diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/imspector/imspector.inc | 92 | ||||
-rw-r--r-- | config/imspector/imspector.xml | 111 |
2 files changed, 190 insertions, 13 deletions
diff --git a/config/imspector/imspector.inc b/config/imspector/imspector.inc index b760bc3b..d2757be8 100644 --- a/config/imspector/imspector.inc +++ b/config/imspector/imspector.inc @@ -2,7 +2,8 @@ /* imspector.inc part of pfSense (http://www.pfsense.com/) - + Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com>. + Copyright (C) 2011 Bill Marquette <billm@gmail.com>. Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>. All rights reserved. @@ -72,6 +73,12 @@ function imspector_proto_to_port ($proto) { switch ($proto) { + case 'gadu-gadu': + return 8074; + case 'jabber': + return 5222; + case 'jabber-ssl': + return 5223; case 'msn': return 1863; case 'icq': @@ -219,6 +226,65 @@ write_imspector_config(IMSPECTOR_ETC . '/acl_blacklist.txt', str_replace("\r", '', base64_decode($imspector_config["acl_blacklist"]))); } + + // Handle Jabber SSL options + if(isset($imspector_config["ssl_ca_cert"]) && $imspector_config["ssl_ca_cert"] != "none" && + isset($imspector_config["ssl_server_cert"]) && $imspector_config["ssl_server_cert"] != "none") { + $conf['ssl'] = "on"; + if(!is_dir(IMSPECTOR_ETC . "/ssl")) + mkdir(IMSPECTOR_ETC . "/ssl"); + + $ca_cert = lookup_ca($imspector_config["ssl_ca_cert"]); + if ($ca_cert != false) { + if(base64_decode($ca_cert['prv'])) { + file_put_contents(IMSPECTOR_ETC . "/ssl/ssl_ca_key.pem", + base64_decode($ca_cert['prv'])); + $conf['ssl_ca_key'] = IMSPECTOR_ETC . '/ssl/ssl_ca_key.pem'; + } + if(base64_decode($ca_cert['crt'])) { + file_put_contents(IMSPECTOR_ETC . "/ssl/ssl_ca_cert.pem", + base64_decode($ca_cert['crt'])); + $conf['ssl_ca_cert'] = IMSPECTOR_ETC . "/ssl/ssl_ca_cert.pem"; + } + $svr_cert = lookup_cert($imspector_config["ssl_server_cert"]); + if ($svr_cert != false) { + if(base64_decode($svr_cert['prv'])) { + file_put_contents(IMSPECTOR_ETC . "/ssl/ssl_server_key.pem", + base64_decode($svr_cert['prv'])); + $conf['ssl_key'] = IMSPECTOR_ETC . '/ssl/ssl_server_key.pem'; + } + + } + $conf['ssl_cert_dir'] = IMSPECTOR_ETC . '/ssl'; + } + } else { + // SSL Not enabled. Make sure Jabber-SSL is not processed. + unset($conf['jabber-ssl']); + unset($conf['ssl']); + } + + if (isset($imspector_config['resonder']) && $imspector_config['resonder'] == 'on') { + $conf['responder_filename'] = IMSPECTOR_ETC . "/responder.db"; + if (isset($imspector_config['prefix_message']) && $imspector_config['prefix_message'] != '' ) { + $conf['response_prefix'] = base64_decode($imspector_config['prefix_message']) . " -="; + } + if (isset($imspector_config['notice_days']) && is_numeric($imspector_config['notice_days'])) { + if ($imspector_config['notice_days'] != 0) { + $conf['notice_days'] = $imspector_config['notice_days']; + } + } else { + $conf['notice_days'] = 1; + } + $conf['notice_response'] = "Your activities are being logged"; + if (isset($imspector_config['filtered_minutes']) && is_numeric($imspector_config['filtered_minutes'])) { + if ($imspector_config['filtered_minutes'] != 0) { + $conf['filtered_mins'] = $imspector_config['filtered_minutes']; + } + } else { + $conf['filtered_mins'] = 15; + } + $conf['filtered_response'] = "Your message has been filtered"; + } $conftext = ''; foreach($conf as $var => $key) @@ -283,4 +349,26 @@ EOD; config_unlock(); } -?> + + function imspector_get_ca_certs() { + global $config; + + $ca_arr = array(); + $ca_arr[] = array('refid' => 'none', 'descr' => 'none'); + foreach ($config['ca'] as $ca) { + $ca_arr[] = array('refid' => $ca['refid'], 'descr' => $ca['descr']); + } + return $ca_arr; + } + + function imspector_get_server_certs() { + global $config; + $cert_arr = array(); + $cert_arr[] = array('refid' => 'none', 'descr' => 'none'); + + foreach ($config['cert'] as $cert) { + $cert_arr[] = array('refid' => $cert['refid'], 'descr' => $cert['descr']); + } + return $cert_arr; + } +?>
\ No newline at end of file diff --git a/config/imspector/imspector.xml b/config/imspector/imspector.xml index c7595b9a..07294600 100644 --- a/config/imspector/imspector.xml +++ b/config/imspector/imspector.xml @@ -4,12 +4,13 @@ <packagegui> <copyright> <![CDATA[ -/* $Id$ */ /* ========================================================================== */ /* - authng.xml + imspector.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>. + Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2011 Bill Marquette <billm@gmail.com> + Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com> All rights reserved. */ /* ========================================================================== */ @@ -42,7 +43,7 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>imspector</name> - <version>0.8</version> + <version>0.9</version> <title>Services: IMSpector</title> <savetext>Change</savetext> <aftersaveredirect>/services_imspector_logs.php</aftersaveredirect> @@ -72,19 +73,19 @@ <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/imspector/imspector.inc</item> + <item>http://www.pfsense.org/packages/config/imspector-wip/imspector.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/imspector/services_imspector_logs.php</item> + <item>http://www.pfsense.org/packages/config/imspector-wip/services_imspector_logs.php</item> </additional_files_needed> <fields> <field> <fielddescr>Enable IMSpector</fielddescr> <fieldname>enable</fieldname> <type>checkbox</type> - </field> + </field> <field> <fielddescr>Interfaces (generally LAN)</fielddescr> <fieldname>iface_array</fieldname> @@ -98,9 +99,9 @@ <field> <fielddescr>Listen on protocols</fielddescr> <fieldname>proto_array</fieldname> - <description>You can use the CTRL or COMMAND key to select multiple protocols.</description> + <description>You can use the CTRL or COMMAND key to select multiple protocols. NOTE: Gtalk/Jabber-SSL requires SSL certificates.</description> <type>select</type> - <size>4</size> + <size>7</size> <required/> <multiple>true</multiple> <options> @@ -120,6 +121,18 @@ <name>IRC</name> <value>irc</value> </option> + <option> + <name>Jabber</name> + <value>jabber</value> + </option> + <option> + <name>Gtalk/Jabber-SSL</name> + <value>jabber-ssl</value> + </option> + <option> + <name>Gadu-Gadu</name> + <value>gadu-gadu</value> + </option> </options> </field> <field> @@ -155,12 +168,88 @@ <type>password</type> </field> <field> + <fielddescr>SSL Certificate</fielddescr> + <fieldname>ssl_server_cert</fieldname> + <description> + Choose the SSL Server Certificate here. + </description> + <type>select_source</type> + <source><![CDATA[imspector_get_server_certs()]]></source> + <source_name>descr</source_name> + <source_value>refid</source_value> + </field> + <field> + <fielddescr>SSL CA Certificate</fielddescr> + <fieldname>ssl_ca_cert</fieldname> + <description> + Choose the SSL CA Certficate here. + </description> + <type>select_source</type> + <source><![CDATA[imspector_get_ca_certs()]]></source> + <source_name>descr</source_name> + <source_value>refid</source_value> + </field> + <field> <fielddescr>Enable bad word filtering</fielddescr> <fieldname>filter_badwords</fieldname> <description>Replace characters of matched bad word with *.</description> <type>checkbox</type> </field> <field> + <fielddescr>Enable response messages</fielddescr> + <fieldname>resonder</fieldname> + <description> + Inform the users (both local and remote) that the conversation they are having is being recorded. This might be needed for legal reasons. + Inform the sender that a file (or message) was blocked. This is useful because the sender will know a block occured, instead of the transfer simply failing.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Notification frequency</fielddescr> + <fieldname>notice_days</fieldname> + <type>input</type> + <description>Frequency in number of days for notifying users they are being logged. Default 1 day if responses are enabled, set to 0 to disable</description> + </field> + <field> + <fielddescr>Filtered frequency</fielddescr> + <fieldname>filtered_minutes</fieldname> + <type>input</type> + <description>The time between sending "filtered" in minutes. Default 15 minutes if responses are enabled, set to 0 to disable</description> + </field> + <field> + <fielddescr>Custom message prefix</fielddescr> + <fieldname>prefix_message</fieldname> + <description> + Message to prepend to all IMSpector generated messages. The default is "Message from IMSpector" + </description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>5</rows> + <cols>40</cols> + </field> + <field> + <fielddescr>Custom recorded message response</fielddescr> + <fieldname>recorded_message</fieldname> + <description> + Message to send to users to let them know they are being recorded. The default is "Your activities are being logged" + </description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>5</rows> + <cols>40</cols> + </field> + <field> + <fielddescr>Custom filtered message response</fielddescr> + <fieldname>filtered_message</fieldname> + <description> + Message to send to users to let them know about filtered messages. + </description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>5</rows> + <cols>40</cols> + </field> + + <field> <fielddescr>Bad words list</fielddescr> <fieldname>badwords_list</fieldname> <description> @@ -188,7 +277,7 @@ <fielddescr>ACL whitelist</fielddescr> <fieldname>acl_whitelist</fieldname> <description> - Example (allow specifc access): localuser: remoteuser1 remoteuser2<br /> + Example (allow specific access): localuser: remoteuser1 remoteuser2<br /> Example (allow full access): localuser: </description> <type>textarea</type> @@ -219,4 +308,4 @@ deinstall_package_imspector(); </custom_php_deinstall_command> <filter_rules_needed>imspector_generate_rules</filter_rules_needed> -</packagegui> +</packagegui>
\ No newline at end of file |