From 4fc28f4f28f865773def1cebb722e6fa952a00a4 Mon Sep 17 00:00:00 2001 From: dvserg Date: Mon, 3 Jan 2011 00:39:03 +0300 Subject: squidGuard change blacklist --- config/squidGuard/squidguard.inc | 162 ++++++++++++------------ config/squidGuard/squidguard_configurator.inc | 170 +++++++++++++------------- 2 files changed, 163 insertions(+), 169 deletions(-) diff --git a/config/squidGuard/squidguard.inc b/config/squidGuard/squidguard.inc index 12e52e35..5d78b0da 100644 --- a/config/squidGuard/squidguard.inc +++ b/config/squidGuard/squidguard.inc @@ -1,7 +1,7 @@ $dst[F_NAME], 'upt_value'=>$acls_up[$dst[F_NAME]], 'ovt_value'=>$acls_over[$dst[F_NAME]], 'description'=>$dst[F_DESCRIPTION]); + } } # Blacklist if ($squidguard_config[F_BLACKLISTENABLED] === 'on') { $blk_entries = sg_entries_blacklist(); if (!empty($blk_entries)) { - foreach($blk_entries as $dst) + foreach($blk_entries as $dst) { $dest_items[] = array ('name'=>$dst, 'upt_value'=>$acls_up[$dst], 'ovt_value'=>$acls_over[$dst], 'description'=>''); + } } } @@ -601,16 +590,6 @@ function squidguard_before_form_acl($pkg, $is_acl=true) { } } -# ----------------------------------------------------------------------------- -# squidguard_before_form_log - must be deleted -# ----------------------------------------------------------------------------- -define('LOGSHOW_BUFSIZE', 16384); - -function squidguard_before_form_log($pkg) -{ -# delete me -} - # ----------------------------------------------------------------------------- # make_grid_general_items # ----------------------------------------------------------------------------- @@ -649,7 +628,7 @@ function make_grid_blacklist() { $res = ''; # button 'Upload URL' and button 'Restore last blacklist' $res = "
"; - $res .= " "; + $res .= " "; return $res; } @@ -677,11 +656,13 @@ function make_grid_controls($type, $items, $enable_overtime = true) { $x = 0; } - $name = $item['name']; + $name = trim($item['name']); $upt_val = $item['upt_value']; $ovt_val = $item['ovt_value']; $description = $item['description']; + if (!$name) continue; # skip empty + $sel = "selected=\"selected\""; $upt_A = $upt_B = $upt_C = $upt_D = ''; switch($upt_val) { @@ -707,7 +688,7 @@ function make_grid_controls($type, $items, $enable_overtime = true) { $tbl .= "$description [$name]"; $tbl .= "access"; $tbl .= ""; - if (substr_count($name, "all") === 0) { + if ($name !== "all"/*substr_count($name, "all") === 0*/) { $tbl .= ""; - $tbl .= ""; + $tbl .= ""; $tbl .= ""; $tbl .= ""; } @@ -745,13 +726,13 @@ function make_grid_controls($type, $items, $enable_overtime = true) { if (!empty($tbl)) { $color = 'style="background-color: #dddddd;"'; $thdr = ''; - $hdr1up = "Destination rules"; - $hdr1ov = "Destination rules in overtime"; + $hdr1up = "Destination Categories"; + $hdr1ov = "Destination Categories in overtime"; $hds3 = "ACCESS: 'whitelist' - always pass; 'deny' - block; 'allow' - pass, if not blocked."; if ($enable_overtime) { $thdr .= "$hds3"; $thdr .= "$hdr1up$hdr1ov"; - $thdr .= "If 'Time' not defined, this ruleset will be ignored"; + $thdr .= "If 'Time' not defined, this is column will be ignored."; # formatting $thdr .= ""; } @@ -765,9 +746,9 @@ function make_grid_controls($type, $items, $enable_overtime = true) { $res .= " $thdr $tbl
"; $rstyle = ""; - $ha = "
" . + $ha = "
" . "" . - "Destination ruleset (click) " . + "Destination Categories (click) " . " " . "" . "" . @@ -811,7 +792,7 @@ function sg_check_unique_name($module_id, $name, $log='') { function sg_check_reserved_name($name, $log='') { $res = true; - $reserved = array("acl", "all", "dbhome", "default", "dest", "in-addr", "log", "logdir", "none", "pass", "rew", "src", "url", "user"); + $reserved = array("acl", "all", "allow", "dbhome", "default", "dest", "in-addr", "log", "logdir", "none", "pass", "rew", "src", "url", "user"); if (in_array(strtolower(trim($name)), $reserved)) { $res = false; @@ -829,13 +810,18 @@ function squidguard_install_command() { sg_check_system(); # generate squidGuard blacklist entries file (check with squidGuard PORT) - conf_mount_rw(); - $entries = array("ads", "aggressive", "audio-video", "drugs", "gambling", "hacking", - "mail", "porn", "proxy", "violence", "warez"); - file_put_contents(SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES, implode("\n", $entries)); +# conf_mount_rw(); + $blklist_file = SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES; + + # рассмотреть вариант слияния examples базы и существующей в системе + if (!file_exists($blklist_file)) { + # if blacklist not exists, then copy default db from samples +# $entries = array("ads", "aggressive", "audio-video", "drugs", "gambling", "hacking", "mail", "porn", "proxy", "violence", "warez"); +# file_put_contents($blklist_file, implode("\n", $entries)); + } set_file_access(SQUIDGUARD_WORKDIR, OWNER_NAME, 0755); set_file_access(SQUIDGUARD_DBHOME, OWNER_NAME, 0755); - conf_mount_ro(); +# conf_mount_ro(); sg_reconfigure(); } @@ -845,12 +831,14 @@ function squidguard_deinstall_command() { # remove entries from squid config squid_reconfigure('remove redirector options'); + # Note: When you reinstall should remain Database + # remove package and his depends - mwexec("pkg_delete squidGuard-1.2.0_1"); - mwexec("rm -rf " . SQUIDGUARD_WORKDIR); + #mwexec("pkg_delete squidGuard-1.2.0_1"); + #mwexec("rm -rf " . SQUIDGUARD_WORKDIR); # i known't, really need delete blacklist base? - mwexec("rm -rf " . SQUIDGUARD_DBHOME); - mwexec("/bin/rm -f " . SQUIDGUARD_CONFBASE . "/squidGuard*"); + #mwexec("rm -rf " . SQUIDGUARD_DBHOME); + #mwexec("/bin/rm -f " . SQUIDGUARD_CONFBASE . "/squidGuard*"); } # ------------------------------------------------------------------------------ @@ -1281,13 +1269,13 @@ function squidguard_squid_conflist( ) # get squidguard config list function squidguard_conflist( ) { - $fname = SQUIDGUARD_CONFBASE_DEF . SQUIDGUARD_CONFIGFILE; + $fname = SQUIDGUARD_CONFBASE . SQUIDGUARD_CONFIGFILE; $res = ""; if (file_exists( $fname )) $res = file_get_contents( $fname ); else $res = "File '$fname' not found."; - + return $res; } diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc index 035ab734..5c90d307 100644 --- a/config/squidGuard/squidguard_configurator.inc +++ b/config/squidGuard/squidguard_configurator.inc @@ -1,7 +1,7 @@ $in) @@ -340,7 +338,7 @@ function sg_save_configxml($filename) function sg_reconfigure() { global $squidguard_config; - $conf_file = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFIGFILE; + $conf_file = SQUIDGUARD_LOGDIR . SQUIDGUARD_CONFIGFILE; # 1. check system sg_check_system(); @@ -680,7 +678,7 @@ function sg_addlog($module, $log, $level = 0) } $logfile = ''; - $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFLOGFILE; + $logfile = SQUIDGUARD_LOGDIR . SQUIDGUARD_CONFLOGFILE; $log_content = array(); setlocale(LC_TIME, ''); @@ -713,7 +711,7 @@ function sg_getlog($last_entries_count) { global $squidguard_config; $log_content = ''; - $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFLOGFILE; + $logfile = SQUIDGUARD_LOGDIR . SQUIDGUARD_CONFLOGFILE; # define logfile if (!empty($squidguard_config) && file_exists($squidguard_config[F_LOGDIR])) @@ -920,7 +918,7 @@ function sg_create_config() $sg_tag->items[] = "s@{$rw[F_TARGETURL]}@{$rw[F_REPLACETO]}@{$rw[F_MODE]}"; if ($squidguard_config[F_ENABLELOG] == 'on' ) { - if ($rew[F_LOG]) + if ($rew[F_LOG]) $sg_tag->items[] = "log " . SQUIDGUARD_LOGFILE; } @@ -1485,8 +1483,8 @@ function sg_update_blacklist($from_file) { global $squidguard_config; conf_mount_rw(); - $dbhome = SQUIDGUARD_DBHOME_DEF; - $workdir = SQUIDGUARD_WORKDIR_DEF; + $dbhome = SQUIDGUARD_DBHOME; + $workdir = SQUIDGUARD_WORKDIR; $tmp_unpack_dir = SQUIDGUARD_TMP . SQUIDGUARD_BL_UNPACK; $arc_db_dir = SQUIDGUARD_VAR . SG_BLK_ARC; @@ -1571,7 +1569,7 @@ function sg_update_blacklist($from_file) # copy temp db to '/var/db/squidGuard (-R - recursive; -p - copy access rights) # '$bl_temp_dbhome/' - slash in end of path - copy only dir content (not self dir) $sh_scr[] = "cp -R -p $arc_db_dir/ $dbhome"; - $sh_scr[] = "cp -f -p $blklist_file " . SQUIDGUARD_WORKDIR_DEF; + $sh_scr[] = "cp -f -p $blklist_file " . SQUIDGUARD_WORKDIR; # set DB owner and right access $sh_scr[] = "chown -R -v " . OWNER_NAME . " $dbhome"; $sh_scr[] = "chmod -R -v 0755 $dbhome"; @@ -1615,7 +1613,7 @@ function sg_entries_blacklist() global $squidguard_config; $contents = ''; - $fl = SQUIDGUARD_WORKDIR_DEF . SQUIDGUARD_BLK_ENTRIES; + $fl = SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES; if (file_exists($squidguard_config[F_WORKDIR])) $fl = $squidguard_config[F_WORKDIR] . SQUIDGUARD_BLK_ENTRIES; if (file_exists($fl)) @@ -1726,23 +1724,31 @@ function scan_dir($dir) function restore_arc_blacklist() { global $squidguard_config; - $dbhome = SQUIDGUARD_DBHOME_DEF; - $blklist_file = SQUIDGUARD_WORKDIR_DEF . SQUIDGUARD_BLK_ENTRIES; - $arc_db_dir = SQUIDGUARD_VAR . SG_BLK_ARC; + $dbhome = SQUIDGUARD_DBHOME; + $blklist_file = SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES; + $arc_db_dir = SQUIDGUARD_DBSAMPLE; $arc_blklist_file = SQUIDGUARD_VAR . SQUIDGUARD_BLK_ENTRIES; if (file_exists($arc_db_dir) and file_exists($arc_blklist_file)) { - conf_mount_rw(); +# conf_mount_rw(); # copy arc blacklist to work DB with permissions mwexec("cp -R -p $arc_db_dir/ $dbhome"); set_file_access($dbhome, OWNER_NAME, 0755); sg_addlog("restore_arc_blacklist", "Restore blacklist archive from '$arc_db_dir'.", SQUIDGUARD_INFO); - # copy black list file - copy($arc_blklist_file, $blklist_file); + $blklist = ""; + $files = scan_dir("$arc_db_dir/"); + foreach ($files as $fl) { + $blklist .= $fl . "\n"; + } + file_put_contents($blklist_file, $blklist); set_file_access($blklist_file, OWNER_NAME, 0755); - sg_addlog("restore_arc_blacklist", "Restore black list file from '$arc_blklist_file' to '$blklist_file'.", SQUIDGUARD_INFO); - conf_mount_ro(); + + # copy black list file +# copy($arc_blklist_file, $blklist_file); +# set_file_access($blklist_file, OWNER_NAME, 0755); +# sg_addlog("restore_arc_blacklist", "Restore black list file from '$arc_blklist_file' to '$blklist_file'.", SQUIDGUARD_INFO); +# conf_mount_ro(); } else { sg_addlog("restore_arc_blacklist", "File '$arc_db_dir' or '$blklist_file' not found.", SQUIDGUARD_ERROR); } @@ -2143,7 +2149,7 @@ function sg_script_logrotate() { global $squidguard_config; $sglogname = $squidguard_config[F_LOGDIR] . "/" . SQUIDGUARD_LOGFILE; - $res = + $res = <<