <fielddescr>URLs list</fielddescr>
+ <description>
+ Enter url's here.
+ For separate urls's use ' '(space).
+ &lt;p&gt; &lt;b&gt;Example:&lt;/b&gt; 'host.com/xxx 12.10.220.125/alisa' .
+ </description>
+ <type>textarea</type>
+ <cols>60</cols>
+ <rows>10</rows>
+ </field>
+ <field>
+ <fieldname>redir</fieldname>
+ <fielddescr>Redirect</fielddescr>
+ <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <type>textarea</type>
+ <cols>60</cols>
+ <rows>5</rows>
+ </field>
+ <field>
+ <fieldname>enablelog</fieldname>
+ <fielddescr>Enable log</fielddescr>
+ <type>checkbox</type>
+ <description>Check this for enable log.</description>
+ </field>
+ <field>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ <description>You may enter a description here for your reference (not parsed).</description>
+ <type>input</type>
+ <size>90</size>
+ </field>
+ </fields>
+ <custom_php_validation_command>
+ squidguard_validate_destination($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+// squidguard_resync_time();
+ </custom_php_resync_config_command>
+ <custom_php_after_form_command>
+ squidGuard_print_javascript();
+ </custom_php_after_form_command>
+</packagegui>
diff --git a/packages/squidGuard/squidguard_log.xml b/packages/squidGuard/squidguard_log.xml
new file mode 100644
index 00000000..16f06a6a
--- /dev/null
+++ b/packages/squidGuard/squidguard_log.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+ <include_file>squidguard.inc</include_file>
+ <name>squidguardlog</name>
+ <title>Proxy server filter SquidGuard: Log</title>
+ <delete_string>A proxy server user has been deleted.</delete_string>
+ <addedit_string>A proxy server user has been created/modified.</addedit_string>
+ <tabs>
+ <tab>
+ <text>General settings</text>
+ <url>/pkg_edit.php?xml=squidguard.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Default</text>
+ <url>/pkg_edit.php?xml=squidguard_default.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>ACL</text>
+ <url>/pkg.php?xml=squidguard_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Sources</text>
+ <url>/pkg.php?xml=squidguard_src.xml</url>
+ </tab>
+ <tab>
+ <text>Destinations</text>
+ <url>/pkg.php?xml=squidguard_dest.xml</url>
+ </tab>
+ <tab>
+ <text>Times</text>
+ <url>/pkg.php?xml=squidguard_time.xml</url>
+ </tab>
+ <tab>
+ <text>Rewrites</text>
+ <url>/pkg.php?xml=squidguard_rewr.xml</url>
+ </tab>
+ <tab>
+ <text>Log</text>
+ <url>/pkg_edit.php?xml=squidguard_log.xml</url>
+ <active/>
+ </tab>
+ </tabs>
+ <fields>
+ <field>
+ <fieldname>logtype</fieldname>
+ <fielddescr>Log type</fielddescr>
+ <description>LOG</description>
+ <type>select</type>
+ <value>access_log</value>
+ <options>
+ <option><value>access_log</value><name>User access log</name></option>
+ <option><value>webgui_log</value><name>WebGUI log</name></option>
+ <option><value>squidguard_log</value><name>squidGuard log</name></option>
+ </options>
+ </field>
+
+ </fields>
+ <custom_php_command_before_form>
+ squidguard_before_form_log(&amp;$pkg);
+ </custom_php_command_before_form>
+ <custom_php_after_form_command>
+ squidGuard_print_javascript();
+ </custom_php_after_form_command>
+ <custom_php_validation_command>
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ </custom_php_resync_config_command>
+</packagegui>
diff --git a/packages/squidGuard/squidguard_rewr.xml b/packages/squidGuard/squidguard_rewr.xml
new file mode 100644
index 00000000..e5290d49
--- /dev/null
+++ b/packages/squidGuard/squidguard_rewr.xml
@@ -0,0 +1,131 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+ <include_file>squidguard.inc</include_file>
+ <name>squidguardrewrite</name>
+ <title>Proxy server filter SquidGuard: Rewrites</title>
+ <tabs>
+ <tab>
+ <text>General settings</text>
+ <url>/pkg_edit.php?xml=squidguard.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Default</text>
+ <url>/pkg_edit.php?xml=squidguard_default.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>ACL</text>
+ <url>/pkg.php?xml=squidguard_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Sources</text>
+ <url>/pkg.php?xml=squidguard_src.xml</url>
+ </tab>
+ <tab>
+ <text>Destinations</text>
+ <url>/pkg.php?xml=squidguard_dest.xml</url>
+ </tab>
+ <tab>
+ <text>Times</text>
+ <url>/pkg.php?xml=squidguard_time.xml</url>
+ </tab>
+ <tab>
+ <text>Rewrites</text>
+ <url>/pkg.php?xml=squidguard_rewr.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Log</text>
+ <url>/pkg_edit.php?xml=squidguard_log.xml</url>
+ </tab>
+ </tabs>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fieldname>name</fieldname>
+ <fielddescr>Name</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <fieldname>name</fieldname>
+ <fielddescr>Name</fielddescr>
+ <description>
+ You may enter name here. Name must consist of minimum 2 symbols, first from which letter. &lt;br&gt;
+ All other symbols must be [a-Z_0-9].
+ </description>
+ <type>input</type>
+ <required/>
+ <size>100</size>
+ </field>
+ <field>
+ <fieldname>enablelog</fieldname>
+ <fielddescr>Enable log</fielddescr>
+ <type>checkbox</type>
+ <description>Check this for enable log.</description>
+ </field>
+ <field>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ <description>You may enter a description here for your reference (not parsed).</description>
+ <type>input</type>
+ <size>100</size>
+ </field>
+ <field>
+ <fielddescr>
+ &lt;b&gt;Rewrite rule.&lt;/b&gt;&lt;br&gt;
+ Define how url will be replaced.</fielddescr>
+ <type>rowhelper</type>
+ <rowhelper>
+ <rowhelperfield>
+ <fielddescr>Target URL</fielddescr>
+ <fieldname>targeturl</fieldname>
+ <type>input</type>
+ <size>50</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Replace to</fielddescr>
+ <fieldname>replaceto</fieldname>
+ <type>input</type>
+ <size>69</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Case ins.</fielddescr>
+ <fieldname>caseins</fieldname>
+ <type>checkbox</type>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Http 301</fielddescr>
+ <fieldname>http301</fieldname>
+ <type>checkbox</type>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Http 302</fielddescr>
+ <fieldname>http302</fieldname>
+ <type>checkbox</type>
+ </rowhelperfield>
+ </rowhelper>
+ </field>
+ <field>
+ <fieldname>note</fieldname>
+ <fielddescr>Note</fielddescr>
+ <type>checkbox</type>
+ <description>
+ &lt;b&gt;Rewrite rule&lt;/b&gt;-define how url will are replaced.&lt;br&gt;
+ &lt;b&gt;Target url&lt;/b&gt;-contains destination url or his template. Url template example: */cc32e46.exe &lt;br&gt;
+ &lt;b&gt;Replace to&lt;/b&gt;-contains replacing url.
+ </description>
+ </field>
+ </fields>
+ <custom_php_after_form_command>
+ squidGuard_print_javascript();
+ </custom_php_after_form_command>
+ <custom_php_validation_command>
+ squidguard_validate_rewrite($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+// squidguard_resync_rewrite();
+ </custom_php_resync_config_command>
+</packagegui>
diff --git a/packages/squidGuard/squidguard_src.xml b/packages/squidGuard/squidguard_src.xml
new file mode 100644
index 00000000..1b79cb27
--- /dev/null
+++ b/packages/squidGuard/squidguard_src.xml
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+ <include_file>squidguard.inc</include_file>
+ <name>squidguardsrc</name>
+ <title>Proxy server filter SquidGuard: Sources</title>
+ <delete_string>A proxy server user has been deleted.</delete_string>
+ <addedit_string>A proxy server user has been created/modified.</addedit_string>
+ <tabs>
+ <tab>
+ <text>General settings</text>
+ <url>/pkg_edit.php?xml=squidguard.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Default</text>
+ <url>/pkg_edit.php?xml=squidguard_default.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>ACL</text>
+ <url>/pkg.php?xml=squidguard_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Sources</text>
+ <url>/pkg.php?xml=squidguard_src.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Destinations</text>
+ <url>/pkg.php?xml=squidguard_dest.xml</url>
+ </tab>
+ <tab>
+ <text>Times</text>
+ <url>/pkg.php?xml=squidguard_time.xml</url>
+ </tab>
+ <tab>
+ <text>Rewrites</text>
+ <url>/pkg.php?xml=squidguard_rewr.xml</url>
+ </tab>
+ <tab>
+ <text>Log</text>
+ <url>/pkg_edit.php?xml=squidguard_log.xml</url>
+ </tab>
+ </tabs>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fieldname>name</fieldname>
+ <fielddescr>Source name</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>iplist</fieldname>
+ <fielddescr>IP list</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <fieldname>name</fieldname>
+ <fielddescr>Source name</fielddescr>
+ <description>
+ You can enter name here. Name consist minimum 2 symbols, first from which letter. &lt;br&gt;
+ All other symbols is [a-Z_0-9]. Source name must be &lt;b&gt;unique&lt;/b&gt; .
+ </description>
+ <type>input</type>
+ <required/>
+ <size>80</size>
+ </field>
+ <field>
+ <fieldname>iplist</fieldname>
+ <fielddescr>IP addresses</fielddescr>
+ <description>
+ Enter IP addresses here with space(' ') divider. &lt;br&gt;
+ IP addresses must be in format:&lt;br&gt;
+ ip xxx.xxx.xxx.xxx [...] or ip xxx.xxx.xxx.xxx/nn [...] or &lt;br&gt;
+ ip xxx.xxx.xxx.xxx/mmm.mmm.mmm.mmm [...] or ip xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy [...] &lt;br&gt;
+ where: &lt;br&gt;
+ xxx.xxx.xxx.xxx is an IP address (host or net, i.e. 10.11.12.13 or 10.11.12.0), /nn a net prefix (i.e. /23), &lt;br&gt;
+ mmm.mmm.mmm.mmm is a netmask (i.e. 255.255.254.0) and yyy.yyy.yyy.yyy is a host address &lt;br&gt;
+ (must be >= xxx.xxx.xxx.xxx)
+ </description>
+ <type>textarea</type>
+ <cols>50</cols>
+ <rows>10</rows>
+ </field>
+ <field>
+ <fieldname>enablelog</fieldname>
+ <fielddescr>Enable log</fielddescr>
+ <type>checkbox</type>
+ <description>Check this for enable log.</description>
+ </field>
+ <field>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ <description></description>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ </fields>
+ <custom_php_after_form_command>
+ squidGuard_print_javascript();
+ </custom_php_after_form_command>
+ <custom_php_validation_command>
+ squidguard_validate_source($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+// squidguard_resync_time();
+ </custom_php_resync_config_command>
+</packagegui>
diff --git a/packages/squidGuard/squidguard_time.xml b/packages/squidGuard/squidguard_time.xml
new file mode 100644
index 00000000..53ebcd2e
--- /dev/null
+++ b/packages/squidGuard/squidguard_time.xml
@@ -0,0 +1,127 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+ <include_file>squidguard.inc</include_file>
+ <name>squidguardtime</name>
+ <title>Proxy server filter SquidGuard: Times</title>
+ <delete_string>A proxy server user has been deleted.</delete_string>
+ <addedit_string>A proxy server user has been created/modified.</addedit_string>
+ <tabs>
+ <tab>
+ <text>General settings</text>
+ <url>/pkg_edit.php?xml=squidguard.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Default</text>
+ <url>/pkg_edit.php?xml=squidguard_default.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>ACL</text>
+ <url>/pkg.php?xml=squidguard_acl.xml</url>
+ </tab>
+ <tab>
+ <text>Sources</text>
+ <url>/pkg.php?xml=squidguard_src.xml</url>
+ </tab>
+ <tab>
+ <text>Destinations</text>
+ <url>/pkg.php?xml=squidguard_dest.xml</url>
+ </tab>
+ <tab>
+ <text>Times</text>
+ <url>/pkg.php?xml=squidguard_time.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Rewrites</text>
+ <url>/pkg.php?xml=squidguard_rewr.xml</url>
+ </tab>
+ <tab>
+ <text>Log</text>
+ <url>/pkg_edit.php?xml=squidguard_log.xml</url>
+ </tab>
+ </tabs>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fieldname>name</fieldname>
+ <fielddescr>Timename</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <fieldname>name</fieldname>
+ <fielddescr>Name</fielddescr>
+ <description>Enter the time name here.</description>
+ <type>input</type>
+ <required/>
+ <size>80</size>
+ </field>
+ <field>
+ <type>rowhelper</type>
+ <fielddescr>Values</fielddescr>
+ <rowhelper>
+ <rowhelperfield>
+ <fielddescr>Time type</fielddescr>
+ <fieldname>timetype</fieldname>
+ <description></description>
+ <type>select</type>
+ <value>weekly</value>
+ <options>
+ <option><value>weekly</value><name>Weekly</name></option>
+ <option><value>date</value><name>Date</name></option>
+ </options>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Days</fielddescr>
+ <fieldname>timedays</fieldname>
+ <description></description>
+ <type>select</type>
+ <value>*</value>
+ <options>
+ <option><value>*</value><name>all</name></option>
+ <option><value>mon</value><name>mon</name></option>
+ <option><value>tue</value><name>tue</name></option>
+ <option><value>wed</value><name>wed</name></option>
+ <option><value>thu</value><name>thu</name></option>
+ <option><value>fri</value><name>fri</name></option>
+ <option><value>sat</value><name>sat</name></option>
+ <option><value>sun</value><name>sun</name></option>
+ </options>
+ </rowhelperfield>
+ <rowhelperfield>
+ <type>input</type>
+ <size>40</size>
+ <fieldname>daterange</fieldname>
+ <fielddescr>Date or Date range</fielddescr>
+ <description>00:00-08:00 15:00-21:00 Format: *.01.01</description>
+ </rowhelperfield>
+ <rowhelperfield>
+ <type>input</type>
+ <size>20</size>
+ <fieldname>timerange</fieldname>
+ <fielddescr>Time range</fielddescr>
+ <description>00:00-08:00</description>
+ </rowhelperfield>
+ </rowhelper>
+ </field>
+ <field>
+ <fieldname>description</fieldname>
+ <fielddescr>Description</fielddescr>
+ <description>You may enter a description here for your reference (not parsed).</description>
+ <type>input</type>
+ <size>80</size>
+ </field>
+ </fields>
+ <custom_php_after_form_command>
+ squidGuard_print_javascript();
+ </custom_php_after_form_command>
+ <custom_php_validation_command>
+ squidguard_validate_times(&amp;$_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+// squidguard_resync_time();
+ </custom_php_resync_config_command>
+</packagegui>