aboutsummaryrefslogtreecommitdiffstats
path: root/packages
diff options
context:
space:
mode:
authorD. V. Serg <dvserg@pfsense.org>2007-11-09 14:46:25 +0000
committerD. V. Serg <dvserg@pfsense.org>2007-11-09 14:46:25 +0000
commita0d0a547b3f925b43a93a47ac52c562d824c3deb (patch)
treed4ef579741c8f839a1de7de94b2adc823c66d493 /packages
parent0b03fa5a6cd05bf3de3ce02cb61f9a35e411dec2 (diff)
downloadpfsense-packages-a0d0a547b3f925b43a93a47ac52c562d824c3deb.tar.gz
pfsense-packages-a0d0a547b3f925b43a93a47ac52c562d824c3deb.tar.bz2
pfsense-packages-a0d0a547b3f925b43a93a47ac52c562d824c3deb.zip
New ver update
Diffstat (limited to 'packages')
-rw-r--r--packages/squidGuard/squidguard.inc1111
-rw-r--r--packages/squidGuard/squidguard.xml70
-rw-r--r--packages/squidGuard/squidguard_acl.xml33
-rw-r--r--packages/squidGuard/squidguard_cls.inc1176
-rw-r--r--packages/squidGuard/squidguard_configurator.inc1564
-rw-r--r--packages/squidGuard/squidguard_default.xml31
-rw-r--r--packages/squidGuard/squidguard_dest.xml25
-rw-r--r--packages/squidGuard/squidguard_log.xml26
-rw-r--r--packages/squidGuard/squidguard_rewr.xml54
-rw-r--r--packages/squidGuard/squidguard_src.xml72
-rw-r--r--packages/squidGuard/squidguard_time.xml28
11 files changed, 2388 insertions, 1802 deletions
diff --git a/packages/squidGuard/squidguard.inc b/packages/squidGuard/squidguard.inc
index 9f044574..344cf95f 100644
--- a/packages/squidGuard/squidguard.inc
+++ b/packages/squidGuard/squidguard.inc
@@ -1,8 +1,8 @@
<?php
-# ---------------------------------------------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
# squidguard.inc
-# (C)2006 Serg Dvoriancev
+# (C)2006, 2007 Serg Dvoriancev
/* Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
@@ -24,11 +24,7 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
-# ---------------------------------------------------------------------------------------------------------------------
-
-if ($_SERVER['SCRIPT_FILENAME'] == '/usr/local/www/packages/config/squidguard.inc') {
- exit;
-}
+# ------------------------------------------------------------------------------
require_once('globals.inc');
require_once('config.inc');
@@ -37,18 +33,20 @@ require_once('pfsense-utils.inc');
require_once('pkg-utils.inc');
require_once('filter.inc');
require_once('service-utils.inc');
-require_once('squidguard_cls.inc');
-# ---------------------------------------------------------------------------------------------------------------------
-define('SQUIDGUARD_CONFBASE', '/usr/local/etc/squid');
-define('SQUIDGUARD_CONFFILE', '/squidguard.conf.test');
-define('SQUIDGUARD_BINPATH', '/usr/local/bin');
-define('SQUIDGUARD_WORKDIR', '/usr/local/etc/squidGuard');
-define('SQUIDGUARD_DBHOME', '/var/db/squidGuard');
+require_once('squidguard_configurator.inc');
+# ------------------------------------------------------------------------------
+define('SQUIDGUARD_CONFBASE', '/usr/local/etc/squid');
+define('SQUIDGUARD_CONFFILE', '/squidguard.conf');
+define('SQUIDGUARD_CONFXML', '/squidguard_conf.xml');
+define('SQUIDGUARD_BINPATH', '/usr/local/bin');
+define('SQUIDGUARD_WORKDIR', '/usr/local/etc/squidGuard');
+define('SQUIDGUARD_LOGDIR', '/var/squidGuard/log');
+define('SQUIDGUARD_DBHOME', '/var/db/squidGuard');
define('SQUIDGUARD_WEBGUI_LOG', '/squidguard_gui.log');
define('SQUIDGUARD_WEBGUI_HISTORY_LOG', '/squidguard_gui_history.log');
-# ---------------------------------------------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
define('FLD_NAME', 'name');
define('FLD_DEST', 'dest');
@@ -65,7 +63,7 @@ define('FLD_REPLACETO', 'replaceto');
define('FLD_TIMETYPE', 'timetype');
define('FLD_TIMEDAYS', 'timedays');
define('FLD_DATERANGE', 'daterange');
-define('FLD_TIMERANGE', 'timerange');
+define('FLD_TIMERANGE', 'sg_timerange');
define('FLD_IPLIST', 'iplist');
define('FLD_DESCRIPTION', 'description');
define('FLD_EXPRESSIONS', 'expressions');
@@ -73,6 +71,8 @@ define('FLD_DOMAINS', 'domains');
define('FLD_URLS', 'urls');
define('FLD_DISABLED', 'disabled');
define('FLD_ENABLELOG', 'enablelog');
+define('FLD_SQUIDGUARDENABLE','squidguard_enable');
+define('FLD_BLACKLIST', 'blacklist');
define('PREFLD_UPTIME', 'uptime_');
define('PREFLD_UPTIME_DENY', 'uptimedeny_');
@@ -88,9 +88,9 @@ define('MODULE_SOURCE', 'squidguardsrc');
define('MODULE_TIME', 'squidguardtime');
define('MODULE_LOG', 'squidguardlog');
-define('BLACKLIST_DEFAULT_URL', 'http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz'); // 360Kb
-//define('BLACKLIST_DEFAULT_URL', 'http://squidguard.mesd.k12.or.us/blacklists.tgz'); // 3.5Mb
-// define('BLACKLIST_DEFAULT_URL', 'http://blacklist.dansguardian.org/cgi-bin/download.pl?type=download&file=bigblacklist');
+define('BLACKLIST_DEFAULT_URL', 'http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz'); // 360Kb
+define('BLACKLIST_DEFAULT_URL1', 'http://squidguard.mesd.k12.or.us/blacklists.tgz'); // 3.5Mb
+define('BLACKLIST_DEFAULT_URL2', 'http://blacklist.dansguardian.org/cgi-bin/download.pl?type=download&file=bigblacklist');
define('BLACKLIST_TMP_FILE', '/var/tmp/blacklists.tar.gz');
define('BLACKLIST_BTN_STD', 'Upload Std');
define('BLACKLIST_BTN_URL', 'Upload Url');
@@ -103,216 +103,25 @@ define('WEBGUI_HISTORY_LOG', 'on');
define('TEST_LOG', '/var/tmp/sqtest.test');
-# ---------------------------------------------------------------------------------------------------------------------
-# squidguard_object
-# ---------------------------------------------------------------------------------------------------------------------
-$squidguard_object = create_squidguard_object();
-
-
-# ---------------------------------------------------------------------------------------------------------------------
-# functions
-# ---------------------------------------------------------------------------------------------------------------------
+# ==============================================================================
+# Initialization
+# ==============================================================================
+sg_init(convert_pfxml_to_sgxml());
-function create_squidguard_object() {
- $sg_object = new SquidGuardConfigClass();
- $sg_object->debug_history .= "->create_squidguard_object";
- $sg_object->set_options(SQUIDGUARD_BINPATH, SQUIDGUARD_WORKDIR, SQUIDGUARD_DBHOME);
-
- squidguard_ini_object(&$sg_object);
- return $sg_object;
-}
-
-function squidguard_ini_object($sg_object) {
- global $config;
+# ==============================================================================
+# Validations
+# ==============================================================================
- $sg_object->debug_history .= "->squidguard_ini_object";
- $sg_object->init();
- if ($config['installedpackages'][MODULE_GENERAL]['config'][0]['squidguard_enable'] != '')
- $sg_object->enabled = true;
- else $sg_object->enabled = false;
-
- if ($config['installedpackages'][MODULE_GENERAL]['config'][0]['blacklist'] != '')
- $sg_object->blacklist_enabled = true;
- else $sg_object->blacklist_enabled = false;
-
- // rewrite's
- $rewrite = $config['installedpackages'][MODULE_REWRITE]; // ['config'];
- if (is_array($rewrite)) {
- foreach($rewrite['config'] as $rew) {
- // rewrite object
- $sg_rew =& $sg_object->add_rewrite($rew[FLD_NAME], $rew[FLD_DESCRIPTION], $rew[FLD_ENABLELOG]);
- if (is_array($rew) and count($rew['row'])) {
- foreach($rew['row'] as $row) {
- // rewrite items
- $sg_rew->add_item($row[FLD_TARGETURL], $row[FLD_REPLACETO]);
- }
- }
- }
- }
-
- // time's
- $time = $config['installedpackages'][MODULE_TIME]['config'];
- if (is_array($time)) {
- foreach($time as $tm) {
- // time object
- $sg_time =& $sg_object->add_time($tm[FLD_NAME], $tm[FLD_DESCRIPTION]);
- foreach($tm['row'] as $row) {
- // time items
- if ($row[FLD_TIMETYPE] == 'date') // 0 - "date"$FLD_TIMETYPE
- $sg_time->add_date ($row[FLD_DATERANGE], $row[FLD_TIMERANGE]);
- else $sg_time->add_weekly ($row[FLD_TIMEDAYS], /* $row[FLD_DATERANGE], */$row[FLD_TIMERANGE]);
- }
- }
- }
-
- // source's
- $source = $config['installedpackages'][MODULE_SOURCE]['config'];
- if (is_array($source)) {
- foreach($source as $src) {
- // source object
- $sg_src =& $sg_object->add_src($src[FLD_NAME], $src[FLD_IPLIST],
- $src[FLD_DESCRIPTION], $src[FLD_ENABLELOG]);
- }
- }
-
- // destination's
- $destination = $config['installedpackages'][MODULE_DESTINATION]['config'];
- if (is_array($destination)) {
- foreach($destination as $dest) {
- // destination object
- $sg_ds =& $sg_object->add_dest($dest[FLD_NAME], $dest[FLD_DOMAINS], $dest[FLD_URLS],
- $dest[FLD_EXPRESSIONS], $dest[FLD_REDIRECT], $dest[FLD_DESCRIPTION],
- $dest[FLD_ENABLELOG]);
- }
- }
-
- // acl's
- $acl = $config['installedpackages'][MODULE_ACL]['config'];
- if (is_array($acl)) {
- foreach($acl as $ac) {
- $passes = str_replace("]", "", trim($ac[FLD_DESTINATION]));
- $passes = explode("[", $passes);
- $pass = "";
- $overpass = "";
- if (is_array($passes)) {
- $pass = $passes[0];
- $overpass = $passes[1];
- }
- // acl object; log defined only for default acl
- $sg_acl =& $sg_object->add_acl(
- $ac[FLD_SOURCE], $ac[FLD_TIME], $ac[FLD_DESCRIPTION],
- array('pass' => $pass, 'rewrite'=>$ac[FLD_REWRITE], 'redirect'=>$ac[FLD_REDIRECT], 'log'=>''),
- array('pass' => $overpass, 'rewrite'=>$ac[FLD_REWRITE], 'redirect'=>$ac[FLD_REDIRECT], 'log'=>''),
- $ac[FLD_DISABLED]
- );
- }
- }
-
- // default acl; log defined only for default acl
- $acdef = $config['installedpackages'][MODULE_DEFAULT]['config'][0];
- if (is_array($acdef)) {
- $passes = str_replace("]", "", trim($acdef[FLD_DESTINATION]));
- $passes = explode("[", $passes);
- $pass = "";
- $overpass = "";
- if (is_array($passes)) {
- $pass = $passes[0];
- $overpass = $passes[1];
- }
- // default acl object
- $sg_object->set_default_acl(
- $acdef[FLD_TIME], $acdef[FLD_DESCRIPTION],
- array('pass' => $pass, 'rewrite'=>$acdef[FLD_REWRITE], 'redirect'=>$acdef[FLD_REDIRECT], 'log'=>$acdef[FLD_ENABLELOG]),
- array('pass' => $overpass, 'rewrite'=>$acdef[FLD_REWRITE], 'redirect'=>$acdef[FLD_REDIRECT], 'log'=>$acdef[FLD_ENABLELOG]),
- $acdef[FLD_DISABLED]
- );
- }
-
- // update squidguard object
- $sg_object->update();
-}
-
-
-# ---------------------------------------------------------------------------------------------------------------------
-# install/deinstall
-# ---------------------------------------------------------------------------------------------------------------------
-function squidguard_deinstall() {
-
-}
-
-# ---------------------------------------------------------------------------------------------------------------------
-# Upload file to /var/tmp directory
-# ---------------------------------------------------------------------------------------------------------------------
-function upload_file($file) {
- global $squidguard_object;
-
- $res = '';
- $cat = '/var/tmp/';
-
-$squidguard_object->add_log("FILES: " . count($_FILES));
-
- if (isset($_FILES[$file])) { // if file exists
- if (move_uploaded_file($_FILES[$file]['tmp_name'], $cat . $_FILES[$file]['name'])) {
- $res = true;
- } // else blacklist_add_log('Нифига нет Files=' . count($_FILES));
- }
- return $res;
-}
-
-
-# ---------------------------------------------------------------------------------------------------------------------
-# default squidguard blacklist
-# http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz
-# ---------------------------------------------------------------------------------------------------------------------
-// upload file and put them to temp catalog
-function upload_file_from_url($url_file, $destination_file, $proxy) {
- global $squidguard_object;
-
- // open destination file
- $upload_tmp = '/var/tmp/blacklists.tar.gz';
- $result = '';
- $squidguard_object->add_log("Begin upload from URL $url_file");
-
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL,BLACKLIST_DEFAULT_URL);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
- if ($proxy != '') {
- $ip = '';
- $login = '';
- $s = trim($proxy);
- if (strpos($s, ' ')) {
- $ip = substr($s, 0, strpos($s, ' '));
- $login = substr($s, strpos($s, ' ') + 1);
- } else $ip = $s;
-
- if($ip != '') {
- $s_log = "Host[$ip] ";
- curl_setopt($ch, CURLOPT_PROXY, $ip);
- if($login != '') {
- $s_log .= "Login[$login]";
- curl_setopt($ch, CURLOPT_PROXYUSERPWD, $login);
- }
- $squidguard_object->add_log("Proxy settings: $s_log");
- }
- } else $squidguard_object->add_log("Proxy: not defined");
- $result=curl_exec ($ch);
- curl_close ($ch);
-
- // TODO: check uploaded content for '.gz' file format
-
- if (file_put_contents($upload_tmp, $result) > 0) {
- $squidguard_object->add_log("Uploaded success.");
- } else $squidguard_object->add_log("Upload error.");
- return $upload_tmp;
-}
-
-# ---------------------------------------------------------------------------------------------------------------------
-# Validates
-# ---------------------------------------------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
+# validate default
+# ------------------------------------------------------------------------------
function squidguard_validate_default($post, $input_errors) {
squidguard_validate_acl($post, &$input_errors);
}
+# ------------------------------------------------------------------------------
+# validate acl
+# ------------------------------------------------------------------------------
function squidguard_validate_acl($post, $input_errors) {
global $config;
$pass_up = array();
@@ -322,7 +131,7 @@ function squidguard_validate_acl($post, $input_errors) {
$deny_over = array();
$pass_over_val = '';
- // ===== store destinations to 'dest' value =====
+ // store destinations to 'dest' value
foreach ($post as $key => $val) {
if (substr_count($key, PREFLD_UPTIME) != 0) {
$name = str_replace(PREFLD_UPTIME, '', $key);
@@ -358,7 +167,9 @@ function squidguard_validate_acl($post, $input_errors) {
else $pass_over_val .= " $key";
}
- // if not exists key 'all', then add '!all' - default 'deny all' (equiqalence 'none')
+ // !ATTENTION! on pfSense XML config must be must(shall) be '!all' instead of 'none' - it is a must for correct work GUI
+
+ // if not exists key 'all', then add 'none' - default 'deny all'
if ((substr_count($pass_up_val, 'all') == 0)) {
$pass_up_val .= ' !all';
}
@@ -372,6 +183,12 @@ function squidguard_validate_acl($post, $input_errors) {
else $post[FLD_DEST] = "$pass_up_val [$pass_over_val]";
}
+# ------------------------------------------------------------------------------
+# validate times
+# Format:
+# date: <date(or range)><time (or range)> -- days not parsed (reset to *)
+# weekly: <day or *><time or range> -- dates not parsed (reset to '')
+# ------------------------------------------------------------------------------
function squidguard_validate_times($post, $input_errors) {
// check name
@@ -382,45 +199,40 @@ function squidguard_validate_times($post, $input_errors) {
$input_errors[] = $err;
}
- // check unique name
- if (!check_unique_name(MODULE_TIME, $name))
+ // check unique name
+ if (!check_unique_name(MODULE_TIME, $name))
$input_errors[] = "Name '$name' already exists";
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # Format:
- # date: <date(or range)><time (or range)> -- days not parsed (reset to *)
- # weekly: <day or *><time or range> -- dates not parsed (reset to '')
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
+ // check format
$err = '';
for ($i=0; $post[FLD_TIMETYPE . "$i"] != ''; $i++) {
- $timetype = strtolower($post[FLD_TIMETYPE . "$i"]);
- if ($timetype == 'date') {
- // set timedays to '*'
- $post[FLD_TIMEDAYS . "$i"] = '*';
-
- // check date and time
- $date = trim($post[FLD_DATERANGE."$i"]);
- $time = trim($post[FLD_TIMERANGE."$i"]);
- $err = check_date($date);
- if (!empty($err)) $input_errors[] = $err;
- $err = check_time($time);
- if (!empty($err)) $input_errors[] = $err;
- } else {
- // set daterange to ''
- $post[FLD_DATERANGE . "$i"] = '';
-
- // check time
- $time = trim($post[FLD_TIMERANGE."$i"]);
- $err = check_time($time);
- if (!empty($err)) $input_errors[] = $err;
- }
- }
-
- if (!empty($err))
- $input_errors .= $err;
+ $timetype = strtolower($post[FLD_TIMETYPE . "$i"]);
+ if ($timetype == 'date') {
+ // set timedays to '*'
+ $post[FLD_TIMEDAYS . "$i"] = '*';
+
+ // check date and time
+ $date = trim($post[FLD_DATERANGE."$i"]);
+ $time = trim($post[FLD_TIMERANGE."$i"]);
+ $err = check_date($date);
+ if (!empty($err)) $input_errors[] = $err;
+ $err = check_time($time);
+ if (!empty($err)) $input_errors[] = $err;
+ } else {
+ // set daterange to ''
+ $post[FLD_DATERANGE . "$i"] = '';
+
+ // check time
+ $time = trim($post[FLD_TIMERANGE."$i"]);
+ $err = check_time($time);
+ if (!empty($err)) $input_errors[] = $err;
+ }
+ }
}
+# ------------------------------------------------------------------------------
+# validate sources
+# ------------------------------------------------------------------------------
function squidguard_validate_source($post, $input_errors) {
// check name
$name = trim($post[FLD_NAME]);
@@ -435,6 +247,9 @@ function squidguard_validate_source($post, $input_errors) {
}
}
+# ------------------------------------------------------------------------------
+# validate destinations
+# ------------------------------------------------------------------------------
function squidguard_validate_destination($post, $input_errors) {
// check name
$name = trim($post[FLD_NAME]);
@@ -447,8 +262,21 @@ function squidguard_validate_destination($post, $input_errors) {
if (!check_unique_name(MODULE_DESTINATION, $name))
$input_errors[] = "Name '$name' already exists";
}
+ // check redirect
+ $redirect = trim($post[FLD_REDIRECT]);
+ if(!empty($redirect)) {
+ // cut first redirect url, if entered more that one
+ $redirect = explode("\n", $redirect);
+ $redirect = $redirect[0];
+ $post[FLD_REDIRECT] = $redirect;
+ if (is_url($redirect) === false)
+ $input_errors[] = "Redirect must contains valid url. Example: 'http://www.my.com', 'https://my.com', 'ftp://my.com'";
+ }
}
+# ------------------------------------------------------------------------------
+# validate rewrites
+# ------------------------------------------------------------------------------
function squidguard_validate_rewrite($post, $input_errors) {
// check name
$name = trim($post[FLD_NAME]);
@@ -464,70 +292,81 @@ function squidguard_validate_rewrite($post, $input_errors) {
}
}
-// ---------------------------------------------------------------------------------------------------------------------
-// Resync & Make
-// ---------------------------------------------------------------------------------------------------------------------
-
+// -----------------------------------------------------------------------------
+// squidguard_resync
+// -----------------------------------------------------------------------------
function squidguard_resync() {
- global $squidguard_object;
- $sg_object;
- if (is_null($squidguard_object)) {
- $squidguard_object = create_squidguard_object();
- }
- $sg_object = $squidguard_object;
- $sg_object->debug_history .= "->squidguard_resync";
- squidguard_ini_object(&$sg_object);
-
$conf = '';
$upload_file = '';
- if ($_POST['submit'] == BLACKLIST_BTN_STD) {
- // upload from std url
- $proxy = $_POST['blacklist_proxy'];
- $upload_file = upload_file_from_url(BLACKLIST_DEFAULT_URL, BLACKLIST_TMP_FILE, $proxy);
- $sg_object->update_blacklist($upload_file);
- } else
-
+ // blacklist upload
if ($_POST['submit'] == BLACKLIST_BTN_URL) {
// upload from another url
$url = $_POST['blacklist_url'];
$proxy = $_POST['blacklist_proxy'];
if ($url)
- $upload_file = upload_file_from_url($url, BLACKLIST_TMP_FILE, $proxy);
- $sg_object->update_blacklist($upload_file);
- } else
-
- if ($_POST['submit'] == BLACKLIST_BTN_FILE) {
- /* $upload_file = $_POST['blacklist_file'];
- blacklist_add_log('Begin upload from file ' . $upload_file . '.\r');
- if (upload_file(''))
- blacklist_add_log('Success.\r');
- else {
- blacklist_add_log('Error.\r');
- $upload_file = '';
- }
- $sg_object->update_blacklist($upload_file); */
- // $sg_object->update_blacklist('/var/tmp/blacklists.tar');
-upload_file('');
- } else
-
- // apply changes
- if ($_POST['submit'] == APPLY_BTN) {
- // reconfigure service
- $sg_object->reconfigure();
- } else
-
- // start test squidGuard
- /*if ($_POST['test_squidguard'] != '')*/ {
- $result = '';
- $src_urls = $_POST['test_squidguard_urls'];
- $result = $sg_object->test_work($src_urls);
- file_put_contents(TEST_LOG, $result);
+ sg_reconfigure_blacklist($url, $proxy);
}
-
+ // apply changes
+ if ($_POST['submit'] == APPLY_BTN) sg_reconfigure();
}
+
+// -----------------------------------------------------------------------------
+// squidguard_resync_src
// -----------------------------------------------------------------------------
+function squidguard_resync_src() {
+ global $config;
+ $conf = $config['installedpackages'][MODULE_SOURCE]['config'];
+ $id = $_GET['id'];
+ if (!$id)
+ $id = $_POST['id'];
+
+ // move current id by order
+ if (($id != '') and is_array($conf) and ($id !== intval($conf[$id]['order']))) {
+ // copy current item to temp and remove it's from list
+ $src_new = array();
+ $src_cur = $conf[$id];
+ unset ($conf[$id]);
+
+ // rebuild list and insert current item by order
+ $i=0;
+ foreach($conf as $src) {
+ if (intval($src_cur['order']) === $i) {
+ $src_new[] = $src_cur;
+ unset($src_cur);
+ $i++;
+ }
+ $src_new[] = $src;
+ $i++;
+ }
+ // if current item not inserted - insert him to the end
+ if (isset($src_cur)) {
+ $src_new[] = $src_cur;
+ unset($src_cur);
+ }
+
+ // renew order values
+ foreach($src_new as $key => $src) {
+ $src_new[$key]['order'] = $key;
+ }
+
+ unset ($config['installedpackages'][MODULE_SOURCE]['config']);
+ $config['installedpackages'][MODULE_SOURCE]['config'] = $src_new;
+ write_config('Update squidguardsrc config');
+ } else if (($_GET['act'] === 'del') or ($_POST['act'] === 'del')) {
+ // update order on delete item
+ foreach($config['installedpackages'][MODULE_SOURCE]['config'] as $key => $src)
+ $config['installedpackages'][MODULE_SOURCE]['config'][$key]['order'] = $key;
+ write_config('Update squidguardsrc config');
+ }
+}
+
+// =============================================================================
// common functions
+// =============================================================================
+
+// -----------------------------------------------------------------------------
+// get_pkg_items_list
// -----------------------------------------------------------------------------
function get_pkg_items_list($pkg_gui_name, $fieldname) {
$res = '';
@@ -538,101 +377,33 @@ function get_pkg_items_list($pkg_gui_name, $fieldname) {
return $res;
}
+# ==============================================================================
+# Before form
+# ==============================================================================
+
// -----------------------------------------------------------------------------
-// Resync
+// squidguard_before_form_src
// -----------------------------------------------------------------------------
-
-function squidguard_resync_rewrite() { // rewrite
- $conf = "";
- // ----- nothing for do -----
- return $conf;
-}
-
-function squidguard_resync_time() { // resync time
- global $config;
-
- $conf = '';
- $times = $config['installedpackages']['squidguardtime']['config'];
-
- if (is_array($times)) {
- foreach($times as $tm) {
- $timevalue = '';
- $conf .= "\n time " . $tm['timename'] . " {";
- foreach($tm['row'] as $rw) {
- if ($rw['timetype'] == 'date') {
- $timevalue .= $rw['timetype'] . ' ' . $rw['timelist'];
- $conf .= "\n date" . $rw['timelist'];
- } else {
- $timevalue .= $rw['timetype'] . ' ' . $rw['timedays'] . ' ' . $rw['timelist'];
- $conf .= "\n weekly " . $rw['timedays'] . ' ' . $rw['timelist'];
- }
- }
- $conf .= "\n } \n";
- $config['installedpackages']['squidguardtime']['config']['timevalue'] = "1110";//$timevalue;
- }
- }
-
-// file_put_contents("/var/tmp/squidguard.test", $conf);
-
- return $conf;
-}
-
-function squidguard_resync_src() { // source
- $conf = "";
- // ----- nothing for do -----
- return $conf;
-}
-
-function squidguard_resync_std_dest() { // standart destinations
- global $config;
- $settings = $config['installedpackages']['squidguard']['config'][0];
- $conf = "";
-
- // ads
- $conf .= make_dest(FLT_ADS, "ads/domains", "ads/urls", "", "");
- // aggressive
- $conf .= make_dest(FLT_AGGRESSIVE, "aggressive/domains", "aggressive/urls", "", "");
- // audio & video
- $conf .= make_dest(FLT_AUDIOVIDEO, "audio-video/domains", "audio-video/urls", "", "");
- // Druggs
- $conf .= make_dest(FLT_DRUGGS, "drugs/domains", "drugs/urls", "", "");
- // Gambling
- $conf .= make_dest(FLT_GAMBLING, "gambling/domains", "gambling/urls", "", "");
- // Hacking
- $conf .= make_dest(FLT_HACKING, "hacking/domains", "hacking/urls", "", "");
- // Mail
- $conf .= make_dest(FLT_MAIL, "mail/domains", "mail/urls", "", "");
- // Porn
- $conf .= make_dest(FLT_PORN, "porn/domains", "porn/urls", "", "");
- // proxy
- $conf .= make_dest(FLT_PROXY, "proxy/domains", "proxy/urls", "", "");
- // Violence
- $conf .= make_dest(FLT_VIOLENCE, "violence/domains", "violence/urls", "", "");
- // Warez
- $conf .= make_dest(FLT_WAREZ, "warez/domains", "warez/urls", "", "");
-
- return $conf;
-}
-
-function squidguard_resync_user_dst() { // user destinations
-}
-
-function squidguard_resync_dest() { // destination
- $conf = "";
- // ----- nothing for do -----
- return $conf;
-}
-
-function squidguard_resync_acl() { // acl
- $conf = "";
- // ----- nothing for do -----
- return $conf;
+function squidguard_before_form_src($pkg) {
+ global $config;
+ global $g;
+ $i=0;
+ foreach($pkg['fields']['field'] as $field) {
+ if ($field['fieldname'] == 'order') {
+ $fld = &$pkg['fields']['field'][$i];
+ $img_up = "<img src='./themes/{$g['theme']}/images/icons/icon_up.gif'
+ title='move up' width='17' height='17' border='0' onclick='on_moveup()'>";
+ $img_down = "<img src='./themes/{$g['theme']}/images/icons/icon_down.gif'
+ title='move down' width='17' height='17' border='0' onclick='on_movedown()'>";
+ $s = "<b>Move to:</b> $img_up $img_down <br>" . $fld['description'];
+ $fld['description'] = $s;
+ }
+ $i++;
+ }
}
-
// -----------------------------------------------------------------------------
-// Before form
+// squidguard_before_form_dest
// -----------------------------------------------------------------------------
-
function squidguard_before_form_dest($pkg) {
global $config;
$expr_names = '';
@@ -659,11 +430,12 @@ function squidguard_before_form_dest($pkg) {
}
}
+// -----------------------------------------------------------------------------
+// squidguard_before_form
+// -----------------------------------------------------------------------------
function squidguard_before_form($pkg) {
$i=0;
-// <encType>multipart/form-data</encType>;
-
foreach($pkg['fields']['field'] as $field) {
// blacklist controls
if ($field['fieldname'] == 'blacklist') {
@@ -685,9 +457,11 @@ function squidguard_before_form($pkg) {
}
+// -----------------------------------------------------------------------------
+// squidguard_before_form_acl
+// -----------------------------------------------------------------------------
function squidguard_before_form_acl($pkg) {
global $config;
- global $squidguard_object;
$current_id = '';
$sources = '';
@@ -710,9 +484,8 @@ function squidguard_before_form_acl($pkg) {
// sources
$sources = $config['installedpackages']['squidguardsrc']['config'];
if (is_array($sources)) {
- foreach($sources as $src) {
+ foreach($sources as $src)
$source_items[] = $src['name'];
- }
}
// generate sources list TODO: exclude used names from list, source name used in ACL unique
@@ -720,7 +493,8 @@ function squidguard_before_form_acl($pkg) {
foreach($pkg['fields']['field'] as $field) {
if ($field['fieldname'] == 'source') {
$fld = &$pkg['fields']['field'][$i];
- foreach($source_items as $nm) {
+ if (is_array($source_items)) {
+ foreach($source_items as $nm)
$fld['options']['option'][] = array('name'=>$nm, 'value'=>$nm);
}
}
@@ -756,22 +530,28 @@ function squidguard_before_form_acl($pkg) {
}
}
- # --------------------------------------------------------------------------------------------------------------
- # destinations
- # --------------------------------------------------------------------------------------------------------------
- if ($squidguard_object->blacklist_enabled) {
- foreach($squidguard_object->blacklist as $dst)
- $dest_items[] = array ('name'=>$dst->name, 'upt_value'=>$acls_up[$dst->name],
- 'ovt_value'=>$acls_over[$dst->name], 'description'=>$dst->desc);
+ // --- Destinations ---
+ $general_cfg = $config['installedpackages'][MODULE_GENERAL]['config'][0];
+ $dest_cfg = $config['installedpackages'][MODULE_DESTINATION]['config'];
+
+ // Blacklist
+ if ($general_cfg['blacklist'] == 'on') {
+ $blk_entries = sg_entries_blacklist();
+ if (!empty($blk_entries)) {
+ foreach($blk_entries as $dst)
+ $dest_items[] = array ('name'=>$dst, 'upt_value'=>$acls_up[$dst],
+ 'ovt_value'=>$acls_over[$dst], 'description'=>'');
+ }
}
- if ($squidguard_object->dests) {
- foreach($squidguard_object->dests as $dst)
- $dest_items[] = array ('name'=>$dst->name, 'upt_value'=>$acls_up[$dst->name],
- 'ovt_value'=>$acls_over[$dst->name], 'description'=>$dst->desc);
+ // User destinations
+ if ($dest_cfg) {
+ foreach($dest_cfg as $dst)
+ $dest_items[] = array ('name'=>$dst[FLD_NAME], 'upt_value'=>$acls_up[$dst[FLD_NAME]],
+ 'ovt_value'=>$acls_over[$dst[FLD_NAME]], 'description'=>$dst[FLD_DESCRIPTION]);
}
- // default all
+ // Default all
$dest_items[] = array('name'=>FLT_DEFAULT_ALL, 'upt_value'=>$acls_up[FLT_DEFAULT_ALL],
'ovt_value'=>$acls_over[FLT_DEFAULT_ALL], 'description'=>'Default access');
@@ -828,10 +608,15 @@ function squidguard_before_form_acl($pkg) {
}
}
+// -----------------------------------------------------------------------------
+// squidguard_before_form_log
+// -----------------------------------------------------------------------------
function squidguard_before_form_log($pkg) {
global $config;
- global $squidguard_object;
$i=0;
+ $move_pos = 0;
+ $move_step = 50;
+
foreach($pkg['fields']['field'] as $field) {
if ($field['fieldname'] == 'logtype') {
$slog = '';
@@ -839,15 +624,19 @@ function squidguard_before_form_log($pkg) {
$filename = '';
$fld = &$pkg['fields']['field'][$i];
- if ($mlog['logtype'] == 'access_log') {
- $filename = $squidguard_object->log_dir . "/" . SQUIDGUARD_ACCESSBLOCK_FILE;
+ if (empty($move_pos)) $move_pos = 0;
+ if ($mlog['logtype'] == 'block_log') {
+ $filename = SQUIDGUARD_LOGDIR . "/" . SQUIDGUARD_ACCESSBLOCK_FILE;
if (file_exists($filename)) {
$s = file_get_contents($filename);
$s = explode("\n", $s);
+ $move_pos = count ($s) - $move_step;
+ if ($move_pos < 0) $move_pos = 0;
+ $s = array_slice($s, $move_pos, $move_step);
- $slog .= "<table cellSpacing=1 cellPadding=1 width='100%'>";
- $slog .= "<tr><th>DateTime</th><th>IP</th><th>URL</th><th>Filter</th><th>ID</th><th>Method</th></tr>";
- foreach($s as $vs) {
+ $slog .= "<tr><th>Num</th><th>DateTime</th><th>IP</th><th>URL</th><th>Filter</th><th>ID</th><th>Mtd</th></tr>";
+ foreach($s as $key => $vs) {
+ $nkey = $move_pos + intval($key);
$slog .= "<tr>";
$sx = $vs;
$sx = str_replace("/- -", "", $sx);
@@ -861,6 +650,7 @@ function squidguard_before_form_log($pkg) {
$sx = explode(" ", $sx);
if (!empty($vs))
$slog .= "<tr>
+ <td style='vertical-align: top; white-space: nowrap;'>" . strval($nkey) . "</td>
<td style='vertical-align: top; white-space: nowrap;'>$sx[0] $sx[1]</td>
<td style='vertical-align: top;'>$sx[5]</td>
<td style='vertical-align: top;'>$sx[4]</td>
@@ -868,11 +658,12 @@ function squidguard_before_form_log($pkg) {
<td style='vertical-align: top;'>$sx[2]</td>
<td style='vertical-align: top;'>$sx[6]</td></tr>";
}
- $slog .= "</table>";
+# $slog .= "</table>";
}
} else
- if ($mlog['logtype'] == 'webgui_log') {
- $filename = $squidguard_object->log_dir . SQUIDGUARD_LOG_FILE;
+ if ($mlog['logtype'] == 'configurator_log') {
+ $filename = SQUIDGUARD_LOGDIR . SQUIDGUARDCONF_LOGFILE;
+ $slog .= "<b>$filename</b><br>";
if (file_exists($filename)) {
$slog .= file_get_contents($filename);
$slog = str_replace("\n", "<br>", $slog);
@@ -880,36 +671,64 @@ function squidguard_before_form_log($pkg) {
}
} else
if ($mlog['logtype'] == 'squidguard_log') {
- $filename = $squidguard_object->log_dir . "/squidGuard.log";
+ $filename = SQUIDGUARD_LOGDIR . '/squidGuard.log';
+ $slog .= "<b>$filename</b><br>";
+ if (file_exists($filename)) {
+ $slog .= file_get_contents($filename);
+ $slog = explode("\n", $slog);
+ while (count($slog) > 500) array_shift($slog);
+ $slog = implode("\n", $slog);
+ $slog = str_replace("\n", "<br>", $slog);
+ $slog = "<tr><td>$slog</td></tr>";
+ }
+ } else
+ if ($mlog['logtype'] == 'squid_config') {
+ $filename = SQUID_CONFIGFILE;
+ $slog .= "<b>$filename</b><br>";
+ if (file_exists($filename)) {
+ $slog .= file_get_contents($filename);
+ $slog = str_replace("\n", "<br>", $slog);
+ $slog = str_replace("\t", " ", $slog);
+ $slog = "<tr><td>$slog</td></tr>";
+ }
+ } else
+ if ($mlog['logtype'] == 'squidguard_config') {
+ $filename = SQUIDGUARD_WORKDIR . "/squidGuard.conf";
+ $slog .= "<b>$filename</b><br>";
if (file_exists($filename)) {
$slog .= file_get_contents($filename);
$slog = str_replace("\n", "<br>", $slog);
+ $slog = str_replace("\t", " ", $slog);
$slog = "<tr><td>$slog</td></tr>";
}
}
-// $slog .= $filename . "\n"; // debug
-
$fld['description'] .=
- "</tr><tr><td><br></td>
- <td><table width='100%' class=tabcont cellSpacing=0 cellPadding=1 border=1>$slog</table>";
-// "<table class=tabcont cellSpacing=0 cellPadding=0 border=1 width='100%'>$slog</table></td>";
+ "<INPUT class=formbtn type=submit value='Get log' name=Submit>
+ </tr><tr>
+ <td colspan='2'><table width='100%' class=tabcont cellSpacing=0 cellPadding=1 border=1>$slog</table>";
+ "<table class=tabcont cellSpacing=0 cellPadding=0 border=1 width='100%'>$slog</table></td></tr>";
+
}
$i++;
}
}
+// -----------------------------------------------------------------------------
+// squidguard_update_acl_dest
+// -----------------------------------------------------------------------------
function squidguard_update_acl_dest($acl_name, $post) {
global $config;
$post['dest'] = 'fig vam';
- #s='TST';
foreach($post as $k => $p)
$s .= $k . '=' . $p;
}
+// -----------------------------------------------------------------------------
+// make_grid_general_items
+// -----------------------------------------------------------------------------
function make_grid_general_items($id = '')
{
- global $squidguard_object;
global $config;
$res = '';
@@ -917,17 +736,21 @@ function make_grid_general_items($id = '')
if ($id == '') {
// Apply
- $res .= "<tr><td>After changing configuration Squid or squidGuard you must
- <b>apply all changes</b></td><td><input name='submit'
- type='submit' value='Apply'></td></tr>";
+ $res .= "<tr bgcolor='#dddddd'><td><big>For saving configuration YOU need click button 'Save' on bottom of page</big></td></tr>
+ <tr><td><big>After changing configuration Squid or squidGuard you must <b><span style='color: #800000;'>apply all changes</span></b></big></td></tr>
+ <tr><td><input name='submit' type='submit' value='Apply'></td></tr>";
+
+ // service state
+ $sgstate = "<span style='color: #800000;'>STOPPED</span>";
+ if (is_service_running("squidGuard")) $sgstate = "<span style='color: #008000;'>STARTED</span>";
+ $res .= "<tr bgcolor='#dddddd'><td><big>SquidGuard service state: <b>$sgstate</b></big></td></tr>";
} else
if ($id == 'gui_log') {
if ($config['installedpackages']['squidguardgeneral']['config'][0]['view_gui_log'] == 'on') {
- $log_content = $squidguard_object->get_log();
- $res .= "<tr><td><br></td></tr>";
- $res .= "<tr><td>Web GUI log</td></tr>";
- $res .= "<tr><td vAlign=top width='100%'>
- <textarea name='Name' rows=7 cols=65 wrap='on' readonly='on'>$log_content</textarea></td></tr>";
+ $log_content = sg_getlog(50);
+ $log_content = str_replace("\n","<br>", $log_content);
+ $res .= "<tr bgcolor='#dddddd'><td><font size='-1'><b>Web GUI log (Last 50)</b></font></td></tr>";
+ $res .= "<tr bgcolor='#dddddd'><td vAlign=top width='100%'><font size='-2'>$log_content</font></td></tr>";
}
}
@@ -935,31 +758,47 @@ function make_grid_general_items($id = '')
return $res;
}
+// -----------------------------------------------------------------------------
+// make_grid_blacklist
+// -----------------------------------------------------------------------------
function make_grid_blacklist() {
- global $squidguard_object;
- $style1 = 'class=vtable'; // 'class=vncell' ;// 'style="background-color: #FFF0E2;"';
+ $style1 = ''; // 'style="background-color: ##CCCCC2;"';
$style2 = 'class=vtable';
$style2 = '';
- $e_size = '80';
+ $e_size = '90';
$res = '';
$res .= "<table width='100%'>";
- $res .= "<tr><td><b>Proxy</b> settings</b></td> <td>Blacklist upload proxy - enter here, or leave blank.<br>
- Format: host:[port login:pass] . Default proxy port 1080. Example: '192.168.0.1:8080 user:pass'</td><td>&nbsp;</td></tr>";
- $res .= "<tr><td $style1>&nbsp;</td><td $style1><input name='blacklist_proxy' id='blacklist_proxy' type='text' size='$e_size'></td><td $style1><br></td></tr>";
- $res .= "<tr><td $style3>Load from <b>Default</b></td> <td $style3><b>" . /*BLACKLIST_DEFAULT_URL .*/ "</b></td> <td $style3><input name='submit' value='" .
- BLACKLIST_BTN_STD . "' type='submit'></td></tr>";
- $res .= "<tr><td $style3>Load from <b>Url </b></td> <td $style3><input name='blacklist_url' id='blacklist_url'
- type='text' size='$e_size'></td> <td $style3><input name='submit' value='" . BLACKLIST_BTN_URL . "' type='submit'>
- </td></tr>";
-// $res .= "<tr><td $style1>Load from <b>File</b></td> <td $style1><input name='blacklist_file' id='blacklist_file'
-// type='file' size='$e_size'></td> <td $style1><input name='submit' value='" . BLACKLIST_BTN_FILE .
-// "' type='submit'></td></tr>";
+ $res .= "<tr $style1><td><b>Proxy</b> settings</b></td>";
+ $res .= "<td $style1><input name='blacklist_proxy' id='blacklist_proxy' type='text' size='$e_size'></td></tr>";
+ $res .= "<tr><td $style1>&nbsp;</td>
+ <td>Blacklist upload proxy - enter here, or leave blank.<br>
+ Format: host:[port login:pass] . Default proxy port 1080. <br>
+ Example: '192.168.0.1:8080 user:pass'
+ </td></tr>";
+ $res .= "<tr><td $style3>Load from <b>Url </b></td> <td $style3><input name='blacklist_url' id='blacklist_url'
+ type='text' size='$e_size' value='http://squidguard.mesd.k12.or.us/blacklists.tgz'></td></tr>";
+ $res .= "<tr><td $style1>&nbsp;</td>
+ <td>FTP, HTTP or LOCAL (pfSense) path to blacklist archive enter here, or leave blank.<br></td></tr>";
+ // button
+ $res .= "<tr><td $style3>&nbsp;</td>
+ <td $style3><input name='submit' value='" . BLACKLIST_BTN_URL . "' type='submit'></td></tr>";
+
+# $res .= "<tr><td $style3>Load from <b>Default</b></td> <td $style3><b>" . /*BLACKLIST_DEFAULT_URL .*/ "</b></td> <td $style3><input name='submit' value='" .
+# BLACKLIST_BTN_STD . "' type='submit'></td></tr>";
+
+# $res .= "<tr><td $style1>Load from <b>File</b></td> <td $style1><input name='blacklist_file' id='blacklist_file'
+# type='file' size='$e_size'></td> <td $style1><input name='submit' value='" . BLACKLIST_BTN_FILE .
+# "' type='submit'></td></tr>";
+
$res .= "</table>";
return $res;
}
+// -----------------------------------------------------------------------------
+// make_grid_controls
+// -----------------------------------------------------------------------------
function make_grid_controls($type, $items) {
$res = '';
$tbl = '';
@@ -969,12 +808,12 @@ function make_grid_controls($type, $items) {
foreach($items as $item) {
if ($x == 0) {
- $color = 'style="background-color: #FFF0E2;"';
+ $color = 'style="background-color: #dddddd;"';
$color2 = '';
$x = 1;
} else {
$color = '';
- $color2 = 'style="background-color: #FFF0E2;"';
+ $color2 = 'style="background-color: #dddddd;"';
$x = 0;
}
@@ -1012,31 +851,17 @@ function make_grid_controls($type, $items) {
<td/><td>Select destination for overtime rule.<br>If time not defined, this part must be ignored</td><td/><td/></tr>"
. $tbl;
- $res .= "<table>" . $tbl . "</table>";
+ $res .= "<table cellspacing='0'>" . $tbl . "</table>";
}
return $res;
}
// -----------------------------------------------------------------------------
-
-function check_name ($name) {
- $err = '';
- $val = trim($name);
-
- if ((strlen($val) < 2) || (strlen($val) > 16))
- $err .= " Size of name must be between [2..16].";
-
- // All symbols must be [a-zA-Z_0-9\-] First symbol = letter.
- if (!eregi("^([a-zA-Z]{1})([a-zA-Z_0-9\-]+)$", $val))
- $err .= " Invalid name $name. Valid name symbols: ['a-Z', '_', '0-9', '-']. First symbol must be a letter.";
-
- return $err;
-}
-
-// --- Check unique name ---
+// check unique name
+// -----------------------------------------------------------------------------
function check_unique_name($module_id, $name, $log='') {
$res = true;
- $count_names = 0;
+ $count_names = 0;
$is_self ='notself';
$id = $_GET['id'];
@@ -1074,51 +899,85 @@ function check_unique_name($module_id, $name, $log='') {
return $res;
}
+// -----------------------------------------------------------------------------
+// check date
+// -----------------------------------------------------------------------------
function check_date($date) {
$err = '';
$val = trim($date);
// date or date range format: 'yyyy-mm-dd', 'yyyy-m-d', 'yyyy.mm.dd' 'yyyy.mm.dd-yyyy.mm.dd'
- if (!eregi("^([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})$", $val) &&
- !eregi("^([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})-([0-9*]{4})\.([0-9*]{1,2})\.([0-9*]{1,2})$", $val))
- $err .= " Invalid date " . $date .
- " You mast use date or date range format: 'yyyy.mm.dd' and 'yyyy.mm.dd-yyyy.mm.dd' .
- Any symbol in date can be set to *(any number). Example: '*-10-01', '199*-*1-*1' ." . $val ;
+ if (!eregi("^(([0-9]{4})|[*])\.(([0-9]{2})|[*])\.(([0-9]{2})|[*])$", $val) &&
+ !eregi("^(([0-9]{4})|[*])\.(([0-9]{2})|[*])\.(([0-9]{2})|[*])-(([0-9]{4})|[*])\.(([0-9]{2})|[*])\.(([0-9]{2})|[*])$", $val))
+ $err .= " Invalid date '$date'.
+ You mast use date or date range format: 'yyyy.mm.dd' and 'yyyy.mm.dd-yyyy.mm.dd'.
+ Any symbol in date can be set as * (any). Example: '*-10-01', '199*-*1-*1'.";
return $err;
}
+// -----------------------------------------------------------------------------
+// check time
+// -----------------------------------------------------------------------------
function check_time($time) {
$err = '';
$val = trim($time);
- // time range format: 'HH:MM-HH:MM'
- if (!eregi("^([0-9]{2})\:([0-9]{2})-([0-9]{2})\:([0-9]{2})$", $val))
- $err = '';//" Invalid time range time . You must use 'HH:MM-HH:MM' time range format. ";
- return $err;
-}
-
-function check_ip($ip) {
-}
+ if (empty($val)) return '';
+ // time range format: 'HH:MM-HH:MM'
+ if (!eregi("^([0-9]{2})\:([0-9]{2})-([0-9]{2})\:([0-9]{2})$", $val))
+ $err = "Invalid time range '$time'. You must use 'HH:MM-HH:MM' time range format. ";
+ else {
+ $tms = $time;
+ $tms = str_replace("-", "\n", $tms);
+ $tmsv = $tms;
+ $tms = str_replace(":", "", $tms);
+ $tms = explode("\n", $tms);
+ $tmsv = explode("\n", $tmsv);
+ if ($tms[0] >= 2400)
+ $err .= "Invalid time range var1='$tmsv[0]' must be < '24:00'. ";
+ if ($tms[1] > 2400)
+ $err .= "Invalid time range var2='$tmsv[1]' must be <= '24:00'. ";
+ if ($tms[0] >= $tms[1])
+ $err .= "Invalid time range var1='$tmsv[0]' must be < var2='$tmsv[1]'. ";
+ }
-function squidguard_print_javascript_main() {
+ return $err;
}
-# ---------------------------------------------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
# Install & deinstall
-# ---------------------------------------------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
function squidguard_install_command() {
- global $squidguard_object;
+ if (!is_service_running("squidGuard")) {
+ sg_init(convert_pfxml_to_sgxml());
+ sg_check_system();
+
+ // generate squidGuard blacklist entries file (check with squidGuard PORT)
+ $entries = array("ads", "aggressive", "audio-video", "drugs", "gambling", "hacking",
+ "mail", "porn", "proxy", "violence", "warez");
+ file_put_contents(SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES, implode("\n", $entries));
+ set_file_access(SQUIDGUARD_WORKDIR, OWNER_NAME, 0755);
+
+ sg_reconfigure();
+ }
}
function squidguard_deinstall_command() {
- mwexec('rm -rf ' . SQUIDGUARD_WORKDIR);
- mwexec('rm -rf ' . SQUIDGUARD_DBHOME);
+ // remove entries from squid config
+ squid_reconfigure('remove redirector options');
+
+ // remove package and his depends
+ mwexec("pkg_delete squidGuard-1.2.0_1");
+ mwexec("rm -rf " . SQUIDGUARD_WORKDIR);
+ // i known't, really need delete blacklist base?
+ mwexec("rm -rf " . SQUIDGUARD_DBHOME);
+ mwexec("/bin/rm -f " . SQUIDGUARD_CONFBASE . "/squidGuard*");
}
-# ---------------------------------------------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
# SquidGuard print JavaSrcript
-# ---------------------------------------------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
function squidGuard_print_javascript() {
$javascript = '';
@@ -1171,7 +1030,265 @@ function squidGuard_print_javascript() {
$javascript .= "\n</script>";
}
+ if ($xml == "squidguard_src.xml") {
+ $javascript .= "\n<script language='JavaScript'>";
+ $javascript .= "\n<!--";
+ $javascript .= "\n function on_updatecontrols() {";
+ $javascript .= "\n document.iform.elements['order'].disabled = 0;";
+ $javascript .= "\n document.iform.elements['order'].onfocus = on_orderfocus;";
+ $javascript .= "\n }";
+ $javascript .= "\n function on_orderfocus() {";
+ $javascript .= "\n document.iform.elements['order'].blur();";
+ $javascript .= "\n }";
+ $javascript .= "\n function on_moveup() {";
+ $javascript .= "\n var order = parseInt(document.iform.elements['order'].value)";
+ $javascript .= "\n if (order > 0)";
+ $javascript .= "\n order = order - 1;";
+ $javascript .= "\n else order = 0;";
+ $javascript .= "\n document.iform.elements['order'].value = order;";
+ $javascript .= "\n }";
+ $javascript .= "\n function on_movedown() {";
+ $javascript .= "\n var order = parseInt(document.iform.elements['order'].value)";
+ $javascript .= "\n if (order >= 0)";
+ $javascript .= "\n order = order + 1;";
+ $javascript .= "\n else order = 0;";
+ $javascript .= "\n document.iform.elements['order'].value = order;";
+ $javascript .= "\n }";
+ $javascript .= "\n on_updatecontrols();";
+ $javascript .= "\n ";
+ $javascript .= "\n//-->";
+ $javascript .= "\n</script>";
+ }
+
print($javascript);
}
+# ==============================================================================
+# SquidGuard 2
+# ==============================================================================
+
+// -----------------------------------------------------------------
+// convert_pfxml_to_sgxml
+// -----------------------------------------------------------------
+function convert_pfxml_to_sgxml() {
+ global $config;
+ $sgxml = array();
+ $pfxml = $config['installedpackages'][MODULE_GENERAL]['config'][0];
+
+ $sgxml[FLD_LOGDIR] = SQUIDGUARD_LOGDIR;
+ $sgxml[FLD_DBHOME] = SQUIDGUARD_DBHOME;
+ $sgxml[FLD_BINPATH] = SQUIDGUARD_BINPATH;
+ $sgxml[FLD_WORKDIR] = SQUIDGUARD_WORKDIR;
+ $sgxml[FLD_SGCONF_XML] = SQUIDGUARD_WORKDIR . SQUIDGUARD_CONFXML;
+ $sgxml[FLD_ENABLED] = $pfxml[FLD_SQUIDGUARDENABLE];
+ $sgxml[FLD_BLACKLISTENABLED] = $pfxml[FLD_BLACKLIST];
+ $sgxml[FLD_SOURCES] = convert_pfxml_to_sgxml_source($config);
+ $sgxml[FLD_DESTINATIONS] = convert_pfxml_to_sgxml_destination($config);
+ $sgxml[FLD_REWRITES] = convert_pfxml_to_sgxml_rewrite($config);
+ $sgxml[FLD_TIMES] = convert_pfxml_to_sgxml_time($config);
+ $sgxml[FLD_ACLS] = convert_pfxml_to_sgxml_acl($config);
+ $sgxml[FLD_DEFAULT] = convert_pfxml_to_sgxml_default($config);
+
+ // transparent
+ $squidxml = $config['installedpackages']['squid']['config'][0];
+ if(isset($squidxml['transparent_proxy'])) {
+ $lanip = $config['interfaces']['lan']['ipaddr'];
+ $sgxml[FLD_SQUID_TRANSPARENT_MODE] = 'on';
+ $sgxml[FLD_CURRENT_LAN_IP] = $lanip;
+ } else {
+ unset($sgxml[FLD_SQUID_TRANSPARENT_MODE]);
+ unset($sgxml[FLD_CURRENT_LAN_IP]);
+ }
+
+ // store cfg cache
+ $cfg_xml = dump_xml_config($sgxml, FLD_SQUIDGUARD);
+ file_put_contents($sgxml[FLD_SGCONF_XML], $cfg_xml);
+
+ return $sgxml;
+}
+
+// -----------------------------------------------------------------
+// convert_pfxml_to_sgxml_source
+// sgxml_source: [name][ip][desc][log]
+// -----------------------------------------------------------------
+function convert_pfxml_to_sgxml_source($pfconfig) {
+ $sgxml = array();
+
+ $pfxml = $pfconfig['installedpackages']['squidguardsrc']['config'];
+ if (is_array($pfxml)) {
+ foreach($pfxml as $pfx) {
+ $sgx = array();
+ $sgx[FLD_NAME] = $pfx['name'];
+ $sgx[FLD_IP] = $pfx['iplist'];
+ $sgx[FLD_DOMAINS] = $pfx[FLD_DOMAINS];
+ $sgx[FLD_LOG] = $pfx['enablelog'];
+ $sgx[FLD_DESCRIPTION] = $pfx['description'];
+ $sgxml[FLD_ITEM][] = $sgx;
+ }
+ }
+ return $sgxml;
+}
+
+// -----------------------------------------------------------------
+// convert_pfxml_to_sgxml_destination
+// sgxml_destination: [name][domains][expr][urls][redir][desc][log]
+// -----------------------------------------------------------------
+function convert_pfxml_to_sgxml_destination($pfconfig) {
+ $sgxml = array();
+
+ $pfxml = $pfconfig['installedpackages']['squidguarddest']['config'];
+ if (is_array($pfxml)) {
+ foreach($pfxml as $pfx) {
+ $sgx = array();
+ $sgx[FLD_NAME] = $pfx['name'];
+ $sgx[FLD_URLS] = $pfx['urls'];
+ $sgx[FLD_DOMAINS] = $pfx[FLD_DOMAINS];
+ $sgx[FLD_EXPRESSIONS] = $pfx['expressions'];
+ $sgx[FLD_REDIRECT] = $pfx[FLD_REDIRECT];
+ $sgx[FLD_DESCRIPTION] = $pfx['description'];
+ $sgx[FLD_LOG] = $pfx['enablelog'];
+ $sgxml[FLD_ITEM][] = $sgx;
+ }
+ }
+ return $sgxml;
+}
+
+// -----------------------------------------------------------------
+// convert_pfxml_to_sgxml_rewrite
+// sgxml_rewrite: [name][desc][log][items(array): [targeturl][replaceto]]
+// -----------------------------------------------------------------
+function convert_pfxml_to_sgxml_rewrite($pfconfig) {
+ $sgxml = array();
+
+ $pfxml = $pfconfig['installedpackages']['squidguardrewrite']['config'];
+ if (is_array($pfxml)) {
+ foreach($pfxml as $pfx) {
+ $sgx = array();
+ $sgx[FLD_NAME] = $pfx['name'];
+ $sgx[FLD_DESCRIPTION] = $pfx['description'];
+ $sgx[FLD_LOG] = $pfx['enablelog'];
+
+ foreach($pfx['row'] as $pfx_row) {
+ $sgx_row = array();
+ $sgx_row[FLD_TARGETURL] = $pfx_row['targeturl'];
+ $sgx_row[FLD_REPLACETO] = $pfx_row['replaceto'];
+ $sgx[FLD_ITEM][] = $sgx_row;
+ }
+
+ $sgxml[FLD_ITEM][] = $sgx;
+ }
+ }
+ return $sgxml;
+}
+
+// -----------------------------------------------------------------
+// convert_pfxml_to_sgxml_time
+// sgxml_time: [name][desc][items(array): [timetype][timedays][daterange][timerange]]
+// -----------------------------------------------------------------
+function convert_pfxml_to_sgxml_time($pfconfig) {
+ $sgxml = array();
+
+ $pfxml = $pfconfig['installedpackages']['squidguardtime']['config'];
+ if (is_array($pfxml)) {
+ foreach($pfxml as $pfx) {
+ $sgx = array();
+ $sgx[FLD_NAME] = $pfx[FLD_NAME];
+ $sgx[FLD_DESCRIPTION] = $pfx[FLD_DESCRIPTION];
+
+ foreach($pfx['row'] as $pfx_row) {
+ $sgx_row = array();
+ $sgx_row[FLD_TIMETYPE] = $pfx_row[FLD_TIMETYPE];
+ $sgx_row[FLD_TIMEDAYS] = $pfx_row[FLD_TIMEDAYS];
+ $sgx_row[FLD_DATERANGE] = $pfx_row[FLD_DATERANGE];
+ $sgx_row[FLD_TIMERANGE] = $pfx_row[FLD_TIMERANGE];
+ $sgx[FLD_ITEM][] = $sgx_row;
+ }
+
+ $sgxml[FLD_ITEM][] = $sgx;
+ }
+ }
+
+ return $sgxml;
+}
+
+// -----------------------------------------------------------------
+// convert_pfxml_to_sgxml_acl
+// sgxml_acl: [name][desc][disabled][timename][destname][redirect][rewritename][over_redirect][over_rewritename]
+// -----------------------------------------------------------------
+function convert_pfxml_to_sgxml_acl($pfconfig) {
+ $sgxml = array();
+
+ $pfxml = $pfconfig['installedpackages']['squidguardacl']['config'];
+ if (is_array($pfxml)) {
+ foreach($pfxml as $pfx) {
+ $sgx = array();
+ $sgx[FLD_NAME] = $pfx[FLD_SOURCE];
+ $sgx[FLD_DESCRIPTION] = $pfx[FLD_DESCRIPTION];
+ $sgx[FLD_DISABLED] = $pfx[FLD_DISABLED];
+ $sgx[FLD_TIMENAME] = $pfx[FLD_TIME];
+ $sgx[FLD_REDIRECT] = $pfx[FLD_REDIRECT];
+ $sgx[FLD_REWRITENAME] = $pfx[FLD_REWRITE];
+
+ // for overtime
+ $sgx[FLD_OVERREDIRECT] = $pfx[FLD_OVERREDIRECT];
+ $sgx[FLD_OVERREWRITENAME] = $pfx[FLD_OVERREWRITE];
+
+ // destinations
+ if (strpos($pfx['dest'], '[') === false) {
+ $sgx[FLD_DESTINATIONNAME] = trim($pfx['dest']);
+ $sgx[FLD_OVERDESTINATIONNAME] = '';
+ } else {
+ $sgx[FLD_DESTINATIONNAME] = trim( substr($pfx['dest'], 0, strpos($pfx['dest'], '[')) );
+ $sgx[FLD_OVERDESTINATIONNAME] = trim( strstr($pfx['dest'], '[') );
+ $sgx[FLD_OVERDESTINATIONNAME] = trim( str_replace(']', '', $sgx[FLD_OVERDESTINATIONNAME]) );
+ $sgx[FLD_OVERDESTINATIONNAME] = trim( str_replace('[', '', $sgx[FLD_OVERDESTINATIONNAME]) );
+ }
+
+ // !ATTENTION! '!all' must be convert to 'none'
+ $sgx[FLD_DESTINATIONNAME] = str_replace("!all", "none", $sgx[FLD_DESTINATIONNAME]);
+ $sgx[FLD_OVERDESTINATIONNAME] = str_replace("!all", "none", $sgx[FLD_OVERDESTINATIONNAME]);
+
+ $sgxml[FLD_ITEM][] = $sgx;
+ }
+ }
+ return $sgxml;
+}
+
+// -----------------------------------------------------------------
+// convert_pfxml_to_sgxml_default
+// sgxml_acl: [name][desc][disabled][timename][destname][redirect][rewritename][over_redirect][over_rewritename]
+// -----------------------------------------------------------------
+function convert_pfxml_to_sgxml_default($pfconfig) {
+ $pfxml = $pfconfig['installedpackages']['squidguarddefault']['config'];
+
+ $pfx = $pfxml[0];
+ $sgx = array();
+ $sgx[FLD_NAME] = 'default';
+ $sgx[FLD_DESCRIPTION] = '';
+ $sgx[FLD_DISABLED] = '';
+ $sgx[FLD_TIMENAME] = $pfx[FLD_TIME];
+ $sgx[FLD_REDIRECT] = $pfx[FLD_REDIRECT];
+ $sgx[FLD_REWRITENAME] = $pfx[FLD_REWRITE];
+ // for overtime
+ $sgx[FLD_OVERREDIRECT] = $pfx[FLD_OVERREDIRECT];
+ $sgx[FLD_OVERREWRITENAME] = $pfx[FLD_OVERREWRITE];
+
+ // destinations
+ if (strpos($pfx['dest'], '[') === false) {
+ $sgx[FLD_DESTINATIONNAME] = trim($pfx['dest']);
+ $sgx[FLD_OVERDESTINATIONNAME] = '';
+ } else {
+ $sgx[FLD_DESTINATIONNAME] = trim( substr($pfx['dest'], 0, strpos($pfx['dest'], '[')) );
+ $sgx[FLD_OVERDESTINATIONNAME] = trim( strstr($pfx['dest'], '[') );
+ $sgx[FLD_OVERDESTINATIONNAME] = trim( str_replace(']', '', $sgx[FLD_OVERDESTINATIONNAME]) );
+ $sgx[FLD_OVERDESTINATIONNAME] = trim( str_replace('[', '', $sgx[FLD_OVERDESTINATIONNAME]) );
+ }
+
+ // !ATTENTION! '!all' must be convert to 'none'
+ $sgx[FLD_DESTINATIONNAME] = str_replace("!all", "none", $sgx[FLD_DESTINATIONNAME]);
+ $sgx[FLD_OVERDESTINATIONNAME] = str_replace("!all", "none", $sgx[FLD_OVERDESTINATIONNAME]);
+
+ return $sgx;
+}
+
?>
diff --git a/packages/squidGuard/squidguard.xml b/packages/squidGuard/squidguard.xml
index 45f20cfc..76db271e 100644
--- a/packages/squidGuard/squidguard.xml
+++ b/packages/squidGuard/squidguard.xml
@@ -2,29 +2,23 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
<name>squidguardgeneral</name>
<version>1.2.0_1</version>
- <title>Proxy server filter SquidGuard: General settings</title>
- <include_file>squidguard.inc</include_file>
+ <title>Proxy Content filter SquidGuard: General settings</title>
+ <include_file>/usr/local/pkg/squidguard.inc</include_file>
<!-- Installation -->
<menu>
- <name>Proxy server filter</name>
+ <name>Proxy Content filter</name>
<tooltiptext>Modify the proxy server's filter settings</tooltiptext>
<section>Services</section>
<url>/pkg_edit.php?xml=squidguard.xml&amp;id=0</url>
</menu>
- <service>
- <name>squidGuard</name>
- <executable>squidGuard</executable>
- <description>Proxy server filter Service</description>
- </service>
-
<tabs>
<tab>
<text>General settings</text>
@@ -61,32 +55,46 @@
</tab>
</tabs>
+ <service>
+ <name>squidGuard</name>
+ <description>Proxy server filter Service</description>
+ <executable>squidGuard</executable>
+ </service>
+
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard_configurator.inc</item>
+ </additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/squidguard.inc</item>
+ <item>http://www.pfsense.org/packages/config/squidGuard/upload.inc</item>
</additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/squidguard_cls.inc</item>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard_acl.xml</item>
</additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/upload.inc</item>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard_default.xml</item>
</additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/squidguard_acl.xml</item>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard_dest.xml</item>
</additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/squidguard_default.xml</item>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard_rewr.xml</item>
</additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/squidguard_dest.xml</item>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard_src.xml</item>
</additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/squidguard_rewr.xml</item>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard_time.xml</item>
</additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/squidguard_src.xml</item>
+ <item>http://www.pfsense.org/packages/config/squidGuard/squidguard_log.xml</item>
</additional_files_needed>
<additional_files_needed>
- <item>http://diskatel.narod.ru/pfSense/packages/squidguard_time.xml</item>
+ <prefix>/usr/local/www/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/squidGuard/sgerror.php</item>
</additional_files_needed>
<fields>
@@ -103,33 +111,27 @@
<type>checkbox</type>
</field>
<field>
- <fielddescr>Administrator email</fielddescr>
- <fieldname>admin_email</fieldname>
- <description>This is the email address displayed in error messages to the users.</description>
- <type>input</type>
- <size>100</size>
- <default_value>admin@localhost</default_value>
- </field>
- <field>
<fielddescr>View GUI log</fielddescr>
<fieldname>view_gui_log</fieldname>
<description>Check this for view GUI log</description>
<type>checkbox</type>
</field>
</fields>
-
- <custom_php_install_command></custom_php_install_command>
- <custom_add_php_command></custom_add_php_command>
+ <custom_add_php_command/>
<custom_php_command_before_form>
squidguard_before_form(&amp;$pkg);
</custom_php_command_before_form>
<custom_php_after_form_command>
- squidGuard_print_javascript();
+ squidGuard_print_javascript();
</custom_php_after_form_command>
<custom_php_resync_config_command>
squidguard_resync();
</custom_php_resync_config_command>
+ <custom_php_install_command>
+ squidguard_install_command();
+ squidguard_resync();
+ </custom_php_install_command>
<custom_php_deinstall_command>
-# squidguard_deinstall();
+ squidguard_deinstall_command();
</custom_php_deinstall_command>
</packagegui> \ No newline at end of file
diff --git a/packages/squidGuard/squidguard_acl.xml b/packages/squidGuard/squidguard_acl.xml
index 2d36dcf3..aa3349cd 100644
--- a/packages/squidGuard/squidguard_acl.xml
+++ b/packages/squidGuard/squidguard_acl.xml
@@ -2,14 +2,14 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
<name>squidguardacl</name>
<version>none</version>
- <title>Proxy server filter SquidGuard: Access Control List (ACL)</title>
- <include_file>squidguard.inc</include_file>
+ <title>Proxy Content filter SquidGuard: Access Control List (ACL)</title>
+ <include_file>/usr/local/pkg/squidguard.inc</include_file>
<delete_string>A proxy server user has been deleted.</delete_string>
<addedit_string>A proxy server user has been created/modified.</addedit_string>
@@ -49,8 +49,13 @@
<url>/pkg_edit.php?xml=squidguard_log.xml</url>
</tab>
</tabs>
+
<adddeleteeditpagefields>
<columnitem>
+ <fielddescr>Disable</fielddescr>
+ <fieldname>disabled</fieldname>
+ </columnitem>
+ <columnitem>
<fielddescr>Source</fielddescr>
<fieldname>source</fieldname>
</columnitem>
@@ -75,6 +80,7 @@
<fieldname>description</fieldname>
</columnitem>
</adddeleteeditpagefields>
+
<fields>
<field>
<fielddescr>Disabled</fielddescr>
@@ -86,8 +92,8 @@
<fielddescr>Source name</fielddescr>
<fieldname>source</fieldname>
<description>Select source name here (required). Any ACL must have unique source name.</description>
- <type>select</type>
<required/>
+ <type>select</type>
</field>
<field>
<fielddescr>Time</fielddescr>
@@ -105,15 +111,21 @@
<field>
<fielddescr>Redirect</fielddescr>
<fieldname>redirect</fieldname>
- <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <description>
+ Enter redirection URL or Error page code for this rule, or leave blank.
+ Supported error page codes: 403, 404, 410.
+ </description>
<type>textarea</type>
<cols>70</cols>
- <rows>5</rows>
+ <rows>5</rows>
</field>
<field>
<fielddescr>Overtime redirect</fielddescr>
<fieldname>overredirect</fieldname>
- <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <description>
+ Enter redirection URL or Error page code for this rule, or leave blank.
+ Supported error page codes: 403, 404, 410.
+ </description>
<type>textarea</type>
<cols>70</cols>
<rows>5</rows>
@@ -132,12 +144,13 @@
</field>
<field>
<fielddescr>Description</fielddescr>
- <description>You may enter a description here for your reference (not parsed).</description>
<fieldname>description</fieldname>
+ <description>You may enter a description here for your reference (not parsed).</description>
<type>input</type>
<size>114</size>
</field>
</fields>
+
<custom_php_validation_command>
squidguard_validate_acl(&amp;$_POST, &amp;$input_errors);
</custom_php_validation_command>
diff --git a/packages/squidGuard/squidguard_cls.inc b/packages/squidGuard/squidguard_cls.inc
deleted file mode 100644
index 34bf8c2a..00000000
--- a/packages/squidGuard/squidguard_cls.inc
+++ /dev/null
@@ -1,1176 +0,0 @@
-<?php
-# ---------------------------------------------------------------------------------------------------------------------~
-/* squidguard_cls.inc
- (C)2006 Serg Dvoriancev
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-# ---------------------------------------------------------------------------------------------------------------------
-# SquidGuardConfigClass
-# Generator SquidGuard configuration
-# email: dv_serg@mail.ru
-# ---------------------------------------------------------------------------------------------------------------------
-# squidGuard command:
-# squidGuard -C all - apdate database
-# squidGuard -c <configfile> - create squidGuard with specified config file
-# ---------------------------------------------------------------------------------------------------------------------
-# Directories:
-# work path - $workdir
-# log path - $workdir + $logdir
-# ---------------------------------------------------------------------------------------------------------------------
-
-define('FILES_DB_HEADER', '
-# -----------------------------------------------------------------------------
-# File created by squidGuard package GUI
-# (C)2006 Serg Dvoriancev
-# -----------------------------------------------------------------------------
-');
-
-define('ACL_WARNING_ABSENSE_PASS', "!WARNING! Absence PASS 'all' or 'none' added as 'none'");
-
-# ---------------------------------------------------------------------------------------------------------------------
-define('REDIRECTOR_OPTIONS_REM', '# squidGuard options');
-define('REDIRECTOR_PROGRAM_OPT', 'redirect_program');
-define('REDIRECT_BYPASS_OPT', 'redirector_bypass');
-define('REDIRECT_CHILDREN_OPT', 'redirect_children');
-define('REDIRECTOR_PROCESS_COUNT', '3');
-define('SQUID_CONFIG_FILE', '/usr/local/etc/squid/squid.conf');
-define('SQUIDGUARD_CONFIG_FILE', '/squidGuard.conf');
-define('TMP_DIR', '/var/tmp');
-define('SQUIDGUARD_LOG_FILE', '/squidGuard_webgui.log');
-define('SQUIDGUARD_ACCESSBLOCK_FILE', 'squidguard_accessblock.log');
-define('SQUIDGUARD_BLK_ENTRIES', '/squidguard_blk_entries.ini');
-define('BLACKLIST_ARCHIVE', '/blacklists.tar.gz');
-
-define('REDIRECT_BASE_URL', 'http://10.62.0.3/sgerror.php');
-
-// debug options
-define('DEBUG_UPDATE_SQUID_CONF', 'true');
-define('DEBUG_UPDATE_SQUIDGUARD_DB', 'true');
-define('DEBUG_MAKE_SQUIDGUARD_CONFIG', 'true');
-
-define('SQUIDGUARD_LOG_DIR', '/log');
-define('SQUIDGUARD_BACKUP_DIR', '/backup');
-
-// options
-define('SQUIDGUARD_LOG_MAX_COUNT', '500'); // max log lines
-
-define('FLT_AD', 'ads');
-define('FLT_AGGRESSIVE', 'aggressive');
-define('FLT_AUDIOVIDEO', 'audio-video');
-define('FLT_DRUGGS', 'druggs');
-define('FLT_GAMBLING', 'gambling');
-define('FLT_HACKING', 'hacking');
-define('FLT_MAIL', 'mail');
-define('FLT_PORN', 'porn');
-define('FLT_PROXY', 'proxy');
-define('FLT_VIOLENCE', 'viol');
-define('FLT_WAREZ', 'warez');
-
-define('FLT_DEFAULT_ALL', 'all');
-
-define('OWNER_NAME', 'proxy'); // owner user name
-
-define('DEBUG_ON', 'true');
-# ------------------------------------------------------------------------------
-#
-# ------------------------------------------------------------------------------
-function scan_dir($dir) {
- $files = array();
- if (file_exists($dir)) {
- $dh = opendir($dir);
- while (false !== ($filename = readdir($dh)))
- $files[] = $filename;
- sort($files);
- }
- return $files;
-}
-
-function std_blacklist_get_description() {
- $dst_std = array();
- $dst_std[FLT_AD] = 'Reclama & banners filter';
- $dst_std[FLT_AGGRESSIVE] = 'Agressive content sites filter';
- $dst_std[FLT_AUDIOVIDEO] = 'Audio and Video sites filter';
- $dst_std[FLT_DRUGGS] = 'Druggs filter';
- $dst_std[FLT_GAMBLING] = 'Games sites filter';
- $dst_std[FLT_HACKING] = 'Hacking sites filter';
- $dst_std[FLT_MAIL] = 'Mail sites filter';
- $dst_std[FLT_PORN] = 'Porno sites filter';
- $dst_std[FLT_PROXY] = 'Proxy sites filter';
- $dst_std[FLT_VIOLENCE] = 'Violence content sites filter';
- $dst_std[FLT_WAREZ] = 'Wares, soft, downloads sites filter';
- return $dst_std;
-}
-
-# ------------------------------------------------------------------------------
-
-class SquidGuardConfigClass {
- // variables
- var $work_dir;
- var $dbhome;
- var $bin_path;
- var $log_dir; // $work_dir + SQUIDGUARD_BACKUP_DIR
- var $log_file; // $log_dir + SQUIDGUARD_LOG_FILE
-
- var $enabled;
- var $blacklist_enabled;
-
- var $debug_history;
-
- // objects
- var $sources;
- var $dests;
- var $blacklist;
- var $times;
- var $rewr;
- var $acls;
- var $acldef;
- var $enable_deflog; // TODO: check for delete
-
- // temporary objects
- var $expr; // temporary expressions list - not apply to config!
- var $redir; // temporary expressions list - not apply to config!
-
- function __construct() {
- $this->work_dir = '';
- $this->dbhome = '';
- $this->bin_path = '';
- $this->log_dir = '';
- $this->log_file = '';
- $this->init();
- }
-
- function init() {
- $this->enabled = true;
- $thus->blacklist_enabled = true;
-
- $this->acls = Array();
- $this->enable_deflog = '';
- $this->acldef = new ACLClass();
- $this->acldef->ini("default", "", "default acl");
- $this->acldef->assign("all");
-
- $this->redir = Array();
- $this->expr = Array();
- $this->rewr = Array();
- $this->times = Array();
- $this->sources = Array();
- $this->dests = Array();
- $this->blacklist = Array();
-
- // log
- $this->add_log("Init squidGuard object.");
- }
-
- function set_options($bin_path, $work_dir, $dbhome) {
- $this->bin_path = $bin_path;
- $this->work_dir = $work_dir;
- $this->dbhome = $dbhome;
-
- $this->backup_dir = $work_dir . SQUIDGUARD_BACKUP_DIR;
- $this->log_dir = $work_dir . SQUIDGUARD_LOG_DIR;
- $this->log_file = $this->log_dir . SQUIDGUARD_LOG_FILE;
-
- // log
- $this->add_log("Set bin path " . $this->bin_path, DEBUG_ON);
- $this->add_log("Set work path " . $this->work_dir, DEBUG_ON);
- $this->add_log("Set db path " . $this->dbhome, DEBUG_ON);
-
- $this->update();
- }
-
- function update() {
- $this->add_log("Update squidGuard object.");
-
- // check work_dir, log_dir & create if not exists
- if (!empty($this->work_dir)) {
- $this->add_log("Check work directory.");
- // check dir's
- if (!file_exists($this->work_dir)) {
- mwexec("mkdir " . $this->work_dir);
- $this->add_log("Create work dir " . $this->work_dir, DEBUG_ON);
- }
- if (!file_exists($this->log_dir)) {
- mwexec("mkdir " . $this->log_dir);
- $this->add_log("Create log dir " . $this->log_dir, DEBUG_ON);
- }
- // set access right
- set_file_access($this->work_dir, OWNER_NAME, 0755);
- }
-
- // check squidguard db
- if (!empty($this->dbhome)) {
- $this->add_log("Check db directory.");
- if (!file_exists($this->dbhome)) {
- mwexec("mkdir " . $this->dbhome);
- $this->add_log("Create db dir " . $this->dbhome, DEBUG_ON);
- }
- // set access right
- set_file_access($this->dbhome, OWNER_NAME, 0755);
- }
-
- // load blacklist configuration
- if ($this->blacklist_enabled) {
- $this->add_log("Load blacklist configuration.");
-
- if (file_exists($this->work_dir . SQUIDGUARD_BLK_ENTRIES)) {
- $db_items = array();
- $blk_entries = explode("\n", file_get_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES));
-
- // check files as dir's
- $std_blk = std_blacklist_get_description();
- foreach($blk_entries as $df) {
- if (($df != ".") && ($df != "..") && (is_dir($this->dbhome . "/" . $df))) {
- $this->add_blacklist($df, $str_blk[$df]);
- $this->add_log("Create $df", DEBUG_ON);
- }
- }
- }
- else $this->add_log("File " . $this->work_dir . SQUIDGUARD_BLK_ENTRIES . " not found.");
- }
- else $this->add_log("Blacklist disabled.");
- }
-
- function reconfigure() { // TODO: check restart function order
- $this->update();
-
- // check and rebuild squidguard db
- $this->add_log("Reconfigure squidGuard object");
- $this->update_destination_files();
- $this->remove_unused_db_entries();
-
- // update only user dest items; blacklist rebuilded with when updated
- if(!empty($this->dests)){
- $dblist = array();
- foreach($this->dests as $dst)
- $dblist[] = $dst->name;
- $this->rebuild_squidguard_db($dblist);
- }
- // generate squidGuard config
- $this->add_log("Generate squidGuard config.");
- $conf = $this->make_config();
- file_put_contents($this->work_dir . SQUIDGUARD_CONFIG_FILE, $conf);
- file_put_contents('/usr/local/etc/squid' . SQUIDGUARD_CONFIG_FILE, $conf); // << my squidGuard want config '/usr/local/etc/squid' by default
- set_file_access($this->work_dir, OWNER_NAME, 0755);
-
- // update squid config
- $this->update_squid_conf();
-
- // restart squid - squid automaticly restart redirector too
- mwexec('squid');
- if (!mwexec('killall -HUP squid'))
- $this->add_log("Restart squid .. success.");
- else $this->add_log("Restart squid .. error.");
- }
-
- # --------------------------------------------------------------------------------------------------------------
- # BLACKLIST
- # If backup list set 'disable' - all his entries not used for filtering
- # --------------------------------------------------------------------------------------------------------------
-
- #
- # Update blacklist db from file
- #
- function update_blacklist($upload_file) {
- $this->add_log("Upload file $upload_file.");
- if ($upload_file) {
- // 1. unpack blacklist file
- $this->add_log("Unpack file $upload_file .. ");
- $bl_temp = '/var/tmp/blacklists';
- if (!mwexec('tar zxvf ' . $upload_file . ' -C /var/tmp/'))
- $this->add_log("Success.");
- else $this->add_log("Error!");
-
- // 2. copy blacklist to squidGuard base
- if (file_exists($bl_temp)) {
- $this->add_log("Copy files to db.. ");
-
- // - copy blacklist & create entries list
- $blk_files = scan_dir($bl_temp);
- $blk_entries = array();
- foreach($blk_files as $bf) {
- if (($bf != '.') && ($bf != '..')) {
- $blk_entries[] = $bf;
- if (!mwexec("cp -Rf $bl_temp/$bf " . $this->dbhome)) {
- $this->add_log(" copy $bf success.");
- } else $this->add_log(" copy $bl_temp/$bf -> $this->dbhome error.");
- }
- }
-
- // create entries list
- if (count($blk_entries)) {
- file_put_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES, implode("\n", $blk_entries));
- set_file_access($this->work_dir . SQUIDGUARD_BLK_ENTRIES, OWNER_NAME, 0755);
- }
- $this->remove_unused_db_entries();
-
- // clearing temp
- mwexec("rm -R $bl_temp");
- }
- set_file_access($this->dbhome, OWNER_NAME, 0755);
- }
- }
-
- #
- # remove unused DB entries
- #
- function remove_unused_db_entries() {
- $this->add_log("Remove unused db entries.");
- $db_entries = array();
- $file_list = '';
- // blk entries
- if (file_exists($this->work_dir . SQUIDGUARD_BLK_ENTRIES)) {
- $db_entries = explode("\n", file_get_contents($this->work_dir . SQUIDGUARD_BLK_ENTRIES));
-
- // user entries
- foreach($this->dests as $dst)
- $db_entries[] = $dst->name;
-
- $file_list = scan_dir($this->dbhome);
- $file_for_del = array_diff($file_list, $db_entries);
-
- foreach($file_for_del as $fd) {
- $file_fd = $this->dbhome . "/" . $fd;
- if (($fd != "") && ($fd != ".") && ($fd != "..")) {
- if (file_exists($file_fd)) {
- if (!mwexec("rm -R . $file_fd"))
- $this->add_log("Delete $file_fd");
- else $this->add_log("Error delete $file_fd");
- } else $this->add_log("File $file_fd not found");
- }
- }
- }
-
- }
-
- #
- # Update squidGuard DB from user defined destinations
- #
- function update_destination_files() {
- $this->add_log("Update destination files to db.");
- if(!empty($this->dests)){
- foreach($this->dests as $dst) {
- $log = $dst->update_destination_files($this->dbhome);
- $this->add_log($log);
- }
- }
- $this->add_log($log);
- set_file_access($this->dbhome, OWNER_NAME, 0755);
- }
-
- #
- # rebuild db: All ($dblist == '') or from listing ($dblist is array)
- #
- function rebuild_squidguard_db($dblist='') {
-
- set_file_access($this->dbhome, OWNER_NAME, 0755); // before
-
- $this->add_log("Start rebuild database.");
- if (is_array($dblist)) {
- foreach($dblist as $dbn) {
- if (($dbn !== ".") && ($dbn !== "..") && file_exists($this->dbhome . "/$dbn")) {
- if (!mwexec($this->bin_path . "/squidGuard -C"))// $dbn"))
- $this->add_log("Rebuild $dbn - success.");
- else $this->add_log("Rebuild $dbn - error.");
- } else
- $this->add_log("Error rebuild database! Dir " . $this->dbhome . "/$dbn not found.");
- }
- } else {
- // rebuild squidGuard DB
- // -C - create db files; -u - update '.diff' files to db
- if (!mwexec($this->bin_path . '/squidGuard -C all')/* &&
- !mwexec($this->bin_path . '/squidGuard -u')*/)
- $this->add_log("Rebuild all db - success.");
- else $this->add_log("Rebuild all db - error!");
- }
- // set_file_access($this->dbhome, OWNER_NAME, 0755); // after
- }
-
- // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- // Insert to '/usr/local/squid/etc/squid.conf' options:
- // redirector_bypass on
- // redirect_program /usr/local/squidGuard/bin/squidGuard -c /path_to_config_file
- // redirect_children 1
- // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- // Command for restart squid with all redirectors
- // # killall -HUP squid
- // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
- function update_squid_conf() {
- $this->add_log("Update 'squid.conf' file");
- $opt = '';
- $squid_conf_file = SQUID_CONFIG_FILE;
- $redirector_path = $this->bin_path . '/squidGuard';
- $redirector_conf = $this->work_dir . SQUIDGUARD_CONFIG_FILE;
- $this->add_log("Redirector path=$redirector_path", DEBUG_ON);
-
- // update squid.conf file
- if (file_exists($squid_conf_file)) {
- $conf = file_get_contents($squid_conf_file);
-
- // remove redirector options from 'squid.conf'
- $conf = explode("\n", $conf);
- for($i=0; $i<count($conf); $i++) {
- $s = trim($conf[$i]);
- if (strpos($s, REDIRECTOR_OPTIONS_REM) === 0) $conf[$i] = '';
- if (strpos($s, REDIRECTOR_PROGRAM_OPT) === 0) $conf[$i] = '';
- if (strpos($s, REDIRECT_BYPASS_OPT) === 0) $conf[$i] = '';
- if (strpos($s, REDIRECT_CHILDREN_OPT) === 0) $conf[$i] = '';
- }
- $conf = implode("\n", $conf);
- $conf = rtrim($conf);
-
- if ($this->enabled) {
- // add redirector options from 'squid.conf'
- $conf .= "\n";
- $conf .= "\n" . REDIRECTOR_OPTIONS_REM;
- $conf .= "\n" . REDIRECTOR_PROGRAM_OPT . " $redirector_path -c $redirector_conf";
- $conf .= "\n" . REDIRECT_BYPASS_OPT . ' on';
- $conf .= "\n" . REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT;
- }
- $conf .= "\n";
- file_put_contents($squid_conf_file, $conf);
- }
- else {
- $this->add_log("File '$squid_conf_file' not found");
- }
- }
-
- # -------------------------------------------------------------------------------------------------------------
- # Operations
- # -------------------------------------------------------------------------------------------------------------
-
- function set_default_acl($time, $desc,
- $ontime_rule, /*[pass][$rewr][$redir][$log]*/
- $overtime_rule = '', /*[$overpass][$overrew][$overredir][$overlog]*/
- $disabled = '', $enable_deflog = '')
- {
- $this->enable_deflog = $enable_deflog;
- $this->acldef->ini("default", $time, $desc, $disabled);
- if (is_array($ontime_rule))
- $this->acldef->assign($ontime_rule['pass'], $ontime_rule['redirect'], $ontime_rule['rewrite'], $ontime_rule['log']);
-
- if (is_array($overtime_rule))
- $this->acldef->assign_over($overtime_rule['pass'], $overtime_rule['redirect'], $overtime_rule['rewrite'], $overtime_rule['log']);
- }
-
- function & add_acl($src_name, $time, $desc,
- $ontime_rule, /*[pass][$rewr][$redir][$log]*/
- $overtime_rule = '', /*[$overpass][$overrew][$overredir][$overlog]*/
- $disabled = '')
- {
- $item = new ACLClass();
- $item->ini($src_name, $time, $desc, $disabled);
- if (is_array($ontime_rule))
- $item->assign($ontime_rule['pass'], $ontime_rule['redirect'], $ontime_rule['rewrite'], $ontime_rule['log']);
-
- if (is_array($overtime_rule))
- $item->assign_over($overtime_rule['pass'], $overtime_rule['redirect'], $overtime_rule['rewrite'], $overtime_rule['log']);
-
- $this->acls[$src_name] = $item;
- return $this->acls[$src_name];
- }
-
- function del_acl($name, $time, $desc) {
- $this->acls[$name] = '';
- }
-
- function & add_src($name, $ip, $desc, $enablelog) {
- $item = new SrcClass();
- $item->ini($name, $ip, $desc, $enablelog);
- $this->sources[$name] = $item;
- return $this->sources[$name];
- }
-
- function del_src($name) {
- $this->sources[$name] = "";
- }
-
- function & add_dest($name, $domains, $urls, $expr, $redir, $desc, $enablelog) {
- $item = new DestClass();
- $item->ini($name, $domains, $urls, $expr, $redir, $desc, $enablelog);
- $this->dests[$name] = $item;
- return $this->dests[$name];
- }
-
- function del_dest($name) {
- $this->dests[$name] = "";
- }
-
- function & add_blacklist($name, $desc) {
- $item = new DestClass();
- $item->ini($name, "", "", "", "", $desc);
- $this->blacklist[$name] = $item;
- return $this->blacklist[$name];
- }
-
- function & add_time($name, $desc) {
- $item = new TimeClass();
- $item->ini($name, $desc);
- $this->times[$name] = $item;
- return $this->times[$name];
- }
-
- function del_time($name) {
- $this->times[$name] = "";
- }
-
- function & add_rewrite($name, $desc, $enablelog) {
- $item = new RewrClass();
- $item->ini($name, $desc, $enablelog);
- $this->rewr[$name] = $item;
- return $this->rewr[$name];
- }
-
- function del_rewrite($name) {
- $this->rewr[$name] = '';
- }
-
- function goto_dir($workdir, $subdir) {
- $res = false;
- $dir = @chdir($workdir);
- if ($dir) { // workdir exists
- $dir = "$workdir \\ $subdir";
- if (@chdir($dir)) // dir exists
- $res = true;
- elseif (@mkdir($dir, 0755)) // need create dir
- $res = true;
- else $this->add_log("ERROR: Can't create dir $dir");
- } else $this->add_log("ERROR: Work path $workdir not found.");
- return $res;
- }
-
- #
- # Make config
- #
- function make_config() {
- $conf = '';
- // header
- // =================================================================================================================
- $conf .= "\n# " . str_repeat("=", 119);
- $conf .= "\n# SquidGuard configuration file";
- $conf .= "\n# ";
- $conf .= "\n# This file generated automaticly with SquidGuardClass";
- $conf .= "\n# ";
- $conf .= "\n# SquidGuardConfigClass (C)2006 Serg Dvoriancev";
- $conf .= "\n# email: dv_serg@mail.ru";
- $conf .= "\n# ";
- $conf .= "\n# " . str_repeat("=", 119);
- $conf .= "\n";
- // =================================================================================================================
-
- if(!empty($this->log_dir))
- $conf .= "\nlogdir " . $this->log_dir;
-
- if(!empty($this->dbhome))
- $conf .= "\ndbhome " . $this->dbhome;
-
- $conf .= "\n";
-
- // make times
- if(!empty($this->times)){
- foreach($this->times as $time) {
- $conf .= $time->make_config($this);
- }
- }
-
- // make sources
- if(!empty($this->sources)){
- foreach($this->sources as $src) {
- $conf .= $src->make_config($this);
- }
- }
-
- // make blacklist
- $conf .= "\n# Blacklist";
- if($this->blacklist_enabled) {
- if (!empty($this->blacklist)) {
- foreach($this->blacklist as $dest)
- $conf .= $dest->make_config($this);
- } else $conf .= "\n# Blacklist empty\n";
- } else $conf .= "\n# Blacklist disabled\n";
-
- // make destinations
- $conf .= "\n# User destinations";
- if(!empty($this->dests)){
- foreach($this->dests as $dest) {
- $conf .= $dest->make_config($this);
- }
- }
-
- // make rewrites
- if (!empty($this->rewr)) {
- foreach($this->rewr as $rewr) {
- $conf .= $rewr->make_config($this);
- }
- }
-
- // make acls
- $conf .= "\nacl {";
- if (!empty($this->acls)) {
- foreach($this->acls as $acl) {
- $conf .= $acl->make_config($this);
- }
- }
- $conf .= $this->acldef->make_config($this);
- $conf .= "\n }";
-
- return $conf;
- }
-
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # Log
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- function add_log($str, $is_debug = '') {
-
- // if set $is_debug as value, but ($is_debug != 'on') then return
- // this defined for include debug info to log;
- // add_log('str') - simple log, add_log('str', 'on') - debig log;
- // looking constant 'DEBUG_ON'
- if ($is_debug && ($is_debug != 'on')) return;
-
- if (file_exists($this->log_dir)) {
- if (file_exists($this->log_file))
- $log = file_get_contents($this->log_file);
- $log = explode("\n", $log);
-
- $s = trim($str);
- if (!empty($s)) $log[] = date("d.m.Y H:i:s") . ": $s";
-
- // check log lines count
- while(count($log) > SQUIDGUARD_LOG_MAX_COUNT) :
- $log = array_shift($log);
- endwhile;
-
- if ($log)
- $log = implode("\n", $log);
- file_put_contents($this->log_file, $log);
- set_file_access($this->log_file, OWNER_NAME, 0755);
- }
- }
-
- function get_log() {
- $log = '';
- if (file_exists($this->log_file))
- $log = file_get_contents($this->log_file);
- return $log;
- }
-
- function get_log_html() {
- $log = $this->get_log();
- return str_replace("\n", "<br>", $this->get_log());
- }
-
- function test_work($urls_src) {
- $result = '';
- $urls = '';
- if (is_array($urls_src))
- $urls = implode("\n", $urls_src);
- else $urls = $urls_src;
- $test_file = "/var/tmp/test.urls";
- file_put_contents($test_file, $urls);
- $result = exec ("/usr/local/bin/squidGuard < $test_file");
- file_put_contents("$test_file.result", $result);
- return $result;
- }
-
-}
-
-// =====================================================================================================================
-// RewrClass
-// =====================================================================================================================
-
-class RewrClass {
- var $name;
- var $desc;
- var $rewrites;
- var $enablelog;
-
- function __construct() {
- $this->name = '';
- $this->desc = '';
- $this->rewrites = Array();
- $this->enablelog = '';
- }
-
- function ini($name, $desc, $enablelog = '') {
- $this->name = $name;
- $this->desc = $desc;
- $this->enablelog = $enablelog;
- }
-
- function add_item($target_url, $replace_to, $case_ins='', $http_301='', $http_302='') {
- $item .= "s@$target_url@$replace_to@";
- if (!empty($case_ins)) $item .= 'i';
- if (!empty($case_ins)) $item .= 'r'; // TODO: r and R - check work options?
- if (!empty($case_ins)) $item .= 'R'; // -//-
- $this->rewrites[] = $item;
- }
-
- function make_config($owner) {
- $name = $this->name;
- $desc = $this->desc;
- $enablelog = $this->enablelog;
- $conf = '';
- $conf .= "\nrew $name { ";
- if (!empty($desc))
- $conf .= "\t# $desc";
-
- if (is_array($this->rewrites)) {
- foreach($this->rewrites as $rew) {
- $conf .= "\n $rew";
- }
- }
- if ($enablelog)
- $conf .= "\n log = $name";
- $conf .= "\n }";
- $conf .= "\n";
- return $conf;
- }
-}
-
-class TimeClass {
- var $name;
- var $items;
- var $desc;
-
- function __construct() {
- $this->name = '';
- $this->desc = '';
- $this->items = Array();
- }
-
- function ini($name, $desc) {
- $this->name = $name;
- $this->desc = $desc;
- }
-
- function & add_date($daterange, $timerange) {
- $item = new TimeItem();
- $item->ini("date", '', $daterange, $timerange);
- $this->items[] = $item;
-// return $this->items[count($this->items-1)];
- }
-
- function & add_weekly($days, $timerange) {
- $item = new TimeItem();
- $item->ini("weekly", $days, '', $timerange);
- $this->items[] = $item;
-// return $this->items[count($this->items-1)];
- }
-
- function make_config($owner) {
- $conf = '';
- $name = $this->name;
- $desc = $this->desc;
- $conf .= "\ntime $name { ";
- if ($desc != "")
- $conf .= "\t# $desc";
- if (is_array($this->items)) {
- foreach($this->items as $item) {
- $type = $item->type;
- $days = $item->days;
- $dates = $item->dates;
- $hours = $item->hours;
- if ($item->type == "date")
- $conf .= "\n date $dates $hours";
- else $conf .= "\n weekly $days $hours";
- }
- }
- $conf .= "\n }";
- $conf .= "\n";
- return $conf;
- }
-}
-
-class TimeItem {
- var $type;
- var $days;
- var $dates;
- var $hours;
-
- function __construct() {
- $this->type = '';
- $this->days = '';
- $this->dates = '';
- $this->hours = '';
- }
-
- function ini($type, $days, $dates, $hours) {
- $this->type = $type;
- $this->days = $days;
- $this->dates = $dates;
- $this->hours = $hours;
- }
-}
-
-class DestClass {
- var $name;
- var $domains; // array
- var $urls; // array
- var $expr; // array
- var $redir;
- var $desc;
- var $enablelog;
-
- function __construct() {
- $this->name = '';
- $this->domains = array();
- $this->urls = array();
- $this->expr = array();
- $this->redir = '';
- $this->desc = '';
- $this->enablelog = '';
- }
-
- function ini($name, $domains, $urls, $expr, $redir, $desc, $enablelog = '') {
- $this->name = $name;
- $this->domains = explode(' ', $domains);
- $this->urls = explode(' ', $urls);
- $this->expr = explode(' ', $expr);
- $this->redir = $redir;
- $this->desc = $desc;
- $this->enablelog = $enablelog;
- }
-
- // create custom destination files
- function update_destination_files($dbcatalog) {
- $log = "\n\nUpdate destination file " . $this->name;
- $path = $dbcatalog . '/' . $this->name . '/';
- $log .= "\npath = $path";
-
- // 1 - set/check destination catalog
- if (!file_exists($path)) {
- if (!mkdir ($path, 0755)) {
- $log .= "\nError create dir $path";
- return $log; // error create dir
- } else $log .= "\nCreate dir.";
- }
-
- // 2 - build domains file
- if (!empty($this->domains)) {
- $content = '';
- foreach($this->domains as $dm) {
- $content .= "\n$dm";
- }
-
- $content = trim($content);
- if (!empty($content)) {
- file_put_contents($path . '/domains', $content);
- $log .= "\nadd domains";
- }
- }
-
- // 3 - build urls file
- if (!empty($this->urls)) {
- $content = '';
- foreach($this->urls as $url) {
- $content .= "\n$url";
- }
-
- $content = trim($content);
- if (!empty($content)) {
- file_put_contents($path . '/urls', $content);
- $log .= "\nadd urls";
- }
- }
-
- // 4 - build expression file
- if (!empty($this->expr)) {
- $content = '';
- foreach($this->expr as $ex) {
- $content .= "\n$ex";
- }
-
- $content = trim($content);
- if (!empty($content)) {
- file_put_contents($path . '/expressions', $content);
- $log .= "\nadd expressions";
- }
- }
-
- return $log;
- }
-
- function make_config($owner) {
- $file = '';
- $conf = '';
- $name = $this->name;
- $dbhome = $owner->dbhome;
- $domains = $this->domains;
- $urls = $this->urls;
- $expr = $this->expr;
- $redir = $this->redir;
- $desc = $this->desc;
- $enablelog = $this->enablelog;
-
- $conf .= "\ndest $name { ";
-
- # description
- if ($desc != "")
- $conf .= "\t# $desc";
-
- # domains
- if ($domains != "") {
- $file = $dbhome . "/$name/domains";
- if (file_exists($file))
- $conf .= "\n domainlist $name/domains";
- }
-
- # expressions
- if ($expr != "") {
- $file = $dbhome . "/$name/expressions";
- if (file_exists($file))
- $conf .= "\n expressionlist $name/expressions";
- }
-
- # urls
- if ($urls != "") {
- $file = $dbhome . "/$name/urls";
- if (file_exists($file))
- $conf .= "\n urllist $name/urls";
- }
-
- if ($redir != "")
- $conf .= "\n redirect $redir";
-
- if ($enablelog)
- $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE;
-
- $conf .= "\n }";
- $conf .= "\n";
-
- return $conf;
- }
-}
-
-class SrcClass {
- var $name;
- var $ip;
- var $domain;
- var $users;
- var $desc;
- var $enablelog;
-
- function __construct() {
- $this->name = '';
- $this->ip = '';
- $this->domain = '';
- $this->desc = '';
- $this->enablelog = '';
- $this->users = Array();
- }
-
- function ini($name, $ip, $desc, $enablelog = '') {
- $this->name = $name;
- $this->ip = $ip;
- $this->domain = '';
- $this->desc = $desc;
- $this->enablelog = $enablelog;
- }
-
- function make_config($owner) {
- $conf = '';
- $name = $this->name;
- $ip = $this->ip;
- $desc = $this->desc;
- $enablelog = $this->enablelog;
- $conf .= "\nsrc $name { ";
- if ($desc != "")
- $conf .= "\t# $desc";
- $conf .= "\n ip $ip";
- if ($enablelog)
- $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE;
- $conf .= "\n }";
- $conf .= "\n";
- return $conf;
- }
-}
-
-class ACLClass {
- var $src;
- var $time;
- var $desc;
- var $disabled;
-
- var $pass; // pass array. if last item = 'all' then 'pass all' or 'pass none'
- var $redir;
- var $rewr;
- var $log;
-
- var $over_pass; // array of overtime dest's
- var $over_redir;
- var $over_rewr;
- var $over_log;
-
- function __construct() {
- $this->src = '';
- $this->time = '';
- $this->desc = '';
- $this->disabled = '';
- }
-
- function ini($src, $time, $desc, $disabled='') {
- $this->src = $src;
- $this->time = $time;
- $this->desc = $desc;
- $this->disabled = $disabled;
- }
-
- function assign($pass, $redir='', $rewr='', $log='') {
- $this->pass = $pass;
- // check and fix absence of "all" and "none"
- if (!empty($pass) && (substr_count($pass, "all") == 0) && (substr_count($pass, "none") == 0)) {
- $this->pass .= " none";
- $this->desc .= " <Uptime> " . ACL_WARNING_ABSENSE_PASS . " ";
- }
-
- $this->redir = $redir;
- $this->rewr = $rewr;
- $this->log = $log;
- }
-
- function assign_over($pass, $redir='', $rewr='', $log='') { // used only if assigned time
- $this->over_pass = $pass;
- // check and fix absence of "all" and "none"
- if (!empty($pass) && (substr_count($pass, "all") == 0) && (substr_count($pass, "none") == 0)) {
- $this->over_pass .= " none";
- $this->desc .= " <Overtime> " . ACL_WARNING_ABSENSE_PASS;
- }
-
- $this->over_redir = $redir;
- $this->over_rewr = $rewr;
- $this->over_log = $log;
- }
-
- function make_config($owner) {
- $conf = '';
- $src = $this->src;
- $time = $this->time;
- $desc = $this->desc;
-
- // if item disabled - skip make_config
- if ($this->disabled == 'on') {
- $conf .= "\n\n # rule $src disabled";
- return $conf;
- }
-
- $conf .= "\n";
- $conf .= "\n $src $time { ";
- if (!empty($desc))
- $conf .= "\t# $desc";
- $err_comment = '';
- $pass = $this->pass;
- if (is_array($pass)) {
- // check dest's
- foreach ($pass as $dst) {
- if (($dst != 'all') && ($dst != 'none')) {
- $obj = $owner->dests[$dst];
- if (!is_object($obj)) $err_comment .= " $dst";
- }
- }
- $err_comment .= "***!!!***";
- if (!empty($err_comment))
- $err_comment .= " error: dest's '$err_comment' not found";
- $pass = implode(" ", $pass);
- }
-
- $conf .= "\n pass $pass";
- if (!empty($err_comment)) $conf .= " # $err_comment";
- unset($err_comment);
-
- $redir = $this->redir;
- if (!empty($redir)) {
- $rstr = strtolower(trim($redir));
- if ((strpos($rstr, 'http://') !== false) ||
- (strpos($rstr, 'https://') !== false) ||
- (strpos($rstr, 'ftp://') !== false))
- $conf .= "\n redirect " . REDIRECT_BASE_URL . "?url=" . $rstr;
- else $conf .= "\n redirect " . REDIRECT_BASE_URL . "?msg=" . urlencode($redir);
- }
-
- $rewr = $this->rewr;
- if (!empty($rewr)) {
- // check redirection name for exists
- $err_comment = '';
- $obj = $owner->rewr[$rewr];
- if (empty($obj) || !is_object($obj))
- $err_comment = " rewrite '$rewr' not found";
-
- $conf .= "\n rewrite $rewr # $err_comment";
- }
-
- $log = $this->log;
- if (!empty($log) && ($src=='default'))
- $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE;
-
- $conf .= "\n }";
-
- // alternative
- $pass = $this->over_pass;
- $redir = $this->over_redir;
- $rewr = $this->over_rewr;
- $log = $this->over_log;
- if (!empty($time) && !empty($pass)) {
- $conf .= " else {";
- $conf .= "\n pass $pass";
- if (empty($this->pass) || ($this->pass[count($this->pass) - 1] != 'all'))
- $conf .= " none";
- if (!empty($redir))
- $conf .= "\n redirect $redir";
- if (!empty($rewr))
- $conf .= "\n rewrite $rewrite";
- // log only for default
- if (!empty($log) && ($src=='default'))
- $conf .= "\n log " . SQUIDGUARD_ACCESSBLOCK_FILE;
- $conf .= "\n }";
- }
-
- return $conf;
- }
-}
-
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-# Set file access
-#
-function set_file_access($dir, $owner, $mod) {
- chown($dir, $owner);
- chgrp($dir, $owner);
- chmod($dir, $mod);
-
- if (is_dir($dir)) {
- $hd = opendir($dir);
- while (($item = readdir($hd)) !== false) {
- if (($item != ".") && ($item != "..")) {
- $path = "$dir/$item";
- if (is_dir($path))
- set_file_access($path, $owner, $mod);
- else {
- chown($path, $owner);
- chgrp($path, $owner);
- chmod($path, $mod);
- }
- }
- }
- }
-}
-
-?>
diff --git a/packages/squidGuard/squidguard_configurator.inc b/packages/squidGuard/squidguard_configurator.inc
new file mode 100644
index 00000000..06cddb99
--- /dev/null
+++ b/packages/squidGuard/squidguard_configurator.inc
@@ -0,0 +1,1564 @@
+<?php
+# ------------------------------------------------------------------------------
+/* squidguard_configurator.inc
+ (C)2006 Serg Dvoriancev
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+# ------------------------------------------------------------------------------
+# SquidGuard Configurator
+# email: dv_serg@mail.ru
+# ------------------------------------------------------------------------------
+# squidGuard inline options:
+# squidGuard -C all - apdate database
+# squidGuard -c <configfile> - create squidGuard with specified config file
+# ------------------------------------------------------------------------------
+# Directories:
+# work path - $workdir
+# log path - $workdir + $logdir
+# ------------------------------------------------------------------------------
+# Functions:
+# sg_init($init_xml)
+# sg_load_configxml($filename)
+# sg_save_configxml($filename)
+# sg_reconfigure()
+# sg_reconfigure_blacklist($source_filename, $opt)
+# $source_filename - file name or url
+# $opt - option:
+# '' or 'local' - update from local file (example: '/tmp/blacklist.tar')
+# 'url' - update from url
+# ------------------------------------------------------------------------------
+# Config XML structure:
+# ------------------------------------------------------------------------------
+/*
+<?xml version="1.0"?>
+<squidGuard>
+ <logdir/>
+ <dbhome/>
+ <workdir/>
+ <enabled/>
+ <blacklist_enabled>
+ <sources>
+ <item>
+ <name/>
+ <ip/>
+ <log>on</log>
+ <description/>
+ </item>
+ <item>
+ ...
+ </item>
+ </sources>
+ <destinations>
+ <item>
+ <name/>
+ <urls/>
+ <domains/>
+ <expressions/>
+ <redirect/>
+ <description/>
+ <log>on</log>
+ </item>
+ <item>
+ ...
+ </item>
+ </destinations>
+ <rewrites>
+ <item>
+ <name/>
+ <description/>
+ <log>on</log>
+ <item>
+ <targeturl/>
+ <replaceto/>
+ </item>
+ <item>
+ ...
+ </item>
+ </item>
+ <item>
+ ...
+ </item>
+ </rewrites>
+ <times>
+ <item>
+ <name/>
+ <description/>
+ <item>
+ <timetype/>
+ <timedays/>
+ <daterange/>
+ <sg_timerange/>
+ </item>
+ <item>
+ ...
+ </item>
+ </item>
+ <item>
+ ...
+ </item>
+ </times>
+ <acls>
+ <item>
+ <name/>
+ <description/>
+ <disabled/>
+ <timename/>
+ <redirect/>
+ <rewritename/>
+ <overredirect/>
+ <overrewritename/>
+ <destname/>
+ <overdestname/>
+ </item>
+ <item>
+ ...
+ </item>
+ </acls>
+ <default>
+ <name/>
+ <description/>
+ <disabled/>
+ <timename/>
+ <redirect/>
+ <rewritename/>
+ <overredirect/>
+ <overrewritename/>
+ <destname/>
+ <overdestname/>
+ </default>
+</squidGuard>
+*/
+require_once('globals.inc');
+require_once('config.inc');
+require_once('util.inc');
+require_once('pfsense-utils.inc');
+require_once('pkg-utils.inc');
+require_once('filter.inc');
+require_once('service-utils.inc');
+
+# ------------------------------------------------------------------------------
+
+define('FILES_DB_HEADER', '
+# ------------------------------------------------------------------------------
+# File created by squidGuard package GUI
+# (C)2006 Serg Dvoriancev
+# ------------------------------------------------------------------------------
+');
+
+define('CONFIG_SG_HEADER', '
+# ============================================================
+# SquidGuard configuration file
+#
+# This file generated automaticly with SquidGuard configurator
+#
+# (C)2006 Serg Dvoriancev
+# email: dv_serg@mail.ru
+# ============================================================
+');
+
+define('ACL_WARNING_ABSENSE_PASS', "!WARNING! Absence PASS 'all' or 'none' added as 'none'");
+
+# ------------------------------------------------------------------------------
+# squid config options
+# ------------------------------------------------------------------------------
+define('REDIRECTOR_OPTIONS_REM', '# squidGuard options');
+define('REDIRECTOR_PROGRAM_OPT', 'redirect_program');
+define('REDIRECT_BYPASS_OPT', 'redirector_bypass');
+define('REDIRECT_CHILDREN_OPT', 'redirect_children');
+# ------------------------------------------------------------------------------
+# setup count redirector processes will started
+# * for big count users service increase this option,
+# but you need use this on powerful system
+define('REDIRECTOR_PROCESS_COUNT', '3');
+
+# ------------------------------------------------------------------------------
+# squidguard config options
+# ------------------------------------------------------------------------------
+# define default redirection url (redirector get this url for all blocked url's)
+# * !ATTENTION! this url must be exists; IF url not exist, redirector will't block
+# (returned to squid some url, what blocked)
+# this may use '301:' or '302:' value (only)
+#define('REDIRECT_BASE_URL', '302:');
+define('REDIRECT_BASE_URL', 'http://127.0.0.1/sgerror.php');
+define('REDIRECT_TRANSPARENT_BASE_URL', '/sgerror.php');
+
+# ------------------------------------------------------------------------------
+# squidguard system defines
+# ------------------------------------------------------------------------------
+# !check this!
+define('SQUID_CONFIGFILE', '/usr/local/etc/squid/squid.conf');
+define('TMP_DIR', '/var/tmp');
+
+# not need for check
+define('SQUIDGUARD_CONFIGFILE', '/squidGuard.conf');
+define('SQUIDGUARDCONF_LOGFILE', '/sg_configurator.log');
+define('SQUIDGUARD_ACCESSBLOCK_FILE', 'block.log');
+define('SQUIDGUARD_BLK_ENTRIES', '/blacklist.files');
+define('BLACKLIST_ARCHIVE', '/blacklists.tar');
+# ? may be not used ?
+define('SQUIDGUARD_CONFBASE_DEF', '/usr/local/etc/squid');
+define('SQUIDGUARD_LOGDIR_DEF', '/tmp');
+define('SQUIDGUARD_WORKDIR_DEF', '/usr/local/etc/squidGuard');
+define('SQUIDGUARD_BINPATH_DEF', '/usr/local/bin');
+define('SQUIDGUARD_DBHOME_DEF', '/var/db/squidGuard');
+define('BLK_LOCALFILE', '/tmp/sg_blacklists.tar');
+
+# ------------------------------------------------------------------------------
+// debug options
+define('DEBUG_UPDATE_SQUID_CONF', 'true');
+define('DEBUG_UPDATE_SQUIDGUARD_DB', 'true');
+define('DEBUG_MAKE_SQUIDGUARD_CONFIG', 'true');
+
+// options
+define('SQUIDGUARD_LOG_MAXCOUNT', 1000); // max log lines
+
+# ------------------------------------------------------------------------------
+#
+define('FLT_DEFAULT_ALL', 'all');
+# ------------------------------------------------------------------------------
+# owner user name (squid system user - need for define rights access)
+# ------------------------------------------------------------------------------
+define('OWNER_NAME', 'proxy');
+# ------------------------------------------------------------------------------
+#
+define('DEBUG_ON', 'true');
+
+# ==============================================================================
+# black list
+# ==============================================================================
+# known black list standard names
+# ------------------------------------------------------------------------------
+define('FLT_AD', 'ads');
+define('FLT_AGGRESSIVE', 'aggressive');
+define('FLT_AUDIOVIDEO', 'audio-video');
+define('FLT_DRUGGS', 'druggs');
+define('FLT_GAMBLING', 'gambling');
+define('FLT_HACKING', 'hacking');
+define('FLT_MAIL', 'mail');
+define('FLT_PORN', 'porn');
+define('FLT_PROXY', 'proxy');
+define('FLT_VIOLENCE', 'viol');
+define('FLT_WAREZ', 'warez');
+
+# ------------------------------------------------------------------------------
+# std_blacklist_get_description - black list std names description
+# ------------------------------------------------------------------------------
+function std_blacklist_get_description() {
+ $dst_std = array();
+ $dst_std[FLT_AD] = 'Reclama & banners filter';
+ $dst_std[FLT_AGGRESSIVE] = 'Agressive content sites filter';
+ $dst_std[FLT_AUDIOVIDEO] = 'Audio and Video sites filter';
+ $dst_std[FLT_DRUGGS] = 'Druggs filter';
+ $dst_std[FLT_GAMBLING] = 'Games sites filter';
+ $dst_std[FLT_HACKING] = 'Hacking sites filter';
+ $dst_std[FLT_MAIL] = 'Mail sites filter';
+ $dst_std[FLT_PORN] = 'Porno sites filter';
+ $dst_std[FLT_PROXY] = 'Proxy sites filter';
+ $dst_std[FLT_VIOLENCE] = 'Violence content sites filter';
+ $dst_std[FLT_WAREZ] = 'Wares, soft, downloads sites filter';
+ return $dst_std;
+}
+
+# ==============================================================================
+# SquidGuard Configurator
+# ==============================================================================
+// squidGuard config array
+$squidguard_config = array();
+// default init
+sg_init();
+
+# ------------------------------------------------------------------------------
+# squidguard system fields
+# ------------------------------------------------------------------------------
+define('FLD_SQUIDGUARD', 'squidGuard');
+define('FLD_LOGDIR', 'logdir');
+define('FLD_DBHOME', 'dbhome');
+define('FLD_WORKDIR', 'workdir');
+define('FLD_BINPATH', 'binpath');
+define('FLD_PROCCESSCOUNT', 'process_count');
+define('FLD_SQUIDCONFIGFILE', 'squid_configfile');
+define('FLD_ENABLED', 'enabled');
+define('FLD_BLACKLISTENABLED', 'blacklist_enabled');
+define('FLD_SGCONF_XML', 'sgxml_file');
+
+// other fields
+define('FLD_ITEM', 'item');
+define('FLD_TIMES', 'times');
+define('FLD_SOURCES', 'sources');
+define('FLD_DESTINATIONS', 'destinations');
+define('FLD_REWRITES', 'rewrites');
+define('FLD_ACLS', 'acls');
+define('FLD_DEFAULT', 'default');
+define('FLD_NAME', 'name');
+define('FLD_DESCRIPTION', 'description');
+define('FLD_IP', 'ip');
+define('FLD_URLS', 'urls');
+define('FLD_DOMAINS', 'domains');
+define('FLD_EXPRESSIONS', 'expressions');
+define('FLD_REDIRECT', 'redirect');
+define('FLD_TARGETURL', 'targeturl');
+define('FLD_REPLACETO', 'replaceto');
+define('FLD_LOG', 'log');
+define('FLD_ITEM', 'item');
+define('FLD_DISABLED', 'disabled');
+define('FLD_TIMENAME', 'timename');
+define('FLD_DESTINATIONNAME', 'destname');
+define('FLD_REDIRECT', 'redirect');
+define('FLD_REWRITE', 'rewrite');
+define('FLD_REWRITENAME', 'rewritename');
+define('FLD_OVERDESTINATIONNAME', 'overdestname');
+define('FLD_OVERREDIRECT', 'overredirect');
+define('FLD_OVERREWRITE', 'overrewrite');
+define('FLD_OVERREWRITENAME', 'overrewritename');
+define('FLD_TIMETYPE', 'timetype');
+define('FLD_TIMEDAYS', 'timedays');
+define('FLD_DATRANGE', 'daterange');
+define('FLD_TIMERANGE', 'sg_timerange');
+
+// transparent mode
+define('FLD_SQUID_TRANSPARENT_MODE', 'squid_transparent_mode');
+define('FLD_CURRENT_LAN_IP', 'current_lan_ip');
+
+# ------------------------------------------------------------------------------
+# sg_init
+# - initialize config array
+# ------------------------------------------------------------------------------
+function sg_init($init = '') {
+ global $squidguard_config;
+
+ $squidguard_config = array();
+ if(empty($init) or !is_array($init) ) {
+ // default init (for generate minimal config)
+ $squidguard_config[FLD_LOGDIR] = SQUIDGUARD_LOGDIR_DEF;
+ $squidguard_config[FLD_DBHOME] = SQUIDGUARD_DBHOME_DEF;
+ $squidguard_config[FLD_WORKDIR] = SQUIDGUARD_WORKDIR_DEF;
+ $squidguard_config[FLD_BINPATH] = SQUIDGUARD_BINPATH_DEF;
+ $squidguard_config[FLD_SQUIDCONFIGFILE] = SQUID_CONFIGFILE;
+ $squidguard_config[FLD_PROCCESSCOUNT] = REDIRECTOR_PROCESS_COUNT;
+ sg_addlog("sg_init: default initialization squidguard_config");
+ } else {
+ $squidguard_config = $init;
+ sg_addlog("sg_init: ext initialization squidguard_config");
+ }
+ return $squidguard_config;
+}
+
+# ------------------------------------------------------------------------------
+# sg_loadconfig_xml
+# ------------------------------------------------------------------------------
+function sg_load_configxml($filename) {
+ global $squidguard_config;
+ sg_init();
+ if (file_exists($filename)) {
+ $xmlconf = file_get_contents($filename);
+ sg_addlog("sg_load_configxml: load config from $filename");
+
+ if (!empty($xmlconf)) {
+ $squidguard_config = $xmlconf[FLD_SQUIDGUARD];
+ sg_addlog("sg_load_configxml: update config success.");
+ } else
+ sg_addlog("sg_load_configxml: update config error.");
+ } else
+ sg_addlog("sg_load_configxml: error load config from $filename - file not exists.");
+}
+
+# ------------------------------------------------------------------------------
+# sg_saveconfig_xml
+# ------------------------------------------------------------------------------
+function sg_save_configxml($filename) {
+ global $squidguard_config;
+ $xmlconf = dump_xml_config($squidguard_config, FLD_SQUIDGUARD);
+ file_put_contents($filename, $xmlconf);
+}
+
+# ------------------------------------------------------------------------------
+# sg_reconfigure
+# - squidguard reconfiguration
+# ------------------------------------------------------------------------------
+function sg_reconfigure() {
+ global $squidguard_config;
+ sg_addlog("sg_reconfigure: start.");
+
+ // 1. check system
+ sg_check_system();
+
+ // 2. reconfigure user db
+ sg_reconfigure_user_db();
+
+ // 3. generate squidGuard config
+ $conf_file = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFIGFILE;
+ $conf = sg_build_config();
+ if ($conf) {
+ $conf = implode("\n", $conf);
+ if ($squidguard_config[FLD_WORKDIR])
+ $conf_file = $squidguard_config[FLD_WORKDIR] . SQUIDGUARD_CONFIGFILE;
+ file_put_contents($conf_file, $conf);
+ file_put_contents('/usr/local/etc/squid' . SQUIDGUARD_CONFIGFILE, $conf); // << squidGuard want config '/usr/local/etc/squid' by default
+ set_file_access($squidguard_config[FLD_WORKDIR], OWNER_NAME, 0755);
+ sg_addlog("sg_reconfigure: generate squidGuard config and save to $conf_file.");
+ }
+
+ // 4. reconfigure squid
+ squid_reconfigure();
+
+ sg_addlog("sg_reconfigure: end.");
+}
+
+// ------------------------------------------------------------
+// squid_reconfigure
+// Insert in '/usr/local/squid/etc/squid.conf' options:
+// redirector_bypass on
+// redirect_program /usr/local/squidGuard/bin/squidGuard -c /path_to_config_file
+// redirect_children 1
+// ------------------------------------------------------------
+function squid_reconfigure($remove_only = '') {
+ global $squidguard_config;
+
+ sg_addlog("squid_reconfigure: begin");
+
+ // 1. update squid config
+ $opt = '';
+ $squid_conf_file = SQUID_CONFIGFILE;
+ $redirector_path = $squidguard_config[FLD_BINPATH] . '/squidGuard';
+ $redirector_conf = $squidguard_config[FLD_WORKDIR] . SQUIDGUARD_CONFIGFILE;
+
+ // update squid.conf file
+ if (file_exists($squid_conf_file)) {
+ sg_addlog("squid_reconfigure: config file '$squid_conf_file'");
+ $conf = file_get_contents($squid_conf_file);
+
+ // remove old redirector options from 'squid.conf'
+ sg_addlog("squid_reconfigure: remove old redirector options from 'squid.conf'");
+ $conf = explode("\n", $conf);
+ for($i=0; $i<count($conf); $i++) {
+ $s = trim($conf[$i]);
+ if (strpos($s, REDIRECTOR_OPTIONS_REM) === 0) $conf[$i] = '';
+ if (strpos($s, REDIRECTOR_PROGRAM_OPT) === 0) $conf[$i] = '';
+ if (strpos($s, REDIRECT_BYPASS_OPT) === 0) $conf[$i] = '';
+ if (strpos($s, REDIRECT_CHILDREN_OPT) === 0) $conf[$i] = '';
+ }
+ $conf = implode("\n", $conf);
+ $conf = rtrim($conf);
+
+ // if squidGuard enabled - add new options to squid config
+ if (empty($remove_only) && ($squidguard_config[FLD_ENABLED] === 'on')) {
+ sg_addlog("squid_reconfigure: add new redirector options to 'squid.conf'");
+ // add redirector options to 'squid.conf'
+ $conf .= "\n";
+ $conf .= "\n" . REDIRECTOR_OPTIONS_REM;
+ $conf .= "\n" . REDIRECTOR_PROGRAM_OPT . " $redirector_path -c $redirector_conf";
+ $conf .= "\n" . REDIRECT_BYPASS_OPT . ' on';
+ $conf .= "\n" . REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT;
+ }
+ $conf .= "\n";
+ file_put_contents($squid_conf_file, $conf);
+ } else
+ sg_addlog("squid_reconfigure: error config file '$squid_conf_file' not found.");
+
+
+ // 2. restart squid - squid automaticly restart redirector too
+ if (is_service_running('squid'))
+ mwexec("/usr/local/sbin/squid -k reconfigure");
+
+# // 2.1. another method
+# if (is_service_running('squid'))
+# mwexec('killall -HUP squid');
+}
+// ------------------------------------------------------------
+// sg_check_system
+// - check squidguard catalog's and access right's
+// ------------------------------------------------------------
+function sg_check_system() {
+ global $squidguard_config;
+
+ // check work_dir & create if not exists
+ $work_dir = $squidguard_config[FLD_WORKDIR];
+ if (!empty($work_dir)) {
+ // check dir's
+ if (!file_exists($work_dir)) {
+ mwexec("mkdir -p " . $work_dir);
+ sg_addlog("Create work dir $work_dir");
+ // set access right
+ set_file_access($work_dir, OWNER_NAME, 0755);
+ }
+ }
+ unset($work_dir);
+
+ // check log_dir & create if not exists
+ $log_dir = $squidguard_config[FLD_LOGDIR];
+ if (!empty($log_dir)) {
+ if (!file_exists($log_dir)) {
+ mwexec("mkdir -p " . $log_dir);
+ sg_addlog("Create log dir $log_dir");
+ }
+ // set access right - need start any time;
+ // (SG possible start from console and log file will have only root access)
+ set_file_access($log_dir, OWNER_NAME, 0755);
+ }
+ unset($log_dir);
+
+ // check db dir
+ $db_dir = $squidguard_config[FLD_DBHOME];
+ if (!empty($db_dir)) {
+ if (!file_exists($db_dir)) {
+ mwexec("mkdir -p $db_dir");
+ $sg_addlog("Create db dir $db_dir");
+ // set access right
+ set_file_access($db_dir, OWNER_NAME, 0755);
+ }
+ }
+ unset($db_dir);
+}
+// ------------------------------------------------------------
+// sg_reconfigure_user_db
+// - reconfigure(update) db user entries
+// ------------------------------------------------------------
+function sg_reconfigure_user_db() {
+ global $squidguard_config;
+ $dbhome = $squidguard_config[FLD_DBHOME];
+
+ sg_addlog("sg_reconfigure_user_db: begin");
+
+ if (!file_exists($dbhome)) {
+ sg_addlog("sg_reconfigure_user_db: error - path not found $dbhome");
+ return;
+ }
+
+ // update destinations to db
+ $dests = $squidguard_config[FLD_DESTINATIONS];
+ if(!empty($dests)){
+ $dst_names = array();
+
+ foreach($dests[FLD_ITEM] as $dst) {
+ $path = "$dbhome/" . $dst[FLD_NAME];
+ $dst_names[] = $path;
+
+ // 1. check destination catalog
+ if (!file_exists($path)) {
+ if (!mkdir ($path, 0755)) {
+ sg_addlog("sg_reconfigure_user_db: error create dir $path");
+ return;
+ } else sg_addlog("Create dir $path");
+ }
+
+ // 2. build domains file
+ $domains = $dst[FLD_DOMAINS];
+ if (!empty($domains)) {
+ $content = '';
+ $content = str_replace(" ", "\n", $domains);
+ $content = trim($content);
+ file_put_contents($path . '/domains', $content);
+ sg_addlog("sg_reconfigure_user_db: add domains '$domains'");
+ }
+ unset($domains);
+
+ // 3. build urls file
+ $urls = $dst[FLD_URLS];
+ if (!empty($urls)) {
+ $content = '';
+ $content = str_replace(" ", "\n", $urls);
+ $content = trim($content);
+ file_put_contents($path . '/urls', $content);
+ sg_addlog("sg_reconfigure_user_db: add urls '$content'");
+ }
+ unset($urls);
+
+ // 4. build expression file
+ $expr = $dst[FLD_EXPRESSIONS];
+ if (!empty($expr)) {
+ $content = str_replace("|", " ", $expr);
+ $content = trim($content); // delete first and last unnecessary '|' symbols
+ $content = str_replace(" ", "|", $content);
+ file_put_contents($path . '/expressions', $content);
+ sg_addlog("sg_reconfigure_user_db: add expressions '$content'");
+ }
+ unset($expr);
+ }
+
+ // 4. recursive set files access
+ set_file_access($dbhome, OWNER_NAME, 0755);
+
+ // 5. rebuild user db
+ //$dst_names
+ foreach($dst_names as $dname)
+ sg_full_rebuild_db($dname);
+
+ } else
+ sg_addlog("sg_reconfigure_user_db: stopped - destinations list empty");
+
+ // 6. remove unused db entries
+ sg_remove_unused_db_entries();
+
+ sg_addlog("sg_reconfigure_user_db: end");
+}
+
+// ------------------------------------------------------------
+// sg_remove_unused_db_entries
+// - remove unused DB entries
+// ------------------------------------------------------------
+function sg_remove_unused_db_entries() {
+ global $squidguard_config;
+ $db_entries = array();
+ $file_list = '';
+ $dbhome = $squidguard_config[FLD_DBHOME];
+
+ sg_addlog("sg_remove_unused_db_entries: begin");
+
+ // black list entries
+ // * worked only with 'blacklist entries list file - else may be deleted black list entry
+ if (file_exists($dbhome . SQUIDGUARD_BLK_ENTRIES)) {
+ $db_entries = explode("\n", file_get_contents($dbhome . SQUIDGUARD_BLK_ENTRIES));
+ // user entries
+ $dests = $squidguard_config[FLD_DESTINATIONS];
+ foreach($dests[FLD_ITEM] as $dst) {
+ $db_entries[] = $dst[FLD_NAME];
+
+ $file_list = scan_dir($dbhome);
+ $file_for_del = array_diff($file_list, $db_entries);
+
+ foreach($file_for_del as $fd) {
+ $file_fd = $dbhome . "/" . $fd;
+ if (($fd != "") && ($fd != ".") && ($fd != "..")) {
+ if (file_exists($file_fd)) {
+ if (!mwexec("rm -R . $file_fd"))
+ sg_addlog("sg_remove_unused_db_entries: Delete $file_fd");
+ else sg_addlog("sg_remove_unused_db_entries: Error delete $file_fd");
+ } else sg_addlog("sg_remove_unused_db_entries: File $file_fd not found");
+ }
+ }
+ }
+ }
+ sg_addlog("sg_remove_unused_db_entries: end");
+}
+
+// ------------------------------------------------------------
+// sg_full_rebuild_db
+// squidguard inline options: -C - create db files; -u - update '.diff' files to db
+// ------------------------------------------------------------
+function sg_full_rebuild_db($dblist='') {
+ global $squidguard_config;
+ $sg_cfgfile = '';
+
+ sg_addlog("sg_rebuild_db: begin with $dblist");
+
+ if ($squidguard_config[FLD_WORKDIR])
+ $sg_cfgfile = $squidguard_config[FLD_WORKDIR];
+ else $sg_cfgfile = SQUIDGUARD_WORKDIR_DEF;
+ $sg_cfgfile .= SQUIDGUARD_CONFIGFILE;
+
+ // set files access
+ set_file_access($squidguard_config[FLD_DBHOME], OWNER_NAME, 0755);
+
+ // rebuild squidGuard DB (without waite)
+ if (file_exists($sg_cfgfile)) {
+ if (empty($dblist)) {
+ // full rebuild
+ $cmd = $squidguard_config[FLD_BINPATH] . '/squidGuard -c $sg_cfgfile -C all';
+ mwexec_bg($cmd);
+ sg_addlog("sg_rebuild_db: start full rebuild db");
+ } else {
+ // partually rebuild
+ $cmd_domains = $squidguard_config[FLD_BINPATH] . "/squidGuard -c $sg_cfgfile -C $dblist/domains";
+ $cmd_urls = $squidguard_config[FLD_BINPATH] . "/squidGuard -c $sg_cfgfile -C $dblist/urls";
+ mwexec_bg($cmd_domains);
+ mwexec_bg($cmd_urls);
+ sg_addlog("sg_rebuild_db: start rebuild DB '$dblist'");
+ }
+ // update .diff files
+# mwexec_bg($squidguard_config[FLD_BINPATH] . '/squidGuard -c $sg_cfgfile -u')*/)
+ } else {
+ sg_addlog("sg_rebuild_db: error, config file '$sg_cfgfile' not found");
+ }
+
+ sg_addlog("sg_rebuild_db: end");
+}
+// ============================================================
+// Log
+// ============================================================
+// ------------------------------------------------------------
+// sg_addlog
+// ------------------------------------------------------------
+function sg_addlog($log) {
+ global $squidguard_config;
+
+ $logfile = '';
+ $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARDCONF_LOGFILE;
+ $log_content = array();
+
+ if (!empty($squidguard_config)) {
+ // define logfile
+ if (file_exists($squidguard_config[FLD_LOGDIR]))
+ $logfile = $squidguard_config[FLD_LOGDIR] . SQUIDGUARDCONF_LOGFILE;
+ } else {
+ $log_content[] = date("d.m.Y H:i:s") . ": " . "sg_addlog: Error, squidguard_config is empty";
+ }
+
+ $tmplog = '';
+ if (file_exists($logfile))
+ $tmplog = file_get_contents($logfile);
+ $log_content = explode("\n", $tmplog);
+ unset($tmplog);
+
+ $log_content[] = date("d.m.Y H:i:s") . ": $log";
+ while (count($log_content) > SQUIDGUARD_LOG_MAXCOUNT) array_shift($log_content);
+
+ $tlog = implode("\n", $log_content);
+ file_put_contents($logfile, $tlog);
+# file_put_contents("/tmp/_sg.log", $tmp_log);
+}
+// ------------------------------------------------------------
+// sg_getlog
+// ------------------------------------------------------------
+function sg_getlog($last_entries_count) {
+ global $squidguard_config;
+ $log_content = '';
+ $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARDCONF_LOGFILE;
+
+ // define logfile
+ if (!empty($squidguard_config))
+ if (file_exists($squidguard_config[FLD_LOGDIR]))
+ $logfile = $squidguard_config[FLD_LOGDIR] . SQUIDGUARDCONF_LOGFILE;
+
+ // get log last 100 entries
+ if (file_exists($logfile)) {
+ $log_content = file_get_contents($logfile);
+ $log_content = explode("\n", $log_content);
+ while (count($log_content) > $last_entries_count) array_shift($log_content);
+ // insert log file name on top
+ $log_content[0] = $logfile;
+ $log_content = implode("\n", $log_content);
+ }
+
+ return $log_content;
+}
+# -------------------------------------------------------------
+# sg_build_default_config
+# default rule - block all
+# -------------------------------------------------------------
+function sg_build_default_config() {
+ global $squidguard_config;
+ $sgconf = array();
+ $redirect_base_url = REDIRECT_BASE_URL;
+
+// TODO: need fix for transparentproxy
+
+ // header
+ $sgconf[] = CONFIG_SG_HEADER;
+ // init section
+ $sgconf[] = "logdir {$squidguard_config[FLD_LOGDIR]}";
+ $sgconf[] = "dbhome {$squidguard_config[FLD_DBHOME]}";
+ $sgconf[] = "";
+
+ // acl section
+ $sgconf[] = "acl {";
+ $sgconf[] = "\t default {";
+ $sgconf[] = "\t\t pass none";
+ $sgconf[] = "\t\t redirect " . $redirect_base_url;
+ $sgconf[] = "\t }";
+ $sgconf[] = "}";
+
+ sg_addlog("sg_build_default_config: Created default configuration. All content will blocked.");
+ return $sgconf;
+}
+
+// ------------------------------------------------------------
+// sg_build_config
+// ------------------------------------------------------------
+function sg_build_config() {
+ global $squidguard_config;
+ $sgconf = array();
+ $redirect_base_url = REDIRECT_BASE_URL;
+
+ sg_addlog("sg_build_config: create squidGuard config");
+ if(!is_array($squidguard_config)) {
+ sg_addlog("sg_build_config: error configuration in squidguard_config");
+ return sg_build_default_config();
+ }
+
+ // check configuration data
+ sg_addlog("sg_build_config: check configuration data");
+ $s = sg_check_config_data();
+ if ($s) {
+ sg_addlog("sg_build_config: error configuration data. It's all errors: \n$s");
+ sg_addlog("sg_build_config: terminated.");
+ return sg_build_default_config();
+ }
+ unset($s);
+
+ // --- Header ---
+ $sgconf[] = CONFIG_SG_HEADER;
+
+ // Transparent redirector base url
+ if (isset($squidguard_config[FLD_SQUID_TRANSPARENT_MODE]) and
+ isset($squidguard_config[FLD_CURRENT_LAN_IP])) {
+ $redirect_base_url = "http://" . $squidguard_config[FLD_CURRENT_LAN_IP] . REDIRECT_TRANSPARENT_BASE_URL;
+ sg_addlog("sg_build_config: select LAN redirector base url ($redirect_base_url)");
+ } else
+ sg_addlog("sg_build_config: select localhost redirector base url ($redirect_base_url)");
+
+ // init
+ $sgconf[] = "logdir " . $squidguard_config[FLD_LOGDIR];
+ $sgconf[] = "dbhome " . $squidguard_config[FLD_DBHOME];
+
+ // --- Times ---
+ if ($squidguard_config[FLD_TIMES]) {
+ sg_addlog("sg_build_config: add times");
+ foreach($squidguard_config[FLD_TIMES][FLD_ITEM] as $tm) {
+ $sgconf[] = "";
+ if ($tm[FLD_DESCRIPTION])
+ $sgconf[] = "# " . $tm[FLD_DESCRIPTION];
+ $sgconf[] = "time " . $tm[FLD_NAME] . " {";
+ foreach($tm[FLD_ITEM] as $itm) {
+ switch ($itm[FLD_TIMETYPE]) {
+ case "weekly":
+ $sgconf[] = "\t weekly " . $itm[FLD_TIMEDAYS] . " " . $itm[FLD_TIMERANGE];
+ break;
+ case "date":
+ $sgconf[] = "\t date " . $itm[FLD_DATERANGE] . " " . $itm[FLD_TIMERANGE];
+ break;
+ }
+ }
+ $sgconf[] = "}";
+ }
+ }
+
+ // --- Sources ---
+ if ($squidguard_config[FLD_SOURCES]) {
+ sg_addlog("sg_build_config: add sources");
+ foreach($squidguard_config[FLD_SOURCES][FLD_ITEM] as $src) {
+ $sgconf[] = "";
+ if ($src[FLD_DESCRIPTION])
+ $sgconf[] = "# " . $src[FLD_DESCRIPTION];
+ $sgconf[] = "src " . $src[FLD_NAME] . " {";
+ // IP
+ if ($src[FLD_IP]) {
+ $s_ip = explode(" ", $src[FLD_IP]);
+ foreach($s_ip as $ip)
+ if (!empty($ip)) $sgconf[] = "\t ip " . $ip;
+ }
+ // domains
+ if ($src[FLD_DOMAINS]) {
+ $dms = explode(" ", $src[FLD_DOMAINS]);
+ foreach($dms as $dm)
+ if (!empty($dm)) $sgconf[] = "\t domain " . $dm;
+ }
+ if ($src[FLD_LOG])
+ $sgconf[] = "\t log " . SQUIDGUARD_ACCESSBLOCK_FILE;
+ $sgconf[] = "}";
+ }
+ }
+
+ // --- Blacklist ---
+ #
+ # Note! Blacklist must be added to config constantly. It's need for rebuild DB
+ #
+ $db_entries = sg_entries_blacklist();
+ if (($squidguard_config[FLD_BLACKLISTENABLED] === 'on') and $db_entries) {
+ sg_addlog("sg_build_config: add blacklist entries");
+ foreach($db_entries as $key => $ent) {
+ $ent_state = array();
+ $file_dms = $squidguard_config[FLD_DBHOME] . "/$ent/domains";
+ $file_urls = $squidguard_config[FLD_DBHOME] . "/$ent/urls";
+ $file_expr = $squidguard_config[FLD_DBHOME] . "/$ent/expressions";
+
+ // check blacklist acl state
+ if (file_exists($file_dms)) {
+ $ent_state['exists'] = 'on';
+ $ent_state[FLD_DOMAINS] = 'on';
+ }
+ if (file_exists($file_urls)) {
+ $ent_state['exists'] = 'on';
+ $ent_state[FLD_URLS] = 'on';
+ }
+ if (file_exists($file_expr)) {
+ $ent_state['exists'] = 'on';
+ $ent_state[FLD_EXPRESSIONS] = 'on';
+ }
+
+ // create config
+ $sgconf[] = "";
+ if ($ent_state['exists']) {
+ $sgconf[] = "dest $ent {";
+ $dstname = $ent;
+ if ($ent_state[FLD_DOMAINS]) $sgconf[] = "\t domainlist $ent/domains";
+ if ($ent_state[FLD_EXPRESSIONS]) $sgconf[] = "\t expressionlist $ent/expressions";
+ if ($ent_state[FLD_URLS]) $sgconf[] = "\t urllist $ent/urls";
+ $sgconf[] = "\t log " . SQUIDGUARD_ACCESSBLOCK_FILE;
+ $sgconf[] = "}";
+ sg_addlog("sg_build_config: -- add '$ent' entry");
+ } else {
+ $sgconf[] = "\t# Config ERROR: Destination '$ent' not found in DB";
+ sg_addlog("sg_build_config: uncompleted or error '$ent' entry - disabled");
+ }
+ }
+ }
+
+ // --- Destinations ---
+ if ($squidguard_config[FLD_DESTINATIONS]) {
+ sg_addlog("sg_build_config: add destinations");
+ $sgconf[] = "";
+# $sgconf[] = "dest localhost { # fix localhost access problem on transparent proxy ";
+# $sgconf[] = "\t ip 127.0.0.1";
+# $sgconf[] = "}";
+ foreach($squidguard_config[FLD_DESTINATIONS][FLD_ITEM] as $dst) {
+ $dstname = $dst[FLD_NAME];
+ $sgconf[] = "";
+ if ($dst[FLD_DESCRIPTION])
+ $sgconf[] = "# " . $dst[FLD_DESCRIPTION];
+ $sgconf[] = "dest $dstname {";
+ if ($dst[FLD_DOMAINS])
+ $sgconf[] = "\t domainlist $dstname/domains";
+ if ($dst[FLD_EXPRESSIONS])
+ $sgconf[] = "\t expressionlist $dstname/expressions";
+ if ($dst[FLD_URLS])
+ $sgconf[] = "\t urllist $dstname/urls";
+ if ($dst[FLD_REDIRECT] && is_url($dst[FLD_REDIRECT]))
+ $sgconf[] = "\t redirect " . $redirect_base_url . "?url={$dst[FLD_REDIRECT]}";
+ if ($dst[FLD_LOG])
+ $sgconf[] = "\t log " . SQUIDGUARD_ACCESSBLOCK_FILE;
+ $sgconf[] = "}";
+ }
+ }
+
+ // --- Rewrites ---
+ if ($squidguard_config[FLD_REWRITES]) {
+ sg_addlog("sg_build_config: add rewrites");
+ foreach($squidguard_config[FLD_REWRITES][FLD_ITEM] as $rew) {
+ $sgconf[] = "";
+ $sgconf[] = "rew " . $rew[FLD_NAME] . " {";
+ foreach ($rew[FLD_ITEM] as $rw)
+ $sgconf[] = "\t s@." . $rw[FLD_TARGETURL] . "@" . $rw[FLD_REPLACETO]."@";
+ if ($rew[FLD_LOG])
+ $sgconf[] = "\t log " . SQUIDGUARD_ACCESSBLOCK_FILE;
+ $sgconf[] = "}";
+ }
+ }
+
+ # ----------------------------------------
+ $entry_blacklist = sg_entries_blacklist();
+
+ // --- ACL ---
+ $sgconf[] = "";
+ $sgconf[] = "acl {";
+ if ($squidguard_config[FLD_ACLS]) {
+ sg_addlog("sg_build_config: add ACL");
+ foreach($squidguard_config[FLD_ACLS][FLD_ITEM] as $acl) {
+
+ // delete blacklist entries from 'pass' if blacklist disabled
+ if ($squidguard_config[FLD_BLACKLISTENABLED] !== 'on') {
+ $tarray = explode(" ", $acl[FLD_DESTINATIONNAME]);
+ $varray = explode(" ", $acl[FLD_OVERDESTINATIONNAME]);
+ foreach($entry_blacklist as $entry) {
+ $tk = array_search($entry, $tarray);
+ if ($tk !== false) unset ($tarray[$tk]);
+
+ $tk = array_search("!$entry", $tarray);
+ if ($tk !== false) unset($tarray[$tk]);
+
+ $tk = array_search($entry, $varray);
+ if ($tk !== false) unset ($varray[$tk]);
+
+ $tk = array_search("!$entry", $varray);
+ if ($tk !== false) unset ($varray[$tk]);
+ }
+ $acl[FLD_DESTINATIONNAME] = implode (" ", $tarray);
+ $acl[FLD_OVERDESTINATIONNAME] = implode (" ", $varray);
+ }
+
+ if (!$acl[FLD_DISABLED]) {
+ if ($acl[FLD_DESCRIPTION])
+ $sgconf[] = "\t # " . $acl[FLD_DESCRIPTION];
+
+ if ($acl[FLD_TIMENAME]) {
+ // ontime
+ $sgconf[] = "\t " . $acl[FLD_NAME] . " within " . $acl[FLD_TIMENAME] . " { ";
+ $sgconf[] = "\t\t pass " . $acl[FLD_DESTINATIONNAME];
+ if ($acl[FLD_REDIRECT]) {
+ if (is_url($acl[FLD_REDIRECT]))
+ $sgconf[] = "\t\t redirect " . $redirect_user_url . "?url={$acl[FLD_REDIRECT]}";
+ else $sgconf[] = "\t\t redirect " . $redirect_user_url . "?msg=" . htmlspecialchars($acl[FLD_REDIRECT]);
+ }
+ if ($acl[FLD_REWRITENAME])
+ $sgconf[] = "\t\t rewrite " . $acl[FLD_REWRITENAME];
+
+ // overtime
+ $sgconf[] = "\t } else {";
+ $sgconf[] = "\t\t pass " . $acl[FLD_OVERDESTINATIONNAME];
+ if ($acl[FLD_OVERREDIRECT] && is_url($acl[FLD_OVERREDIRECT]))
+ $sgconf[] = "\t\t redirect " . $redirect_base_url . "?url={$acl[FLD_OVERREDIRECT]}";
+ if ($acl[FLD_OVERREWRITENAME])
+ $sgconf[] = "\t\t rewrite " . $acl[FLD_OVERREWRITENAME];
+
+ $sgconf[] = "\t }";
+ } else {
+ $sgconf[] = "\t " . $acl[FLD_NAME] . " { ";
+
+ $sgconf[] = "\t\t pass " . $acl[FLD_DESTINATIONNAME];
+
+ if ($acl[FLD_REDIRECT] && is_url($acl[FLD_REDIRECT]))
+ $sgconf[] = "\t\t redirect " . $redirect_base_url . "?url={$acl[FLD_REDIRECT]}";
+ if ($acl[FLD_REWRITENAME])
+ $sgconf[] = "\t\t rewrite " . $acl[FLD_REWRITENAME];
+
+ $sgconf[] = "\t }";
+ }
+ $sgconf[] = "";
+ }
+ }
+ }
+
+ // --- Default ---
+ $def = $squidguard_config[FLD_DEFAULT];
+ sg_addlog("sg_build_config: add Default");
+ if ($def) {
+ // delete blacklist entries from 'pass' if blacklist disabled
+ if ($squidguard_config[FLD_BLACKLISTENABLED] !== 'on') {
+ $tarray = explode(" ", $def[FLD_DESTINATIONNAME]);
+ $varray = explode(" ", $def[FLD_OVERDESTINATIONNAME]);
+ foreach($entry_blacklist as $entry) {
+ $tk = array_search($entry , $tarray);
+ if ($tk !== false) unset ($tarray[$tk]);
+
+ $tk = array_search("!$entry" , $tarray);
+ if ($tk !== false) unset ($tarray[$tk]);
+
+ $tk = array_search($entry , $varray);
+ if ($tk !== false) unset ($varray[$tk]);
+
+ $tk = array_search("!$entry" , $varray);
+ if ($tk !== false) unset ($varray[$tk]);
+ }
+ $def[FLD_DESTINATIONNAME] = implode (" ", $tarray);
+ $def[FLD_OVERDESTINATIONNAME] = implode (" ", $varray);
+ }
+
+ if ($def[FLD_TIMENAME]) {
+ // ontime
+ $sgconf[] = "\t default within " . $def[FLD_TIMENAME] . " { ";
+ $sgconf[] = "\t\t pass " . $def[FLD_DESTINATIONNAME];
+ if ($def[FLD_REDIRECT] && is_url($def[FLD_REDIRECT]))
+ $sgconf[] = "\t\t redirect " . $redirect_base_url . "?url={$def[FLD_REDIRECT]}";
+ else $sgconf[] = "\t\t redirect " . $redirect_base_url;
+ // overtime
+ $sgconf[] = "\t } else {";
+ $sgconf[] = "\t\t pass " . $def[FLD_OVERDESTINATIONNAME];
+ if ($def[FLD_OVERREDIRECT] && is_url($def[FLD_OVERREDIRECT])) {
+ $sgconf[] = "\t\t redirect " . $redirect_base_url . "?url={$def[FLD_OVERREDIRECT]}";
+ }
+ else $sgconf[] = "\t\t redirect " . $redirect_base_url;
+ $sgconf[] = "\t }";
+ } else {
+ // without time
+ $sgconf[] = "\t default { ";
+ $sgconf[] = "\t\t pass " . $def[FLD_DESTINATIONNAME];
+ if ($def[FLD_REDIRECT] && is_url($def[FLD_REDIRECT])) {
+ $sgconf[] = "\t\t redirect " . $redirect_base_url . "?url={$def[FLD_REDIRECT]}";
+ }
+ else $sgconf[] = "\t\t redirect " . $redirect_base_url;
+ $sgconf[] = "\t }";
+ }
+ } // if def
+ else {
+ sg_addlog("sg_build_config: error - ACL 'default' is empty, use as default 'block all'.");
+ $sgconf[] = "\t default { ";
+ $sgconf[] = "\t\t pass none";
+ $sgconf[] = "\t\t redirect " . $redirect_base_url;
+ $sgconf[] = "\t }";
+ }
+
+ // --- ACL end ---
+ $sgconf[] = "}";
+
+ return $sgconf;
+}
+
+// ------------------------------------------------------------
+// sg_check_config_data
+// ------------------------------------------------------------
+function sg_check_config_data () {
+ global $squidguard_config;
+ $check_log = array();
+ $times = array();
+ $sources = array();
+ $destinations = array();
+ $rewrites = array();
+ $acls = array();
+
+ // --- Times ---
+ if ($squidguard_config[FLD_TIMES]) {
+ foreach($squidguard_config[FLD_TIMES][FLD_ITEM] as $tm) {
+ // check name as unique and name format
+ $tm_name = $tm[FLD_NAME];
+ $s = check_name($tm_name);
+ if ($s)
+ $check_log[] = "TIME '$tm_name' error: $s";
+
+ $times[] = $tm_name;
+ $key_tm = array_count_values($times);
+ if ($key_tm[$tm_name] > 1)
+ $check_log[] = "TIME '$tm_name' error: duplicate time name '$tm_name'";
+
+ // check time items format
+ }
+ }
+
+ // --- Sources ---
+ if ($squidguard_config[FLD_SOURCES]) {
+ foreach($squidguard_config[FLD_SOURCES][FLD_ITEM] as $src) {
+ // check name as unique and name format
+ $src_name = $src[FLD_NAME];
+ $s = check_name($src_name);
+ if ($s)
+ $check_log[] = "SOURCE '$src_name'error: $s";
+
+ $sources[] = $src_name;
+ $key_src = array_count_values($sources);
+ if ($key_src[$src_name] > 1)
+ $check_log[] = "SOURCE '$src_name' error: duplicate source name '$src_name'";
+
+ // check IP's
+ }
+ }
+
+ // --- Destinations ---
+ if ($squidguard_config[FLD_DESTINATIONS]) {
+ foreach($squidguard_config[FLD_DESTINATIONS][FLD_ITEM] as $dst) {
+ // check name as unique and name format
+ $dst_name = $dst[FLD_NAME];
+ $s = check_name($dst_name);
+ if ($s)
+ $check_log[] = "DESTINATION '$dst_name' error: $s";
+
+ $destinations[] = $dst_name;
+ $key_dst = array_count_values($destinations);
+ if ($key_dst[$dst_name] > 1)
+ $check_log[] = "DESTINATION '$dst_name' error: duplicate destination name '$dst_name'";
+
+ // check urls
+ // check domains
+ // check expressions
+ // check redirection url
+ }
+ }
+
+ // --- Blacklist ---
+ $blk_entries_file = $squidguard_config[FLD_WORKDIR] . SQUIDGUARD_BLK_ENTRIES;
+ if (file_exists($blk_entries_file)) {
+ $blk_entr = explode("\n", file_get_contents($blk_entries_file));
+ foreach($blk_entr as $entr) {
+ if ($entr) {
+ $destinations[] = $entr;
+ // check entry for exists
+ $dbfile = $squidguard_config[FLD_DBHOME] . "/$entr";
+ if (!file_exists($dbfile))
+ $check_log[] = "BLACKLIST '$entr' error: file '$dbfile' not found";
+ }
+ }
+ }
+
+ // --- Rewrites ---
+ if ($squidguard_config[FLD_REWRITES]) {
+ foreach($squidguard_config[FLD_REWRITES][FLD_ITEM] as $rw) {
+ // check check name as unique and name format
+ $rw_name = $rw[FLD_NAME];
+ $s = check_name($dst_name);
+ if ($s)
+ $check_log[] = "REWRITE '$rw_name' error: $s";
+
+ $rewrites[] = $rw_name;
+ $key_rw = array_count_values($rewrites);
+ if ($key_rw[$rw_name] > 1)
+ $check_log[] = "REWRITE '$rw_name' error: duplicate rewrite name '$rw_name'";
+ }
+ }
+
+ $key_times = array_count_values($times);
+ $key_sources = array_count_values($sources);
+ $key_destinations = array_count_values($destinations);
+ $key_rewrites = array_count_values($rewrites);
+
+ // --- ACLs ---
+ if ($squidguard_config[FLD_ACLS]) {
+ $acls = array();
+ foreach($squidguard_config[FLD_ACLS][FLD_ITEM] as $acl) {
+ // skip disabled acl
+ if ($acls[FLD_DISABLED]) continue;
+
+ $acl_name = $acl[FLD_NAME];
+
+ // check acl name for unique and exists (as source items)
+ if ($acl_name and !$key_sources[$acl_name])
+ $check_log[] = "ACL '$acl_name' error: acl name '$acl_name' not found";
+
+ $acls[] = $acl_name;
+ $key_acls = array_count_values($acls);
+ if ($key_acls[$acl_name] > 1)
+ $check_log[] = "ACL '$acl_name' error: duplicate acl name '$acl_name'";
+
+ // check time
+ $time = $acl[FLD_TIMENAME];
+ if ($time and !$key_times[$time]) // time name must exists
+ $check_log[] = "ACL '$acl_name' error: time name '$time' not found";
+
+ // check destinations
+ if ($acl[FLD_DESTINATIONNAME]) {
+ $acldest = str_replace("!", "", $acl[FLD_DESTINATIONNAME]);
+ $acldest = explode(" ", $acldest);
+ $key_acldest = array_count_values($acldest);
+ foreach($acldest as $adest) {
+ // check duplicates destinations in acl
+ if ($key_acldest[$adest] > 1)
+ $check_log[] = "ACL '$acl_name' error: duplicate destination name '$adest'. Any destination must included once.";
+ // check destinations for exists
+ if ($adest and ($adest != 'all') and ($adest != 'none') and !$key_destinations[$adest])
+ $check_log[] = "ACL '$acl_name' error: destination name '$adest' not found";
+ }
+ } else {
+ $check_log[] = "ACL '$acl_name' error: ontime pass list is empty.";
+ }
+
+ // check overtime destinations
+ if ($time) {
+ if ($acl[FLD_OVERDESTINATIONNAME]) {
+ $acloverdest = str_replace("!", "", $acl[FLD_OVERDESTINATIONNAME]);
+ $acloverdest = explode(" ", $acloverdest);
+ $key_acloverdest = array_count_values($acloverdest);
+ foreach($acloverdest as $adest) {
+ // check duplicates destinations in acl
+ if ($key_acloverdest[$adest] > 1)
+ $check_log[] = "ACL '$acl_name' error: duplicate overtime destination name '$adest'. Any destination must included once.";
+ // check destinations for exists
+ if ($adest and ($adest != 'all') and ($adest != 'none') and !$key_destinations[$adest])
+ $check_log[] = "ACL '$acl_name' error: overtime destination name '$adest' not found";
+ }
+ } else {
+ $check_log[] = "ACL '$acl_name' error: overtime pass list is empty.";
+ }
+ }
+
+ // check rewrite
+ $rew = $acl[FLD_REWRITENAME];
+ if ($rew and !$key_rewrites[$rew])
+ $check_log[] = "ACL '$acl_name' error: rewrite name '$rew' not found";
+
+ // check overtime rewrite
+ $overrew = $acl[FLD_OVERREWRITENAME];
+ if ($time and $overrew and !$key_rewrites[$overrew])
+ $check_log[] = "ACL '$acl_name' error: overtime rewrite name '$overrew' not found";
+
+ // check redirect
+ $redir = $acl[FLD_REDIRECT];
+ $overredir = $acl[FLD_OVERREDIRECT];
+ }
+ }
+
+
+ // --- Default ---
+ if ($squidguard_config[FLD_ACLS]) {
+ $def = $squidguard_config[FLD_DEFAULT];
+
+ // check time
+ $time = $def[FLD_TIMENAME];
+ if ($time and !$key_times[$time]) // time name must exists
+ $check_log[] = "ACL 'default' error: time name '$time' not found";
+
+ // check destinations
+ if ($def[FLD_DESTINATIONNAME]) {
+ $defdest = str_replace("!", "", $def[FLD_DESTINATIONNAME]);
+ $defdest = explode(" ", $defdest);
+ $key_defdest = array_count_values($defdest);
+ foreach($defdest as $adest) {
+ // check duplicates destinations in acl
+ if ($key_defdest[$adest] > 1)
+ $check_log[] = "ACL 'default' error: duplicate destination name '$adest'. Any destination must included once.";
+ // check destinations for exists
+ if ($adest and ($adest != 'all') and ($adest != 'none') and !$key_destinations[$adest])
+ $check_log[] = "ACL 'default' error: destination name '$adest' not found";
+ }
+ } else {
+ $check_log[] = "ACL 'default' error: ontime pass list is empty.";
+ }
+
+ // check overtime destinations
+ if ($time) {
+ if ($def[FLD_OVERDESTINATIONNAME]) {
+ $defoverdest = str_replace("!", "", $def[FLD_OVERDESTINATIONNAME]);
+ $defoverdest = explode(" ", $defoverdest);
+ $key_defoverdest = array_count_values($defoverdest);
+ foreach($defoverdest as $adest) {
+ // check duplicates destinations in acl
+ if ($key_defoverdest[$adest] > 1)
+ $check_log[] = "ACL 'default' error: duplicate overtime destination name '$adest'. Any destination must included once.";
+ // check destinations for exists
+ if ($adest and ($adest != 'all') and ($adest != 'none') and !$key_destinations[$adest])
+ $check_log[] = "ACL 'default' error: overtime destination name '$adest' not found";
+ }
+ } else {
+ $check_log[] = "ACL 'default' error: overtime pass list is empty.";
+ }
+ }
+
+ // check rewrite
+ $rew = $def[FLD_REWRITENAME];
+ if ($rew and !$key_rewrites[$rew])
+ $check_log[] = "ACL 'default' error: rewrite name '$rew' not found";
+
+ // check overtime rewrite
+ $overrew = $def[FLD_OVERREWRITENAME];
+ if ($time and $overrew and !$key_rewrites[$overrew])
+ $check_log[] = "ACL 'default' error: overtime rewrite name '$overrew' not found";
+
+ // check redirect
+ $redir = $def[FLD_REDIRECT];
+ $overredir = $def[FLD_OVERREDIRECT];
+ }
+
+ return implode("\n", $check_log);
+}
+
+// =============================================================================
+// blacklist
+// =============================================================================
+// sg_reconfigure_blacklist($source_filename, $opt)
+// $source_filename - file name or url
+// $opt - option:
+// '' or 'local' - update from local file
+// 'url' - update from url
+// -----------------------------------------------------------------------------
+function sg_reconfigure_blacklist($source_filename, $opt = '') {
+ global $squidguard_config;
+ $sf = trim($source_filename);
+ $sf_contents = '';
+
+ sg_addlog("sg_reconfigure_blacklist: start ");
+
+ // 1. check system
+ sg_check_system();
+
+ // 2. upload
+ sg_addlog("sg_reconfigure_blacklist: begin upload from '$sf'.");
+ if ($sf[0] === "/") { // local file - example '/tmp/blacklists.tar'
+ if (file_exists($sf)) {
+ $sf_contents = file_get_contents($sf);
+ sg_addlog("sg_reconfigure_blacklist: get file '$sf'.");
+ } else {
+ sg_addlog("sg_reconfigure_blacklist: error get file '$sf', file not found.");
+ return;
+ }
+ } else {// url
+ sg_addlog("sg_reconfigure_blacklist: get url '$sf'.");
+ $sf_contents = sg_uploadfile_from_url($sf, BLK_LOCALFILE, $opt);
+ }
+
+ // 3. update
+ if (empty($sf_contents)) {
+ sg_addlog("sg_reconfigure_blacklist: error file content '$sf'.");
+ return;
+ }
+ // manually content save to local file
+ file_put_contents(BLK_LOCALFILE, $sf_contents);
+ sg_update_blacklist(BLK_LOCALFILE);
+
+ // 4. rebuild db
+ sg_full_rebuild_db();
+
+ sg_addlog("sg_reconfigure_blacklist: end");
+}
+
+// -----------------------------------------------------------------------------
+// sg_update_blacklist - update blacklist from file
+// -----------------------------------------------------------------------------
+function sg_update_blacklist($from_file) {
+ global $squidguard_config;
+ $dbhome = SQUIDGUARD_DBHOME_DEF;
+ $workdir = SQUIDGUARD_WORKDIR_DEF;
+
+ if (file_exists($squidguard_config[FLD_DBHOME])) $dbhome = $squidguard_config[FLD_DBHOME];
+ if (file_exists($squidguard_config[FLD_WORKDIR])) $workdir = $squidguard_config[FLD_WORKDIR];
+ sg_addlog("sg_update_blacklist: begin '$dbhome'");
+
+ if (file_exists($from_file)) {
+ // 1. unpack blacklist file
+ $bl_temp = '/var/tmp/blacklists';
+ mwexec('tar zxvf ' . $from_file . ' -C /var/tmp/');
+ sg_addlog("sg_update_blacklist: unpack uploaded file $from_file -> $bl_temp");
+
+ // 2. copy blacklist to squidGuard base
+ if (file_exists($bl_temp)) {
+ // - copy blacklist & create entries list
+ sg_addlog("sg_update_blacklist: create entries");
+ $blk_files = scan_dir($bl_temp);
+ $blk_entries = array();
+ foreach($blk_files as $bf) {
+ if (($bf != '.') && ($bf != '..')) {
+ $blk_entries[] = $bf;
+ mwexec("cp -Rf $bl_temp/$bf $dbhome");
+ sg_addlog("sg_update_blacklist: $bf");
+ }
+ }
+
+ // create entries list
+ if (count($blk_entries)) {
+ file_put_contents($workdir . SQUIDGUARD_BLK_ENTRIES, implode("\n", $blk_entries));
+ set_file_access($workdir . SQUIDGUARD_BLK_ENTRIES, OWNER_NAME, 0755);
+ sg_addlog("sg_update_blacklist: create entries " . $workdir . SQUIDGUARD_BLK_ENTRIES);
+ }
+ sg_remove_unused_db_entries();
+
+ // clearing temp
+ mwexec("rm -R $bl_temp");
+ }
+ set_file_access($squidguard_config[FLD_DBHOME], OWNER_NAME, 0755);
+# sg_full_rebuild_db();
+ }
+ sg_addlog("sg_update_blacklist: end");
+}
+
+// -----------------------------------------------------------------------------
+// sg_entries_blacklist - update blacklist from file
+// -----------------------------------------------------------------------------
+function sg_entries_blacklist() {
+ global $squidguard_config;
+ $contentS = '';
+ $fl = SQUIDGUARD_WORKDIR_DEF . SQUIDGUARD_BLK_ENTRIES;
+ if (file_exists($squidguard_config[FLD_WORKDIR]))
+ $fl = $squidguard_config[FLD_WORKDIR] . SQUIDGUARD_BLK_ENTRIES;
+
+ if (file_exists($fl)) {
+ $contents = file_get_contents($fl);
+ $contents = explode("\n", $contents);
+ }
+ return $contents;
+}
+
+# -------------------------- UTILS ---------------------------------------------
+# sg_uploadfile_from_url
+# upload file and put them to $destination_file
+# return = upload content
+# ------------------------------------------------------------------------------
+function sg_uploadfile_from_url($url_file, $destination_file, $proxy = '') {
+ // open destination file
+ sg_addlog("sg_uploadfile_from_url: begin url'$url_file' proxy'$proxy'");
+
+ $result = '';
+ $ch = curl_init();
+ curl_setopt($ch, CURLOPT_URL, $url_file);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ if (!empty($proxy)) {
+ $ip = '';
+ $login = '';
+ $s = trim($proxy);
+ if (strpos($s, ' ')) {
+ $ip = substr($s, 0, strpos($s, ' '));
+ $login = substr($s, strpos($s, ' ') + 1);
+ } else $ip = $s;
+
+ if($ip != '') {
+ curl_setopt($ch, CURLOPT_PROXY, $ip);
+ if($login != '')
+ curl_setopt($ch, CURLOPT_PROXYUSERPWD, $login);
+ }
+ }
+ $result=curl_exec ($ch);
+ curl_close ($ch);
+ if (!empty($destination_file))
+ file_put_contents($destination_file, $result);
+ else sg_addlog("sg_uploadfile_from_url: error upload file");
+
+
+ // for test
+ file_put_contents(BLK_LOCALFILE, $result);
+
+ sg_addlog("sg_uploadfile_from_url: end");
+ return $result;
+}
+
+// -----------------------------------------------------------------------------
+// Set file access
+// -----------------------------------------------------------------------------
+function set_file_access($dir, $owner, $mod) {
+
+ if (!file_exists($dir)) return;
+
+ chown($dir, $owner);
+ chgrp($dir, $owner);
+ chmod($dir, $mod);
+
+ if (is_dir($dir)) {
+ $hd = opendir($dir);
+ while (($item = readdir($hd)) !== false) {
+ if (($item != ".") && ($item != "..")) {
+ $path = "$dir/$item";
+ if (is_dir($path))
+ set_file_access($path, $owner, $mod);
+ else {
+ chown($path, $owner);
+ chgrp($path, $owner);
+ chmod($path, $mod);
+ }
+ }
+ }
+ }
+}
+# ==============================================================================
+# self utils
+# ==============================================================================
+# scan_dir - build files listing for $dir
+# ------------------------------------------------------------------------------
+function scan_dir($dir) {
+ $files = array();
+ if (file_exists($dir)) {
+ $dh = opendir($dir);
+ while (false !== ($filename = readdir($dh)))
+ $files[] = $filename;
+ sort($files);
+ }
+ return $files;
+}
+# ------------------------------------------------------------------------------
+# is_url - build files listing for $dir
+# ------------------------------------------------------------------------------
+function is_url($url) {
+ if (empty($url)) return false;
+ if (eregi("^http://", $url)) return true;
+ if (eregi("^https://", $url)) return true;
+ if (eregi("^([0-9]{3})", $url)) return true; // http error code 403, 404, 410, 500,
+ return false;
+}
+# ------------------------------------------------------------------------------
+# check name
+# ------------------------------------------------------------------------------
+function check_name ($name) {
+ $err = '';
+ $val = trim($name);
+
+ if ((strlen($val) < 2) || (strlen($val) > 16))
+ $err .= " Size of name must be between [2..16].";
+
+ // All symbols must be [a-zA-Z_0-9\-] First symbol = letter.
+ if (!eregi("^([a-zA-Z]{1})([a-zA-Z_0-9\-]+)$", $val))
+ $err .= " Invalid name $name. Valid name symbols: ['a-Z', '_', '0-9', '-']. First symbol must be a letter.";
+
+ return $err;
+}
+
+?>
diff --git a/packages/squidGuard/squidguard_default.xml b/packages/squidGuard/squidguard_default.xml
index 2318f95b..122206ab 100644
--- a/packages/squidGuard/squidguard_default.xml
+++ b/packages/squidGuard/squidguard_default.xml
@@ -2,15 +2,15 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
<name>squidguarddefault</name>
<version>none</version>
- <title>Proxy server filter SquidGuard: Default</title>
- <include_file>squidguard.inc</include_file>
-
+ <title>Proxy Content filter SquidGuard: Default</title>
+ <include_file>/usr/local/pkg/squidguard.inc</include_file>
+
<tabs>
<tab>
<text>General settings</text>
@@ -46,12 +46,13 @@
<url>/pkg_edit.php?xml=squidguard_log.xml</url>
</tab>
</tabs>
+
<fields>
<field>
<fielddescr>Default Time</fielddescr>
<fieldname>time</fieldname>
- <type>select</type>
<description>Enter time name in current which this rule permitted.</description>
+ <type>select</type>
</field>
<field>
<fielddescr>Default destination</fielddescr>
@@ -63,7 +64,10 @@
<field>
<fielddescr>Default Redirect</fielddescr>
<fieldname>redirect</fieldname>
- <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <description>
+ Enter redirection URL or Error page code for this rule, or leave blank.
+ Supported error page codes: 403, 404, 410.
+ </description>
<type>textarea</type>
<cols>70</cols>
<rows>5</rows>
@@ -71,7 +75,10 @@
<field>
<fielddescr>Default overtime redirect</fielddescr>
<fieldname>overredirect</fieldname>
- <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <description>
+ Enter redirection URL or Error page code for this rule, or leave blank.
+ Supported error page codes: 403, 404, 410.
+ </description>
<type>textarea</type>
<cols>70</cols>
<rows>5</rows>
@@ -95,6 +102,7 @@
<type>checkbox</type>
</field>
</fields>
+
<custom_php_validation_command>
squidguard_validate_acl(&amp;$_POST, &amp;$input_errors);
</custom_php_validation_command>
@@ -102,10 +110,9 @@
squidguard_before_form_acl(&amp;$pkg);
</custom_php_command_before_form>
<custom_php_after_form_command>
- squidGuard_print_javascript();
+ squidGuard_print_javascript();
</custom_php_after_form_command>
- <custom_add_php_command> </custom_add_php_command>
-
+ <custom_add_php_command/>
<custom_php_resync_config_command>
// squidguard_resync();
</custom_php_resync_config_command>
diff --git a/packages/squidGuard/squidguard_dest.xml b/packages/squidGuard/squidguard_dest.xml
index b70d8acc..0643c08f 100644
--- a/packages/squidGuard/squidguard_dest.xml
+++ b/packages/squidGuard/squidguard_dest.xml
@@ -2,14 +2,14 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
<name>squidguarddest</name>
<version>none</version>
- <title>Proxy server filter SquidGuard: Destinations</title>
- <include_file>squidguard.inc</include_file>
+ <title>Proxy Content filter SquidGuard: Destinations</title>
+ <include_file>/usr/local/pkg/squidguard.inc</include_file>
<delete_string>A proxy server user has been deleted.</delete_string>
<addedit_string>A proxy server user has been created/modified.</addedit_string>
@@ -49,6 +49,7 @@
<url>/pkg_edit.php?xml=squidguard_log.xml</url>
</tab>
</tabs>
+
<adddeleteeditpagefields>
<columnitem>
<fielddescr>Destination name</fielddescr>
@@ -68,13 +69,14 @@
</columnitem>
<columnitem>
<fielddescr>Redirect</fielddescr>
- <fieldname>redir</fieldname>
+ <fieldname>redirect</fieldname>
</columnitem>
<columnitem>
<fielddescr>Description</fielddescr>
<fieldname>description</fieldname>
</columnitem>
</adddeleteeditpagefields>
+
<fields>
<field>
<fielddescr>Name</fielddescr>
@@ -124,8 +126,11 @@
</field>
<field>
<fielddescr>Redirect</fielddescr>
- <fieldname>redir</fieldname>
- <description>Enter redirection URL or Error page message for this rule, or leave blank.</description>
+ <fieldname>redirect</fieldname>
+ <description>
+ Enter redirection URL or Error page code for this rule, or leave blank.
+ Supported error page codes: 403, 404, 410.
+ </description>
<type>textarea</type>
<cols>60</cols>
<rows>5</rows>
@@ -133,8 +138,8 @@
<field>
<fielddescr>Enable log</fielddescr>
<fieldname>enablelog</fieldname>
- <description>Check this for enable log.</description>
<type>checkbox</type>
+ <description>Check this for enable log.</description>
</field>
<field>
<fielddescr>Description</fielddescr>
@@ -144,6 +149,8 @@
<size>90</size>
</field>
</fields>
+
+ <custom_delete_php_command/>
<custom_php_validation_command>
squidguard_validate_destination($_POST, &amp;$input_errors);
</custom_php_validation_command>
diff --git a/packages/squidGuard/squidguard_log.xml b/packages/squidGuard/squidguard_log.xml
index 9769c3fb..c201e9f3 100644
--- a/packages/squidGuard/squidguard_log.xml
+++ b/packages/squidGuard/squidguard_log.xml
@@ -2,14 +2,14 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
<name>squidguardlog</name>
<version>none</version>
- <title>Proxy server filter SquidGuard: Log</title>
- <include_file>squidguard.inc</include_file>
+ <title>Proxy Content filter SquidGuard: Log</title>
+ <include_file>/usr/local/pkg/squidguard.inc</include_file>
<delete_string>A proxy server user has been deleted.</delete_string>
<addedit_string>A proxy server user has been created/modified.</addedit_string>
@@ -45,29 +45,33 @@
</tab>
<tab>
<text>Log</text>
- <url>/pkg_edit.php?xml=squidguard_log.xml</url>
+ <url>/pkg_edit.php?xml=squidguard_log.xml&amp;id=0</url>
<active/>
</tab>
</tabs>
+
<fields>
<field>
<fielddescr>Log type</fielddescr>
<fieldname>logtype</fieldname>
- <description>LOG</description>
+ <description></description>
<type>select</type>
<value>access_log</value>
<options>
- <option><name>User access log</name><value>access_log</value></option>
- <option><name>WebGUI log</name><value>webgui_log</value></option>
- <option><name>squidGuard log</name><value>squidguard_log</value></option>
+ <option><name>Blocked URL's log</name><value>block_log</value></option>
+ <option><name>Configurator log</name><value>configurator_log</value></option>
+ <option><name>squidGuard log</name><value>squidguard_log</value></option>
+ <option><name>squid config</name><value>squid_config</value></option>
+ <option><name>squidGuard config</name><value>squidguard_config</value></option>
</options>
</field>
</fields>
+
<custom_php_command_before_form>
squidguard_before_form_log(&amp;$pkg);
</custom_php_command_before_form>
<custom_php_after_form_command>
- squidGuard_print_javascript();
+ squidGuard_print_javascript();
</custom_php_after_form_command>
<custom_php_validation_command>
</custom_php_validation_command>
diff --git a/packages/squidGuard/squidguard_rewr.xml b/packages/squidGuard/squidguard_rewr.xml
index 6dcdec5e..0de007ac 100644
--- a/packages/squidGuard/squidguard_rewr.xml
+++ b/packages/squidGuard/squidguard_rewr.xml
@@ -2,14 +2,14 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
<name>squidguardrewrite</name>
<version>none</version>
- <title>Proxy server filter SquidGuard: Rewrites</title>
- <include_file>squidguard.inc</include_file>
+ <title>Proxy Content filter SquidGuard: Rewrites</title>
+ <include_file>/usr/local/pkg/squidguard.inc</include_file>
<tabs>
<tab>
@@ -46,6 +46,7 @@
<url>/pkg_edit.php?xml=squidguard_log.xml</url>
</tab>
</tabs>
+
<adddeleteeditpagefields>
<columnitem>
<fielddescr>Name</fielddescr>
@@ -56,6 +57,7 @@
<fieldname>description</fieldname>
</columnitem>
</adddeleteeditpagefields>
+
<fields>
<field>
<fielddescr>Name</fielddescr>
@@ -69,37 +71,25 @@
<size>100</size>
</field>
<field>
- <fielddescr>Enable log</fielddescr>
- <fieldname>enablelog</fieldname>
- <type>checkbox</type>
- <description>Check this for enable log.</description>
- </field>
- <field>
- <fielddescr>Description</fielddescr>
- <fieldname>description</fieldname>
- <description>You may enter a description here for your reference (not parsed).</description>
- <type>input</type>
- <size>100</size>
- </field>
- <field>
<fielddescr>
&lt;b&gt;Rewrite rule.&lt;/b&gt;&lt;br&gt;
Define how url will be replaced.</fielddescr>
<type>rowhelper</type>
<rowhelper>
<rowhelperfield>
- <fielddescr>Target URL</fielddescr>
+ <fielddescr>Target URL or regular expression</fielddescr>
<fieldname>targeturl</fieldname>
<type>input</type>
<size>50</size>
</rowhelperfield>
<rowhelperfield>
- <fielddescr>Replace to</fielddescr>
+ <fielddescr>Replace to URL</fielddescr>
<fieldname>replaceto</fieldname>
<type>input</type>
<size>69</size>
</rowhelperfield>
- <rowhelperfield>
+
+<!-- <rowhelperfield>
<fielddescr>Case ins.</fielddescr>
<fieldname>caseins</fieldname>
<type>checkbox</type>
@@ -114,19 +104,29 @@
<fieldname>http302</fieldname>
<type>checkbox</type>
</rowhelperfield>
+-->
</rowhelper>
</field>
<field>
- <fielddescr>Note</fielddescr>
- <fieldname>note</fieldname>
+ <fielddescr>Enable log</fielddescr>
+ <fieldname>enablelog</fieldname>
+ <description>Check this for enable log.</description>
<type>checkbox</type>
- <description>
- &lt;b&gt;Rewrite rule&lt;/b&gt;-define how url will are replaced.&lt;br&gt;
- &lt;b&gt;Target url&lt;/b&gt;-contains destination url or his template. Url template example: */cc32e46.exe &lt;br&gt;
- &lt;b&gt;Replace to&lt;/b&gt;-contains replacing url.
+ </field>
+ <field>
+ <fielddescr>Description</fielddescr>
+ <fieldname>description</fieldname>
+ <description>You may enter a description here for your reference (not parsed).&lt;br&gt;
+ &lt;b&gt; Note: &lt;/b&gt; &lt;br&gt;
+ &lt;b&gt;Rewrite rule&lt;/b&gt; - define how url will are replaced.&lt;br&gt;
+ &lt;b&gt;Target URL or regular expression&lt;/b&gt; - contains destination url or regular expression. Regular expression example: */cc32e46.exe &lt;br&gt;
+ &lt;b&gt;Replace to&lt;/b&gt; - contains replacing url.
</description>
+ <type>input</type>
+ <size>100</size>
</field>
</fields>
+
<custom_php_after_form_command>
squidGuard_print_javascript();
</custom_php_after_form_command>
diff --git a/packages/squidGuard/squidguard_src.xml b/packages/squidGuard/squidguard_src.xml
index 3a291c42..000528db 100644
--- a/packages/squidGuard/squidguard_src.xml
+++ b/packages/squidGuard/squidguard_src.xml
@@ -2,18 +2,18 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
<name>squidguardsrc</name>
<version>none</version>
- <title>Proxy server filter SquidGuard: Sources</title>
- <include_file>squidguard.inc</include_file>
+ <title>Proxy Content filter SquidGuard: Sources</title>
+ <include_file>/usr/local/pkg/squidguard.inc</include_file>
<delete_string>A proxy server user has been deleted.</delete_string>
<addedit_string>A proxy server user has been created/modified.</addedit_string>
-
+
<tabs>
<tab>
<text>General settings</text>
@@ -49,8 +49,13 @@
<url>/pkg_edit.php?xml=squidguard_log.xml</url>
</tab>
</tabs>
+
<adddeleteeditpagefields>
<columnitem>
+ <fielddescr>Order</fielddescr>
+ <fieldname>order</fieldname>
+ </columnitem>
+ <columnitem>
<fielddescr>Source name</fielddescr>
<fieldname>name</fieldname>
</columnitem>
@@ -59,10 +64,15 @@
<fieldname>iplist</fieldname>
</columnitem>
<columnitem>
+ <fielddescr>domains list</fielddescr>
+ <fieldname>domains</fieldname>
+ </columnitem>
+ <columnitem>
<fielddescr>Description</fielddescr>
<fieldname>description</fieldname>
</columnitem>
</adddeleteeditpagefields>
+
<fields>
<field>
<fielddescr>Source name</fielddescr>
@@ -72,21 +82,46 @@
All other symbols is [a-Z_0-9]. Source name must be &lt;b&gt;unique&lt;/b&gt; .
</description>
<type>input</type>
- <size>80</size>
<required/>
+ <size>80</size>
+ </field>
+ <field>
+ <fielddescr>Order</fielddescr>
+ <fieldname>order</fieldname>
+ <description>
+ Order source in list. &lt;br&gt;
+ &lt;b&gt;Note:&lt;/b&gt; &lt;br&gt;
+ Sources order have very high importance. Sources are evaluated on a first-match basis. &lt;br&gt;
+ If your sources have an overlaying ranges, then act will be first in list. &lt;br&gt;
+ &lt;b&gt;For example:&lt;/b&gt; &lt;br&gt;
+ Wrong order: &lt;br&gt;
+ First source entry is the range 10.0.0.0/24 and second entry is 10.0.0.15 (or 10.0.0.15/32 ) &lt;br&gt;
+ Right order: &lt;br&gt;
+ First source entry is the single ip 10.0.0.15 (or 10.0.0.15/32 ) then the overlaying range 10.0.0.0/24 &lt;br&gt;
+ </description>
+ <type>input</type>
+ <size>5</size>
</field>
<field>
<fielddescr>IP addresses</fielddescr>
<fieldname>iplist</fieldname>
<description>
Enter IP addresses here with space(' ') divider. &lt;br&gt;
- IP addresses must be in format:&lt;br&gt;
- ip xxx.xxx.xxx.xxx [...] or ip xxx.xxx.xxx.xxx/nn [...] or &lt;br&gt;
- ip xxx.xxx.xxx.xxx/mmm.mmm.mmm.mmm [...] or ip xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy [...] &lt;br&gt;
- where: &lt;br&gt;
- xxx.xxx.xxx.xxx is an IP address (host or net, i.e. 10.11.12.13 or 10.11.12.0), /nn a net prefix (i.e. /23), &lt;br&gt;
- mmm.mmm.mmm.mmm is a netmask (i.e. 255.255.254.0) and yyy.yyy.yyy.yyy is a host address &lt;br&gt;
- (must be >= xxx.xxx.xxx.xxx)
+ IP addresses must have format:&lt;br&gt;
+ single example: '192.168.0.1' &lt;br&gt;
+ range examples: &lt;br&gt;
+ '192.168.0.0/24', '192.168.1.0/255.255.255.0', '192.168.1.1-192.168.1.10' &lt;br&gt;
+ </description>
+ <type>textarea</type>
+ <cols>50</cols>
+ <rows>10</rows>
+ </field>
+ <field>
+ <fielddescr>Domains</fielddescr>
+ <fieldname>domains</fieldname>
+ <description>
+ Enter domains names here with space(' ') divider. &lt;br&gt;
+ Example: &lt;b&gt;'foo.bar'&lt;/b&gt; match &lt;b&gt;'foo.bar'&lt;/b&gt; or &lt;b&gt;'*.foo.bar'&lt;/b&gt;.
</description>
<type>textarea</type>
<cols>50</cols>
@@ -106,6 +141,10 @@
<size>80</size>
</field>
</fields>
+
+ <custom_php_command_before_form>
+ squidguard_before_form_src(&amp;$pkg);
+ </custom_php_command_before_form>
<custom_php_after_form_command>
squidGuard_print_javascript();
</custom_php_after_form_command>
@@ -113,6 +152,9 @@
squidguard_validate_source($_POST, &amp;$input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
-// squidguard_resync_time();
+ squidguard_resync_src();
</custom_php_resync_config_command>
+ <custom_delete_php_command>
+ squidguard_resync_src();
+ </custom_delete_php_command>
</packagegui>
diff --git a/packages/squidGuard/squidguard_time.xml b/packages/squidGuard/squidguard_time.xml
index 89f37590..360a2930 100644
--- a/packages/squidGuard/squidguard_time.xml
+++ b/packages/squidGuard/squidguard_time.xml
@@ -2,14 +2,14 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
<name>squidguardtime</name>
<version>none</version>
- <title>Proxy server filter SquidGuard: Times</title>
- <include_file>squidguard.inc</include_file>
+ <title>Proxy Content filter SquidGuard: Times</title>
+ <include_file>/usr/local/pkg/squidguard.inc</include_file>
<delete_string>A proxy server user has been deleted.</delete_string>
<addedit_string>A proxy server user has been created/modified.</addedit_string>
@@ -49,6 +49,7 @@
<url>/pkg_edit.php?xml=squidguard_log.xml</url>
</tab>
</tabs>
+
<adddeleteeditpagefields>
<columnitem>
<fielddescr>Timename</fielddescr>
@@ -65,12 +66,12 @@
<fieldname>name</fieldname>
<description>Enter the time name here.</description>
<type>input</type>
- <size>80</size>
<required/>
+ <size>80</size>
</field>
<field>
- <type>rowhelper</type>
<fielddescr>Values</fielddescr>
+ <type>rowhelper</type>
<rowhelper>
<rowhelperfield>
<fielddescr>Time type</fielddescr>
@@ -103,13 +104,12 @@
<rowhelperfield>
<fielddescr>Date or Date range</fielddescr>
<fieldname>daterange</fieldname>
- <description>00:00-08:00 15:00-21:00 Format: *.01.01</description>
<type>input</type>
<size>40</size>
</rowhelperfield>
<rowhelperfield>
<fielddescr>Time range</fielddescr>
- <fieldname>timerange</fieldname>
+ <fieldname>sg_timerange</fieldname>
<description>00:00-08:00</description>
<type>input</type>
<size>20</size>
@@ -119,13 +119,19 @@
<field>
<fielddescr>Description</fielddescr>
<fieldname>description</fieldname>
- <description>You may enter a description here for your reference (not parsed).</description>
+ <description>You may enter a description here for your reference (not parsed). &lt;br&gt;
+ &lt;b&gt; Note: &lt;/b&gt; &lt;br&gt;
+ Field &lt;b&gt;'Date or date range'&lt;/b&gt; have format 'yyyy.mm.dd'; 'yyyy.mm.dd-yyyy.mm.dd'; or use '*' in format. &lt;br&gt;
+ Example: '2007.05.01'; '2007.04.14-2007.04.17'; '*.12.24'; '2007.*.01'; &lt;br&gt;
+ Field &lt;b&gt;'Time range'&lt;/b&gt; have format 'hh:mm-hh:mm'. Example: '08:00-18:00';
+ </description>
<type>input</type>
<size>80</size>
</field>
</fields>
+
<custom_php_after_form_command>
- squidGuard_print_javascript();
+ squidGuard_print_javascript();
</custom_php_after_form_command>
<custom_php_validation_command>
squidguard_validate_times(&amp;$_POST, &amp;$input_errors);