7 files changed, 76 insertions, 11 deletions

diff --git a/config/dansguardian/dansguardian.conf.template b/config/dansguardian/dansguardian.conf.template
index 27099332..ab30527a 100755
--- a/config/dansguardian/dansguardian.conf.template
+++ b/config/dansguardian/dansguardian.conf.template
@@ -157,7 +157,8 @@ proxyport = {$proxyport}
 #
 # Individual filter groups can override this setting in their own configuration.
 #
-accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
+#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
+{$accessdeniedaddress}
 
 # Non standard delimiter (only used with accessdeniedaddress)
 # To help preserve the full banned URL, including parameters, the variables
diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc
index 56acfc5e..26e213a2 100755
--- a/config/dansguardian/dansguardian.inc
+++ b/config/dansguardian/dansguardian.inc
@@ -181,6 +181,16 @@ function sync_package_dansguardian() {
 	
 	#report and log
 	$reportlevel=($dansguardian_log['report_level']?$dansguardian_log['report_level']:"3");
+	if ($reportlevel == 1 || $reportlevel== 2){
+		if (preg_match("@(\w+://[a-zA-Z0-9.:/\-]+)@",$dansguardian_log['reportingcgi'],$cgimatches)){
+			$accessdeniedaddress="accessdeniedaddress = '".$cgimatches[1]."'";
+			}
+		else{
+			log_error("dansguardian - " . $dansguardian_log['reportingcgi'] . " is not a valid access denied cgi url");
+			file_notice("dansguardian - " . $dansguardian_log['reportingcgi'] . " is not a valid access denied cgi url","");
+			}
+	}
+	$accessdenied=($dansguardian_log['reportingcgi']?$dansguardian_log['report_level']:"3");
 	$reportlanguage=($dansguardian_log['report_language']?$dansguardian_log['report_language']:"ukenglish");
 	$showweightedfound=(preg_match('/showweightedfound/',$dansguardian_log['report_options'])?"on":"off");
 	$usecustombannedflash=(preg_match('/usecustombannedflash/',$dansguardian_log['report_options'])?"on":"off");
@@ -657,7 +667,7 @@ function sync_package_dansguardian() {
 		$config['installedpackages']['dansguardianlog']['config'][0]['report_file']=base64_encode($report_file);
 		$dansguardian_log['report_file']=base64_encode($report_file);
 		$load_samples++;
-	}	
+	}
 
 	if($load_samples > 0)
 		write_config();
@@ -676,7 +686,8 @@ function sync_package_dansguardian() {
 																				'urlacl'=> "Default",
 																				'group_options' => "scancleancache,infectionbypasserrorsonly",
 																				'reportinglevel'=>'3',
-																				'mode'=> "1");
+																				'mode'=> "1",
+																				'report_level'=>"general");
 
 	$groups=array("scancleancache","hexdecodecontent","blockdownloads","enablepics","deepurlanalysis","infectionbypasserrorsonly","disablecontentscan","sslcertcheck","sslmitm");
 	#loop on array
@@ -695,6 +706,29 @@ function sync_package_dansguardian() {
 		$dansguardian_groups['bypass']=($dansguardian_groups['bypass']?$dansguardian_groups['bypass']:"0");
 		$dansguardian_groups['infectionbypass']=($dansguardian_groups['infectionbypass']?$dansguardian_groups['infectionbypass']:"0");
 		$dansguardian_groups['mitmkey']=($dansguardian_groups['mitmkey']?$dansguardian_groups['mitmkey']:"dgs3dD3da");
+		switch ($dansguardian_groups['reportinglevel']){
+			case "1":
+			case "2":
+				$groupreportinglevel="reportinglevel = ".$dansguardian_groups['reportinglevel'];
+				if (preg_match("@(\w+://[a-zA-Z0-9.:/\-]+)@",$dansguardian_groups['reportingcgi'],$cgimatches)){
+					$groupaccessdeniedaddress="accessdeniedaddress = '".$cgimatches[1]."'";
+					}
+				else{
+					log_error('Dansguardian - Group '.$dansguardian_groups['name']. ' does not has a valid access denied cgi url.');
+					file_notice('Dansguardian - Group '.$dansguardian_groups['name']. ' does not has a valid access denied cgi url.',"");
+					}
+			break;		
+			case "-1": 
+			case "0":
+			case "3":
+				$groupreportinglevel="reportinglevel = ".$dansguardian_groups['reportinglevel'];
+				$groupaccessdeniedaddress="";
+			break;
+			default:
+				$groupreportinglevel="";
+				$groupaccessdeniedaddress="";
+		}
+
 		foreach ($groups as $group)
 			$dansguardian_groups[$group]=(preg_match("/$group/",$dansguardian_groups['group_options'])?"on":"off");
 		include("/usr/local/pkg/dansguardianfx.conf.template");
diff --git a/config/dansguardian/dansguardian_groups.xml b/config/dansguardian/dansguardian_groups.xml
index baa9b44a..063d55fa 100755
--- a/config/dansguardian/dansguardian_groups.xml
+++ b/config/dansguardian/dansguardian_groups.xml
@@ -105,7 +105,10 @@
 			<fielddescr>Group mode</fielddescr>
 			<fieldname>mode</fieldname>
 		</columnitem>	
-
+		<columnitem>
+			<fielddescr>Reporting level</fielddescr>
+			<fieldname>reportinglevel</fieldname>
+		</columnitem>	
 		<columnitem>
 			<fielddescr>Description</fielddescr>
 			<fieldname>description</fieldname>
@@ -247,7 +250,8 @@
 								If defined, this overrides the global setting in dansguardian.conf for members of this filter group.]]></description>
 	    	<type>select</type>
  				<options>
- 				<option><name>Use HTML template file (accessdeniedaddress ignored) - recommended</name><value>3</value></option>
+ 				<option><name>Use General log option selected on Report and log - recommended</name><value>Global</value></option>
+ 				<option><name>Use HTML template file (accessdeniedaddress ignored)</name><value>3</value></option>
  				<option><name>Report fully</name><value>2</value></option>
  				<option><name>Report why but not what denied phrase</name><value>1</value></option>
  				<option><name>Just say 'Access Denied'</name><value>0</value></option>
@@ -255,6 +259,15 @@
 				</options>
 		</field>
 		<field>
+			<fielddescr>Access Denied cgi</fielddescr>
+			<fieldname>reportingcgi</fieldname>
+			<description><![CDATA[While using Report Level (report fully) or (Report why but not what denied phrase), specify here the url link to your access denied cgi script
+								  ex:http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl]]></description>
+			<type>input</type>
+			<size>70</size>
+		</field>
+		
+		<field>
 			<fielddescr>Weighted phrase mode</fielddescr>
 			<fieldname>weightedphrasemode</fieldname>
 			<description><![CDATA[IMPORTANT: Note that setting this to "0" turns off all features which extract phrases from page content, 
@@ -321,6 +334,15 @@
 			<type>input</type>
 			<size>10</size>
 		</field>
+		<field>
+			<fielddescr>Temporary Denied Page Bypass Secret Key</fielddescr>
+			<fieldname>bypasskey</fieldname>
+			<description><![CDATA[If not empty, rather than generating a random key you can specify one. It must be more than 8 chars.<br>
+									Ex1:Mary had a little lamb.<br>
+									Ex2:76b42abc1cd0fdcaf6e943dcbc93b826]]></description>
+			<type>input</type>
+			<size>70</size>
+		</field>
 			<field>
 			<fielddescr>Infection/Scan Error Bypass</fielddescr>
 			<fieldname>infectionbypass</fieldname>
diff --git a/config/dansguardian/dansguardian_log.xml b/config/dansguardian/dansguardian_log.xml
index a3448d44..a9b9d0e9 100644
--- a/config/dansguardian/dansguardian_log.xml
+++ b/config/dansguardian/dansguardian_log.xml
@@ -114,6 +114,14 @@
  				<option><name>Just say 'Access Denied'</name><value>0</value></option>
  				<option><name>Log but do not block - Stealth mode</name><value>-1</value></option>
 				</options>
+		</field>
+		<field>
+			<fielddescr>Access Denied cgi</fielddescr>
+			<fieldname>reportingcgi</fieldname>
+			<description><![CDATA[While using Report Level (report fully) or (Report why but not what denied phrase), specify here the url link to your access denied cgi script
+								  ex:http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl]]></description>
+			<type>input</type>
+			<size>70</size>
 		</field>	
 		<field>
 			<fielddescr>Report Language</fielddescr>
diff --git a/config/dansguardian/dansguardianfx.conf.template b/config/dansguardian/dansguardianfx.conf.template
index c2d10853..c827cfe4 100644
--- a/config/dansguardian/dansguardianfx.conf.template
+++ b/config/dansguardian/dansguardianfx.conf.template
@@ -268,8 +268,8 @@ deepurlanalysis = {$dansguardian_groups['deepurlanalysis']}
 #
 # If defined, this overrides the global setting in dansguardian.conf for
 # members of this filter group.
-#
-reportinglevel = {$dansguardian_groups['reportinglevel']}
+# reportinglevel = 3
+{$groupreportinglevel}
 
 # accessdeniedaddress is the address of your web server to which the cgi
 # dansguardian reporting script was copied. Only used in reporting levels
@@ -284,8 +284,8 @@ reportinglevel = {$dansguardian_groups['reportinglevel']}
 #
 # If defined, this overrides the global setting in dansguardian.conf for
 # members of this filter group.
-#
-accessdeniedaddress = '{$dansguardian_groups['accessdeniedaddress']}'
+# accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
+{$groupaccessdeniedaddress}
 
 # HTML Template override
 # If defined, this specifies a custom HTML template file for members of this
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index ceb3ee74..3254829b 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -449,7 +449,7 @@
 		<depends_on_package>dansguardian-2.12.0.0.tbz</depends_on_package>
 		<depends_on_package>clamav-0.97.3_1.tbz</depends_on_package>
 		<depends_on_package>ca_root_nss-3.13.3.tbz</depends_on_package>
-		<version>2.12.0.0 pkg v.0.1.5.2</version>
+		<version>2.12.0.0 pkg v.0.1.5.3</version>
 		<status>beta</status>
 		<required_version>2.0</required_version>
 		<configurationfile>dansguardian.xml</configurationfile>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index b51305a3..01d6bdac 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -552,7 +552,7 @@
 		<depends_on_package>dansguardian-2.12.0.0.tbz</depends_on_package>
 		<depends_on_package>clamav-0.97.3_1.tbz</depends_on_package>
 		<depends_on_package>ca_root_nss-3.13.3.tbz</depends_on_package>
-		<version>2.12.0.0 pkg v.0.1.5.2</version>
+		<version>2.12.0.0 pkg v.0.1.5.3</version>
 		<status>beta</status>
 		<required_version>2.0</required_version>
 		<configurationfile>dansguardian.xml</configurationfile>