diff options
Diffstat (limited to 'config/dspam/pkg/p3scan.inc')
-rw-r--r-- | config/dspam/pkg/p3scan.inc | 277 |
1 files changed, 277 insertions, 0 deletions
diff --git a/config/dspam/pkg/p3scan.inc b/config/dspam/pkg/p3scan.inc new file mode 100644 index 00000000..7d675050 --- /dev/null +++ b/config/dspam/pkg/p3scan.inc @@ -0,0 +1,277 @@ +<?php +/* $Id$ */ +/* Copyright (C) 2006 Daniel S. Haischt */ + +/* include all configuration functions */ +require_once("functions.inc"); + +function sync_package_p3scan() { + global $config, $g; + conf_mount_rw(); + config_lock(); + $fd = fopen("/etc/p3scan.conf","w"); + + /* shorten the config path */ + $cfg = $config['installedpackages']['p3scanpf']['config'][0]; + $cfgmsg = $config['installedpackages']['p3scanpfmsg']['config'][0]; + $cfgemer = $config['installedpackages']['p3scanpfemer']['config']; + $cfgvir = $config['installedpackages']['p3scanpfvir']['config'][0]; + $cfgspam = $config['installedpackages']['p3scanpfspam']['config'][0]; + + fwrite($fd, "## p3scan-pf config file - generated by pfSense.\n##\n"); + fwrite($fd, "## at: " . date("l dS of F Y h:i:s A") . "\n##\n"); + /* ================================================================ */ + /* == Tab: Daemon Settings == */ + /* ================================================================ */ + fwrite($fd, "## Daemon Settings.\n"); + fwrite($fd, "pidfile = /var/run/p3scan/p3scan.pid\n"); + if (isset($cfg['maxchilds']) && $cfg['maxchilds'] <> "") + fwrite($fd, "maxchilds = {$cfg['maxchilds']}\n"); + else + fwrite($fd, "maxchilds = 10\n"); + if (isset($cfg['ipaddr']) && $cfg['ipaddr'] <> "") + fwrite($fd, "ip = {$cfg['ipaddr']}\n"); + else + fwrite($fd, "ip = 0.0.0.0\n"); + /* TODO: Even if the port is configurable, it is + hardcoded in p3scan.c. This needs to be + changed for the sake of flexebility. + */ + if (isset($cfg['port']) && $cfg['port'] <> "") + fwrite($fd, "port = {$cfg['port']}\n"); + else + fwrite($fd, "port = 8110\n"); + if (isset($cfg['sslport']) && $cfg['sslport'] <> "") + fwrite($fd, "sslport = {$cfg['sslport']}\n"); + else + fwrite($fd, "sslport = 995\n"); + if (isset($cfg['targetip']) && $cfg['targetip'] <> "") + fwrite($fd, "targetip = {$cfg['targetip']}\n"); + else + fwrite($fd, "targetip = 0.0.0.0\n"); + if (isset($cfg['targetport']) && $cfg['targetport'] <> "") + fwrite($fd, "targetport = {$cfg['targetport']}\n"); + else + fwrite($fd, "targetport = 8110\n"); + if (isset($cfg['emailport']) && $cfg['emailport'] <> "") + fwrite($fd, "emailport = {$cfg['emailport']}\n"); + else + fwrite($fd, "emailport = 25\n"); + if (isset($cfg['daemonuser']) && $cfg['daemonuser'] <> "") + fwrite($fd, "user = {$cfg['daemonuser']}\n"); + else + fwrite($fd, "user = root\n"); + fwrite($fd, "notifydir = /var/spool/p3scan/notify\n"); + fwrite($fd, "virusdir = /var/spool/p3scan\n"); + fwrite($fd, "template = /usr/local/etc/p3scan/p3scan.mail\n"); + + /* ================================================================ */ + /* == Tab: Message Processing == */ + /* ================================================================ */ + fwrite($fd, "## Message Processing Settings.\n"); + if (isset($cfgmsg['justdelete']) && $cfgmsg['justdelete'] <> "") + fwrite($fd, "justdelete\n"); + if (isset($cfgmsg['bytesfree']) && $cfgmsg['bytesfree'] <> "") + fwrite($fd, "bytesfree = {$cfgmsg['bytesfree']}\n"); + else + fwrite($fd, "bytesfree = 10000\n"); + if (isset($cfgmsg['broken']) && $cfgmsg['broken'] <> "") + fwrite($fd, "broken\n"); + if (isset($cfgmsg['timeout']) && $cfgmsg['timeout'] <> "") + fwrite($fd, "timeout = {$cfgmsg['timeout']}\n"); + else + fwrite($fd, "timeout = 30\n"); + if (isset($cfgmsg['ispspam']) && $cfgmsg['ispspam'] <> "") + fwrite($fd, "ispspam = {$cfg['ispspam']}\n"); + if (file_exists("/usr/local/bin/renattach")) + fwrite($fd, "renattach = /usr/local/bin/renattach\n"); + if (isset($cfgmsg['subject']) && $cfgmsg['subject'] <> "") + fwrite($fd, "subject = {$cfgmsg['subject']}\n"); + else + fwrite($fd, "subject = Subject: \"[Virus] found in a mail to you:\" <virus name>\n"); + if (isset($cfgmsg['notify']) && $cfgmsg['notify'] <> "") + fwrite($fd, "notify = {$cfgmsg['notify']}\n"); + else + fwrite($fd, "notify = Per instruction, the message has been deleted.\n"); + if (isset($cfgmsg['smtpreject']) && $cfgmsg['smtpreject'] <> "") + fwrite($fd, "smtprset = {$cfgmsg['smtpreject']}\n"); + else + fwrite($fd, "smtprset = Virus detected! P3scan rejected message!\n"); + if (isset($cfgmsg['checksize']) && $cfgmsg['checksize'] <> "") + fwrite($fd, "checksize = {$cfgmsg['checksize']}\n"); + if (isset($cfgmsg['footer']) && $cfgmsg['footer'] <> "") + fwrite($fd, "footer = {$cfgmsg['footer']}\n"); + + /* ================================================================ */ + /* == Tab: Emergency Contact == */ + /* ================================================================ */ + fwrite($fd, "## Emergency Contacts.\n"); + if (is_array($cfgemer)) { + foreach ($cfgemer as $addr) { + $contact .= "{$addr['emailaddress']} "; + } + if (isset($contact) && $contact <> "") + fwrite($fd, "emergcon = {$contact}\n"); + } + + /* ================================================================ */ + /* == Tab: Virus Scanner Settings == */ + /* ================================================================ */ + fwrite($fd, "## Virus Scanner Settings.\n"); + if (isset($cfgvir['scannertype']) && $cfgvir['scannertype'] <> "") + fwrite($fd, "scannertype = {$cfgvir['scannertype']}\n"); + else + fwrite($fd, "scannertype = clamd\n"); + if (isset($cfgvir['scanner']) && $cfgvir['scanner'] <> "") + fwrite($fd, "scanner = {$cfgvir['scanner']}\n"); + else + fwrite($fd, "scanner = 127.0.0.1:3310\n"); + if (isset($cfgvir['viruscode']) && $cfgvir['viruscode'] <> "") + fwrite($fd, "viruscode = {$cfgvir['viruscode']}\n"); + else + fwrite($fd, "viruscode = 1\n"); + if (isset($cfgvir['goodcode']) && $cfgvir['goodcode'] <> "") + fwrite($fd, "goodcode = {$cfgvir['goodcode']}\n"); + if (isset($cfgvir['virusregexp']) && $cfgvir['virusregexp'] <> "") + fwrite($fd, "virusregexp = {$cfgvir['virusregexp']}\n"); + if (isset($cfgvir['demime']) && $cfgvir['demime'] <> "") + fwrite($fd, "demime\n"); + + /* ================================================================ */ + /* == Tab: SPAM Settings == */ + /* ================================================================ */ + if (isset($cfgspam['checkspam']) && $cfgpam['checkspam'] <> "") { + fwrite($fd, "## SPAM Settings.\n"); + fwrite($fd, "checkspam\n"); + if (isset($cfgvir['spamcheck']) && $cfgvir['spamcheck'] <> "") + fwrite($fd, "spamcheck = {$cfgspam['spamcheck']}\n"); + else + fwrite($fd, "spamcheck = /usr/local/bin/dspam --user dspamuser --mode=teft --stdout --deliver=innocent,spam --feature=ch,no,wh\n"); + } + + fclose($fd); + + /* NOTE: The following code requires the p3scan.inc file to be saved with + UNIX Linefeeds. LF that is and NOT CR LF. + */ + $start = <<<EOD +test_p3scan_user=`cat /etc/passwd | grep p3scan` +test_p3scan_group=`cat /etc/passwd | grep p3scan` + +if [ -z "\${test_p3scan_group}" ]; then + pw groupadd p3scan -g 108 +fi + +if [ -z "\${test_p3scan_user}" ]; then + pw useradd p3scan -u 108 -g p3scan -d /var/spool/p3scan -s /sbin/nologin -c 'P3Scan Daemon' +fi + +if [ ! -d "/var/spool/p3scan" ]; then + mkdir /var/spool/p3scan && chown p3scan:p3scan /var/spool/p3scan +fi + +if [ ! -d "/var/spool/p3scan/children" ]; then + mkdir /var/spool/p3scan/children && chown p3scan:p3scan /var/spool/p3scan/children +fi + +if [ ! -d "/var/spool/p3scannotify" ]; then + mkdir /var/spool/p3scannotify && chown p3scan:p3scan /var/spool/p3scannotify +fi + +if [ ! -d "/var/run/p3scan" ]; then + mkdir /var/run/p3scan && chown p3scan:p3scan /var/run/p3scan +fi + +/sbin/mount_fdescfs fdescfs /dev/fd +/usr/local/sbin/p3scan --configfile=/usr/local/etc/p3scan/p3scan.conf & + +EOD; + + $stop = "/usr/bin/killall p3scan\n" . + "sleep 2"; + + write_rcfile(array( + "file" => "030.p3scan.sh", + "start" => $start, + "stop" => $stop + ) + ); + + conf_mount_ro(); + config_unlock(); + + if (! file_exists("/usr/local/etc/p3scan")) { + mkdir("/usr/local/etc/p3scan"); + } + if (! file_exists("/usr/local/etc/p3scan/p3scan.conf")) { + mwexec("ln -s /etc/p3scan.conf /usr/local/etc/p3scan/p3scan.conf"); + } + if (! file_exists("/usr/local/etc/p3scan/p3scan.mail")) { + $fd = fopen("/usr/local/etc/p3scan/p3scan.mail","w"); + + $p3scanmail = <<<EOD +MIME-Version: 1.0 +Content-Transfer-Encoding: 8bit +Content-Type: text/plain; + charset="iso-8859-1" + +Hello %USERNAME%. +This message body was generated automatically from P3Scan, which runs on +%HOSTNAME%.%DOMAINNAME% for scanning all incoming email. + +It replaces the body of a message sent to you that contained a VIRUS! + +Instead of the infected email this message has been sent to you. + +You may look at the message header of this message for the complete +email header information of the infected message. + +Virus name: + %VIRUSNAME% +(Supposed) Sender of the email: + %MAILFROM% +Sent To: + %MAILTO% +On Date: + %MAILDATE% +Subject: + %SUBJECT% +Connection data: + %PROTOCOL% from %CLIENTIP%:%CLIENTPORT% to %SERVERIP%:%SERVERPORT% +Message File: + %P3SCANID% +Virus Definition Info: + %VDINFO% +-- +%PROGNAME% %VERSION% +by Jack S. Lai <laitcg@cox.net> + +EOD; + + fwrite($fd, $p3scanmail); + fclose($fd); + } + + mwexec("/usr/local/etc/rc.d/030.p3scan.sh stop"); + mwexec("/usr/local/etc/rc.d/030.p3scan.sh start"); + + return 0; +} + +function custom_php_install_command() { + global $config, $g; + sync_package_p3scan(); +} + +function custom_php_deinstall_command() { + global $config, $g; + conf_mount_rw(); + unlink_if_exists("/usr/local/pkg/pf/p3scan_rules.php"); + unlink_if_exists("/usr/local/www/p3scan_rules.php"); + unlink_if_exists("/usr/local/etc/p3scan/p3scan.conf"); + unlink_if_exists("/usr/local/etc/p3scan/p3scan.mail"); + unlink_if_exists("/usr/local/etc/rc.d/030.p3scan.sh"); + rmdir("/usr/local/etc/p3scan"); + conf_mount_ro(); +} +?>
\ No newline at end of file |