diff options
Diffstat (limited to 'config/dansguardian')
28 files changed, 1157 insertions, 407 deletions
diff --git a/config/dansguardian/blockedflash.swf b/config/dansguardian/blockedflash.swf Binary files differdeleted file mode 100644 index ef53ee44..00000000 --- a/config/dansguardian/blockedflash.swf +++ /dev/null diff --git a/config/dansguardian/dansguardian.conf.template b/config/dansguardian/dansguardian.conf.template index ab30527a..ed514eca 100755 --- a/config/dansguardian/dansguardian.conf.template +++ b/config/dansguardian/dansguardian.conf.template @@ -30,7 +30,7 @@ #create dansguardian.conf $dg=<<<EOF -# DansGuardian config file for version 2.12.0.0 +# DansGuardian config file for version 2.12.0.2 # **NOTE** as of version 2.7.5 most of the list files are now in dansguardianf1.conf @@ -52,7 +52,7 @@ reportinglevel = {$reportlevel} # and easier to customise the access denied page. # The language file is used no matter what setting however. # -languagedir = '/usr/local/share/dansguardian/languages' +languagedir = '{$dg_dir}/share/dansguardian/languages' # language to use from languagedir. language = '{$reportlanguage}' @@ -131,6 +131,8 @@ proxyip = {$proxyip} # the port DansGuardian connects to proxy on proxyport = {$proxyport} +proxytimeout = {$proxytimeout} + # Whether to retrieve the original destination IP in transparent proxy # setups and check it against the domain pulled from the HTTP headers. # @@ -178,7 +180,7 @@ nonstandarddelimiter = {$nonstandarddelimiter} # icons from banned domains. # on (default) | off usecustombannedimage = {$usecustombannedimage} -custombannedimagefile = '/usr/local/share/dansguardian/transparent1x1.gif' +custombannedimagefile = '{$dg_dir}/share/dansguardian/transparent1x1.gif' #Banned flash replacement @@ -194,18 +196,18 @@ usecustombannedflash = {$usecustombannedflash} # to a group. The more filter groups the more copies of the lists will be in RAM so # use as few as possible. filtergroups = {$filtergroups} -filtergroupslist = '/usr/local/etc/dansguardian/lists/filtergroupslist' +filtergroupslist = '{$dansguardian_dir}/lists/filtergroupslist' # Authentication files location -bannediplist = '/usr/local/etc/dansguardian/lists/bannediplist' -exceptioniplist = '/usr/local/etc/dansguardian/lists/exceptioniplist' +bannediplist = '{$dansguardian_dir}/lists/bannediplist' +exceptioniplist = '{$dansguardian_dir}/lists/exceptioniplist' # Per-Room blocking definition directory # A directory containing text files containing the room's name followed by IPs or ranges # Think of it as bannediplist on crack -perroomblockingdirectory = '/usr/local/etc/dansguardian/lists/bannedrooms/' +perroomblockingdirectory = '{$dansguardian_dir}/lists/bannedrooms/' # Show weighted phrases found # If enabled then the phrases found that made up the total which excedes @@ -475,9 +477,9 @@ trickledelay = {$trickledelay} # one is forced to match as the default, regardless of user agent # and other matching mechanisms. # -downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/fancy.conf' -##!! Not compiled !! downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/trickle.conf' -downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/default.conf' +downloadmanager = '{$dansguardian_dir}/downloadmanagers/fancy.conf' +##!! Not compiled !! downloadmanager = '{$dansguardian_dir}/downloadmanagers/trickle.conf' +downloadmanager = '{$dansguardian_dir}/downloadmanagers/default.conf' @@ -523,11 +525,11 @@ contentscanexceptions = {$contentscanexceptions} # # If you do not use multiple filter groups, you need not specify this option. # -#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-basic.conf' -#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-digest.conf' -#authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-ntlm.conf' -#authplugin = '/usr/local/etc/dansguardian/authplugins/ident.conf' -#authplugin = '/usr/local/etc/dansguardian/authplugins/ip.conf' +#authplugin = '{$dansguardian_dir}/authplugins/proxy-basic.conf' +#authplugin = '{$dansguardian_dir}/authplugins/proxy-digest.conf' +#authplugin = '{$dansguardian_dir}/authplugins/proxy-ntlm.conf' +#authplugin = '{$dansguardian_dir}/authplugins/ident.conf' +#authplugin = '{$dansguardian_dir}/authplugins/ip.conf' {$authplugin} diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc index c897f944..39282409 100755 --- a/config/dansguardian/dansguardian.inc +++ b/config/dansguardian/dansguardian.inc @@ -2,13 +2,13 @@ /* dansguardian.inc part of the Dansguardian package for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -90,7 +90,7 @@ function check_ca_hashes(){ } } -function sync_package_dansguardian($via_rpc=false) { +function sync_package_dansguardian($via_rpc="no",$install_process=false) { global $config,$g; # detect boot process @@ -101,8 +101,13 @@ function sync_package_dansguardian($via_rpc=false) { $boot_process="on"; } - if (is_process_running('dansguardian') && isset($boot_process) && $via_rpc==false) + if (is_process_running('dansguardian') && isset($boot_process) && $via_rpc=="no"){ + log_error("[Dansguardian] - Detected boot process pr:".is_process_running('dansguardian')." bp:".isset($boot_process)." rpc:".$via_rpc); return; + } + else{ + log_error("[Dansguardian] - Save settings package call pr:".is_process_running('dansguardian')." bp:".isset($boot_process)." rpc:".$via_rpc); + } #assign xml arrays if (!is_array($config['installedpackages']['dansguardian'])) @@ -136,7 +141,7 @@ function sync_package_dansguardian($via_rpc=false) { #daemon options $dansguardian_enabled=$dansguardian['enable_dg']; $filterport=($dansguardian['filterports']?$dansguardian['filterports']:"8080"); - $softrestart=(preg_match('/softrestart/',$dansguardian['daemon_options'])?"yes":"no"); + $softrestart=(preg_match('/softrestart/',$dansguardian['daemon_options'])?"on":"off"); $nodaemon=(preg_match('/nodaemon/',$dansguardian['daemon_options'])?"yes":"off"); if (preg_match("/(\d+)\/(\d+)/",$dansguardian['children'],$matches)){ $minchildren=$matches[1]; @@ -159,6 +164,7 @@ function sync_package_dansguardian($via_rpc=false) { $preforkchildren=($dansguardian['preforkchildren']?$dansguardian['preforkchildren']:"10"); $proxyip=($dansguardian['proxyip']?$dansguardian['proxyip']:"127.0.0.1"); $proxyport=($dansguardian['proxyport']?$dansguardian['proxyport']:"127.0.0.1"); + $proxytimeout=($dansguardian['proxytimeout']?$dansguardian['proxytimeout']:"30"); #general options $urlcachenumber=($dansguardian_config['urlcachenumber']?$dansguardian_config['urlcachenumber']:"1000"); @@ -184,13 +190,14 @@ function sync_package_dansguardian($via_rpc=false) { $recheckreplacedurls=(preg_match('/icapscan/',$dansguardian_config['misc_options'])?"on":"off"); $usexforwardedfor=(preg_match('/usexforwardedfor/',$dansguardian_config['misc_options'])?"on":"off"); $authplugin=(preg_match('/usr/',$dansguardian_config['auth_plugin'])?"authplugin = '".$dansguardian_config['auth_plugin']."'":""); - /*if ($dansguardian_config['auth_plugin']!=""){ + if ($dansguardian_config['auth_plugin']!=""){ $auth_plugins=explode(",",$dansguardian_config['auth_plugin']); $authplugin=""; foreach ($auth_plugins as $auth_selected) - $authplugin.="authplugin = '".$auth_selected."'\n"; + if ($auth_selected != "none") + $authplugin.="authplugin = '".preg_replace("@/usr/local@",DANSGUARDIAN_DIR,$auth_selected)."'\n"; } - */ + #limits $maxuploadsize=($dansguardian_limits['maxuploadsize']?$dansguardian_limits['maxuploadsize']:"-1"); $maxcontentfiltersize=($dansguardian_limits['maxcontentfiltersize']?$dansguardian_limits['maxcontentfiltersize']:"256"); @@ -214,8 +221,8 @@ function sync_package_dansguardian($via_rpc=false) { $reportlanguage=($dansguardian_log['report_language']?$dansguardian_log['report_language']:"ukenglish"); $showweightedfound=(preg_match('/showweightedfound/',$dansguardian_log['report_options'])?"on":"off"); $usecustombannedflash=(preg_match('/usecustombannedflash/',$dansguardian_log['report_options'])?"on":"off"); - if (file_exists('/usr/local/share/dansguardian/blockedflash.swf')) - $custombannedflashfile="custombannedflashfile = '/usr/local/share/dansguardian/blockedflash.swf'"; + if (file_exists(DANSGUARDIAN_DIR.'/share/dansguardian/blockedflash.swf')) + $custombannedflashfile="custombannedflashfile = '".DANSGUARDIAN_DIR."/share/dansguardian/blockedflash.swf'"; $usecustombannedimage=(preg_match('/usecustombannedimage/',$dansguardian_log['report_options'])?"on":"off"); $nonstandarddelimiter=(preg_match('/nonstandarddelimiter/',$dansguardian_log['report_options'])?"on":"off"); @@ -299,14 +306,14 @@ function sync_package_dansguardian($via_rpc=false) { exec("/usr/bin/openssl x509 -hash -noout -in /etc/ssl/demoCA/cacert.pem",$cert_hash); file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",base64_decode($ca_cert['crt'])); $ca_pem = "cacertificatepath = '/etc/ssl/demoCA/cacert.pem'"; - $generatedcertpath= "generatedcertpath = '/etc/ssl/demoCA/certs/'"; + $generatedcertpath= "generatedcertpath = '".$dansguardian_dir."/ssl/generatedcerts'"; #generatedcertpath = ".$dansguardian_dir . "/ssl/generatedcerts"; $generatedlinkpath= "generatedlinkpath = '".$dansguardian_dir . "/ssl/generatedlinks'"; } $svr_cert = lookup_cert($dansguardian_config["dcert"]); if ($svr_cert != false) { if(base64_decode($svr_cert['prv'])) { - file_put_contents("/etc/ssl/demoCA/private/serverkey.pem",base64_decode($svr_cert['prv'])); + file_put_contents("/etc/ssl/demoCA/private/serverkey.pem",base64_decode($svr_cert['prv']).base64_decode($svr_cert['crt'])); $cert_key = "certprivatekeypath = '/etc/ssl/demoCA/private/serverkey.pem' "; } } @@ -317,7 +324,7 @@ function sync_package_dansguardian($via_rpc=false) { $match[1]="/(\/usr.local)/"; $match[2]="/,/"; $replace[0]="$1'"; - $replace[1]="contentscanner = '$1"; + $replace[1]="contentscanner = '".DANSGUARDIAN_DIR; $replace[2]="\n"; $contentscanners=preg_replace($match,$replace,$dansguardian_config['content_scanners']); @@ -327,7 +334,7 @@ function sync_package_dansguardian($via_rpc=false) { $match[1]="/\/usr.local/"; $match[2]="/,/"; $replace[0]="$1>\n"; - $replace[1]="\n.Include</usr/local"; + $replace[1]="\n.Include<".DANSGUARDIAN_DIR; $replace[2]=">"; #phrase ACL @@ -716,10 +723,11 @@ function sync_package_dansguardian($via_rpc=false) { 'urlacl'=> "Default", 'group_options' => "scancleancache,infectionbypasserrorsonly", 'reportinglevel'=>'3', + 'group_name_source'=>'name', 'mode'=> "1", 'report_level'=>"global"); - $groups=array("scancleancache","hexdecodecontent","blockdownloads","enablepics","deepurlanalysis","infectionbypasserrorsonly","disablecontentscan","sslcertcheck","sslmitm"); + $groups=array("scancleancache","hexdecodecontent","blockdownloads","enablepics","deepurlanalysis","infectionbypasserrorsonly","disablecontentscan","sslcheckcert","sslmitm"); #loop on array $count=1; $user_xml=""; @@ -735,7 +743,7 @@ function sync_package_dansguardian($via_rpc=false) { $dansguardian_groups['embeddedurlweight']=($dansguardian_groups['embeddedurlweight']?$dansguardian_groups['embeddedurlweight']:"0"); $dansguardian_groups['bypass']=($dansguardian_groups['bypass']?$dansguardian_groups['bypass']:"0"); $dansguardian_groups['infectionbypass']=($dansguardian_groups['infectionbypass']?$dansguardian_groups['infectionbypass']:"0"); - $dansguardian_groups['mitmkey']=($dansguardian_groups['mitmkey']?$dansguardian_groups['mitmkey']:"dgs3dD3da"); + $dansguardian_groups['maxuploadsize']=(is_numeric($dansguardian_groups['maxuploadsize'])?$dansguardian_groups['maxuploadsize']:$maxuploadsize); switch ($dansguardian_groups['reportinglevel']){ case "1": case "2": @@ -759,8 +767,11 @@ function sync_package_dansguardian($via_rpc=false) { $groupaccessdeniedaddress=""; } - foreach ($groups as $group) + foreach ($groups as $group){ $dansguardian_groups[$group]=(preg_match("/$group/",$dansguardian_groups['group_options'])?"on":"off"); + } + + #create group list files $lists=array("phraseacl" => array("bannedphrase","weightedphrase","exceptionphrase"), "siteacl" => array("bannedsite","greysite","exceptionsite","exceptionfilesite","logsite"), @@ -771,11 +782,16 @@ function sync_package_dansguardian($via_rpc=false) { "searchacl" => array("searchengineregexp","bannedsearchterm","weightedsearchterm","exceptionsearchterm") ); foreach ($lists as $list_key => $list_array){ + // verify groups acls to avoid errors on empty acl group options + if (!preg_match("/\w+/",$dansguardian_groups[$list_key])){ + log_error("dansguardian - Config warning, Group {$dansguardian_group_name} {$list_key} cannot be empty! Trying to load sample values"); + } foreach ($list_array as $list_value){ #read all access lists applied tho this group option foreach (explode(",",$dansguardian_groups[$list_key]) as $dacl){ if (! is_array(${$list_value})) ${$list_value}=array(); + $dacl=(preg_match("/\w+/",$dacl)? $dacl : "sample"); $file_temp=file_get_contents(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/{$list_value}list.{$dacl}")."\n"; ${$list_value}=array_merge(explode("\n",$file_temp),${$list_value}); } @@ -784,7 +800,7 @@ function sync_package_dansguardian($via_rpc=false) { #save group file and unset array file_put_contents(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/{$list_value}list.g_{$dansguardian_groups['name']}",implode("\n",array_unique(${$list_value}))."\n",LOCK_EX); unset(${$list_value}); - } + } } /* bannedphraselist = '/usr/local/etc/dansguardian/lists/bannedphraselist.{$dansguardian_groups['phraseacl']}' @@ -898,9 +914,9 @@ EOF; #Create/update filtergroupsiplist file_put_contents($dansguardian_dir."/lists/authplugins/ipgroups",$filtergroupsiplist,LOCK_EX); #Create/update userlist xml file - $ips_xml_header=file_get_contents("/usr/local/pkg/dansguardian_ips_header.xml"); - $user_xml_header=file_get_contents("/usr/local/pkg/dansguardian_users_header.xml"); - $user_xml_footer=file_get_contents("/usr/local/pkg/dansguardian_users_footer.xml"); + $ips_xml_header=file_get_contents("/usr/local/pkg/dansguardian_ips_header.template"); + $user_xml_header=file_get_contents("/usr/local/pkg/dansguardian_users_header.template"); + $user_xml_footer=file_get_contents("/usr/local/pkg/dansguardian_users_footer.template"); file_put_contents("/usr/local/pkg/dansguardian_users.xml",$user_xml_header.$user_xml.$user_xml_footer,LOCK_EX); file_put_contents("/usr/local/pkg/dansguardian_ips.xml",$ips_xml_header.$ips_xml.$user_xml_footer,LOCK_EX); @@ -909,29 +925,36 @@ EOF; file_put_contents("/usr/local/share/dansguardian/languages/".$reportlanguage."/template.html",dg_text_area_decode($dansguardian_log['report_file']),LOCK_EX); #check blacklist download files - if ($dansguardian_blacklist['cron']=="force_download"){ - log_error("Blacklist udpate process started"); - file_notice("Dansguardian - Blacklist udpate process started",""); - file_put_contents("/root/dansguardian_custom.script",base64_decode($dansguardian_blacklist['custom_script']),LOCK_EX); - if ($dansguardian_blacklist['enable_custom_script'] && $dansguardian_blacklist['custom_script'] != "") - mwexec_bg("/root/dansguardian_custom.script"); - else - mwexec_bg("/usr/local/bin/php /usr/local/www/dansguardian.php fetch_blacklist"); + if ($install_process == true){ + require_once("/usr/local/www/dansguardian.php"); + fetch_blacklist(false,true); + update_output_window("Blacklist check done, continuing package config sync."); + } + else{ + if ($dansguardian_blacklist['cron']=="force_download"){ + log_error("Blacklist udpate process started"); + file_notice("Dansguardian - Blacklist udpate process started",""); + file_put_contents("/root/dansguardian_custom.script",base64_decode($dansguardian_blacklist['custom_script']),LOCK_EX); + if ($dansguardian_blacklist['enable_custom_script'] && $dansguardian_blacklist['custom_script'] != "") + mwexec_bg("/root/dansguardian_custom.script"); + else + mwexec_bg("/usr/local/bin/php /usr/local/www/dansguardian.php fetch_blacklist"); + } + #update xml categories from downloaded file + if ($dansguardian_blacklist['cron']=="force_update"){ + $config['installedpackages']['dansguardianblacklist']['config'][0]['cron']="never"; + mwexec_bg("/usr/local/bin/php /usr/local/www/dansguardian.php update_lists"); } - #update xml categories from downloaded file - if ($dansguardian_blacklist['cron']=="force_update"){ - $config['installedpackages']['dansguardianblacklist']['config'][0]['cron']="never"; - mwexec_bg("/usr/local/bin/php /usr/local/www/dansguardian.php update_lists"); - } - #Import default blacklists - if (!is_array($config['installedpackages']['dansguardianblacklistsurls']['config'])) - mwexec_bg("/usr/local/bin/php /usr/local/www/dansguardian.php update_lists"); - + #Import default blacklists + if (!is_array($config['installedpackages']['dansguardianblacklistsurls']['config'])) + mwexec_bg("/usr/local/bin/php /usr/local/www/dansguardian.php update_lists"); + } #get clamav user - $cconf="/usr/local/etc/clamd.conf"; + $cconf= DANSGUARDIAN_DIR. "/etc/clamd.conf"; $cconf_file=file_get_contents($cconf); if (preg_match("/User (\w+)/",$cconf_file,$matches)){ + mwexec("/usr/sbin/pw user show {$matches[1]} || /usr/sbin/pw user add -n {$matches[1]} -s /usr/sbin/nologin"); $daemonuser = $matches[1]; $daemongroup = 'nobody'; } @@ -940,7 +963,6 @@ EOF; $daemongroup = 'nobody'; } $filtergroups=($count > 1?($count -1):1); - $filterip=""; $filterports=""; foreach (explode(",", $dansguardian['interface']) as $i => $iface) { @@ -958,12 +980,12 @@ EOF; $cron_found=0; if (is_array($config['cron']['item'])) foreach($config['cron']['item'] as $cron) - if (preg_match("/usr.local.(bin.freshclam|www.dansguardian)/",$cron["command"])) + if (preg_match("@(".DANSGUARDIAN_DIR."|/usr/local)/(bin.freshclam|www/dansguardian)@",$cron["command"])) $cron_found++; else $new_cron['item'][]=$cron; - $cron_cmd="/usr/local/bin/freshclam"; + $cron_cmd= DANSGUARDIAN_DIR."/bin/freshclam"; if($dansguardian_config['cron'] && preg_match("/clamd/",$dansguardian_config['content_scanners'])) switch ($dansguardian_config['cron']){ case "day": @@ -1041,6 +1063,7 @@ EOF; $cron_cmd="/usr/local/bin/php /usr/local/www/dansguardian_ldap.php"; if (is_array($config['installedpackages']['dansguardiangroups']['config'])) foreach ($config['installedpackages']['dansguardiangroups']['config'] as $dansguardian_groups){ + $dans_group_source=($dansguardian_groups['groupnamesource'] !="" ? $dansguardian_groups['groupnamesource'] : "name"); if(preg_match('/(\d+)m/',$dansguardian_groups['freq'],$matches)){ $new_cron['item'][]=array( "minute" => "*/".$matches[1], "hour" => "*", @@ -1048,7 +1071,7 @@ EOF; "month" => "*", "wday" => "*", "who" => "root", - "command"=> $cron_cmd." ".$dansguardian_groups['name']); + "command"=> "{$cron_cmd} $dans_group_source '{$dansguardian_groups[$dans_group_source]}'"); $config['cron']=$new_cron; $cron_found++; } @@ -1059,7 +1082,7 @@ EOF; "month" => "*", "wday" => "*", "who" => "root", - "command"=> $cron_cmd." ".$dansguardian_groups['name']); + "command"=> "{$cron_cmd} $dans_group_source '{$dansguardian_groups[$dans_group_source]}'"); $config['cron']=$new_cron; $cron_found++; } @@ -1068,7 +1091,6 @@ EOF; conf_mount_rw(); write_config(); - #update cron if ($cron_found > 0){ $config['cron']=$new_cron; @@ -1076,7 +1098,7 @@ EOF; configure_cron(); } - $dirs=array('/usr/local/etc/dansguardian/lists/bannedrooms/', + $dirs=array(DANSGUARDIAN_DIR . '/etc/dansguardian/lists/bannedrooms/', '/var/log/dansguardian'); foreach ($dirs as $dir) @@ -1084,27 +1106,23 @@ EOF; mkdir ($dir,0755,true); #update file owner - mwexec("chown -R $daemonuser:$daemongroup /usr/local/etc/dansguardian"); + mwexec("chown -R $daemonuser:$daemongroup ".DANSGUARDIAN_DIR."/etc/dansguardian"); mwexec("chown -R $daemonuser:$daemongroup /var/log/dansguardian"); #create config files file_put_contents($dansguardian_dir."/dansguardian.conf", $dg, LOCK_EX); #check virus_scanner options - $libexec_dir="/usr/local/libexec/dansguardian/"; - if (preg_match("/clamd/",$dansguardian_config['content_scanners'])){ + $libexec_dir= DANSGUARDIAN_DIR."/libexec/dansguardian/"; + if ($install_process==true) + update_output_window("Skipping clamav check during package install."); + if (preg_match("/clamd/",$dansguardian_config['content_scanners']) && $install_process==false){ if (!(file_exists('/var/db/clamav/main.cvd')||file_exists('/var/db/clamav/main.cld'))){ file_notice("Dansguardian - No antivirus database found for clamav, running freshclam in background.",""); - log_error('No antivirus database found for clamav, running freshclam in background.'); - mwexec_bg('/usr/local/bin/freshclam'); + log_error('No antivirus database found for clamav, running freshclam in background. Content-scanner may not work until freshclam finishes.'); + mwexec_bg(DANSGUARDIAN_DIR.'/bin/freshclam && /usr/local/etc/rc.d/clamav-clamd'); } - - $match=array(); - $match[0]='/NO/'; - $replace=array(); - $replace[0]='YES'; - #clamdscan.conf dansguardian file $cconf=DANSGUARDIAN_DIR . "/etc/dansguardian/contentscanners/clamdscan.conf"; $cconf_file=file_get_contents($cconf); @@ -1112,27 +1130,35 @@ EOF; $cconf_file=preg_replace('/#clamdudsfile/','clamdudsfile',$cconf_file); file_put_contents($cconf, $cconf_file, LOCK_EX); } - #clamd conf file - $cconf="/usr/local/etc/clamd.conf"; + $cconf=DANSGUARDIAN_DIR."/etc/clamd.conf"; $cconf_file=file_get_contents($cconf); if (preg_match("/User (\w+)/",$cconf_file,$matches)){ #clamd script file $script='/usr/local/etc/rc.d/clamav-clamd'; $script_file=file($script); + $new_clamav_startup=""; + $cpreg_m[0]="@NO@"; + $cpreg_m[1]="@/usr/local@"; + $cpreg_r[0]="YES"; + $cpreg_r[1]=DANSGUARDIAN_DIR; foreach ($script_file as $script_line){ if(preg_match("/command=/",$script_line)){ $new_clamav_startup.= 'if [ ! -d /var/run/clamav ];then /bin/mkdir /var/run/clamav;fi'."\n"; + $new_clamav_startup.= 'if [ ! -d /var/db/clamav ];then /bin/mkdir /var/db/clamav;fi'."\n"; + $new_clamav_startup.= 'if [ ! -d /var/log/clamav ];then /bin/mkdir -p /var/log/clamav;fi'."\n"; $new_clamav_startup.= "chown -R ".$matches[1]." /var/run/clamav\n"; + $new_clamav_startup.= "chown -R ".$matches[1]." /var/db/clamav\n"; $new_clamav_startup.= "chown -R ".$matches[1]." /var/log/clamav\n"; $new_clamav_startup.=$script_line; } elseif(!preg_match("/(mkdir|chown|sleep|mailscanner)/",$script_line)) { - $new_clamav_startup.=preg_replace("/NO/","YES",$script_line); + $new_clamav_startup.=preg_replace($cpreg_m,$cpreg_r,$script_line); } } file_put_contents($script, $new_clamav_startup, LOCK_EX); chmod ($script,0755); + if (file_exists('/var/run/dansguardian.pid') && is_process_running('clamd')){ log_error('Stopping clamav-clamd'); mwexec("$script stop"); @@ -1144,8 +1170,7 @@ EOF; mwexec_bg("$script start"); } } - } - + } #check certificate hashed $script='/usr/local/etc/rc.d/dansguardian.sh'; @@ -1180,23 +1205,58 @@ EOF; #mount read only conf_mount_ro(); + #avoid sync during boot process - if (!isset($boot_process)){ - $synconchanges = $config['installedpackages']['dansguardiansync']['config'][0]['synconchanges']; - if(!$synconchanges && !$syncondbchanges) - return; - log_error("[dansguardian] dansguardian_xmlrpc_sync.php is starting."); - foreach ($config['installedpackages']['dansguardiansync']['config'] as $rs ){ - foreach($rs['row'] as $sh){ + if (!isset($boot_process) || $via_rpc=="yes"){ + /* Uses XMLRPC to synchronize the changes to a remote node */ + if (is_array($config['installedpackages']['dansguardiansync']['config'])){ + $dans_sync=$config['installedpackages']['dansguardiansync']['config'][0]; + $synconchanges = $dans_sync['synconchanges']; + $synctimeout = $dans_sync['synctimeout']; + switch ($synconchanges){ + case "manual": + if (is_array($dans_sync[row])){ + $rs=$dans_sync[row]; + } + else{ + log_error("[Dansguardian] xmlrpc sync is enabled but there is no hosts to push on dansguardian config."); + return; + } + break; + case "auto": + if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){ + $system_carp=$config['installedpackages']['carpsettings']['config'][0]; + $rs[0]['ipaddress']=$system_carp['synchronizetoip']; + $rs[0]['username']=$system_carp['username']; + $rs[0]['password']=$system_carp['password']; + if (! is_ipaddr($system_carp['synchronizetoip'])){ + log_error("[Dansguardian] xmlrpc sync is enabled but there is no system backup hosts to push squid config."); + return; + } + } + else{ + log_error("[Dansguardian] xmlrpc sync is enabled but there is no system backup hosts to push squid config."); + return; + } + break; + default: + return; + break; + } + if (is_array($rs)){ + log_error("[Dansguardian] xmlrpc sync is starting."); + foreach($rs as $sh){ $sync_to_ip = $sh['ipaddress']; - $password = $sh['password']; - $sync_type = $sh['sync_type']; + $password = $sh['password']; + $username = ($sh['username']?$sh['username']:"admin"); if($password && $sync_to_ip) - dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type); + dansguardian_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$synctimeout); } + log_error("[Dansguardian] xmlrpc sync is ending."); } - log_error("[dansguardian] dansguardian_xmlrpc_sync.php is ending."); - } + } + } + } function dansguardian_validate_input($post, &$input_errors) { @@ -1207,15 +1267,22 @@ function dansguardian_validate_input($post, &$input_errors) { $input_errors[] = "{$value} cannot be used as name."; else if ($key == "name" && preg_match("/\W/",$value)) $input_errors[] = "{$value} cannot be used as name. Use only a-z 0-9 characters"; + else if ($key== "group_options"){ + $acls=array("pics","phrase","site","url","extension","header","content","search"); + foreach ($acls as $gacl) + if (!array_key_exists($gacl."acl",$post)) + $input_errors[] = ucfirst($gacl)." must has at least one acl assigned."; + } else if (empty($value)) continue; else if($key == "freq" && (!preg_match("/^\d+(h|m|d)$/",$value) || $value == 0)) $input_errors[] = "A valid number with a time reference is required for the field 'Update Frequency'"; } + } function dansguardian_php_install_command() { - sync_package_dansguardian(); + sync_package_dansguardian("no",true); } function dansguardian_php_deinstall_command() { @@ -1233,15 +1300,21 @@ function dansguardian_php_deinstall_command() { } } -function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { +function dansguardian_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$synctimeout) { global $config, $g; + if(!$username) + return; + if(!$password) return; if(!$sync_to_ip) return; + if(!$synctimeout) + $synctimeout=30; + $xmlrpc_sync_neighbor = $sync_to_ip; if($config['system']['webgui']['protocol'] != "") { $synchronizetoip = $config['system']['webgui']['protocol']; @@ -1259,28 +1332,26 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { /* xml will hold the sections to sync */ $xml = array(); - $sync_xml=$config['installedpackages']['dansguardiansync']['config'][0]['synconchanges']; - if ($sync_xml){ - log_error("Include dansguardian config"); - $xml['dansguardian'] = $config['installedpackages']['dansguardian']; - $xml['dansguardianantivirusacl'] = $config['installedpackages']['dansguardianantivirusacl']; - $xml['dansguardianconfig'] = $config['installedpackages']['dansguardianconfig']; - $xml['dansguardianblacklist'] = $config['installedpackages']['dansguardianblacklist']; - $xml['dansguardianldap'] = $config['installedpackages']['dansguardianldap']; - $xml['dansguardiancontentacl'] = $config['installedpackages']['dansguardiancontentacl']; - $xml['dansguardianfileacl'] = $config['installedpackages']['dansguardianfileacl']; - $xml['dansguardiangroups'] = $config['installedpackages']['dansguardiangroups']; - $xml['dansguardianheaderacl'] = $config['installedpackages']['dansguardianheaderacl']; - $xml['dansguardianlimits'] = $config['installedpackages']['dansguardianlimits']; - $xml['dansguardianlog'] = $config['installedpackages']['dansguardianlog']; - $xml['dansguardianphraseacl'] = $config['installedpackages']['dansguardianphraseacl']; - $xml['dansguardianpicsacl'] = $config['installedpackages']['dansguardianpicsacl']; - $xml['dansguardiansearchacl'] = $config['installedpackages']['dansguardiansearchacl']; - $xml['dansguardiansiteacl'] = $config['installedpackages']['dansguardiansiteacl']; - $xml['dansguardianurlacl'] = $config['installedpackages']['dansguardianurlacl']; - $xml['dansguardianusers'] = $config['installedpackages']['dansguardianusers']; + log_error("Include dansguardian config"); + $xml['dansguardian'] = $config['installedpackages']['dansguardian']; + $xml['dansguardianantivirusacl'] = $config['installedpackages']['dansguardianantivirusacl']; + $xml['dansguardianconfig'] = $config['installedpackages']['dansguardianconfig']; + $xml['dansguardianblacklist'] = $config['installedpackages']['dansguardianblacklist']; + $xml['dansguardianldap'] = $config['installedpackages']['dansguardianldap']; + $xml['dansguardiancontentacl'] = $config['installedpackages']['dansguardiancontentacl']; + $xml['dansguardianfileacl'] = $config['installedpackages']['dansguardianfileacl']; + $xml['dansguardiangroups'] = $config['installedpackages']['dansguardiangroups']; + $xml['dansguardianheaderacl'] = $config['installedpackages']['dansguardianheaderacl']; + $xml['dansguardianlimits'] = $config['installedpackages']['dansguardianlimits']; + $xml['dansguardianlog'] = $config['installedpackages']['dansguardianlog']; + $xml['dansguardianphraseacl'] = $config['installedpackages']['dansguardianphraseacl']; + $xml['dansguardianpicsacl'] = $config['installedpackages']['dansguardianpicsacl']; + $xml['dansguardiansearchacl'] = $config['installedpackages']['dansguardiansearchacl']; + $xml['dansguardiansiteacl'] = $config['installedpackages']['dansguardiansiteacl']; + $xml['dansguardianurlacl'] = $config['installedpackages']['dansguardianurlacl']; + $xml['dansguardianusers'] = $config['installedpackages']['dansguardianusers']; + $xml['dansguardianips'] = $config['installedpackages']['dansguardianips']; - } if (count($xml) > 0){ /* assemble xmlrpc payload */ $params = array( @@ -1294,18 +1365,18 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { $method = 'pfsense.merge_installedpackages_section_xmlrpc'; $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $cli->setCredentials('admin', $password); + $cli->setCredentials($username, $password); if($g['debug']) $cli->setDebug(1); - /* send our XMLRPC message and timeout after 30 seconds */ - $resp = $cli->send($msg, "30"); + /* send our XMLRPC message and timeout after $synctimeout seconds */ + $resp = $cli->send($msg, $synctimeout); if(!$resp) { $error = "A communications error occurred while attempting dansguardian XMLRPC sync with {$url}:{$port}."; log_error($error); file_notice("sync_settings", $error, "dansguardian Settings Sync", ""); } elseif($resp->faultCode()) { $cli->setDebug(1); - $resp = $cli->send($msg, "30"); + $resp = $cli->send($msg, $synctimeout); $error = "An error code was received while attempting dansguardian XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("sync_settings", $error, "dansguardian Settings Sync", ""); @@ -1316,7 +1387,7 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { /* tell dansguardian to reload our settings on the destionation sync host. */ $method = 'pfsense.exec_php'; $execcmd = "require_once('/usr/local/pkg/dansguardian.inc');\n"; - $execcmd .= "sync_package_dansguardian(true);"; + $execcmd .= "sync_package_dansguardian('yes');"; /* assemble xmlrpc payload */ $params = array( @@ -1327,15 +1398,15 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { log_error("dansguardian XMLRPC reload data {$url}:{$port}."); $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $cli->setCredentials('admin', $password); - $resp = $cli->send($msg, "30"); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, $synctimeout); if(!$resp) { $error = "A communications error occurred while attempting dansguardian XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("sync_settings", $error, "dansguardian Settings Sync", ""); } elseif($resp->faultCode()) { $cli->setDebug(1); - $resp = $cli->send($msg, "30"); + $resp = $cli->send($msg, $synctimeout); $error = "An error code was received while attempting dansguardian XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("sync_settings", $error, "dansguardian Settings Sync", ""); @@ -1345,4 +1416,4 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { } } -?> +?>
\ No newline at end of file diff --git a/config/dansguardian/dansguardian.php b/config/dansguardian/dansguardian.php index 8571e1b7..b9c972a1 100644 --- a/config/dansguardian/dansguardian.php +++ b/config/dansguardian/dansguardian.php @@ -4,7 +4,7 @@ /* dansguardian.php part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -13,7 +13,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -38,36 +38,68 @@ require_once("/etc/inc/functions.inc"); require_once("/etc/inc/pkg-utils.inc"); require_once("/etc/inc/globals.inc"); require_once("/usr/local/pkg/dansguardian.inc"); - -function fetch_blacklist(){ + +function fetch_blacklist($log_notice=true,$install_process=false) { global $config,$g; - $url=$config['installedpackages']['dansguardianblacklist']['config'][0]['url']; - if (is_url($url)){ - conf_mount_rw(); - print "file download start.."; - unlink_if_exists("/usr/local/etc/dansguardian/lists/blacklist.tgz"); - exec("/usr/bin/fetch -o /usr/local/etc/dansguardian/lists/blacklist.tgz ".escapeshellarg($url)); - chdir ("/usr/local/etc/dansguardian/lists"); - if (is_dir ("blacklists.old")) - exec ('rm -rf /usr/local/etc/dansguardian/lists/blacklists.old'); - rename("blacklists","blacklists.old"); - exec('/usr/bin/tar -xvzf /usr/local/etc/dansguardian/lists/blacklist.tgz 2>&1',$output,$return); - if (preg_match("/x\W+(\w+)/",$output[0],$matches)){ - if ($matches[1] != "blacklists") - rename("./".$matches[1],"blacklists"); - read_lists(); - } - else - file_notice("Dansguardian - Could not determine Blacklist extract dir. Categories not updated",""); - } + if (is_array($config['installedpackages']['dansguardianblacklist']) && is_array($config['installedpackages']['dansguardianblacklist']['config'])){ + $url=$config['installedpackages']['dansguardianblacklist']['config'][0]['url']; + $uw="Found a previouns install, checking Blacklist config..."; + } else{ - file_notice("Dansguardian - Blacklist url is invalid.",""); + $uw="Found a clean install, reading default access lists..."; + } + conf_mount_rw(); + if ($install_process == true) + update_output_window($uw); + if (isset($url) && is_url($url)) { + if ($log_notice==true){ + print "file download start.."; + unlink_if_exists("/usr/local/pkg/blacklist.tgz"); + exec("/usr/bin/fetch -o /usr/local/pkg/blacklist.tgz ".escapeshellarg($url),$output,$return); + } + else{ + #install process + if (file_exists("/usr/local/pkg/blacklist.tgz")){ + update_output_window("Found previous blacklist database, skipping download..."); + $return=0; + } + else{ + update_output_window("Fetching blacklist"); + download_file_with_progress_bar($url, "/usr/local/pkg/blacklist.tgz"); + if (file_exists("/usr/local/pkg/blacklist.tgz")) + $return=0; + } + } + if ($return == 0) { + chdir (DANSGUARDIAN_DIR . "/etc/dansguardian/lists"); + if (is_dir ("blacklists.old")) + exec ('rm -rf '.DANSGUARDIAN_DIR . '/etc/dansguardian/lists/blacklists.old'); + rename("blacklists","blacklists.old"); + exec('/usr/bin/tar -xvzf /usr/local/pkg/blacklist.tgz 2>&1',$output,$return); + if (preg_match("/x\W+(\w+)/",$output[1],$matches)) { + if ($matches[1] != "blacklists") + rename("./".$matches[1],"blacklists"); + read_lists($log_notice); + } + else { + file_notice("Dansguardian - Could not determine Blacklist extract dir. Categories not updated",""); + } + } + else { + file_notice("Dansguardian - Could not fetch blacklists from url",""); + } + } + else { + if ($install_process==true) + read_lists(false,$uw); + elseif (!empty($url)) + file_notice("Dansguardian - Blacklist url is invalid.",""); } } -function read_lists(){ +function read_lists($log_notice=true,$uw=""){ global $config,$g; $group_type=array(); - $dir="/usr/local/etc/dansguardian/lists"; + $dir=DANSGUARDIAN_DIR . "/etc/dansguardian/lists"; #read dansguardian lists dirs $groups= array("phraselists", "blacklists", "whitelists"); #assigns know list files @@ -130,11 +162,14 @@ function read_lists(){ $edit_file=preg_replace('/size.19/','size>5',$edit_file); file_put_contents("/usr/local/pkg/dansguardian_".$edit_xml."_acl.xml",$edit_file,LOCK_EX); } - file_notice("Dansguardian - Blacklist applied, check site and URL access lists for categories",""); - #foreach($config['installedpackages'] as $key => $values) - # if (preg_match("/dansguardian(phrase|black|white)lists/",$key)) - # print "$key\n"; write_config(); + if($log_notice==true && $uw==""){ + file_notice("Dansguardian - Blacklist applied, check site and URL access lists for categories",""); + } + else{ + $uw.="done\n"; + update_output_window($uw); + } } if ($argv[1]=="update_lists") diff --git a/config/dansguardian/dansguardian.xml b/config/dansguardian/dansguardian.xml index 334c99e7..34d4156c 100644 --- a/config/dansguardian/dansguardian.xml +++ b/config/dansguardian/dansguardian.xml @@ -9,7 +9,7 @@ /* dansguardian.xml part of the dansguardian for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -18,7 +18,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -84,17 +84,17 @@ <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> - <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_ips_header.xml</item> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_ips_header.template</item> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> - <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_header.xml</item> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_header.template</item> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> - <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_footer.xml</item> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_footer.template</item> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> </additional_files_needed> @@ -188,11 +188,6 @@ <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> </additional_files_needed> - <additional_files_needed> - <item>http://www.pfsense.org/packages/config/dansguardian/blockedflash.swf</item> - <prefix>/usr/local/share/dansguardian/</prefix> - <chmod>0755</chmod> - </additional_files_needed> <tabs> <tab> <text>Daemon</text> @@ -212,8 +207,8 @@ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -236,7 +231,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> @@ -258,7 +253,8 @@ <field> <fielddescr>Listen Interface(s)</fielddescr> <fieldname>interface</fieldname> - <description><![CDATA[Default: <strong>LAN/loopback</strong><br>Select interface(s) that you want to dansguardian listen on.]]></description> + <description><![CDATA[Default: <strong>LAN/loopback</strong><br>Select interface(s) that you want to dansguardian listen on.<br> + <strong>Note: Do NOT select more then one interface if you plan to use more then one authentication plugin.</strong>]]></description> <type>interfaces_selection</type> <required/> <multiple/> @@ -349,10 +345,28 @@ <description><![CDATA[Default: <strong>3128</strong><br> Sets port number for proxy server.]]></description> </field> - + <field> + <fielddescr>Proxy Time out</fielddescr> + <fieldname>proxytimeout</fieldname> + <description><![CDATA[This option handle max time to wait for proxy server.]]></description> + <type>select</type> + <options> + <option><name>30 seconds (default)</name><value>30</value></option> + <option><name>20 seconds</name><value>20</value></option> + <option><name>40 seconds</name><value>40</value></option> + <option><name>50 seconds</name><value>50</value></option> + <option><name>60 seconds</name><value>60</value></option> + <option><name>70 seconds</name><value>70</value></option> + <option><name>80 seconds</name><value>80</value></option> + <option><name>90 seconds</name><value>90</value></option> + <default_value>30</default_value> + </options> + </field> </fields> <custom_php_install_command> - dansguardian_php_install_command(); + update_status("Checking Dansguardian Blacklists... One moment please..."); + update_output_window("This operation may take quite some time, please be patient. Do not press stop or attempt to navigate away from this page during this process."); + dansguardian_php_install_command(false,true); </custom_php_install_command> <custom_php_deinstall_command> dansguardian_php_deinstall_command(); diff --git a/config/dansguardian/dansguardian_about.php b/config/dansguardian/dansguardian_about.php index 07b5768e..b7834281 100755 --- a/config/dansguardian/dansguardian_about.php +++ b/config/dansguardian/dansguardian_about.php @@ -53,16 +53,16 @@ include("head.inc"); <?php $tab_array = array(); $tab_array[] = array(gettext("Daemon"), false, "/pkg_edit.php?xml=dansguardian.xml&id=0"); - $tab_array[] = array(gettext("General"), false, "/pkg_edit.php?xml=dansguardian_general.xml&id=0"); + $tab_array[] = array(gettext("General"), false, "/pkg_edit.php?xml=dansguardian_config.xml&id=0"); $tab_array[] = array(gettext("Limits"), false, "/pkg_edit.php?xml=dansguardian_limits.xml&id=0"); $tab_array[] = array(gettext("Blacklist"), false, "/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0"); - $tab_array[] = array(gettext("Access Lists"), false, "/pkg_edit.php?xml=dansguardian_antivirus.xml&id=0"); + $tab_array[] = array(gettext("ACLs"), false, "/pkg.php?xml=dansguardian_site_acl.xml"); $tab_array[] = array(gettext("LDAP"), false, "/pkg.php?xml=dansguardian_ldap.xml&id=0"); $tab_array[] = array(gettext("Groups"), false, "/pkg.php?xml=dansguardian_groups.xml&id=0"); - $tab_array[] = array(gettext("Users"), false, "/pkg.php?xml=dansguardian_users.xml&id=0"); - $tab_array[] = array(gettext("IPs"), false, "/pkg.php?xml=dansguardian_ips.xml&id=0"); + $tab_array[] = array(gettext("Users"), false, "/pkg_edit.php?xml=dansguardian_users.xml&id=0"); + $tab_array[] = array(gettext("IPs"), false, "/pkg_edit.php?xml=dansguardian_ips.xml&id=0"); $tab_array[] = array(gettext("Report and Log"), false, "/pkg_edit.php?xml=dansguardian_log.xml&id=0"); - $tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=dansguardian_sync.xml&id=0"); + $tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=dansguardian_sync.xml&id=0"); $tab_array[] = array(gettext("Help"), true, "/dansguardian_about.php"); display_top_tabs($tab_array); ?> diff --git a/config/dansguardian/dansguardian_antivirus_acl.xml b/config/dansguardian/dansguardian_antivirus_acl.xml index 21c5c17e..563d3f13 100755 --- a/config/dansguardian/dansguardian_antivirus_acl.xml +++ b/config/dansguardian/dansguardian_antivirus_acl.xml @@ -46,54 +46,100 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> <active/> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Phase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> - </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <tab_level>2</tab_level> </tab> </tabs> <fields> diff --git a/config/dansguardian/dansguardian_blacklist.xml b/config/dansguardian/dansguardian_blacklist.xml index d95558e6..e9cba862 100644 --- a/config/dansguardian/dansguardian_blacklist.xml +++ b/config/dansguardian/dansguardian_blacklist.xml @@ -9,7 +9,7 @@ /* dansguardian_limits.xml part of the dansguardian for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -18,7 +18,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -65,8 +65,8 @@ <active/> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -89,7 +89,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> diff --git a/config/dansguardian/dansguardian_config.xml b/config/dansguardian/dansguardian_config.xml index 0c14a7bb..35b0bf5b 100644 --- a/config/dansguardian/dansguardian_config.xml +++ b/config/dansguardian/dansguardian_config.xml @@ -9,7 +9,7 @@ /* dansguardian_config.xml part of the dansguardian for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -18,7 +18,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -65,8 +65,8 @@ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -89,7 +89,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> @@ -106,7 +106,9 @@ <fielddescr>Auth Plugins</fielddescr> <fieldname>auth_plugin</fieldname> <description><![CDATA[This option handle the extraction of client usernames from various sources, such as Proxy-Authorisation headers and ident servers, - enabling requests to be handled according to the settings of the user's filter group]]></description> + enabling requests to be handled according to the settings of the user's filter group.<br> + Use CTRL + click for multiple select.<br> + <strong>Note: Do NOT select more then one auth plugin if you plan to use more then one listening interface.</strong>]]></description> <type>select</type> <options> <option><name>Proxy-Basic</name><value>/usr/local/etc/dansguardian/authplugins/proxy-basic.conf</value></option> @@ -116,11 +118,14 @@ <option><name>Ip Address</name><value>/usr/local/etc/dansguardian/authplugins/ip.conf</value></option> <option><name>none</name><value>none</value></option> </options> + <multiple/> + <size>7</size> </field> <field> <fielddescr>Scan Options</fielddescr> <fieldname>scan_options</fieldname> - <description><![CDATA[Scan options. Default values are in ( )]]></description> + <description><![CDATA[Scan options. Default values are in ( )<br> + Use CTRL + click for multiple select.]]></description> <type>select</type> <options> <option><name>Scan clean cache (on)</name><value>scancleancache</value></option> diff --git a/config/dansguardian/dansguardian_content_acl.xml b/config/dansguardian/dansguardian_content_acl.xml index 1302d89c..8a1866af 100755 --- a/config/dansguardian/dansguardian_content_acl.xml +++ b/config/dansguardian/dansguardian_content_acl.xml @@ -8,7 +8,7 @@ /* dansguardian_content_acl.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -46,54 +46,100 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to Config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Phrase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> <active/> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> - </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <tab_level>2</tab_level> </tab> </tabs> <adddeleteeditpagefields> @@ -104,7 +150,8 @@ <columnitem> <fielddescr>Description</fielddescr> <fieldname>description</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/dansguardian/dansguardian_file_acl.xml b/config/dansguardian/dansguardian_file_acl.xml index 808fb4e2..ed4866c6 100755 --- a/config/dansguardian/dansguardian_file_acl.xml +++ b/config/dansguardian/dansguardian_file_acl.xml @@ -8,7 +8,7 @@ /* dansguardian_file_acl.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -46,54 +46,100 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to Config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Phrase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> <active/> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> - </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <tab_level>2</tab_level> </tab> </tabs> <adddeleteeditpagefields> @@ -104,7 +150,8 @@ <columnitem> <fielddescr>Description</fielddescr> <fieldname>description</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/dansguardian/dansguardian_groups.xml b/config/dansguardian/dansguardian_groups.xml index 9498ef4c..aaa9bcd6 100755 --- a/config/dansguardian/dansguardian_groups.xml +++ b/config/dansguardian/dansguardian_groups.xml @@ -8,7 +8,7 @@ /* dansguardian_groups.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -63,8 +63,8 @@ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -88,7 +88,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> @@ -112,7 +112,8 @@ <columnitem> <fielddescr>Description</fielddescr> <fieldname>description</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> @@ -149,11 +150,11 @@ <option><name>Enable Deep URL Analysis (off)</name><value>deepurlanalysis</value></option> <option><name>Infection/Scan Error Bypass on Scan Errors Only (on)</name><value>infectionbypasserrorsonly</value></option> <option><name>Disable content scanning (off)</name><value>disablecontentscan</value></option> - <option><name>Check servers ssl certificates (off)</name><value>sslcertcheck</value></option> + <option><name>Check Server SSLCertificates (off)</name><value>sslcheckcert</value></option> <option><name>Filter ssl sites forging SSL Certificates (off)</name><value>sslmitm</value></option> </options> <multiple/> - <size>10</size> + <size>9</size> </field> <field> <fielddescr>Pics</fielddescr> @@ -297,7 +298,7 @@ </options> </field> <field> - <fielddescr>Naughtiness limite</fielddescr> + <fielddescr>Naughtiness limit</fielddescr> <fieldname>naughtynesslimit</fieldname> <description><![CDATA[This the limit over which the page will be blocked. Each weighted phrase is given a value either positive or negative and the values added up.<br> Phrases to do with good subjects will have negative values, and bad subjects will have positive values.<br> @@ -317,6 +318,17 @@ <size>10</size> </field> <field> + <fielddescr>Max upload size</fielddescr> + <fieldname>maxuploadsize</fieldname> + <type>input</type> + <size>10</size> + <description><![CDATA[POST protection (web upload and forms) does not block forms without any file upload, i.e. this is just for blocking or limiting uploads measured in kilobytes after MIME encoding and header bump<br> + use 0 for a complete block<br> + use higher (e.g. 512 = 512Kbytes) for limiting<br> + use -1 for no blocking(default)<br> + Leave empty to use global Max upload size limit value.]]></description> + </field> + <field> <fielddescr>Category display threshold</fielddescr> <fieldname>categorydisplaythreshold</fieldname> <description><![CDATA[This option only applies to pages blocked by weighted phrase filtering.<br> @@ -374,10 +386,20 @@ <type>listtopic</type> </field> <field> + <fielddescr>LDAP group name source</fielddescr> + <fieldname>groupnamesource</fieldname> + <description><![CDATA[ This option determines where to look for LDAP group/OU name.]]></description> + <type>select</type> + <options> + <option><name>Dansguardian Group Name(default)</name><value>name</value></option> + <option><name>Dansguardian Group Description</name><value>description</value></option> + </options> + </field> + <field> <fielddescr>LDAP</fielddescr> <fieldname>ldap</fieldname> - <description><![CDATA[Select Active directory servers to extract users from<br> - The group must has the same name in dansguardian and on active directory<br> + <description><![CDATA[Select LDAP servers to extract users from<br> + The group must has the same name( or description) in dansguardian and on active directory<br> <strong>This is not aplicable for default group</strong>]]></description> <type>select_source</type> <size>05</size> @@ -387,6 +409,31 @@ <source_value>dc</source_value> </field> <field> + <fielddescr>LDAP user account status</fielddescr> + <fieldname>useraccountcontrol</fieldname> + <description><![CDATA[Import only users with these account status. Leave empty to do not check account status.]]></description> + <type>select</type> + <options> + <option><name>Normal (code 512)</name><value>512</value></option> + <option><name>Disabled Account (code 514)</name><value>514</value></option> + <option><name>Account is Disabled (code 2)</name><value>2</value></option> + <option><name>Account Locked Out (code 16)</name><value>16</value></option> + <option><name>Entered Bad Password (code 17)</name><value>17</value></option> + <option><name>No Password is Required(code 32)</name><value>32</value></option> + <option><name>Password CANNOT Change(code 64)</name><value>64</value></option> + <option><name>Password has Expired (code 8388608)</name><value>8388608</value></option> + <option><name>Account will Never Expire (code 65536)</name><value>65536</value></option> + <option><name>Enabled and Does NOT expire Paswword (code 66048)</name><value>66048</value></option> + <option><name>Server Trusted Account for Delegation (code 8192)</name><value>8192</value></option> + <option><name>Trusted Account for Delegation (code 524288)</name><value>524288</value></option> + <option><name>Enabled, User Cannot Change Password, Password Never Expires (code 590336)</name><value>590336</value></option> + <option><name>Normal Account, Password will not expire and Currently Disabled (code 66050)</name><value>66050</value></option> + <option><name>Account Enabled, Password does not expire, currently Locked out (code 66064)</name><value>66064</value></option> + </options> + <multiple/> + <size>16</size> + </field> + <field> <fielddescr>Update frequency</fielddescr> <fieldname>freq</fieldname> <description><![CDATA[How often extract users from active directory and verify changes<br> diff --git a/config/dansguardian/dansguardian_header_acl.xml b/config/dansguardian/dansguardian_header_acl.xml index 4d120a7b..9ddb0c23 100755 --- a/config/dansguardian/dansguardian_header_acl.xml +++ b/config/dansguardian/dansguardian_header_acl.xml @@ -8,7 +8,7 @@ /* dansguardian_header_acl.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -46,54 +46,100 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to Config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Phrase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> <active/> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> - </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <tab_level>2</tab_level> </tab> </tabs> <adddeleteeditpagefields> @@ -104,7 +150,8 @@ <columnitem> <fielddescr>Description</fielddescr> <fieldname>description</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/dansguardian/dansguardian_ips_header.xml b/config/dansguardian/dansguardian_ips_header.template index c15e31da..48eb3e68 100644 --- a/config/dansguardian/dansguardian_ips_header.xml +++ b/config/dansguardian/dansguardian_ips_header.template @@ -9,7 +9,7 @@ /* dansguardian_ips.xml part of the dansguardian for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -18,7 +18,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -64,7 +64,7 @@ </tab> <tab> <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <url>/pkg_edit.php?xml=dansguardian_site_acl.xml&id=0</url> </tab> <tab> <text>LDAP</text> @@ -88,7 +88,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> diff --git a/config/dansguardian/dansguardian_ldap.php b/config/dansguardian/dansguardian_ldap.php index c02289ac..01d4764e 100644 --- a/config/dansguardian/dansguardian_ldap.php +++ b/config/dansguardian/dansguardian_ldap.php @@ -8,7 +8,7 @@ /* dansguardian_ldap.php part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -56,6 +56,7 @@ function get_ldap_members($group,$user,$password) { global $ldap_host; global $ldap_dn; $LDAPFieldsToFind = array("member"); + print "{$ldap_host} {$ldap_dn}\n"; $ldap = ldap_connect($ldap_host) or die("Could not connect to LDAP"); // OPTIONS TO AD @@ -64,7 +65,10 @@ function get_ldap_members($group,$user,$password) { ldap_bind($ldap, $user, $password) or die("Could not bind to LDAP"); - $results = ldap_search($ldap,$ldap_dn,"cn=" . $group,$LDAPFieldsToFind); + //check if group is just a name or an ldap string + $group_cn=(preg_match("/cn=/i",$group)? $group : "cn={$group}"); + + $results = ldap_search($ldap,$ldap_dn,$group_cn,$LDAPFieldsToFind); $member_list = ldap_get_entries($ldap, $results); $group_member_details = array(); @@ -77,7 +81,8 @@ function get_ldap_members($group,$user,$password) { $member_search = ldap_search($ldap, $ldap_dn, "(CN=" . $member_cn . ")"); $member_details = ldap_get_entries($ldap, $member_search); $group_member_details[] = array($member_details[0]['samaccountname'][0], - $member_details[0]['displayname'][0]); + $member_details[0]['displayname'][0], + $member_details[0]['useraccountcontrol'][0]); } ldap_close($ldap); array_shift($group_member_details); @@ -96,34 +101,57 @@ $apply_config=0; if (is_array($config['installedpackages']['dansguardiangroups']['config'])) foreach($config['installedpackages']['dansguardiangroups']['config'] as $group) { #ignore default group - if ($id > 0) - if ($argv[1] == "" || $argv[1] == $group['name']){ + if ($id > 0){ + $ldap_group_source=(preg_match("/description/",$argv[1]) ? "description" : "name"); + if ($argv[2] == $group[$ldap_group_source]){ $members=""; $ldap_servers= explode (',',$group['ldap']); - echo "Group : " . $group['name']."\n"; + echo "Group : {$group['name']}({$group['description']})\n"; if (is_array($config['installedpackages']['dansguardianldap']['config'])) foreach ($config['installedpackages']['dansguardianldap']['config'] as $server){ if (in_array($server['dc'],$ldap_servers)){ $ldap_dn = $server['dn']; $ldap_host=$server['dc']; $mask=(empty($server['mask'])?"USER":$server['mask']); - $result = get_ldap_members($group['name'],$server['username'].','.$server['dn'],$server['password']); - foreach($result as $key => $value) { - if (preg_match ("/\w+/",$value[0])){ + if (preg_match("/cn/",$server['username'])) + $ldap_username=$server['username'].",".$server['dn']; + else + $ldap_username=$server['username']; + #$domainuser=split("cn=",$server['username']); + #$ldap_username=preg_replace("/,\./","@",$domainuser[1].preg_replace("/(,|)DC=/i",".",$server['dn'])); + $result = get_ldap_members($group[$ldap_group_source],$ldap_username,$server['password']); + if ($group['useraccountcontrol'] !="") + $valid_account_codes=explode(",",$group['useraccountcontrol']); + foreach($result as $mvalue) { + if (preg_match ("/\w+/",$mvalue[0])){ #var_dump($value); - $name= preg_replace('/[^(\x20-\x7F)]*/','', $value[1]); + $name= preg_replace("/&([a-z])[a-z]+;/i", "$1", htmlentities($mvalue[1]));//preg_replace('/[^(\x20-\x7F)]*/','', $mvalue[1]); $pattern[0]="/USER/"; $pattern[1]="/,/"; $pattern[2]="/NAME/"; - $replace[0]=$value[0]; + $replace[0]=$mvalue[0]; $replace[1]="\n"; $replace[2]="$name"; - $members .= preg_replace($pattern,$replace,$mask)."\n"; + + if (is_array($valid_account_codes)){ + if (in_array($mvalue[2],$valid_account_codes,true)) + $members .= preg_replace($pattern,$replace,$mask)."\n"; + } + else + { + $members .= preg_replace($pattern,$replace,$mask)."\n"; + } } } } } - if (!empty($members)){ + if (empty($members)){ + if (!is_null($config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])])){ + $config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] = NULL; + $apply_config++; + } + } + else{ $import_users = explode("\n", $members); asort($import_users); $members=base64_encode(implode("\n", $import_users)); @@ -132,15 +160,18 @@ if (is_array($config['installedpackages']['dansguardiangroups']['config'])) $apply_config++; } } - } - $id++; + } + } + $id++; } if ($apply_config > 0){ - print "user list from LDAP is different from current group, applying new configuration..."; + print "User list from LDAP is different from current group, applying new configuration..."; write_config(); include("/usr/local/pkg/dansguardian.inc"); sync_package_dansguardian(); print "done\n"; +}else { + print "User list from LDAP is already the same as current group, no changes made\n"; } #mount filesystem read-only diff --git a/config/dansguardian/dansguardian_ldap.xml b/config/dansguardian/dansguardian_ldap.xml index 3411f483..4c2b60f7 100755 --- a/config/dansguardian/dansguardian_ldap.xml +++ b/config/dansguardian/dansguardian_ldap.xml @@ -8,7 +8,7 @@ /* dansguardian_ldap.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -63,8 +63,8 @@ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -88,7 +88,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> @@ -109,7 +109,8 @@ <columnitem> <fielddescr>username</fielddescr> <fieldname>username</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> @@ -132,7 +133,7 @@ </field> <field> <fielddescr>Username</fielddescr> - <description><![CDATA[Username Example:<strong>cn=antispam,cn=Users</strong>]]></description> + <description><![CDATA[Username Example:<strong>cn=antispam,cn=Users OR username@mysite.com</strong>]]></description> <fieldname>username</fieldname> <type>input</type> <size>25</size> diff --git a/config/dansguardian/dansguardian_limits.xml b/config/dansguardian/dansguardian_limits.xml index 4974bc7d..2c147f1b 100644 --- a/config/dansguardian/dansguardian_limits.xml +++ b/config/dansguardian/dansguardian_limits.xml @@ -9,7 +9,7 @@ /* dansguardian_limits.xml part of the dansguardian for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -18,7 +18,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -65,8 +65,8 @@ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -89,7 +89,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> @@ -107,7 +107,7 @@ <fieldname>maxuploadsize</fieldname> <type>input</type> <size>10</size> - <description><![CDATA[POST protection (web upload and forms) does not block forms without any file upload, i.e. this is just for blocking or limiting uploads measured in kibibytes after MIME encoding and header bumph<br> + <description><![CDATA[POST protection (web upload and forms) does not block forms without any file upload, i.e. this is just for blocking or limiting uploads measured in kilobytes after MIME encoding and header bump<br> use 0 for a complete block<br> use higher (e.g. 512 = 512Kbytes) for limiting<br> use -1 for no blocking(default)]]></description> diff --git a/config/dansguardian/dansguardian_log.xml b/config/dansguardian/dansguardian_log.xml index a9b9d0e9..88281dff 100644 --- a/config/dansguardian/dansguardian_log.xml +++ b/config/dansguardian/dansguardian_log.xml @@ -9,7 +9,7 @@ /* dansguardian_log.xml part of the Dansguardian package for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -18,7 +18,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -64,8 +64,8 @@ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -89,7 +89,7 @@ <active/> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> diff --git a/config/dansguardian/dansguardian_phrase_acl.xml b/config/dansguardian/dansguardian_phrase_acl.xml index 74448bee..c32f7720 100755 --- a/config/dansguardian/dansguardian_phrase_acl.xml +++ b/config/dansguardian/dansguardian_phrase_acl.xml @@ -8,7 +8,7 @@ /* dansguardian_phrase_acl.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -46,54 +46,100 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to Config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Phrase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> <active/> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> - </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <tab_level>2</tab_level> </tab> </tabs> <adddeleteeditpagefields> @@ -104,7 +150,8 @@ <columnitem> <fielddescr>Access List Descriptions</fielddescr> <fieldname>description</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/dansguardian/dansguardian_pics_acl.xml b/config/dansguardian/dansguardian_pics_acl.xml index bda76a50..c2f4b52c 100644 --- a/config/dansguardian/dansguardian_pics_acl.xml +++ b/config/dansguardian/dansguardian_pics_acl.xml @@ -9,7 +9,7 @@ /* dansguardian_limits.xml part of the dansguardian for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -18,7 +18,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -47,54 +47,100 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to Config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> <active/> </tab> <tab> - <text>Phrase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> - </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <tab_level>2</tab_level> </tab> </tabs> <adddeleteeditpagefields> @@ -105,7 +151,8 @@ <columnitem> <fielddescr>Access List Description</fielddescr> <fieldname>description</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/dansguardian/dansguardian_search_acl.xml b/config/dansguardian/dansguardian_search_acl.xml index 86ef67ff..9f9cfa49 100755 --- a/config/dansguardian/dansguardian_search_acl.xml +++ b/config/dansguardian/dansguardian_search_acl.xml @@ -8,7 +8,7 @@ /* dansguardian_search_acl.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -46,55 +46,101 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to Config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Phrase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> + <tab_level>2</tab_level> <active/> </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> - </tab> </tabs> <adddeleteeditpagefields> <columnitem> @@ -104,7 +150,8 @@ <columnitem> <fielddescr>Access List Description</fielddescr> <fieldname>description</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/dansguardian/dansguardian_site_acl.xml b/config/dansguardian/dansguardian_site_acl.xml index fcddfea6..7804d9f6 100755 --- a/config/dansguardian/dansguardian_site_acl.xml +++ b/config/dansguardian/dansguardian_site_acl.xml @@ -8,7 +8,7 @@ /* dansguardian_site_acl.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -46,54 +46,100 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to Config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Phrase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> <active/> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> - </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <tab_level>2</tab_level> </tab> </tabs> <adddeleteeditpagefields> @@ -105,6 +151,7 @@ <fielddescr>Access List Description</fielddescr> <fieldname>description</fieldname> </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/dansguardian/dansguardian_sync.xml b/config/dansguardian/dansguardian_sync.xml index f91eae6a..9401253c 100755 --- a/config/dansguardian/dansguardian_sync.xml +++ b/config/dansguardian/dansguardian_sync.xml @@ -9,7 +9,7 @@ /* dansguardian_sync.xml part of the Dansguardian package for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ /* ========================================================================== */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -63,8 +63,8 @@ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -87,7 +87,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> <active/> </tab> @@ -104,8 +104,30 @@ <field> <fielddescr>Automatically sync dansguardian configuration changes</fielddescr> <fieldname>synconchanges</fieldname> - <description>pfSense will automatically sync changes to the hosts defined below.</description> - <type>checkbox</type> + <description>Select a sync method for dansguardian.</description> + <type>select</type> + <required/> + <default_value>auto</default_value> + <options> + <option><name>Sync to configured system backup server</name><value>auto</value></option> + <option><name>Sync to host(s) defined below</name><value>manual</value></option> + <option><name>Do not sync this package configuration</name><value>disabled</value></option> + </options> + </field> + <field> + <fielddescr>Sync timeout</fielddescr> + <fieldname>synctimeout</fieldname> + <description>Select sync max wait time</description> + <type>select</type> + <required/> + <default_value>250</default_value> + <options> + <option><name>250 seconds(Default)</name><value>250</value></option> + <option><name>120 seconds</name><value>120</value></option> + <option><name>90 seconds</name><value>90</value></option> + <option><name>60 seconds</name><value>60</value></option> + <option><name>30 seconds</name><value>30</value></option> + </options> </field> <field> <fielddescr>Remote Server</fielddescr> diff --git a/config/dansguardian/dansguardian_url_acl.xml b/config/dansguardian/dansguardian_url_acl.xml index 556e0bab..8adf46c0 100755 --- a/config/dansguardian/dansguardian_url_acl.xml +++ b/config/dansguardian/dansguardian_url_acl.xml @@ -8,7 +8,7 @@ /* dansguardian_url_acl.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -17,7 +17,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -46,54 +46,100 @@ <title>Services: Dansguardian - Access Lists</title> <include_file>/usr/local/pkg/dansguardian.inc</include_file> <tabs> - <tab> - <text>Back to Config</text> +<tab> + <text>Daemon</text> <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> </tab> <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <active/> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> + <tab> <text>Antivirus</text> <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> <text>Pics</text> <url>/pkg.php?xml=dansguardian_pics_acl.xml&id=0</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Phrase</text> + <text>Phrase Lists</text> <url>/pkg.php?xml=dansguardian_phrase_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Site</text> + <text>Site Lists</text> <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>URL</text> + <text>URL Lists</text> <url>/pkg.php?xml=dansguardian_url_acl.xml</url> + <tab_level>2</tab_level> <active/> </tab> <tab> - <text>Extension</text> + <text>Extension Lists</text> <url>/pkg.php?xml=dansguardian_file_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> - <text>Content</text> + <text>Content Lists</text> <url>/pkg.php?xml=dansguardian_content_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Header</text> <url>/pkg.php?xml=dansguardian_header_acl.xml</url> + <tab_level>2</tab_level> </tab> <tab> <text>Searche Engine</text> <url>/pkg.php?xml=dansguardian_search_acl.xml</url> - </tab> - <tab> - <text>Groups</text> - <url>/pkg.php?xml=dansguardian_groups.xml</url> - </tab> - <tab> - <text>Users</text> - <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <tab_level>2</tab_level> </tab> </tabs> <adddeleteeditpagefields> @@ -104,7 +150,8 @@ <columnitem> <fielddescr>Access List Description</fielddescr> <fieldname>description</fieldname> - </columnitem> + </columnitem> + <movable>on</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/dansguardian/dansguardian_users_footer.xml b/config/dansguardian/dansguardian_users_footer.template index 1288b919..1288b919 100644 --- a/config/dansguardian/dansguardian_users_footer.xml +++ b/config/dansguardian/dansguardian_users_footer.template diff --git a/config/dansguardian/dansguardian_users_header.xml b/config/dansguardian/dansguardian_users_header.template index 1f15a610..1cc038d5 100644 --- a/config/dansguardian/dansguardian_users_header.xml +++ b/config/dansguardian/dansguardian_users_header.template @@ -9,7 +9,7 @@ /* dansguardian_users.xml part of the dansguardian for pfSense - Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012-2013 Marcello Coutinho All rights reserved. */ @@ -18,7 +18,7 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, + 1. Redistributions of source code MUST retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright @@ -63,8 +63,8 @@ <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> </tab> <tab> - <text>Access Lists</text> - <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> </tab> <tab> <text>LDAP</text> @@ -88,7 +88,7 @@ <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> </tab> <tab> - <text>XMLRPC Sync</text> + <text>Sync</text> <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> </tab> <tab> diff --git a/config/dansguardian/dansguardian_users_header.xml.template b/config/dansguardian/dansguardian_users_header.xml.template new file mode 100644 index 00000000..1cc038d5 --- /dev/null +++ b/config/dansguardian/dansguardian_users_header.xml.template @@ -0,0 +1,99 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + dansguardian_users.xml + part of the dansguardian for pfSense + Copyright (C) 2012-2013 Marcello Coutinho + + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code MUST retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>dansguardianusers</name> + <version>1.0</version> + <title>Services: Dansguardian</title> + <include_file>/usr/local/pkg/dansguardian.inc</include_file> + <tabs><tab> + <text>Daemon</text> + <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> + </tab> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=dansguardian_site_acl.xml</url> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + <active/> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> +</tabs> + <fields> diff --git a/config/dansguardian/dansguardianfx.conf.template b/config/dansguardian/dansguardianfx.conf.template index cfc9645e..96b2b1b9 100644 --- a/config/dansguardian/dansguardianfx.conf.template +++ b/config/dansguardian/dansguardianfx.conf.template @@ -29,7 +29,7 @@ */ $dgf= <<<EOF -# DansGuardian filter group config file for version 2.12.0.0 +# DansGuardian filter group config file for version 2.12.0 # Filter group mode @@ -198,6 +198,7 @@ categorydisplaythreshold = {$dansguardian_groups['categorydisplaythreshold']} # WARNING: This option is highly CPU intensive! embeddedurlweight = {$dansguardian_groups['embeddedurlweight']} +maxuploadsize = {$dansguardian_groups['maxuploadsize']} # Enable PICS rating support # # Defaults to disabled @@ -370,13 +371,13 @@ deepurlanalysis = {$dansguardian_groups['deepurlanalysis']} #SSL certificate checking # Check that ssl certificates for servers on https connections are valid # and signed by a ca in the configured path -sslcertcheck = {$dansguardian_groups['sslcertcheck']} +sslcheckcert = {$dansguardian_groups['sslcheckcert']} #SSL man in the middle # Forge ssl certificates for all sites, decrypt the data then re encrypt it # using a different private key. Used to filter ssl sites sslmitm = {$dansguardian_groups['sslmitm']} -#mitmkey = '{$dansguardian_groups['mitmkey']}' +{$dansguardian_groups['mitmkey']} EOF; |