From 5be939c186e0cb31db757d89cc406182579e5c3f Mon Sep 17 00:00:00 2001 From: dvserg Date: Thu, 16 Dec 2010 07:51:50 +0300 Subject: Log view changed. Log rotation added. Validation Names with reserved words added. --- config/squidGuard/squidguard.inc | 339 +++++++++++------------- config/squidGuard/squidguard.xml | 210 +++++++-------- config/squidGuard/squidguard_acl.xml | 126 +++++---- config/squidGuard/squidguard_configurator.inc | 357 ++++++++++++++++++-------- config/squidGuard/squidguard_default.xml | 108 ++++---- config/squidGuard/squidguard_dest.xml | 112 ++++---- config/squidGuard/squidguard_log.xml | 72 +++++- config/squidGuard/squidguard_rewr.xml | 17 +- config/squidGuard/squidguard_time.xml | 9 +- 9 files changed, 757 insertions(+), 593 deletions(-) (limited to 'config/squidGuard') diff --git a/config/squidGuard/squidguard.inc b/config/squidGuard/squidguard.inc index 025e5b50..1c681497 100644 --- a/config/squidGuard/squidguard.inc +++ b/config/squidGuard/squidguard.inc @@ -69,7 +69,6 @@ define('F_EXPRESSIONS', 'expressions'); define('F_DOMAINS', 'domains'); define('F_URLS', 'urls'); define('F_DISABLED', 'disabled'); -define('F_ENABLELOG', 'enablelog'); define('F_SQUIDGUARDENABLE','squidguard_enable'); define('F_BLACKLIST', 'blacklist'); @@ -147,6 +146,10 @@ function squidguard_validate_acl($post, $input_errors) if (!sg_check_unique_name(F_ACLS, $name)) $input_errors[] = "Name '$name' already exists."; + # check reserved + if (!sg_check_reserved_name($name)) + $input_errors[] = "Name '$name' is reserved."; + # check source $sgx = array(); $sgx[F_NAME] = $post[F_NAME]; @@ -218,6 +221,10 @@ function squidguard_validate_times($post, $input_errors) # check unique name if (!sg_check_unique_name(F_TIMES, $name)) $input_errors[] = "Name '$name' already exists"; + + # check reserved + if (!sg_check_reserved_name($name)) + $input_errors[] = "Name '$name' is reserved."; } # --- check format --- @@ -261,6 +268,10 @@ function squidguard_validate_destination($post, $input_errors) { # check unique name if (!sg_check_unique_name(F_DESTINATIONS, $name)) $input_errors[] = "Name '$name' already exists"; + + # check reserved + if (!sg_check_reserved_name($name)) + $input_errors[] = "Name '$name' is reserved."; } # --- check format --- @@ -282,12 +293,16 @@ function squidguard_validate_rewrite($post, $input_errors) { # check name $name = trim($post[F_NAME]); if(!empty($name)) { - # check name format - Ab123 - check_name_format($name, &$input_errors); + # check name format - Ab123 + check_name_format($name, &$input_errors); - # check unique name - if (!sg_check_unique_name(F_REWRITES, $name)) + # check unique name + if (!sg_check_unique_name(F_REWRITES, $name)) $input_errors[] = "Name '$name' already exists"; + + # check reserved + if (!sg_check_reserved_name($name)) + $input_errors[] = "Name '$name' is reserved."; } } @@ -304,6 +319,8 @@ function squidguard_resync() { $url = isset($_POST['blacklist_url']) ? $_POST['blacklist_url'] : $_GET['blacklist_url']; $proxy = isset($_POST['blacklist_proxy']) ? $_POST['blacklist_proxy'] : $_GET['blacklist_proxy']; + sg_init(convert_pfxml_to_sgxml()); + # blacklist upload if ($submit == BLACKLIST_BTN_URL) { if ($url) @@ -319,8 +336,11 @@ function squidguard_resync() { //if ($submit == APPLY_BTN) { # write_config('Update squidGuard options.'); # store, if not 'Save' button # перенести в validate для детектирования ошибок? + sg_reconfigure(); //} + + squidguard_cron_install(); } # ----------------------------------------------------------------------------- @@ -410,11 +430,6 @@ function squidguard_before_form($pkg) { $fld = &$pkg['fields']['field'][$i]; $fld['description'] .= make_grid_general_items(); # insert to description custom controls break; - # GUI log - case 'view_gui_log': - $fld = &$pkg['fields']['field'][$i]; - $fld['description'] .= make_grid_general_items('gui_log'); # insert to description custom controls - break; } $i++; } @@ -587,140 +602,13 @@ function squidguard_before_form_acl($pkg, $is_acl=true) { } # ----------------------------------------------------------------------------- -# squidguard_before_form_log +# squidguard_before_form_log - must be deleted # ----------------------------------------------------------------------------- define('LOGSHOW_BUFSIZE', 16384); -function squidguard_before_form_log($pkg) { - # ! nothing for config - only report. Possible use global $config ! - global $config; - $i=0; - $move_pos = 0; - $move_step = 50; - - foreach($pkg['fields']['field'] as $field) { - if ($field['fieldname'] == 'logtype') { - $slog = ''; - $mlog = $config['installedpackages'][MODULE_LOG]['config'][0]; - - $filename = ''; - $fld = &$pkg['fields']['field'][$i]; - $move_pos = ($move_pos) ? $move_pos : 0; - - switch ($mlog['logtype']) { - case 'block_log': - { - $filename = SQUIDGUARD_LOGDIR . "/" . SQUIDGUARD_ACCESSBLOCK_FILE; - $fh = ''; - if (file_exists($filename)) { - $fh = fopen($filename, "r"); - if ($fh) { - $fsize = filesize($filename); - # take LOGSHOW_BUFSIZE bytes from end - if ($fsize > LOGSHOW_BUFSIZE) - fseek($fh, -LOGSHOW_BUFSIZE, SEEK_END); - $s = fread($fh, LOGSHOW_BUFSIZE); - fclose($fh); - - $slog .= "Block log '$filename'. Last 100:"; - - $s = explode("\n", $s); - unset($s[0]); # unset us'nt complete string - - $slog .= "NumDateTimeIPURLFilterIDMtd"; - foreach($s as $key => $vs) { - $nkey = $move_pos + intval($key); - $slog .= ""; - $sx = $vs; - $sx = str_replace(array("/- -", "/-", "Request", "request","(", ")", "[", "]"), "", $sx); - $sx = explode(" ", $sx); - - # formatting url - $spos =0; - $stmp = ''; - while($spos + 81 < strlen($sx[4])) { - $stmp .= substr($sx[4], $spos, 81) . "
"; - $spos += 81; - } - $stmp .= substr($sx[4], $spos, strlen($sx[4]) - $spos); - $sx[4] = $stmp; - - if (!empty($vs)) - $slog .= " - " . strval($nkey) . " - $sx[0] $sx[1] - $sx[5] - $sx[4] - $sx[3] - $sx[2] - $sx[6]"; - } - } - } - - } - break; - case 'configurator_log': - { - $filename = SQUIDGUARD_LOGDIR . SQUIDGUARDCONF_LOGFILE; - $slog .= "$filename
"; - if (file_exists($filename)) { - $slog .= file_get_contents($filename); - $slog = str_replace("\n", "
", $slog); - $slog = "$slog"; - } - } - break; - case 'squidguard_log': - { - $slog .= 'squidguard_log report disabled'; -/* - $filename = SQUIDGUARD_LOGDIR . '/squidGuard.log'; - $slog .= "$filename
"; - if (file_exists($filename)) { - $slog .= file_get_contents($filename); - $slog = explode("\n", $slog); - while (count($slog) > 500) array_shift($slog); - $slog = implode("\n", $slog); - $slog = str_replace("\n", "
", $slog); - $slog = "$slog"; - } -*/ - } - break; - case 'squid_config': - { - $filename = SQUID_CONFIGFILE; - $slog .= "$filename
"; - if (file_exists($filename)) { - $slog .= file_get_contents($filename); - $slog = str_replace("\n", "
", $slog); - $slog = str_replace("\t", " ", $slog); - $slog = "$slog"; - } - } - break; - case 'squidguard_config': - { - $filename = SQUIDGUARD_WORKDIR . "/squidGuard.conf"; - $slog .= "$filename
"; - if (file_exists($filename)) { - $slog .= file_get_contents($filename); - $slog = str_replace("\n", "
", $slog); - $slog = str_replace("\t", " ", $slog); - $slog = "$slog"; - } - } - break; - } # switch - - $fld['description'] .= - " - - $slog
"; - } - $i++; - } +function squidguard_before_form_log($pkg) +{ +# delete me } # ----------------------------------------------------------------------------- @@ -749,14 +637,6 @@ function make_grid_general_items($id = '') $sgstate .= "
Wait: began updating the blacklist.
New data will be available after some time.
After the upgrade, it is necessary to check the configuration."; $res .= "SquidGuard service state: $sgstate"; } - elseif ($id === 'gui_log') { - if ($squidguard_config['view_gui_log'] == 'on') { - $log_content = sg_getlog(50); - $log_content = str_replace("\n","
", $log_content); - $res .= "Web GUI log (Latest 50)"; - $res .= "$log_content"; - } - } $res .= ""; return $res; @@ -925,6 +805,20 @@ function sg_check_unique_name($module_id, $name, $log='') { return $res; } +# ----------------------------------------------------------------------------- +# check unique name +# ----------------------------------------------------------------------------- +function sg_check_reserved_name($name, $log='') +{ + $res = true; + $reserved = array("acl", "all", "dbhome", "default", "dest", "in-addr", "log", "logdir", "none", "pass", "rew", "src", "url", "user"); + + if (in_array(strtolower(trim($name)), $reserved)) { + $res = false; + } + + return $res; +} # ------------------------------------------------------------------------------ # Install & deinstall # ------------------------------------------------------------------------------ @@ -1011,36 +905,6 @@ function squidGuard_print_javascript() { $javascript .= "\n"; } - if ($xml === "squidguard_src.xml") { ### will deleted ### - $javascript .= "\n"; - } - print($javascript); } @@ -1072,8 +936,14 @@ function convert_pfxml_to_sgxml() { $sgxml[F_ACLS] = convert_pfxml_to_sgxml_acl($config); $sgxml[F_DEFAULT] = convert_pfxml_to_sgxml_default($config); - # other - $sgxml['view_gui_log'] = $pfxml['view_gui_log']; + + + # log + $sgxml[F_ENABLELOG] = $pfxml['enable_log'] == 'on' ? 'on' : 'off'; + $sgxml[F_ENABLEGUILOG] = $pfxml['enable_guilog'] == 'on' ? 'on' : 'off'; + $sgxml[F_LOGROTATION] = $pfxml['log_rotation'] == 'on' ? 'on' : 'off'; + + # other $lanip = $config['interfaces']['lan']['ipaddr']; $sgxml[F_CURRENT_LAN_IP] = $lanip; @@ -1084,7 +954,7 @@ function convert_pfxml_to_sgxml() { $guiprotocol = $config['system']['webgui']['protocol']; $sgxml[F_SQUID_TRANSPARENT_MODE] = 'on'; - $sgxml[F_CURRENT_GUI_PORT] = $guiport; + $sgxml[F_CURRENT_GUI_PORT] = $guiport; $sgxml[F_CURRENT_GUI_PROTO] = $guiprotocol; } else { unset($sgxml[F_SQUID_TRANSPARENT_MODE]); @@ -1394,4 +1264,109 @@ function squidguard_adt_safesrch_add($rewrite_item) return $rewrite_item; } + +# get squid config list +function squidguard_squid_conflist( ) +{ + $fname = SQUID_CONFIGFILE; + $res = ""; + + if (file_exists( $fname )) + $res = file_get_contents( $fname ); + else $res = "File '$fname' not found."; + + return $res; +} + +# get squidguard config list +function squidguard_conflist( ) +{ + $fname = SQUIDGUARD_CONFBASE_DEF . SQUIDGUARD_CONFIGFILE; + $res = ""; + + if (file_exists( $fname )) + $res = file_get_contents( $fname ); + else $res = "File '$fname' not found."; + + return $res; +} + +# get squidguard log report + +define('LOGSHOW_BUFSIZE', '16384'); + +function squidguard_logrep( $filename, $lncount, $reverse ) +{ + $res = ""; + + $lncount = $lncount ? $lncount : 50; + $reverse = $reverse ? $reverse : false; + + if (file_exists($filename)) { + $fh = fopen($filename, "r"); + if ($fh) { + $fsize = filesize($filename); + # take LOGSHOW_BUFSIZE bytes from end + if ($fsize > LOGSHOW_BUFSIZE) + fseek($fh, -LOGSHOW_BUFSIZE, SEEK_END); + $cont = fread($fh, LOGSHOW_BUFSIZE); + fclose($fh); + } + + $cont = explode( "\n", $cont ); + $cont = array_slice($cont, -$lncount); + + if ($reverse) $cont = array_reverse( $cont ); + + $res .= "\n"; + $res .= "\n"; + foreach($cont as $cn) { + $cn = trim($cn); + if ($cn) { + $cn = explode(" ", $cn, 4); + + # split strings + $st = str_split ($cn[3], 25); + $cn[3] = ""; + foreach( $st as $s ) $cn[3] .= $s . ""; + + $res .= ""; + } + } + $res .= "
Last {$lncount} entries
{$cn[0]} {$cn[1]}{$cn[3]}
"; + } + + return $res; +} + +# get blacklist list +function squidguard_blacklist_list() +{ + $res = ""; + $fname = "/var/squidGuard/blacklist.files"; + + $res .= "\n"; + $res .= "\n"; + if (file_exists($fname)) { + $cont = explode("\n", file_get_contents($fname)); + foreach($cont as $cn) { + $ph = "/var/db/squidGuard/$cn"; + + if (file_exists($ph)) { + $dm = " "; + $ur = " "; + $ex = " "; + + if (file_exists("$ph/domains")) $dm = "domains"; + if (file_exists("$ph/urls")) $ur = "urls"; + if (file_exists("$ph/expressions")) $ex = "expressions"; + + $res .= ""; + } + } + } + $res .= "
NameDomainsUrlsExpressions
$cn$dm$ur$ex
"; + + return $res; +} ?> diff --git a/config/squidGuard/squidguard.xml b/config/squidGuard/squidguard.xml index 572efb97..9f0ed9fb 100644 --- a/config/squidGuard/squidguard.xml +++ b/config/squidGuard/squidguard.xml @@ -2,114 +2,130 @@ - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - - squidguardgeneral - 1.2.0_2 - Proxy filter SquidGuard: General settings - /usr/local/pkg/squidguard.inc - - - - Proxy filter - Modify the proxy server's filter settings -
Services
- /pkg_edit.php?xml=squidguard.xml&id=0 - - - - - General settings - /pkg_edit.php?xml=squidguard.xml&id=0 - - - - Default - /pkg_edit.php?xml=squidguard_default.xml&id=0 - - - ACL - /pkg.php?xml=squidguard_acl.xml - - - Destinations - /pkg.php?xml=squidguard_dest.xml - - - Times - /pkg.php?xml=squidguard_time.xml - - - Rewrites - /pkg.php?xml=squidguard_rewr.xml - - - Log - /pkg_edit.php?xml=squidguard_log.xml&id=0 - - - - + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + squidguardgeneral + 1.2.0_2 + Proxy filter SquidGuard: General settings + /usr/local/pkg/squidguard.inc + + + Proxy filter + Modify the proxy server's filter settings +
Services
+ /pkg_edit.php?xml=squidguard.xml&id=0 + + + + General settings + /pkg_edit.php?xml=squidguard.xml&id=0 + + + + Default + /pkg_edit.php?xml=squidguard_default.xml&id=0 + + + ACL + /pkg.php?xml=squidguard_acl.xml + + + Destinations + /pkg.php?xml=squidguard_dest.xml + + + Times + /pkg.php?xml=squidguard_time.xml + + + Rewrites + /pkg.php?xml=squidguard_rewr.xml + + + Log + /squidGuard/squidguard_log.php + + + squidGuard Proxy server filter Service squidGuard - - - + + /usr/local/pkg/ 0755 http://www.pfsense.org/packages/config/squidGuard/squidguard.inc - - + + /usr/local/pkg/ 0755 http://www.pfsense.org/packages/config/squidGuard/squidguard_configurator.inc - - + + /usr/local/pkg/ 0755 http://www.pfsense.org/packages/config/squidGuard/squidguard_acl.xml - - + + /usr/local/pkg/ 0755 http://www.pfsense.org/packages/config/squidGuard/squidguard_default.xml - - + + /usr/local/pkg/ 0755 http://www.pfsense.org/packages/config/squidGuard/squidguard_dest.xml - - + + /usr/local/pkg/ 0755 http://www.pfsense.org/packages/config/squidGuard/squidguard_rewr.xml - - + + /usr/local/pkg/ 0755 http://www.pfsense.org/packages/config/squidGuard/squidguard_time.xml - - - /usr/local/pkg/ - 0755 - http://www.pfsense.org/packages/config/squidGuard/squidguard_log.xml - - + + + /usr/local/www/squidGuard/ + 0755 + http://www.pfsense.org/packages/config/squidGuard/squidguard_log.php + + /usr/local/www/ 0755 http://www.pfsense.org/packages/config/squidGuard/sgerror.php - - - + + Enable squidguard_enable Check this for enable squidGuard checkbox + + Enable GUI log + enable_guilog + Check this for enable GUI log. + checkbox + + + Enable log + enable_log + Check this for enable log of the proxy filter. Usually log used for testing filter settings. + checkbox + + + Enable log rotation + log_rotation + Check this for enable daily rotate a log of the proxy filter. Use this option for limit log file size. + checkbox + + + Blacklist options + listtopic + Blacklist blacklist @@ -134,31 +150,25 @@ input 100 - - View GUI log - view_gui_log - Check this for view GUI log - checkbox - - - - + + + squidguard_validate(&$_POST, &$input_errors); - - + + squidguard_before_form(&$pkg); - - - squidGuard_print_javascript(); - - - squidguard_resync(); - - - squidguard_install_command(); - squidguard_resync(); - - - squidguard_deinstall_command(); - + + + squidGuard_print_javascript(); + + + squidguard_resync(); + + + squidguard_install_command(); + squidguard_resync(); + + + squidguard_deinstall_command(); + \ No newline at end of file diff --git a/config/squidGuard/squidguard_acl.xml b/config/squidGuard/squidguard_acl.xml index 03755b8e..04bb8553 100644 --- a/config/squidGuard/squidguard_acl.xml +++ b/config/squidGuard/squidguard_acl.xml @@ -2,51 +2,47 @@ - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - - squidguardacl - none - Proxy filter SquidGuard: Access Control List (ACL) - /usr/local/pkg/squidguard.inc - - A proxy server user has been deleted. - A proxy server user has been created/modified. - - - - General settings - /pkg_edit.php?xml=squidguard.xml&id=0 - - - Default - /pkg_edit.php?xml=squidguard_default.xml&id=0 - - - ACL - /pkg.php?xml=squidguard_acl.xml - - - - Destinations - /pkg.php?xml=squidguard_dest.xml - - - Times - /pkg.php?xml=squidguard_time.xml - - - Rewrites - /pkg.php?xml=squidguard_rewr.xml - - - Log - /pkg_edit.php?xml=squidguard_log.xml&id=0 - - - - + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + squidguardacl + none + Proxy filter SquidGuard: Access Control List (ACL) + /usr/local/pkg/squidguard.inc + A proxy server user has been deleted. + A proxy server user has been created/modified. + + + General settings + /pkg_edit.php?xml=squidguard.xml&id=0 + + + Default + /pkg_edit.php?xml=squidguard_default.xml&id=0 + + + ACL + /pkg.php?xml=squidguard_acl.xml + + + + Destinations + /pkg.php?xml=squidguard_dest.xml + + + Times + /pkg.php?xml=squidguard_time.xml + + + Rewrites + /pkg.php?xml=squidguard_rewr.xml + + + Log + /squidGuard/squidguard_log.php + + + Disabled disabled @@ -71,9 +67,8 @@ Description description - - - + + Disabled disabled @@ -250,30 +245,29 @@ 100 - Enable log + Log enablelog - Check this for enable log. + Check this for log this item. checkbox - - - + + squidguard_validate_acl(&$_POST, &$input_errors); - - + + squidguard_before_form_acl(&$pkg); - - + + squidGuard_print_javascript(); - - + + squidguard_resync_acl(); - - + + squidguard_resync_acl(); - - - - - + + + + + \ No newline at end of file diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc index 71724c90..035ab734 100644 --- a/config/squidGuard/squidguard_configurator.inc +++ b/config/squidGuard/squidguard_configurator.inc @@ -55,13 +55,18 @@ ini_set('max_execution_time', '3600'); ini_set('max_input_time', '3600'); ini_set('memory_limit', '100M'); +# +# ToDo ! Must use all settings via $squidguard_config ! +# Add check names for reserved words 'none, all, default, no-ip, block' +# Sdelat rewrite dlya smeny skachivaniya + # ------------------------------------------------------------------------------ # files header # ------------------------------------------------------------------------------ define('FILES_DB_HEADER', ' # ------------------------------------------------------------------------------ # File created by squidGuard package GUI -# (C)2006-2008 Serg Dvoriancev +# (C)2006-2010 Serg Dvoriancev # ------------------------------------------------------------------------------ '); @@ -107,17 +112,19 @@ define('SQUID_CONFIGFILE', '/usr/local/etc/squid/squid.conf'); define('TMP_DIR', '/var/tmp'); define('SQUIDGUARD_CONFIGFILE', '/squidGuard.conf'); -define('SQUIDGUARDCONF_LOGFILE', '/sg_configurator.log'); -define('SQUIDGUARD_ACCESSBLOCK_FILE', 'block.log'); +define('SQUIDGUARD_CONFLOGFILE', '/sg_configurator.log'); +define('SQUIDGUARD_LOGFILE', 'block.log'); define('SQUIDGUARD_CONFBASE_DEF', '/usr/local/etc/squid'); define('SQUIDGUARD_LOGDIR_DEF', '/tmp'); define('SQUIDGUARD_WORKDIR_DEF', '/usr/local/etc/squidGuard'); define('SQUIDGUARD_BINPATH_DEF', '/usr/local/bin'); -define('SQUIDGUARD_TMP', '/var/tmp/squidGuard'); # SG temp -define('SQUIDGUARD_VAR', '/var/squidGuard'); # SG variables +define('SQUIDGUARD_TMP', '/var/tmp/squidGuard'); # SG temp +define('SQUIDGUARD_VAR', '/var/squidGuard'); # SG variables define('SQUIDGUARD_STATE', '/squidGuard.state'); define('SQUIDGUARD_REBUILD', '/squidGuard.rebuild'); +define('SQUIDGUARD_SCR_LOGROTATE', '/usr/local/etc/rc.d/squidGuard_logrotate'); # Logrotate script + # DB home catalog contains 'Blacklist' and 'User' sub-catalogs define('SQUIDGUARD_DBHOME_DEF', '/var/db/squidGuard'); define('SQUIDGUARD_DB_BLACKLIST', '/bl'); @@ -139,6 +146,9 @@ define('SG_INFO_FILE', '/var/squidGuard/sg_db_upd.inf'); # error_res define('SG_ERR0', "Error! Check squidGuard configuration data."); +# ============================================================================== +# DEFINES +# ============================================================================== # redirect mode define('RMOD_NONE', 'rmod_none'); define('RMOD_INT_ERRORPAGE', 'rmod_int'); @@ -150,11 +160,19 @@ define('RMOD_EXT_RDR', 'rmod_ext_rdr'); define('RMOD_EXT_MOVED', 'rmod_ext_mov'); define('RMOD_EXT_FOUND', 'rmod_ext_fnd'); -# GUI options -define('SQUIDGUARD_LOG_MAXCOUNT', 500); # max log lines +# 0-error, 1-warning; 2-info +define('SQUIDGUARD_INFO', 2); +define('SQUIDGUARD_WARNING', 1); +define('SQUIDGUARD_ERROR', 0); -# 0-all, 1-medium; 2-low -define('SQUIDGUARD_LOG_LEVEL', 0); +# ============================================================================== +# OPTIONS +# ============================================================================== +# Log +define('SQUIDGUARD_GUILOG_LEVEL', SQUIDGUARD_INFO); # log level +define('SQUIDGUARD_GUILOG_MAXCOUNT', 500); # log max lines +define('SQUIDGUARD_GUILOG_ENABLE', true); # on/off gui log - option override GUI settings +define('SQUIDGUARD_LOG_ENABLE', true); # on/off SG log - option override GUI settings # define('FLT_DEFAULT_ALL', 'all'); @@ -166,6 +184,7 @@ define('OWNER_NAME', 'proxy'); # Debug define('DEBUG_ON', 'true'); + # ============================================================================== # black list # ============================================================================== @@ -186,10 +205,6 @@ define('FLT_WAREZ', 'warez'); # ============================================================================== # SquidGuard Configurator # ============================================================================== -$squidguard_config = array(); # squidGuard config array - -# call default init -sg_init(); # ------------------------------------------------------------------------------ # squidguard system fields @@ -244,12 +259,25 @@ define('F_NOTALLOWINGIP', 'notallowingip'); # not allo define('F_USERNAME', 'username'); define('F_ORDER', 'order'); +# log +define('F_ENABLELOG', 'enablelog'); +define('F_ENABLEGUILOG', 'enableguilog'); +define('F_LOGROTATION', 'logrotation'); + # transparent mode define('F_SQUID_TRANSPARENT_MODE', 'squid_transparent_mode'); define('F_CURRENT_LAN_IP', 'current_lan_ip'); define('F_CURRENT_GUI_PORT', 'current_gui_port'); define('F_CURRENT_GUI_PROTO', 'current_gui_protocol'); +# ------------------------------------------------------------------------------ +# Globals +# ------------------------------------------------------------------------------ +$squidguard_config = array(); # squidGuard config array + +# call default init +sg_init(); + # ------------------------------------------------------------------------------ # sg_init - initialize config array # ------------------------------------------------------------------------------ @@ -265,9 +293,11 @@ function sg_init($init = '') $squidguard_config[F_WORKDIR] = SQUIDGUARD_WORKDIR_DEF; $squidguard_config[F_BINPATH] = SQUIDGUARD_BINPATH_DEF; $squidguard_config[F_SQUIDCONFIGFILE] = SQUID_CONFIGFILE; - $squidguard_config[F_PROCCESSCOUNT] = REDIRECTOR_PROCESS_COUNT; + $squidguard_config[F_PROCCESSCOUNT] = REDIRECTOR_PROCESS_COUNT; } else { - $squidguard_config = $init; + # copy config from $init + foreach($init as $key => $in) + $squidguard_config[$key] = $in; } return $squidguard_config; @@ -286,11 +316,11 @@ function sg_load_configxml($filename) if (!empty($xmlconf)) { $squidguard_config = $xmlconf[F_SQUIDGUARD]; - sg_addlog("sg_load_configxml: Success update from '$filename'.", 1); + sg_addlog("sg_load_configxml", "Success update from '$filename'.", SQUIDGUARD_INFO); } else - sg_addlog("sg_load_configxml: Error, file '$filename' is empty.", 2); + sg_addlog("sg_load_configxml", "File '$filename' is empty.", SQUIDGUARD_ERROR); } else - sg_addlog("sg_load_configxml: Error, file '$filename' does not exists.", 2); + sg_addlog("sg_load_configxml", "File '$filename' does not exists.", SQUIDGUARD_ERROR); } # ------------------------------------------------------------------------------ @@ -328,9 +358,9 @@ function sg_reconfigure() file_put_contents('/usr/local/etc/squid' . SQUIDGUARD_CONFIGFILE, $conf); # << squidGuard want config '/usr/local/etc/squid' by default set_file_access($squidguard_config[F_WORKDIR], OWNER_NAME, 0755); conf_mount_ro(); - sg_addlog("sg_reconfigure: save squidGuard config to '$conf_file'.", 1); + sg_addlog("sg_reconfigure", "Save squidGuard config to '$conf_file'.", SQUIDGUARD_INFO); } else - sg_addlog("sg_reconfigure: error make squidGuard config.", 2); + sg_addlog("sg_reconfigure", "Can't create squidGuard config.", SQUIDGUARD_ERROR); # 4. reconfigure squid squid_reconfigure(); @@ -361,7 +391,7 @@ function squid_reconfigure($remove_only = '') (strpos($t_opt, REDIRECT_CHILDREN_OPT) === 0)) unset($conf[$key]); } - sg_addlog("squid_reconfigure: Remove old redirector options from Squid config.", 1); + sg_addlog("squid_reconfigure", "Remove old redirector options from Squid config.", SQUIDGUARD_INFO); } # add new options - if squidGuard enabled @@ -373,7 +403,7 @@ function squid_reconfigure($remove_only = '') $conf[] = REDIRECT_BYPASS_OPT . " on"; $conf[] = REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT; - sg_addlog("squid_reconfigure: Add new redirector options to Squid config.", 1); + sg_addlog("squid_reconfigure", "Add new redirector options to Squid config.", SQUIDGUARD_INFO); } # update config @@ -400,36 +430,40 @@ function sg_check_system() if (!file_exists($work_dir)) { mwexec("mkdir -p $work_dir"); set_file_access($work_dir, OWNER_NAME, 0755); - sg_addlog("sg_check_system: Create work dir '$work_dir'.", 1); + sg_addlog("sg_check_system", "Create work dir '$work_dir'.", SQUIDGUARD_WARNING); } } - unset($work_dir); # check log_dir & create if not exists $log_dir = $squidguard_config[F_LOGDIR]; if (!empty($log_dir)) { if (!file_exists($log_dir)) { mwexec("mkdir -p $log_dir"); - sg_addlog("sg_check_system: Create log dir '$log_dir'.", 1); + sg_addlog("sg_check_system", "Create log dir '$log_dir'.", SQUIDGUARD_WARNING); } # set access right - need start any time; # (SG possible start from console and log file will have only root access) set_file_access($log_dir, OWNER_NAME, 0755); } - unset($log_dir); # check db dir $db_dir = $squidguard_config[F_DBHOME]; if (!empty($db_dir)) { if (!file_exists($db_dir)) { mwexec("mkdir -p $db_dir"); - sg_addlog("sg_check_system: Create db dir '$db_dir'.", 1); + sg_addlog("sg_check_system", "Create db dir '$db_dir'.", SQUIDGUARD_WARNING); } # set access right set_file_access($db_dir, OWNER_NAME, 0755); } - unset($db_dir); conf_mount_ro(); + + # logrotate + if (file_exists(SQUIDGUARD_SCR_LOGROTATE)) unlink(SQUIDGUARD_SCR_LOGROTATE); + if ($squidguard_config[F_LOGROTATION] == 'on') { + file_put_contents(SQUIDGUARD_SCR_LOGROTATE, sg_script_logrotate()); + set_file_access (SQUIDGUARD_SCR_LOGROTATE, OWNER_NAME, 0755); + } } # ============================================================================== # squidGuard DB @@ -442,16 +476,16 @@ function sg_reconfigure_user_db() conf_mount_rw(); $dbhome = $squidguard_config[F_DBHOME]; - sg_addlog("sg_reconfigure_user_db: Begin with '$dbhome'", 1); + sg_addlog("sg_reconfigure_user_db", "Begin with '$dbhome'", SQUIDGUARD_INFO); # create user DB catalog, if not extsts if (!file_exists($dbhome)) { if (!mkdir($dbhome, 0755)) { - sg_addlog("sg_reconfigure_user_db: Error create user DB directory '$dbhome'.", 2); + sg_addlog("sg_reconfigure_user_db", "Can't create user DB directory '$dbhome'.", SQUIDGUARD_ERROR); return; } set_file_access($dbhome, OWNER_NAME, 0755); - sg_addlog("sg_reconfigure_user_db: Create user DB directory '$dbhome'.", 1); + sg_addlog("sg_reconfigure_user_db", "Create user DB directory '$dbhome'.", SQUIDGUARD_INFO); } # update destinations to db @@ -460,7 +494,7 @@ function sg_reconfigure_user_db() $dst_names = Array(); $dst_list = Array(); - sg_addlog("sg_reconfigure_user_db: Add user entries", 1); + sg_addlog("sg_reconfigure_user_db", "Add user entries", SQUIDGUARD_INFO); foreach($dests[F_ITEM] as $dst) { $path = "$dbhome/" . $dst[F_NAME]; $dst_names[] = $path; @@ -469,10 +503,10 @@ function sg_reconfigure_user_db() # 1. check destination catalog and create them, if need if (!file_exists($path)) { if (!mkdir ($path, 0755)) { - sg_addlog("sg_reconfigure_user_db: Error create dir '$path'.", 2); + sg_addlog("sg_reconfigure_user_db", "Can't create dir '$path'.", SQUIDGUARD_ERROR); return; } - sg_addlog("sg_reconfigure_user_db: Create dir '$path'.", 1); + sg_addlog("sg_reconfigure_user_db", "Create dir '$path'.", SQUIDGUARD_INFO); } # 2. build domains file @@ -480,7 +514,7 @@ function sg_reconfigure_user_db() if (!empty($domains)) { $content = trim(str_replace(" ", "\n", $domains)); file_put_contents($path . '/domains', $content); - sg_addlog("sg_reconfigure_user_db: -- add {$dst[F_NAME]} domains '$domains';", 1); + sg_addlog("sg_reconfigure_user_db", "Add {$dst[F_NAME]} domains '$domains';", SQUIDGUARD_INFO); } unset($domains); @@ -489,7 +523,7 @@ function sg_reconfigure_user_db() if (!empty($urls)) { $content = trim(str_replace(" ", "\n", $urls)); file_put_contents($path . '/urls', $content); - sg_addlog("sg_reconfigure_user_db: -- add {$dst[F_NAME]} urls '$content';", 1); + sg_addlog("sg_reconfigure_user_db", "Add {$dst[F_NAME]} urls '$content';", SQUIDGUARD_INFO); } unset($urls); @@ -499,7 +533,7 @@ function sg_reconfigure_user_db() $content = trim(str_replace("|", " ", $expr)); # delete first and last unnecessary '|' symbol $content = str_replace(" ", "|", $content); file_put_contents($path . '/expressions', $content); - sg_addlog("sg_reconfigure_user_db: -- add {$dst[F_NAME]} expressions '$content';", 1); + sg_addlog("sg_reconfigure_user_db", "Add {$dst[F_NAME]} expressions '$content';", SQUIDGUARD_INFO); } unset($expr); } @@ -510,7 +544,7 @@ function sg_reconfigure_user_db() # 6. rebuild user db ('/var/db/squidGuard') sg_rebuild_db("_usrdb", $dbhome, $dst_list); } else - sg_addlog("sg_reconfigure_user_db: Nothing. User destinations list empty.", 2); + sg_addlog("sg_reconfigure_user_db", "User destinations list empty.", SQUIDGUARD_WARNING); # 7. remove unused db entries sg_remove_unused_db_entries(); @@ -557,9 +591,9 @@ function sg_remove_unused_db_entries() if (!empty($fd) && ($fd != ".") && ($fd != "..")) { if (file_exists($file_fd)) { mwexec("rm -R $file_fd"); - sg_addlog("sg_remove_unused_db_entries: Removed file '$file_fd'.", 1); + sg_addlog("sg_remove_unused_db_entries", "Removed file '$file_fd'.", SQUIDGUARD_INFO); } else - sg_addlog("sg_remove_unused_db_entries: File'$file_fd' not found.", 2); + sg_addlog("sg_remove_unused_db_entries", "File'$file_fd' not found.", SQUIDGUARD_ERROR); } } } @@ -586,7 +620,7 @@ function sg_rebuild_db($shtag, $rdb_dbhome, $rdb_itemslist) # current dbhome dir if (!empty($rdb_dbhome)) $dbhome = $rdb_dbhome; - sg_addlog("sg_rebuild_db: Begin with path '$dbhome'.", 1); + sg_addlog("sg_rebuild_db", "Begin with path '$dbhome'.", SQUIDGUARD_INFO); # define - where config will placed $conf_path = "/tmp/squidGuard_rebuild.conf" . $shtag; @@ -595,7 +629,7 @@ function sg_rebuild_db($shtag, $rdb_dbhome, $rdb_itemslist) $conf = sg_create_simple_config($dbhome, $rdb_itemslist); file_put_contents($conf_path, $conf); set_file_access($conf_path, OWNER_NAME, 0750); - sg_addlog("sg_rebuild_db: Create temporary config '$conf_path'.", 1); + sg_addlog("sg_rebuild_db", "Create temporary config '$conf_path'.", SQUIDGUARD_INFO); # *** SH script *** $sh_scr = Array(); @@ -617,7 +651,7 @@ function sg_rebuild_db($shtag, $rdb_dbhome, $rdb_itemslist) set_file_access($shfile, OWNER_NAME, 0750); # ! not background exec ! mwexec($shfile); - sg_addlog("sg_rebuild_db: Started SH script '$shfile'.", 1); + sg_addlog("sg_rebuild_db", "Started SH script '$shfile'.", SQUIDGUARD_INFO); conf_mount_ro(); } @@ -626,15 +660,27 @@ function sg_rebuild_db($shtag, $rdb_dbhome, $rdb_itemslist) # ------------------------------------------------------------------------------ # sg_addlog # ------------------------------------------------------------------------------ -function sg_addlog($log, $level = 0) +function sg_addlog($module, $log, $level = 0) { global $squidguard_config; + # log disabled + if ( SQUIDGUARD_GUILOG_ENABLE === false || $squidguard_config[F_ENABLEGUILOG] != 'on' ) return; + # log level - if ($level < SQUIDGUARD_LOG_LEVEL) return; + if ($level > SQUIDGUARD_GUILOG_LEVEL) return; + + if ($module) $module = "[$module]"; + + $leveltext = ""; + switch($level) { + case SQUIDGUARD_INFO: $leveltext = ""; break; + case SQUIDGUARD_WARNING: $leveltext = "Warning"; break; + default: $leveltext = "Error"; break; + } $logfile = ''; - $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARDCONF_LOGFILE; + $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFLOGFILE; $log_content = array(); setlocale(LC_TIME, ''); @@ -643,9 +689,9 @@ function sg_addlog($log, $level = 0) # define logfile if (!empty($squidguard_config)) { if (file_exists($squidguard_config[F_LOGDIR])) - $logfile = $squidguard_config[F_LOGDIR] . SQUIDGUARDCONF_LOGFILE; + $logfile = $squidguard_config[F_LOGDIR] . SQUIDGUARD_CONFLOGFILE; } else - $log_content[] = "$dt : " . "sg_addlog: Error: squidguard_config is empty"; + $log_content[] = "$dt : " . "[sg_addlog] Error: squidguard_config is empty"; $tmplog = ''; if (file_exists($logfile)) @@ -654,9 +700,9 @@ function sg_addlog($log, $level = 0) unset($tmplog); # shrink to MAXCOUNT log entries - $log_content[] = "$dt : $log"; - if (count($log_content) > SQUIDGUARD_LOG_MAXCOUNT) - array_splice($log_content, 0, SQUIDGUARD_LOG_MAXCOUNT - count($log_content)); + $log_content[] = "$dt : $module $leveltext $log"; + if (count($log_content) > SQUIDGUARD_GUILOG_MAXCOUNT) + array_splice($log_content, 0, SQUIDGUARD_GUILOG_MAXCOUNT - count($log_content)); file_put_contents($logfile, implode("\n", $log_content)); } @@ -667,11 +713,11 @@ function sg_getlog($last_entries_count) { global $squidguard_config; $log_content = ''; - $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARDCONF_LOGFILE; + $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFLOGFILE; # define logfile if (!empty($squidguard_config) && file_exists($squidguard_config[F_LOGDIR])) - $logfile = $squidguard_config[F_LOGDIR] . SQUIDGUARDCONF_LOGFILE; + $logfile = $squidguard_config[F_LOGDIR] . SQUIDGUARD_CONFLOGFILE; # get log last 100 entries if (file_exists($logfile)) { @@ -702,14 +748,14 @@ function sg_create_config() $temp_str = ''; if(!is_array($squidguard_config) || empty($squidguard_config)) { - sg_addlog("sg_create_config: Error squidguard config data.", 2); + sg_addlog("sg_create_config", "Bad squidGuard config data.", SQUIDGUARD_ERROR); return sg_create_simple_config('', '', SG_ERR0 . " (sg_create_config: [1])."); } # check configuration data if (!sg_check_config_data(&$error_res)) { - sg_addlog("sg_create_config: Error config data. It's all error_res: \n$error_res", 2); - sg_addlog("sg_create_config: Terminated.", 2); + sg_addlog("sg_create_config", "Bad config data. It's all error_res: $error_res", SQUIDGUARD_ERROR); + sg_addlog("sg_create_config", "Terminated.", SQUIDGUARD_ERROR); return sg_create_simple_config('', '', SG_ERR0 . " (sg_create_config: [2])."); } @@ -737,7 +783,7 @@ function sg_create_config() } # log $temp_str = !empty($temp_str) ? $temp_str : "Nothing."; - sg_addlog("sg_create_config: add times: \n $temp_str", 1); + sg_addlog("sg_create_config", "Add times: $temp_str", SQUIDGUARD_INFO); } # --- Sources --- @@ -756,7 +802,10 @@ function sg_create_config() elseif (is_domain_valid($sr)) $sg_tag->items[] = "domain $sr"; elseif (is_username($sr)) $sg_tag->items[] = "user " . str_replace("'", "", $sr); } - if ($src[F_LOG]) $sg_tag->items[] = "log " . SQUIDGUARD_ACCESSBLOCK_FILE; + + if ($squidguard_config[F_ENABLELOG] == 'on' ) { + if ($src[F_LOG]) $sg_tag->items[] = "log " . SQUIDGUARD_LOGFILE; + } $sgconf[] = ""; $sgconf[] = $sg_tag->tag_text(); @@ -766,7 +815,7 @@ function sg_create_config() } # log $temp_str = !empty($temp_str) ? $temp_str : "Nothing."; - sg_addlog("sg_create_config: add sources: \n $temp_str", 1); + sg_addlog("sg_create_config", "Add sources: $temp_str", SQUIDGUARD_INFO); } # --- Blacklist --- @@ -776,7 +825,7 @@ function sg_create_config() if (($squidguard_config[F_BLACKLISTENABLED] === 'on') and $db_entries) { $log_entr_added = ''; $log_entr_ignored = ''; - sg_addlog("sg_create_config: add blacklist entries", 1); + sg_addlog("sg_create_config", "Add blacklist entries", SQUIDGUARD_INFO); foreach($db_entries as $key => $ent) { $ent_state = array(); $file_dms = "{$squidguard_config[F_DBHOME]}/$ent/domains"; @@ -805,7 +854,9 @@ function sg_create_config() if ($ent_state[F_DOMAINS]) $sg_tag->items[] = "domainlist $ent/domains"; if ($ent_state[F_EXPRESSIONS]) $sg_tag->items[] = "expressionlist $ent/expressions"; if ($ent_state[F_URLS]) $sg_tag->items[] = "urllist $ent/urls"; - $sg_tag->items[] = "log ". SQUIDGUARD_ACCESSBLOCK_FILE; + if ($squidguard_config[F_ENABLELOG] == 'on' ) { + $sg_tag->items[] = "log ". SQUIDGUARD_LOGFILE; + } $sgconf[] = ""; $sgconf[] = $sg_tag->tag_text(); @@ -819,8 +870,8 @@ function sg_create_config() } # log 'added' and 'ignored' - if (!empty($log_entr_added)) sg_addlog("sg_create_config: added: \n $log_entr_added \n", 1); - if (!empty($log_entr_ignored)) sg_addlog("sg_create_config: ignored: \n $log_entr_ignored \n", 2); + if (!empty($log_entr_added)) sg_addlog("sg_create_config", "Added: $log_entr_added .", SQUIDGUARD_INFO); + if (!empty($log_entr_ignored)) sg_addlog("sg_create_config", "Ignored: $log_entr_ignored .", SQUIDGUARD_WARNING); } # --- Destinations --- @@ -839,8 +890,10 @@ function sg_create_config() $sg_tag->items[] = "urllist $dstname/urls"; if ($dst[F_RMOD] != RMOD_NONE) $sg_tag->items[] = "redirect " . sg_redirector_base_url($dst[F_REDIRECT], $dst[F_RMOD]); - if ($dst[F_LOG]) - $sg_tag->items[] = "log " . SQUIDGUARD_ACCESSBLOCK_FILE; + if ($squidguard_config[F_ENABLELOG] == 'on' ) { + if ($dst[F_LOG]) + $sg_tag->items[] = "log " . SQUIDGUARD_LOGFILE; + } $sgconf[] = ""; $sgconf[] = $sg_tag->tag_text(); @@ -850,7 +903,7 @@ function sg_create_config() } # log $temp_str = !empty($temp_str) ? $temp_str : "Nothing."; - sg_addlog("sg_create_config: add destinations: \n $temp_str", 1); + sg_addlog("sg_create_config", "Add destinations: $temp_str", SQUIDGUARD_INFO); } # --- Rewrites --- @@ -866,8 +919,10 @@ function sg_create_config() foreach ($rew[F_ITEM] as $rw) $sg_tag->items[] = "s@{$rw[F_TARGETURL]}@{$rw[F_REPLACETO]}@{$rw[F_MODE]}"; - if ($rew[F_LOG]) - $sg_tag->items[] = "log " . SQUIDGUARD_ACCESSBLOCK_FILE; + if ($squidguard_config[F_ENABLELOG] == 'on' ) { + if ($rew[F_LOG]) + $sg_tag->items[] = "log " . SQUIDGUARD_LOGFILE; + } $sgconf[] = ""; $sgconf[] = $sg_tag->tag_text(); @@ -883,8 +938,8 @@ function sg_create_config() } # log - if (!empty($log_entr_added)) sg_addlog("sg_create_config: add rewrites: success $log_entr_added", 1); - if (!empty($log_entr_err)) sg_addlog("sg_create_config: add rewrites: error $log_entr_err", 1); + if (!empty($log_entr_added)) sg_addlog("sg_create_config", "Add rewrites: $log_entr_added", SQUIDGUARD_INFO); + if (!empty($log_entr_err)) sg_addlog("sg_create_config", "Add rewrites error $log_entr_err", SQUIDGUARD_ERROR); } # ---------------------------------------- @@ -923,8 +978,10 @@ function sg_create_config() $sg_acltag->items[] = "redirect " . sg_redirector_base_url($acl[F_REDIRECT], $acl[F_RMOD]); if ($acl[F_REWRITENAME]) $sg_acltag->items[] = "rewrite {$acl[F_REWRITENAME]}"; - if ($acl[F_LOG]) - $sg_acltag->items[] = "log " . SQUIDGUARD_ACCESSBLOCK_FILE; + if ($squidguard_config[F_ENABLELOG] == 'on' ) { + if ($acl[F_LOG]) + $sg_acltag->items[] = "log " . SQUIDGUARD_LOGFILE; + } # overtime if ($acl[F_TIMENAME]) { @@ -934,8 +991,10 @@ function sg_create_config() $sg_acltag->items[] = "redirect " . sg_redirector_base_url($acl[F_OVERREDIRECT], $acl[F_RMOD]); if ($acl[F_OVERREWRITENAME]) $sg_acltag->items[] = "rewrite {$acl[F_OVERREWRITENAME]}"; - if ($acl[F_LOG]) - $sg_acltag->items[] = "log " . SQUIDGUARD_ACCESSBLOCK_FILE; + if ($squidguard_config[F_ENABLELOG] == 'on' ) { + if ($acl[F_LOG]) + $sg_acltag->items[] = "log " . SQUIDGUARD_LOGFILE; + } } $sg_tag->items[] = $sg_acltag; } @@ -943,14 +1002,14 @@ function sg_create_config() } # log $log_entr_added = !empty($log_entr_added) ? $log_entr_added : "Nothing."; - sg_addlog("sg_create_config: add ACL's: \n $log_entr_added", 1); + sg_addlog("sg_create_config", "Add ACL's: $log_entr_added", SQUIDGUARD_INFO); } # --- Default --- $sg_tag_def = new TSgTag; $sg_tag_def->set("default", "", "", ""); $def = $squidguard_config[F_DEFAULT]; - sg_addlog("sg_create_config: add Default", 1); + sg_addlog("sg_create_config", "Add Default", SQUIDGUARD_INFO); if ($def) { $temp_str = ''; @@ -971,16 +1030,17 @@ function sg_create_config() $sg_tag_def->items[] = "redirect " . sg_redirector_base_url($def[F_REDIRECT], $def[F_RMOD]); if ($def[F_REWRITENAME]) $sg_tag_def->items[] = "rewrite {$def[F_REWRITENAME]}"; - if ($def[F_LOG]) - $sg_tag_def->items[] = "log " . SQUIDGUARD_ACCESSBLOCK_FILE; - + if ($squidguard_config[F_ENABLELOG] == 'on' ) { + if ($def[F_LOG]) + $sg_tag_def->items[] = "log " . SQUIDGUARD_LOGFILE; + } } # <- if def else { - $msg = "Error: ACL 'default' is empty, will use default 'block all'"; + $msg = "ACL 'default' is empty, will use default 'block all'"; $sg_tag_def->items[] = "# $msg"; $sg_tag_def->items[] = "pass none"; $sg_tag_def->items[] = "redirect " . sg_redirector_base_url('', RMOD_INT_ERRORPAGE); - sg_addlog("sg_create_config: $msg.", 2); + sg_addlog("sg_create_config", "$msg.", SQUIDGUARD_ERROR); } # --- ACL end --- @@ -1014,7 +1074,7 @@ function sg_create_simple_config($blk_dbhome, $blk_destlist, $redirect_to = "404 # current dbhome dir if (!empty($blk_dbhome)) $dbhome = $blk_dbhome; - sg_addlog("sg_create_simple_config: Begin with dbhome='$dbhome'.", 1); + sg_addlog("sg_create_simple_config", "Begin with dbhome='$dbhome'.", SQUIDGUARD_INFO); # header $sgconf[] = CONFIG_SG_HEADER; @@ -1038,9 +1098,9 @@ function sg_create_simple_config($blk_dbhome, $blk_destlist, $redirect_to = "404 if (!empty($tmp_s)) { $tmp_s = implode("\n", $tmp_s); $sgconf[] = "dest $dst {\n $tmp_s \n}\n"; - sg_addlog("sg_create_simple_config: -- added item '$dst' = '$dbhome/$dpath'."); + sg_addlog("sg_create_simple_config", "Added item '$dst' = '$dbhome/$dpath'.", SQUIDGUARD_INFO); } else - sg_addlog("sg_create_simple_config: -- ignored empty item '$dst' = '$dbhome/$dpath'."); + sg_addlog("sg_create_simple_config", "Ignored empty item '$dst' = '$dbhome/$dpath'.", SQUIDGUARD_WARNING); } } @@ -1075,8 +1135,8 @@ function sg_redirector_base_url($rdr_info, $redirect_mode) $errmsg = ''; if (!sg_check_redirect($redirect_mode, $rdr_info, &$errmsg)) { $redirect_mode = RMOD_INT_ERRORPAGE; - $rdr_info = "Redirect settings error. $errmsg Check you configuration."; - sg_addlog("sg_redirector_base_url: ERROR: $errmsg"); + $rdr_info = "Bad redirect settings. $errmsg Check you configuration."; + sg_addlog("sg_redirector_base_url", "$errmsg", SQUIDGUARD_ERROR); } switch($redirect_mode) { @@ -1091,7 +1151,7 @@ function sg_redirector_base_url($rdr_info, $redirect_mode) default: $rdr_path .= "?url=" . rawurlencode("403 $rdr_info") . REDIRECT_URL_ARGS; break; } - sg_addlog("sg_redirector_base_url: Select redirector base url ($rdr_path)"); + sg_addlog("sg_redirector_base_url", "Select redirector base url ($rdr_path)", SQUIDGUARD_INFO); return $rdr_path; } @@ -1376,30 +1436,30 @@ function sg_reconfigure_blacklist($source_filename, $opt = '') $sf = trim($source_filename); $sf_contents = ''; - sg_addlog("sg_reconfigure_blacklist: Begin with '$sf'.", 1); + sg_addlog("sg_reconfigure_blacklist", "Begin with '$sf'.", SQUIDGUARD_INFO); # 1. check system sg_check_system(); # 2. upload if ($sf[0] === "/") { # local file - example '/tmp/blacklists.tar' - sg_addlog("sg_reconfigure_blacklist: Update from file '$sf'.", 1); + sg_addlog("sg_reconfigure_blacklist", "Update from file '$sf'.", SQUIDGUARD_INFO); if (file_exists($sf)) { $sf_contents = file_get_contents($sf); } else { - sg_addlog("sg_reconfigure_blacklist: Error, file '$sf' not found.", 2); + sg_addlog("sg_reconfigure_blacklist", "File '$sf' not found.", SQUIDGUARD_ERROR); return; } } # from url else { - sg_addlog("sg_reconfigure_blacklist: Upload from url '$sf'.", 1); + sg_addlog("sg_reconfigure_blacklist", "Upload from url '$sf'.", SQUIDGUARD_INFO); $sf_contents = sg_uploadfile_from_url($sf, BLK_LOCALFILE, $opt); } # 3. update if (empty($sf_contents)) { - sg_addlog("sg_reconfigure_blacklist: Error content from '$sf'.", 2); + sg_addlog("sg_reconfigure_blacklist", "Bad content from '$sf'.", SQUIDGUARD_ERROR); return; } # save black list archive content to local file @@ -1430,7 +1490,7 @@ function sg_update_blacklist($from_file) $tmp_unpack_dir = SQUIDGUARD_TMP . SQUIDGUARD_BL_UNPACK; $arc_db_dir = SQUIDGUARD_VAR . SG_BLK_ARC; - sg_addlog("sg_update_blacklist: Begin with '$from_file'.", 1); + sg_addlog("sg_update_blacklist", "Begin with '$from_file'.", SQUIDGUARD_INFO); if (file_exists($from_file)) { # check work and DB dir's @@ -1446,7 +1506,7 @@ function sg_update_blacklist($from_file) # 1. unpack archive mwexec("tar zxvf $from_file -C $tmp_unpack_dir"); set_file_access($tmp_unpack_dir, OWNER_NAME, 0755); - sg_addlog("sg_update_blacklist: Unpack uploaded file '$from_file' -> '$tmp_unpack_dir'.", 1); + sg_addlog("sg_update_blacklist", "Unpack uploaded file '$from_file' -> '$tmp_unpack_dir'.", SQUIDGUARD_INFO); # 2. copy blacklist to squidGuard base & create entries list if (file_exists($tmp_unpack_dir)) { @@ -1470,7 +1530,7 @@ function sg_update_blacklist($from_file) if (file_exists($current_dbpath)) mwexec("rm -R $current_dbpath"); mwexec("mv -f {$val['path']}/ $current_dbpath"); - sg_addlog("sg_update_blacklist: Move {$val['path']}/ -> $current_dbpath.", 1); + sg_addlog("sg_update_blacklist", "Move {$val['path']}/ -> $current_dbpath.", SQUIDGUARD_INFO); } } set_file_access($arc_db_dir, OWNER_NAME, 0755); @@ -1490,14 +1550,14 @@ function sg_update_blacklist($from_file) # $blklist_file = "{$squidguard_config[F_WORKDIR]}/" . SQUIDGUARD_BLK_ENTRIES; # file_put_contents($blklist_file, implode("\n", array_keys($blk_items))); # set_file_access ($blklist_file, OWNER_NAME, 0755); - sg_addlog("sg_update_blacklist: Create DB entries list '$blklist_file'.", 1); + sg_addlog("sg_update_blacklist", "Create DB entries list '$blklist_file'.", SQUIDGUARD_INFO); } # make rebuild config (included all found dest items) & save to work dir $conf_path = SQUIDGUARD_VAR . DB_REBUILD_BLK_CONF; # "/tmp/squidGuard_rebuild_blk.conf"; file_put_contents($conf_path, sg_create_simple_config($arc_db_dir, $blk_list)); set_file_access($conf_path, OWNER_NAME, 0755); - sg_addlog("sg_update_blacklist: Create rebuild config '$conf_path'.", 1); + sg_addlog("sg_update_blacklist", "Create rebuild config '$conf_path'.", SQUIDGUARD_INFO); # *** SH script *********************************************** $sh_scr = Array(); @@ -1537,7 +1597,7 @@ function sg_update_blacklist($from_file) # mwexec("kill `ps auxw | grep \"$shfile\" | grep -v \"grep\" | awk '{print $2}'`"); # sh script mwexec("kill `ps auxw | grep \"squidGuard_blk_rebuild\" | grep -v \"grep\" | awk '{print $2}'`"); # squidGuard process mwexec_bg("nice -n 5 $shfile"); - sg_addlog("sg_update_blacklist: Started sh script '$shfile'.", 1); + sg_addlog("sg_update_blacklist", "Started sh script '$shfile'.", SQUIDGUARD_INFO); # clearing temp # mwexec("rm -R $bl_temp"); @@ -1574,7 +1634,7 @@ function sg_blacklist_rebuild_db() $workdir = $squidguard_config[F_WORKDIR]; # current dbhome and work dir's - sg_addlog("sg_blacklist_rebuild_db: Start with path '$dbhome'.", 1); + sg_addlog("sg_blacklist_rebuild_db", "Start with path '$dbhome'.", SQUIDGUARD_INFO); # make dest list $blklist_file = "$workdir/" . SQUIDGUARD_BLK_ENTRIES; @@ -1597,7 +1657,7 @@ function sg_uploadfile_from_url($url_file, $destination_file, $proxy = '') { conf_mount_rw(); # open destination file - sg_addlog("sg_uploadfile_from_url: begin url'$url_file' proxy'$proxy'", 1); + sg_addlog("sg_uploadfile_from_url", "Begin url'$url_file' proxy'$proxy'", SQUIDGUARD_INFO); $result = ''; $ch = curl_init(); @@ -1622,7 +1682,7 @@ function sg_uploadfile_from_url($url_file, $destination_file, $proxy = '') curl_close ($ch); if (!empty($destination_file)) file_put_contents($destination_file, $result); - else sg_addlog("sg_uploadfile_from_url: Error upload file", 2); + else sg_addlog("sg_uploadfile_from_url", "Can't upload file", SQUIDGUARD_ERROR); # for test file_put_contents(BLK_LOCALFILE, $result); @@ -1676,15 +1736,15 @@ function restore_arc_blacklist() # copy arc blacklist to work DB with permissions mwexec("cp -R -p $arc_db_dir/ $dbhome"); set_file_access($dbhome, OWNER_NAME, 0755); - sg_addlog("restore_arc_blacklist: Restore blacklist archive from '$arc_db_dir'.", 1); + sg_addlog("restore_arc_blacklist", "Restore blacklist archive from '$arc_db_dir'.", SQUIDGUARD_INFO); # copy black list file copy($arc_blklist_file, $blklist_file); set_file_access($blklist_file, OWNER_NAME, 0755); - sg_addlog("restore_arc_blacklist: Restore black list file from '$arc_blklist_file' to '$blklist_file'.", 1); + sg_addlog("restore_arc_blacklist", "Restore black list file from '$arc_blklist_file' to '$blklist_file'.", SQUIDGUARD_INFO); conf_mount_ro(); } else { - sg_addlog("restore_arc_blacklist: Error, file '$arc_db_dir' or '$blklist_file' not found.", 2); + sg_addlog("restore_arc_blacklist", "File '$arc_db_dir' or '$blklist_file' not found.", SQUIDGUARD_ERROR); } } @@ -2076,6 +2136,95 @@ function acl_remove_blacklist_items($items) return $items; } +# ----------------------------------------------------------------------------- +# sg_script_logrotate +# ----------------------------------------------------------------------------- +function sg_script_logrotate() +{ + global $squidguard_config; + $sglogname = $squidguard_config[F_LOGDIR] . "/" . SQUIDGUARD_LOGFILE; + $res = +<< $val) { + if (strpos($config['cron']['item'][$key]['command'], $task_key) !== false) { + unset($config['cron']['item'][$key]); + $flag_cron_upd = true; + break; + } + } + } + + # set new cron task + if (($on_off === true) and !empty($cron_item)) { + $config['cron']['item'][] = $cron_item; + $flag_cron_upd = true; + } + + # write config and configure cron only if cron task modified + if ($flag_cron_upd === true) { + write_config("Installed cron task '$task_key' for 'squidGuard' package"); + configure_cron(); + } + } + else { + # ! error $name ! + return; + } +} + + # @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ # classes # @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ diff --git a/config/squidGuard/squidguard_default.xml b/config/squidGuard/squidguard_default.xml index 6c9c4c95..bcb6d41b 100644 --- a/config/squidGuard/squidguard_default.xml +++ b/config/squidGuard/squidguard_default.xml @@ -2,48 +2,45 @@ - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - - squidguarddefault - none - Proxy filter SquidGuard: Default - /usr/local/pkg/squidguard.inc - - - - General settings - /pkg_edit.php?xml=squidguard.xml&id=0 - - - Default - /pkg_edit.php?xml=squidguard_default.xml&id=0 - - - - ACL - /pkg.php?xml=squidguard_acl.xml - - - Destinations - /pkg.php?xml=squidguard_dest.xml - - - Times - /pkg.php?xml=squidguard_time.xml - - - Rewrites - /pkg.php?xml=squidguard_rewr.xml - - - Log - /pkg_edit.php?xml=squidguard_log.xml&id=0 - - - - + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + squidguarddefault + none + Proxy filter SquidGuard: Default + /usr/local/pkg/squidguard.inc + + + General settings + /pkg_edit.php?xml=squidguard.xml&id=0 + + + Default + /pkg_edit.php?xml=squidguard_default.xml&id=0 + + + + ACL + /pkg.php?xml=squidguard_acl.xml + + + Destinations + /pkg.php?xml=squidguard_dest.xml + + + Times + /pkg.php?xml=squidguard_time.xml + + + Rewrites + /pkg.php?xml=squidguard_rewr.xml + + + Log + /squidGuard/squidguard_log.php + + + Default destination dest @@ -120,24 +117,23 @@ select - Enable log + Log enablelog - Check this for enable log. + Check this for log this item. checkbox - - - + + squidguard_validate_acl(&$_POST, &$input_errors); - - + + squidguard_before_form_acl(&$pkg, false); - - - squidGuard_print_javascript(); - - - + + + squidGuard_print_javascript(); + + + // squidguard_resync(); - + \ No newline at end of file diff --git a/config/squidGuard/squidguard_dest.xml b/config/squidGuard/squidguard_dest.xml index 97f87167..bf252661 100644 --- a/config/squidGuard/squidguard_dest.xml +++ b/config/squidGuard/squidguard_dest.xml @@ -2,51 +2,47 @@ - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - - squidguarddest - none - Proxy filter SquidGuard: Destinations - /usr/local/pkg/squidguard.inc - - A proxy server user has been deleted. - A proxy server user has been created/modified. - - - - General settings - /pkg_edit.php?xml=squidguard.xml&id=0 - - - Default - /pkg_edit.php?xml=squidguard_default.xml&id=0 - - - ACL - /pkg.php?xml=squidguard_acl.xml - - - Destinations - /pkg.php?xml=squidguard_dest.xml - - - - Times - /pkg.php?xml=squidguard_time.xml - - - Rewrites - /pkg.php?xml=squidguard_rewr.xml - - - Log - /pkg_edit.php?xml=squidguard_log.xml&id=0 - - - - + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + squidguarddest + none + Proxy filter SquidGuard: Destinations + /usr/local/pkg/squidguard.inc + A proxy server user has been deleted. + A proxy server user has been created/modified. + + + General settings + /pkg_edit.php?xml=squidguard.xml&id=0 + + + Default + /pkg_edit.php?xml=squidguard_default.xml&id=0 + + + ACL + /pkg.php?xml=squidguard_acl.xml + + + Destinations + /pkg.php?xml=squidguard_dest.xml + + + + Times + /pkg.php?xml=squidguard_time.xml + + + Rewrites + /pkg.php?xml=squidguard_rewr.xml + + + Log + /squidGuard/squidguard_log.php + + + Destination name name @@ -71,9 +67,8 @@ Description description - - - + + Name name @@ -164,10 +159,10 @@ 2 - Enable log + Log enablelog checkbox - Check this for enable log. + Check this for log this item. Description @@ -176,15 +171,14 @@ input 90 - - - - + + + squidguard_validate_destination($_POST, &$input_errors); - - - - + + + + squidGuard_print_javascript(); - + \ No newline at end of file diff --git a/config/squidGuard/squidguard_log.xml b/config/squidGuard/squidguard_log.xml index ed3c7a9d..654c0917 100644 --- a/config/squidGuard/squidguard_log.xml +++ b/config/squidGuard/squidguard_log.xml @@ -5,15 +5,12 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squidguardlog none Proxy filter SquidGuard: Log /usr/local/pkg/squidguard.inc - A proxy server user has been deleted. A proxy server user has been created/modified. - General settings @@ -41,17 +38,17 @@ Log - /pkg_edit.php?xml=squidguard_log.xml&id=0 + /squidGuard/squidguard_log.php - +enabled Log type logtype - select + input access_log @@ -61,8 +58,67 @@ + + Log type + logtype + + listtopic +Ext + access_log + + + + + + + + + + Log type + logtype + + input + access_log + + + + + + + + + + + Log type + logtype2 + + input + access_log + + + + + + + + + + + Log type + logtype1 + + input + access_log + + + + + + + + + - squidguard_before_form_log(&$pkg); @@ -73,4 +129,4 @@ - + \ No newline at end of file diff --git a/config/squidGuard/squidguard_rewr.xml b/config/squidGuard/squidguard_rewr.xml index f92a855b..4a2a71f3 100644 --- a/config/squidGuard/squidguard_rewr.xml +++ b/config/squidGuard/squidguard_rewr.xml @@ -5,12 +5,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squidguardrewrite none Proxy filter SquidGuard: Rewrites /usr/local/pkg/squidguard.inc - General settings @@ -39,10 +37,9 @@ Log - /pkg_edit.php?xml=squidguard_log.xml&id=0 + /squidGuard/squidguard_log.php - Name @@ -53,7 +50,6 @@ description - Name @@ -77,13 +73,13 @@ Target URL or regular expression targeturl input - 45 + 35 Replace to URL replaceto input - 45 + 35 Opt. @@ -111,9 +107,9 @@ - Enable log + Log enablelog - Check this for enable log. + Check this for log this item. checkbox @@ -129,7 +125,6 @@ 100 - squidGuard_print_javascript(); @@ -139,4 +134,4 @@ // squidguard_resync_rewrite(); - + \ No newline at end of file diff --git a/config/squidGuard/squidguard_time.xml b/config/squidGuard/squidguard_time.xml index f4d7ee06..83347fad 100644 --- a/config/squidGuard/squidguard_time.xml +++ b/config/squidGuard/squidguard_time.xml @@ -5,15 +5,12 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squidguardtime none Proxy filter SquidGuard: Times /usr/local/pkg/squidguard.inc - A proxy server user has been deleted. A proxy server user has been created/modified. - General settings @@ -42,10 +39,9 @@ Log - /pkg_edit.php?xml=squidguard_log.xml&id=0 + /squidGuard/squidguard_log.php - Timename @@ -130,7 +126,6 @@ 80 - squidGuard_print_javascript(); @@ -140,4 +135,4 @@ // squidguard_resync_time(); - + \ No newline at end of file -- cgit v1.2.3