diff options
Diffstat (limited to 'config/dansguardian')
| -rwxr-xr-x | config/dansguardian/dansguardian.conf.template | 2 | ||||
| -rwxr-xr-x | config/dansguardian/dansguardian.inc | 83 | ||||
| -rw-r--r-- | config/dansguardian/dansguardian.xml | 14 | ||||
| -rwxr-xr-x | config/dansguardian/dansguardian_about.php | 1 | ||||
| -rw-r--r-- | config/dansguardian/dansguardian_blacklist.xml | 4 | ||||
| -rw-r--r-- | config/dansguardian/dansguardian_config.xml | 8 | ||||
| -rwxr-xr-x | config/dansguardian/dansguardian_groups.xml | 31 | ||||
| -rw-r--r-- | config/dansguardian/dansguardian_ips_header.xml | 4 | ||||
| -rw-r--r-- | config/dansguardian/dansguardian_ldap.php | 149 | ||||
| -rwxr-xr-x | config/dansguardian/dansguardian_ldap.xml | 171 | ||||
| -rw-r--r-- | config/dansguardian/dansguardian_limits.xml | 4 | ||||
| -rw-r--r-- | config/dansguardian/dansguardian_log.xml | 4 | ||||
| -rwxr-xr-x | config/dansguardian/dansguardian_sync.xml | 4 | ||||
| -rw-r--r-- | config/dansguardian/dansguardian_users_header.xml | 4 | ||||
| -rw-r--r-- | config/dansguardian/dansguardianfx.conf.template | 2 |
15 files changed, 465 insertions, 20 deletions
diff --git a/config/dansguardian/dansguardian.conf.template b/config/dansguardian/dansguardian.conf.template index 5bee053e..27099332 100755 --- a/config/dansguardian/dansguardian.conf.template +++ b/config/dansguardian/dansguardian.conf.template @@ -680,7 +680,7 @@ softrestart = {$softrestart} #SSL certificate checking path #Path to CA certificates used to validate the certificates of https sites. -sslcertificatepath = '/etc/ssl/certs/' +sslcertificatepath = '/usr/local/share/certs/' #SSL man in the middle #CA certificate path diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc index 6c6d6e93..3d2d83f8 100755 --- a/config/dansguardian/dansguardian.inc +++ b/config/dansguardian/dansguardian.inc @@ -215,27 +215,31 @@ function sync_package_dansguardian() { $load_samples=0; #ssl men-in-the-middle feature - $dirs=array($dansguardian_dir."/ssl",$dansguardian_dir."/ssl/generatedcerts",$dansguardian_dir."/ssl/generatedlinks"); + $dirs=array("/var/log/dansguardian/stats","/etc/ssl/demoCA","/etc/ssl/demoCA/private","/etc/ssl/demoCA/crl","/etc/ssl/demoCA/certs",$dansguardian_dir."/ssl/generatedcerts",$dansguardian_dir."/ssl/generatedlinks"); foreach ($dirs as $dir) if (!is_dir($dir)) - mkdir ($dir,0700,true); - $ca_cert = lookup_ca($dansguardian_config["ca"][0]); + mkdir ($dir,0755,true); + $ca_cert = lookup_ca($dansguardian_config["dca"]); if ($ca_cert != false) { if(base64_decode($ca_cert['prv'])) { - file_put_contents($dansguardian_dir. "/ssl/ssl_ca_key.pem",base64_decode($ca_cert['prv'])); - $ca_pk = "caprivatekeypath = ".$dansguardian_dir . "/ssl/ssl_ca_key.pem"; + file_put_contents("/etc/ssl/demoCA/private/cakey.pem",base64_decode($ca_cert['prv'])); + $ca_pk = "caprivatekeypath = '/etc/ssl/demoCA/private/cakey.pem'"; } if(base64_decode($ca_cert['crt'])) { - file_put_contents($dansguardian_dir . "/ssl/ssl_ca_cert.pem",base64_decode($ca_cert['crt'])); - $ca_pem = "cacertificatepath = ".$dansguardian_dir . "/ssl/ssl_ca_cert.pem"; - $generatedcertpath= "generatedcertpath = ".$dansguardian_dir . "/ssl/generatedcerts"; - $generatedlinkpath= "generatedlinkpath = ".$dansguardian_dir . "/ssl/generatedlinks"; + $cert_hash=array(); + file_put_contents("/etc/ssl/demoCA/cacert.pem",base64_decode($ca_cert['crt'])); + exec("/usr/bin/openssl x509 -hash -noout -in /etc/ssl/demoCA/cacert.pem",$cert_hash); + file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",base64_decode($ca_cert['crt'])); + $ca_pem = "cacertificatepath = '/etc/ssl/demoCA/cacert.pem'"; + $generatedcertpath= "generatedcertpath = '/etc/ssl/demoCA/certs/'"; + #generatedcertpath = ".$dansguardian_dir . "/ssl/generatedcerts"; + $generatedlinkpath= "generatedlinkpath = '".$dansguardian_dir . "/ssl/generatedlinks'"; } - $svr_cert = lookup_cert($dansguardian_config["cert"][0]); + $svr_cert = lookup_cert($dansguardian_config["dcert"]); if ($svr_cert != false) { if(base64_decode($svr_cert['prv'])) { - file_put_contents($dansguardian_dir . "/ssl/ssl_server_key.pem",base64_decode($svr_cert['prv'])."\n".base64_decode($svr_cert['crt'])); - $cert_key = "certprivatekeypath = ".$dansguardian_dir . '/ssl/ssl_server_key.pem'; + file_put_contents("/etc/ssl/demoCA/private/serverkey.pem",base64_decode($svr_cert['prv'])); + $cert_key = "certprivatekeypath = '/etc/ssl/demoCA/private/serverkey.pem' "; } } } @@ -796,7 +800,7 @@ EOF; $cron_found=0; if (is_array($config['cron']['item'])) foreach($config['cron']['item'] as $cron) - if (!preg_match("/usr.local.(bin.freshclam|www.dansguardian.php)/",$cron["command"])){ + if (!preg_match("/usr.local.(bin.freshclam|www.dansguardian)/",$cron["command"])){ $cron_found++; $new_cron['item'][]=$cron; } @@ -875,7 +879,32 @@ EOF; break; } - + $cron_cmd="/usr/local/bin/php /usr/local/www/dansguardian_ldap.php"; + if (is_array($config['installedpackages']['dansguardiangroups']['config'])) + foreach ($config['installedpackages']['dansguardiangroups']['config'] as $dansguardian_groups){ + if(preg_match('/(\d+)m/',$dansguardian_groups['freq'],$matches)){ + $new_cron['item'][]=array( "minute" => "*/".$matches[1], + "hour" => "*", + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$dansguardian_groups['name']); + $config['cron']=$new_cron; + $cron_found++; + } + if(preg_match('/(\d+)h/',$dansguardian_groups['freq'],$matches)){ + $new_cron['item'][]=array( "minute" => "0", + "hour" => "*/".$matches[1], + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$dansguardian_groups['name']); + $config['cron']=$new_cron; + $cron_found++; + } + } #write files conf_mount_rw(); @@ -997,11 +1026,33 @@ function dansguardian_validate_input($post, &$input_errors) { $input_errors[] = "{$value} cannot be used as name."; else if ($key == "name" && preg_match("/\W/",$value)) $input_errors[] = "{$value} cannot be used as name. Use only a-z 0-9 characters"; - + else if (empty($value)) + continue; + else if($key == "freq" && (!preg_match("/^\d+(h|m|d)$/",$value) || $value == 0)) + $input_errors[] = "A valid number with a time reference is required for the field 'Update Frequency'"; } } function dansguardian_php_install_command() { + conf_mount_rw(); + #create ca-root hashes from ca-root-nss package + print "Creating root certificate bundle hashes from the Mozilla Project\n"; + $cas=file('/usr/local/share/certs/ca-root-nss.crt'); + $cert=0; + foreach ($cas as $ca){ + if (preg_match("/--BEGIN CERTIFICATE--/",$ca)) + $cert=1; + if ($cert == 1) + $crt.=$ca; + if (preg_match("/-END CERTIFICATE-/",$ca)){ + file_put_contents("/tmp/cert.pem",$crt, LOCK_EX); + $cert_hash=array(); + exec("/usr/bin/openssl x509 -hash -noout -in /tmp/cert.pem",$cert_hash); + file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",$crt,LOCK_EX); + $crt=""; + $cert=0; + } + } sync_package_dansguardian(); } @@ -1045,6 +1096,8 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { $xml['dansguardian'] = $config['installedpackages']['dansguardian']; $xml['dansguardianantivirusacl'] = $config['installedpackages']['dansguardianantivirusacl']; $xml['dansguardianconfig'] = $config['installedpackages']['dansguardianconfig']; + $xml['dansguardianblacklist'] = $config['installedpackages']['dansguardianblacklist']; + $xml['dansguardianldap'] = $config['installedpackages']['dansguardianldap']; $xml['dansguardiancontentacl'] = $config['installedpackages']['dansguardiancontentacl']; $xml['dansguardianfileacl'] = $config['installedpackages']['dansguardianfileacl']; $xml['dansguardiangroups'] = $config['installedpackages']['dansguardiangroups']; diff --git a/config/dansguardian/dansguardian.xml b/config/dansguardian/dansguardian.xml index 41f2a447..1188796c 100644 --- a/config/dansguardian/dansguardian.xml +++ b/config/dansguardian/dansguardian.xml @@ -69,6 +69,16 @@ <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_ldap.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_ldap.xml</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_limits.xml</item> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> @@ -201,6 +211,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_about.php b/config/dansguardian/dansguardian_about.php index f9c9e260..49359472 100755 --- a/config/dansguardian/dansguardian_about.php +++ b/config/dansguardian/dansguardian_about.php @@ -57,6 +57,7 @@ include("head.inc"); $tab_array[] = array(gettext("Limits"), false, "/pkg_edit.php?xml=dansguardian_limits.xml&id=0"); $tab_array[] = array(gettext("Blacklist"), false, "/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0"); $tab_array[] = array(gettext("Access Lists"), false, "/pkg_edit.php?xml=dansguardian_antivirus.xml&id=0"); + $tab_array[] = array(gettext("LDAP"), false, "/pkg.php?xml=dansguardian_ldap.xml&id=0"); $tab_array[] = array(gettext("Groups"), false, "/pkg.php?xml=dansguardian_groups.xml&id=0"); $tab_array[] = array(gettext("Users"), false, "/pkg.php?xml=dansguardian_users.xml&id=0"); $tab_array[] = array(gettext("IPs"), false, "/pkg.php?xml=dansguardian_ips.xml&id=0"); diff --git a/config/dansguardian/dansguardian_blacklist.xml b/config/dansguardian/dansguardian_blacklist.xml index a8895342..d95558e6 100644 --- a/config/dansguardian/dansguardian_blacklist.xml +++ b/config/dansguardian/dansguardian_blacklist.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_config.xml b/config/dansguardian/dansguardian_config.xml index 11a34434..6016d80f 100644 --- a/config/dansguardian/dansguardian_config.xml +++ b/config/dansguardian/dansguardian_config.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> @@ -198,7 +202,7 @@ </field> <field> <fielddescr>CA</fielddescr> - <fieldname>ca</fieldname> + <fieldname>dca</fieldname> <description><![CDATA[Select Certificate Authority to use when SSL filtering is enabled on Group options<br> To create a CA on pfsense, go to <strong>system -> Cert Manager<strong>]]></description> <type>select_source</type> @@ -208,7 +212,7 @@ </field> <field> <fielddescr>Cert</fielddescr> - <fieldname>cert</fieldname> + <fieldname>dcert</fieldname> <description><![CDATA[Select Certificate pair to use when SSL filtering is enabled on Group options<br> To create a Certificate on pfsense, go to <strong>system -> Cert Manager<strong>]]></description> <type>select_source</type> diff --git a/config/dansguardian/dansguardian_groups.xml b/config/dansguardian/dansguardian_groups.xml index 4849126d..baa9b44a 100755 --- a/config/dansguardian/dansguardian_groups.xml +++ b/config/dansguardian/dansguardian_groups.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> <active/> @@ -148,7 +152,6 @@ <multiple/> <size>10</size> </field> - <field> <fielddescr>Pics</fielddescr> <fieldname>picsacl</fieldname> @@ -328,6 +331,32 @@ <type>input</type> <size>10</size> </field> + <field> + <name>LDAP</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>LDAP</fielddescr> + <fieldname>ldap</fieldname> + <description><![CDATA[Select Active directory servers to extract users from<br> + The group must has the same name in dansguardian and on active directory<br> + <strong>This is not aplicable for default group</strong>]]></description> + <type>select_source</type> + <size>05</size> + <multiple/> + <source><![CDATA[$config['installedpackages']['dansguardianldap']['config']]]></source> + <source_name>dc</source_name> + <source_value>dc</source_value> + </field> + <field> + <fielddescr>Update frequency</fielddescr> + <fieldname>freq</fieldname> + <description><![CDATA[How often extract users from active directory and verify changes<br> + Valid options are minutes(m), hours(h)<br> + Sample: To update every two minute, use 2m]]></description> + <type>input</type> + <size>05</size> + </field> </fields> <custom_php_install_command> dansguardian_php_install_command(); diff --git a/config/dansguardian/dansguardian_ips_header.xml b/config/dansguardian/dansguardian_ips_header.xml index 2029fabf..33e50332 100644 --- a/config/dansguardian/dansguardian_ips_header.xml +++ b/config/dansguardian/dansguardian_ips_header.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_ldap.php b/config/dansguardian/dansguardian_ldap.php new file mode 100644 index 00000000..c02289ac --- /dev/null +++ b/config/dansguardian/dansguardian_ldap.php @@ -0,0 +1,149 @@ +#!/usr/local/bin/php -f +<?php + +// based on http://samjlevy.com/2011/02/using-php-and-ldap-to-list-of-members-of-an-active-directory-group/ +// pfsense integration by marcelloc and ccesario +/* $Id$ */ +/* ========================================================================== */ +/* + dansguardian_ldap.php + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +require_once("/etc/inc/util.inc"); +require_once("/etc/inc/functions.inc"); +require_once("/etc/inc/pkg-utils.inc"); +require_once("/etc/inc/globals.inc"); + +function explode_dn($dn, $with_attributes=0) +{ + $result = ldap_explode_dn($dn, $with_attributes); + if (is_array($result)) + foreach($result as $key => $value) { + $result[$key] = $value; + } + return $result; +} + +function get_ldap_members($group,$user,$password) { + global $ldap_host; + global $ldap_dn; + $LDAPFieldsToFind = array("member"); + $ldap = ldap_connect($ldap_host) or die("Could not connect to LDAP"); + + // OPTIONS TO AD + ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION,3); + ldap_set_option($ldap, LDAP_OPT_REFERRALS,0); + + ldap_bind($ldap, $user, $password) or die("Could not bind to LDAP"); + + $results = ldap_search($ldap,$ldap_dn,"cn=" . $group,$LDAPFieldsToFind); + + $member_list = ldap_get_entries($ldap, $results); + $group_member_details = array(); + if (is_array($member_list[0])) + foreach($member_list[0] as $list) + if (is_array($list)) + foreach($list as $member) { + $member_dn = explode_dn($member); + $member_cn = str_replace("CN=","",$member_dn[0]); + $member_search = ldap_search($ldap, $ldap_dn, "(CN=" . $member_cn . ")"); + $member_details = ldap_get_entries($ldap, $member_search); + $group_member_details[] = array($member_details[0]['samaccountname'][0], + $member_details[0]['displayname'][0]); + } + ldap_close($ldap); + array_shift($group_member_details); + return $group_member_details; + ldap_unbind($ldap); +} + +// Read Pfsense config +global $config,$g; + +#mount filesystem writable +conf_mount_rw(); + +$id=0; +$apply_config=0; +if (is_array($config['installedpackages']['dansguardiangroups']['config'])) + foreach($config['installedpackages']['dansguardiangroups']['config'] as $group) { + #ignore default group + if ($id > 0) + if ($argv[1] == "" || $argv[1] == $group['name']){ + $members=""; + $ldap_servers= explode (',',$group['ldap']); + echo "Group : " . $group['name']."\n"; + if (is_array($config['installedpackages']['dansguardianldap']['config'])) + foreach ($config['installedpackages']['dansguardianldap']['config'] as $server){ + if (in_array($server['dc'],$ldap_servers)){ + $ldap_dn = $server['dn']; + $ldap_host=$server['dc']; + $mask=(empty($server['mask'])?"USER":$server['mask']); + $result = get_ldap_members($group['name'],$server['username'].','.$server['dn'],$server['password']); + foreach($result as $key => $value) { + if (preg_match ("/\w+/",$value[0])){ + #var_dump($value); + $name= preg_replace('/[^(\x20-\x7F)]*/','', $value[1]); + $pattern[0]="/USER/"; + $pattern[1]="/,/"; + $pattern[2]="/NAME/"; + $replace[0]=$value[0]; + $replace[1]="\n"; + $replace[2]="$name"; + $members .= preg_replace($pattern,$replace,$mask)."\n"; + } + } + } + } + if (!empty($members)){ + $import_users = explode("\n", $members); + asort($import_users); + $members=base64_encode(implode("\n", $import_users)); + if($config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] != $members){ + $config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] = $members; + $apply_config++; + } + } + } + $id++; + } +if ($apply_config > 0){ + print "user list from LDAP is different from current group, applying new configuration..."; + write_config(); + include("/usr/local/pkg/dansguardian.inc"); + sync_package_dansguardian(); + print "done\n"; +} + +#mount filesystem read-only +conf_mount_ro(); + +?>
\ No newline at end of file diff --git a/config/dansguardian/dansguardian_ldap.xml b/config/dansguardian/dansguardian_ldap.xml new file mode 100755 index 00000000..3411f483 --- /dev/null +++ b/config/dansguardian/dansguardian_ldap.xml @@ -0,0 +1,171 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + dansguardian_ldap.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>dansguardianldap</name> + <version>1.0</version> + <title>Services: Dansguardian</title> + <include_file>/usr/local/pkg/dansguardian.inc</include_file> + <tabs> + <tab> + <text>Daemon</text> + <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> + </tab> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>Access Lists</text> + <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + <active/> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>XMLRPC Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> +</tabs> +<adddeleteeditpagefields> + <columnitem> + <fielddescr>hostname</fielddescr> + <fieldname>dc</fieldname> + </columnitem> + <columnitem> + <fielddescr>domain</fielddescr> + <fieldname>dn</fieldname> + </columnitem> + + <columnitem> + <fielddescr>username</fielddescr> + <fieldname>username</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <name>Ldap configuration</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Hostname</fielddescr> + <description><![CDATA[LDAP hostname example:<strong>dc1.mysite.com</strong>]]></description> + <fieldname>dc</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Domain</fielddescr> + <description><![CDATA[LDAP Domain example:<strong> dc=mysite,dc=com</strong>]]></description> + <fieldname>dn</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Username</fielddescr> + <description><![CDATA[Username Example:<strong>cn=antispam,cn=Users</strong>]]></description> + <fieldname>username</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Password</fielddescr> + <description><![CDATA[User password]]></description> + <fieldname>password</fieldname> + <type>password</type> + <size>10</size> + </field> + <field> + <fielddescr>mask</fielddescr> + <description><![CDATA[Default: USER<br>Apply prefix or sufix any info to username extracted.<br> + use "," if you need more than one mask for each user<br> + <strong>domain\USER #NAME,USER@MYDOMAIN.COM</strong><br> + NAME shows user name<br> + USER shows user login<br>]]></description> + <fieldname>mask</fieldname> + <type>input</type> + <size>50</size> + </field> + </fields> + <custom_php_install_command> + dansguardian_php_install_command(); + </custom_php_install_command> + <custom_php_deinstall_command> + dansguardian_php_deinstall_command(); + </custom_php_deinstall_command> + <custom_php_validation_command> + dansguardian_validate_input($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_dansguardian(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/dansguardian/dansguardian_limits.xml b/config/dansguardian/dansguardian_limits.xml index eef24d52..4974bc7d 100644 --- a/config/dansguardian/dansguardian_limits.xml +++ b/config/dansguardian/dansguardian_limits.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_log.xml b/config/dansguardian/dansguardian_log.xml index 3a0f241e..a3448d44 100644 --- a/config/dansguardian/dansguardian_log.xml +++ b/config/dansguardian/dansguardian_log.xml @@ -68,6 +68,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_sync.xml b/config/dansguardian/dansguardian_sync.xml index c041f398..f91eae6a 100755 --- a/config/dansguardian/dansguardian_sync.xml +++ b/config/dansguardian/dansguardian_sync.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_users_header.xml b/config/dansguardian/dansguardian_users_header.xml index 70edb5fe..1f15a610 100644 --- a/config/dansguardian/dansguardian_users_header.xml +++ b/config/dansguardian/dansguardian_users_header.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardianfx.conf.template b/config/dansguardian/dansguardianfx.conf.template index d420871f..ccc24f19 100644 --- a/config/dansguardian/dansguardianfx.conf.template +++ b/config/dansguardian/dansguardianfx.conf.template @@ -376,7 +376,7 @@ sslcertcheck = {$dansguardian_groups['sslcertcheck']} # Forge ssl certificates for all sites, decrypt the data then re encrypt it # using a different private key. Used to filter ssl sites sslmitm = {$dansguardian_groups['sslmitm']} -mitmkey = '{$dansguardian_groups['mitmkey']}' +#mitmkey = '{$dansguardian_groups['mitmkey']}' EOF; |