From 4e0750a32049e7309d762466efd0ab73bd5d4d78 Mon Sep 17 00:00:00 2001 From: "D. V. Serg" Date: Thu, 15 May 2008 06:07:24 +0000 Subject: Change interface(adding whitelist opt) and blacklist procedure. --- packages/squidGuard/squidguard.inc | 265 ++++---- packages/squidGuard/squidguard_configurator.inc | 826 ++++++++++++------------ 2 files changed, 546 insertions(+), 545 deletions(-) (limited to 'packages/squidGuard') diff --git a/packages/squidGuard/squidguard.inc b/packages/squidGuard/squidguard.inc index 6ddaf67c..88779180 100644 --- a/packages/squidGuard/squidguard.inc +++ b/packages/squidGuard/squidguard.inc @@ -92,9 +92,9 @@ define('BLACKLIST_DEFAULT_URL', 'http://ftp.teledanmark.no/pub/www/proxy/squidG define('BLACKLIST_DEFAULT_URL1', 'http://squidguard.mesd.k12.or.us/blacklists.tgz'); // 3.5Mb define('BLACKLIST_DEFAULT_URL2', 'http://blacklist.dansguardian.org/cgi-bin/download.pl?type=download&file=bigblacklist'); define('BLACKLIST_TMP_FILE', '/var/tmp/blacklists.tar.gz'); -define('BLACKLIST_BTN_STD', 'Upload Std'); define('BLACKLIST_BTN_URL', 'Upload Url'); -define('BLACKLIST_BTN_FILE', 'Upload File'); +define('BLACKLIST_BTN_LAST', 'Restore last'); + define('BLACKLIST_LOGFILE', 'blacklist.log'); define('APPLY_BTN', 'Apply'); @@ -142,45 +142,33 @@ function squidguard_validate_acl($post, $input_errors) { // check unique name if (!check_unique_name(MODULE_ACL, $name)) - $input_errors[] = "Name '$name' already exists"; + $input_errors[] = "Name '$name' already exists."; } // store destinations to 'dest' value foreach ($post as $key => $val) { if (substr_count($key, PREFLD_UPTIME) != 0) { $name = str_replace(PREFLD_UPTIME, '', $key); - if ($name) - $pass_up[$name] = 'on'; - } - elseif (substr_count($key, PREFLD_UPTIME_DENY) != 0) { - $name = str_replace(PREFLD_UPTIME_DENY, '', $key); - if ($name) - $deny_up[$name] = 'on'; + if ($name) { + switch($val) { + case "allow": $pass_up_val .= " $name"; break; + case "white": $pass_up_val .= " ^$name"; break; + case "deny" : $pass_up_val .= " !$name"; break; + } + } } elseif (substr_count($key, PREFLD_OVERTIME) != 0) { $name = str_replace(PREFLD_OVERTIME, '', $key); - if ($name) - $pass_over[$name] = 'on'; - } - elseif (substr_count($key, PREFLD_OVERTIME_DENY) != 0) { - $name = str_replace(PREFLD_OVERTIME_DENY, '', $key); - if ($name) - $deny_over[$name] = 'on'; + if ($name) { + switch($val) { + case "allow": $pass_over_val .= " $name"; break; + case "white": $pass_over_val .= " ^$name"; break; + case "deny" : $pass_over_val .= " !$name"; break; + } + } } } - foreach ($pass_up as $key => $val) { - if ($deny_up[$key]) - $pass_up_val .= " !$key"; - else $pass_up_val .= " $key"; - } - - foreach ($pass_over as $key => $val) { - if ($deny_over[$key]) - $pass_over_val .= " !$key"; - else $pass_over_val .= " $key"; - } - // !ATTENTION! on pfSense XML config must be must(shell) be '!all' instead of 'none' - it is a must for correct work GUI // if not exists key 'all', then add 'none' - default 'deny all' @@ -358,6 +346,12 @@ function squidguard_resync() { if ($url) sg_reconfigure_blacklist($url, $proxy); } + + // blacklist restore last (if exists) + if ($submit == BLACKLIST_BTN_LAST) { + restore_arc_blacklist(); + } + // apply changes if ($submit == APPLY_BTN) { # write_config('Update squidGuard options.'); // store, if not 'Save' button @@ -443,30 +437,8 @@ function get_pkg_items_list($pkg_gui_name, $fieldname) { # ============================================================================== # Before form # ============================================================================== - -// ----------------------------------------------------------------------------- -// squidguard_before_form_src -- ### will deleted ### -// ----------------------------------------------------------------------------- -function squidguard_before_form_src($pkg) { - global $config; - global $g; - $i=0; - foreach($pkg['fields']['field'] as $field) { - if ($field['fieldname'] == 'order') { - $fld = &$pkg['fields']['field'][$i]; - $img_up = ""; - $img_down = ""; - $s = "$img_up $img_down
Move to: " . $fld['description']; - $fld['description'] = $s; - } - $i++; - } -} -// ----------------------------------------------------------------------------- -// squidguard_before_form_dest -// ----------------------------------------------------------------------------- +# squidguard_before_form_dest +# ------------------------------------------------------------------------------ function squidguard_before_form_dest($pkg) { global $config; $expr_names = ''; @@ -493,15 +465,15 @@ function squidguard_before_form_dest($pkg) { } } -// ----------------------------------------------------------------------------- -// squidguard_before_form -// ----------------------------------------------------------------------------- +# ------------------------------------------------------------------------------ +# squidguard_before_form +# ------------------------------------------------------------------------------ function squidguard_before_form($pkg) { $i=0; foreach($pkg['fields']['field'] as $field) { // blacklist controls - if ($field['fieldname'] == 'blacklist') { + if ($field['fieldname'] == 'blacklist_url') { $fld = &$pkg['fields']['field'][$i]; $fld['description'] .= make_grid_blacklist(); // insert to description custom controls } @@ -595,51 +567,67 @@ function squidguard_before_form_acl($pkg, $is_acl=true) { $pss = str_replace(']', '', $acl_dest); $pss = explode(' ', $pss); foreach($pss as $val) { - $name = str_replace('!', '', $val); + $name = $val; + $name = str_replace('!', '', $name); + $name = str_replace('^', '', $name); if ($val == '[') { $overtime = 'yes'; continue; } elseif ($val == ']') { break; } if (empty($overtime)) { - if($val[0] != '!') - $acls_up[$name] = 'pass'; - else $acls_up[$name] = 'deny'; + if (!empty($val)) { + switch($val[0]) { + case '!': $acls_up[$name] = 'deny'; break; + case '^': $acls_up[$name] = 'white'; break; + default : $acls_up[$name] = 'allow'; break; + } + } } else { - if($val[0] != '!') - $acls_over[$name] = 'pass'; - else $acls_over[$name] = 'deny'; + if (!empty($val)) { + switch($val[0]) { + case '!': $acls_over[$name] = 'deny'; break; + case '^': $acls_over[$name] = 'white'; break; + default : $acls_over[$name] = 'allow'; break; + } + } } } } // --- Destinations --- $general_cfg = $config['installedpackages'][MODULE_GENERAL]['config'][0]; - $dest_cfg = $config['installedpackages'][MODULE_DESTINATION]['config']; + $dest_cfg = $config['installedpackages'][MODULE_DESTINATION]['config']; // Blacklist if ($general_cfg['blacklist'] == 'on') { $blk_entries = sg_entries_blacklist(); if (!empty($blk_entries)) { foreach($blk_entries as $dst) - $dest_items[] = array ('name'=>$dst, 'upt_value'=>$acls_up[$dst], - 'ovt_value'=>$acls_over[$dst], 'description'=>''); + $dest_items[] = array ('name'=>$dst, + 'upt_value'=>$acls_up[$dst], + 'ovt_value'=>$acls_over[$dst], + 'description'=>''); } } // User destinations if ($dest_cfg) { foreach($dest_cfg as $dst) - $dest_items[] = array ('name'=>$dst[FLD_NAME], 'upt_value'=>$acls_up[$dst[FLD_NAME]], - 'ovt_value'=>$acls_over[$dst[FLD_NAME]], 'description'=>$dst[FLD_DESCRIPTION]); + $dest_items[] = array ('name'=>$dst[FLD_NAME], + 'upt_value'=>$acls_up[$dst[FLD_NAME]], + 'ovt_value'=>$acls_over[$dst[FLD_NAME]], + 'description'=>$dst[FLD_DESCRIPTION]); } // Default all - $dest_items[] = array('name'=>FLT_DEFAULT_ALL, 'upt_value'=>$acls_up[FLT_DEFAULT_ALL], - 'ovt_value'=>$acls_over[FLT_DEFAULT_ALL], 'description'=>'Default access'); + $dest_items[] = array('name'=>FLT_DEFAULT_ALL, + 'upt_value'=>$acls_up[FLT_DEFAULT_ALL], + 'ovt_value'=>$acls_over[FLT_DEFAULT_ALL], + 'description'=>'Default access'); $i=0; foreach($pkg['fields']['field'] as $field) { if (($field['fieldname'] == 'dest')/* || ($field['fieldname'] == 'overdest')*/) { $fld = &$pkg['fields']['field'][$i]; - $fld['description'] .= make_grid_controls('checkbox', $dest_items, $is_acl); // insert to description custom controls + $fld['description'] .= make_grid_controls('', $dest_items, $is_acl); // insert to description custom controls } $i++; } @@ -842,26 +830,32 @@ function make_grid_general_items($id = '') { global $config; + $bg_color = "bgcolor='#dddddd'"; $res = ''; $res .= ""; if ($id == '') { // Apply - $res .= " - + $res .= " + "; // service state $sgstate = "STOPPED"; - if (is_service_running("squidGuard")) $sgstate = "STARTED"; - $res .= ""; + if (is_service_running("squidGuard")) + $sgstate = "STARTED"; + + if (is_blacklist_update_started()) { + $sgstate .= "
Wait: began updating the blacklist.
New data will be available after some time.
After the upgrade, it is necessary to check the configuration."; + } + $res .= ""; } else if ($id == 'gui_log') { if ($config['installedpackages']['squidguardgeneral']['config'][0]['view_gui_log'] == 'on') { $log_content = sg_getlog(50); $log_content = str_replace("\n","
", $log_content); - $res .= ""; - $res .= ""; + $res .= ""; + $res .= ""; } } @@ -873,13 +867,14 @@ function make_grid_general_items($id = '') // make_grid_blacklist // ----------------------------------------------------------------------------- function make_grid_blacklist() { - // button 'Upload URL' - $res = "
"; - if (file_exists(SG_INFO_FILE)) - $res .= "
Rebuild status:" . - str_replace("\n", "
", file_get_contents(SG_INFO_FILE) . - ""); - return $res; + $res = ''; + + // button 'Upload URL' + $res = "
"; + // button 'Restore last blacklist' + $res .= " "; + + return $res; } // ----------------------------------------------------------------------------- @@ -907,49 +902,83 @@ function make_grid_controls($type, $items, $enable_overtime = true) { $upt_val = $item['upt_value']; $ovt_val = $item['ovt_value']; $description = $item['description']; - $upt_on = ''; - $upt_deny = ''; - $ovt_on = ''; - $ovt_deny = ''; - if ($upt_val) $upt_on = 'CHECKED'; - if ($upt_val == 'deny') $upt_deny = 'CHECKED'; + $sel = "selected=\"selected\""; + $upt_A = $upt_B = $upt_C = $upt_D = ''; + switch($upt_val) { + case "allow": $upt_B = $sel; break; + case "white": $upt_C = $sel; break; + case "deny" : $upt_D = $sel; break; + default: $upt_A = $sel; break; + } - if ($ovt_val) $ovt_on = 'CHECKED'; - if ($ovt_val == 'deny') $ovt_deny = 'CHECKED'; + $ovt_A = $ovt_B = $ovt_C= $ovt_D = ''; + switch($ovt_val) { + case "allow": $ovt_B = $sel; break; + case "white": $ovt_C = $sel; break; + case "deny" : $ovt_D = $sel; break; + default: $ovt_A = $sel; break; + } + unset($sel); $tbl .= ""; // uptime table - $tbl .= ""; + $tnm = PREFLD_UPTIME . $name; + $tbl .= ""; $tbl .= ""; - $tbl .= ""; - $tbl .= ""; + $tbl .= ""; + $tbl .= ""; + // overtime table if ($enable_overtime) { - $tbl .= ""; + $tnm = PREFLD_OVERTIME . $name; + $tbl .= ""; $tbl .= ""; - $tbl .= ""; - $tbl .= ""; - } else { - + $tbl .= ""; + $tbl .= ""; } $tbl .= ""; } + # header if (!empty($tbl)) { $thdr = ''; + $hdr1up = "Destinations in uptime"; + $hdr1ov = "Destinations in overtime"; + $hdr2up = "Select destinations for uptime rule."; + $hdr2ov = "Select destination for overtime rule."; + $hds3 = "Access option priority: 1-'white'(whitelist), 2-'deny'(blacklist), 3-'allow', 4-all rule('allow' ro 'deny')."; if ($enable_overtime) { - $thdr = "" . - "" . - "" . - "" . - ""; + $thdr = + "" . + "" . + ""; // formatting $thdr .= ""; } else { - $thdr = "" . - ""; + $thdr = "" . + "" . + ""; // formatting $thdr .= ""; } @@ -1254,21 +1283,6 @@ function convert_pfxml_to_sgxml() { # function convert_pfxml_to_sgxml_source($pfconfig) { $sgxml = array(); -/* -# --- previous ver --- - $pfxml = $pfconfig['installedpackages']['squidguardsrc']['config']; - if (is_array($pfxml)) { - foreach($pfxml as $pfx) { - $sgx = array(); - $sgx[FLD_NAME] = $pfx['name']; - $sgx[FLD_IP] = $pfx['iplist']; - $sgx[FLD_DOMAINS] = $pfx[FLD_DOMAINS]; - $sgx[FLD_LOG] = $pfx['enablelog']; - $sgx[FLD_DESCRIPTION] = $pfx['description']; - $sgxml[FLD_ITEM][] = $sgx; - } - } -*/ $pfxml = $pfconfig['installedpackages']['squidguardacl']['config']; if (is_array($pfxml)) { foreach($pfxml as $pfx) { @@ -1290,7 +1304,6 @@ function convert_pfxml_to_sgxml_source($pfconfig) { // ----------------------------------------------------------------- function convert_pfxml_to_sgxml_destination($pfconfig) { $sgxml = array(); - $pfxml = $pfconfig['installedpackages']['squidguarddest']['config']; if (is_array($pfxml)) { foreach($pfxml as $pfx) { @@ -1451,4 +1464,4 @@ function convert_pfxml_to_sgxml_default($pfconfig) { return $sgx; } -?> \ No newline at end of file +?> diff --git a/packages/squidGuard/squidguard_configurator.inc b/packages/squidGuard/squidguard_configurator.inc index df293258..ba6d9d1a 100644 --- a/packages/squidGuard/squidguard_configurator.inc +++ b/packages/squidGuard/squidguard_configurator.inc @@ -101,11 +101,9 @@ define('REDIRECT_URL_ARGS', '&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u'); # ------------------------------------------------------------------------------ # squidguard system defines # ------------------------------------------------------------------------------ -# !check this! define('SQUID_CONFIGFILE', '/usr/local/etc/squid/squid.conf'); define('TMP_DIR', '/var/tmp'); -# not need for check define('SQUIDGUARD_CONFIGFILE', '/squidGuard.conf'); define('SQUIDGUARDCONF_LOGFILE', '/sg_configurator.log'); define('SQUIDGUARD_ACCESSBLOCK_FILE', 'block.log'); @@ -115,6 +113,9 @@ define('SQUIDGUARD_WORKDIR_DEF', '/usr/local/etc/squidGuard'); define('SQUIDGUARD_BINPATH_DEF', '/usr/local/bin'); define('SQUIDGUARD_TMP', '/var/tmp/squidGuard'); // SG temp define('SQUIDGUARD_VAR', '/var/squidGuard'); // SG variables +define('SQUIDGUARD_STATE', '/squidGuard.state'); +define('SQUIDGUARD_STATE', '/squidGuard.state'); +define('SQUIDGUARD_REBUILD', '/squidGuard.rebuild'); # DB home catalog contains 'Blacklist' and 'User' sub-catalogs define('SQUIDGUARD_DBHOME_DEF', '/var/db/squidGuard'); @@ -129,10 +130,14 @@ define('BLACKLIST_ARCHIVE', '/blacklists.tar'); define('BLK_LOCALFILE', '/tmp/sg_blacklists.tar'); define('DB_REBUILD_SH', '/tmp/squidGuard_db_rebuild.sh'); define('DB_REBUILD_CONF', '/tmp/squidGuard_db_rebuild.conf'); +define('DB_REBUILD_BLK_CONF', '/squidGuard_blk_rebuild.conf'); define('BLK_TEMP', '/tmp/sg_blk'); define('SG_BLK_ARC', '/arcdb'); // blk db archive define('SG_INFO_FILE', '/var/squidGuard/sg_db_upd.inf'); +# errors +define('SG_ERR0', "Error! Check squidGuard configuration data."); + # ------------------------------------------------------------------------------ # debug options # ------------------------------------------------------------------------------ @@ -143,10 +148,9 @@ define('DEBUG_MAKE_SQUIDGUARD_CONFIG', 'true'); # GUI options define('SQUIDGUARD_LOG_MAXCOUNT', 1000); // max log lines # 0-all, 1-medium; 2-low -define('SQUIDGUARD_LOG_LEVEL', 1); +define('SQUIDGUARD_LOG_LEVEL', 0); # ------------------------------------------------------------------------------ -# define('FLT_DEFAULT_ALL', 'all'); define('FLT_NOTALLOWIP', '!in-addr'); @@ -154,8 +158,10 @@ define('FLT_NOTALLOWIP', '!in-addr'); # owner user name (squid system user - need for define rights access) # ------------------------------------------------------------------------------ define('OWNER_NAME', 'proxy'); + +# ------------------------------------------------------------------------------ +# Debug # ------------------------------------------------------------------------------ -# define('DEBUG_ON', 'true'); # ============================================================================== @@ -178,9 +184,9 @@ define('FLT_WAREZ', 'warez'); # ============================================================================== # SquidGuard Configurator # ============================================================================== -$squidguard_config = array(); // squidGuard config array +$squidguard_config = array(); # squidGuard config array -// call default init +# call default init sg_init(); # ------------------------------------------------------------------------------ @@ -255,11 +261,10 @@ function sg_init($init = '') { $squidguard_config[FLD_BINPATH] = SQUIDGUARD_BINPATH_DEF; $squidguard_config[FLD_SQUIDCONFIGFILE] = SQUID_CONFIGFILE; $squidguard_config[FLD_PROCCESSCOUNT] = REDIRECTOR_PROCESS_COUNT; - sg_addlog("sg_init: default initialization squidguard_config"); } else { $squidguard_config = $init; - sg_addlog("sg_init: ext initialization squidguard_config"); } + sg_addlog("sg_init: Start.", 0); return $squidguard_config; } @@ -271,15 +276,15 @@ function sg_load_configxml($filename) { sg_init(); if (file_exists($filename)) { $xmlconf = file_get_contents($filename); - sg_addlog("sg_load_configxml: load config from $filename", 1); + sg_addlog("sg_load_configxml: Begin with '$filename'", 1); if (!empty($xmlconf)) { $squidguard_config = $xmlconf[FLD_SQUIDGUARD]; - sg_addlog("sg_load_configxml: update config success.", 1); + sg_addlog("sg_load_configxml: Update success.", 1); } else - sg_addlog("sg_load_configxml: update config error.", 2); + sg_addlog("sg_load_configxml: Error - nothing for update from '$filename'.", 2); } else - sg_addlog("sg_load_configxml: error load config from $filename - file not exists.", 2); + sg_addlog("sg_load_configxml: Error file '$filename' not exists.", 2); } # ------------------------------------------------------------------------------ @@ -297,7 +302,9 @@ function sg_save_configxml($filename) { # ------------------------------------------------------------------------------ function sg_reconfigure() { global $squidguard_config; - sg_addlog("sg_reconfigure: start."); + $conf_file = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFIGFILE; + + sg_addlog("sg_reconfigure: Begin.", 0); // 1. check system sg_check_system(); @@ -306,31 +313,27 @@ function sg_reconfigure() { sg_reconfigure_user_db(); // 3. generate squidGuard config - $conf_file = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFIGFILE; - $conf = sg_build_config(); + $conf = sg_create_config(); if ($conf) { -# $conf = implode("\n", $conf); if ($squidguard_config[FLD_WORKDIR]) $conf_file = $squidguard_config[FLD_WORKDIR] . SQUIDGUARD_CONFIGFILE; file_put_contents($conf_file, $conf); file_put_contents('/usr/local/etc/squid' . SQUIDGUARD_CONFIGFILE, $conf); // << squidGuard want config '/usr/local/etc/squid' by default - set_file_access($squidguard_config[FLD_WORKDIR], OWNER_NAME, 0755); - sg_addlog("sg_reconfigure: generate squidGuard config and save to $conf_file.", 1); + set_file_access($squidguard_config[FLD_WORKDIR], OWNER_NAME, 0664); + sg_addlog("sg_reconfigure: Generate squidGuard config and save to '$conf_file'.", 1); } // 4. reconfigure squid squid_reconfigure(); - - sg_addlog("sg_reconfigure: end."); } -// ------------------------------------------------------------ -// squid_reconfigure -// Insert in '/usr/local/squid/etc/squid.conf' options: -// redirector_bypass on -// redirect_program /usr/local/squidGuard/bin/squidGuard -c /path_to_config_file -// redirect_children 1 -// ------------------------------------------------------------ +# ------------------------------------------------------------------------------ +# squid_reconfigure +# Insert in '/usr/local/squid/etc/squid.conf' options: +# redirector_bypass on +# redirect_program /usr/local/squidGuard/bin/squidGuard -c /path_to_config_file +# redirect_children 1 +# ------------------------------------------------------------------------------ function squid_reconfigure($remove_only = '') { global $config; @@ -338,7 +341,7 @@ function squid_reconfigure($remove_only = '') { $conf = ''; $cust_opt = $config['installedpackages']['squid']['config'][0]['custom_options']; - sg_addlog("squid_reconfigure: begin"); + sg_addlog("squid_reconfigure: Begin.", 0); // remove old options if (!empty($cust_opt)) { @@ -350,7 +353,7 @@ function squid_reconfigure($remove_only = '') { (strpos($t_opt, REDIRECT_CHILDREN_OPT) === 0)) unset($conf[$key]); } - sg_addlog("squid_reconfigure: remove old redirector options from Squid config.", 1); + sg_addlog("squid_reconfigure: Remove old redirector options from Squid config.", 1); } // add new options - if squidGuard enabled @@ -363,22 +366,22 @@ function squid_reconfigure($remove_only = '') { $conf[] = REDIRECT_BYPASS_OPT . " on"; $conf[] = REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT; - sg_addlog("squid_reconfigure: add new redirector options to Squid config.", 1); + sg_addlog("squid_reconfigure: Add new redirector options to Squid config.", 1); } // update config if (is_array($conf)) $conf = implode(";", $conf); $config['installedpackages']['squid']['config'][0]['custom_options'] = $conf; - write_config('Update squidGuard option to squid config.'); + write_config('Update redirector options to squid config.'); squid_resync(); } -// ------------------------------------------------------------ -// sg_check_system -// - check squidguard catalog's and access right's -// ------------------------------------------------------------ +# ------------------------------------------------------------------------------ +# sg_check_system +# - check squidguard catalog's and access right's +# ------------------------------------------------------------------------------ function sg_check_system() { global $squidguard_config; @@ -387,10 +390,9 @@ function sg_check_system() { if (!empty($work_dir)) { // check dir's if (!file_exists($work_dir)) { - mwexec("mkdir -p " . $work_dir); - sg_addlog("Create work dir $work_dir", 1); - // set access right - set_file_access($work_dir, OWNER_NAME, 0755); + mwexec("mkdir -p $work_dir"); + set_file_access($work_dir, OWNER_NAME, 0664); + sg_addlog("sg_check_system: Create work dir '$work_dir'.", 1); } } unset($work_dir); @@ -399,12 +401,12 @@ function sg_check_system() { $log_dir = $squidguard_config[FLD_LOGDIR]; if (!empty($log_dir)) { if (!file_exists($log_dir)) { - mwexec("mkdir -p " . $log_dir); - sg_addlog("Create log dir $log_dir", 1); + mwexec("mkdir -p $log_dir"); + sg_addlog("sg_check_system: Create log dir '$log_dir'.", 1); } // set access right - need start any time; // (SG possible start from console and log file will have only root access) - set_file_access($log_dir, OWNER_NAME, 0755); + set_file_access($log_dir, OWNER_NAME, 0664); } unset($log_dir); @@ -413,10 +415,10 @@ function sg_check_system() { if (!empty($db_dir)) { if (!file_exists($db_dir)) { mwexec("mkdir -p $db_dir"); - $sg_addlog("Create db dir $db_dir", 1); + sg_addlog("sg_check_system: Create db dir '$db_dir'.", 1); } // set access right - set_file_access($db_dir, OWNER_NAME, 0755); + set_file_access($db_dir, OWNER_NAME, 0664); } unset($db_dir); } @@ -430,98 +432,91 @@ function sg_reconfigure_user_db() { global $squidguard_config; $dbhome = $squidguard_config[FLD_DBHOME]; - sg_addlog("sg_reconfigure_user_db: begin at '$dbhome'", 1); + sg_addlog("sg_reconfigure_user_db: Begin with '$dbhome'", 1); // create user DB catalog, if not extsts if (!file_exists($dbhome)) { - if (!mkdir($dbhome, 0755)) { - sg_addlog("sg_reconfigure_user_db: ERROR create user DB directory $dbhome", 2); + if (!mkdir($dbhome, 0664)) { + sg_addlog("sg_reconfigure_user_db: Error create user DB directory '$dbhome'.", 2); return; } - set_file_access($dbhome, OWNER_NAME, 0755); - sg_addlog("sg_reconfigure_user_db: Create user DB directory $dbhome", 1); + set_file_access($dbhome, OWNER_NAME, 0664); + sg_addlog("sg_reconfigure_user_db: Create user DB directory '$dbhome'.", 1); } // update destinations to db $dests = $squidguard_config[FLD_DESTINATIONS]; if(!empty($dests)){ $dst_names = Array(); - $dst_list = Array(); // destinations list + $dst_list = Array(); - sg_addlog("sg_reconfigure_user_db: add user entries", 1); + sg_addlog("sg_reconfigure_user_db: Add user entries", 1); foreach($dests[FLD_ITEM] as $dst) { $path = "$dbhome/" . $dst[FLD_NAME]; - $dst_names[] = $path; + $dst_names[] = $path; $dst_list["usr_{$dst[FLD_NAME]}"] = $dst[FLD_NAME]; // 1. check destination catalog and create them, if need if (!file_exists($path)) { - if (!mkdir ($path, 0755)) { - sg_addlog("sg_reconfigure_user_db: ERROR create dir $path", 2); + if (!mkdir ($path, 0664)) { + sg_addlog("sg_reconfigure_user_db: Error create dir '$path'.", 2); return; } - sg_addlog("sg_reconfigure_user_db: Create dir $path", 1); + sg_addlog("sg_reconfigure_user_db: Create dir '$path'.", 1); } // 2. build domains file $domains = $dst[FLD_DOMAINS]; if (!empty($domains)) { - $content = str_replace(" ", "\n", $domains); - $content = trim($content); + $content = trim(str_replace(" ", "\n", $domains)); file_put_contents($path . '/domains', $content); - sg_addlog("sg_reconfigure_user_db: -- add {$dst[FLD_NAME]} domains '$domains'", 1); + sg_addlog("sg_reconfigure_user_db: -- add {$dst[FLD_NAME]} domains '$domains';", 1); } unset($domains); // 3. build urls file $urls = $dst[FLD_URLS]; if (!empty($urls)) { - $content = str_replace(" ", "\n", $urls); - $content = trim($content); + $content = trim(str_replace(" ", "\n", $urls)); file_put_contents($path . '/urls', $content); - sg_addlog("sg_reconfigure_user_db: -- add {$dst[FLD_NAME]} urls '$content'", 1); + sg_addlog("sg_reconfigure_user_db: -- add {$dst[FLD_NAME]} urls '$content';", 1); } unset($urls); // 4. build expression file $expr = $dst[FLD_EXPRESSIONS]; if (!empty($expr)) { - $content = str_replace("|", " ", $expr); - $content = trim($content); // delete first and last unnecessary '|' symbols + $content = trim(str_replace("|", " ", $expr)); // delete first and last unnecessary '|' symbol $content = str_replace(" ", "|", $content); file_put_contents($path . '/expressions', $content); - sg_addlog("sg_reconfigure_user_db: -- add {$dst[FLD_NAME]} expressions '$content'", 1); + sg_addlog("sg_reconfigure_user_db: -- add {$dst[FLD_NAME]} expressions '$content';", 1); } unset($expr); } - // 4. recursive set files access - set_file_access($dbhome, OWNER_NAME, 0755); + // 5. recursive set files access + set_file_access($dbhome, OWNER_NAME, 0664); - // 5. rebuild user db ('/var/db/squidGuard') + // 6. rebuild user db ('/var/db/squidGuard') sg_rebuild_db("_usrdb", $dbhome, $dst_list); - } else - sg_addlog("sg_reconfigure_user_db: STOPPED; User destinations list empty", 2); + sg_addlog("sg_reconfigure_user_db: Nothing. User destinations list empty.", 2); - // 6. remove unused db entries + // 7. remove unused db entries sg_remove_unused_db_entries(); - - sg_addlog("sg_reconfigure_user_db: end.", 1); } -// ------------------------------------------------------------ -// sg_remove_unused_db_entries -// - remove unused DB entries -// ------------------------------------------------------------ +# ------------------------------------------------------------------------------ +# sg_remove_unused_db_entries +# ------------------------------------------------------------------------------ function sg_remove_unused_db_entries() { global $squidguard_config; $db_entries = array(); $file_list = ''; - $dbhome = $squidguard_config[FLD_DBHOME]; + $dbhome = $squidguard_config[FLD_DBHOME]; $workdir = $squidguard_config[FLD_WORKDIR]; - sg_addlog("sg_remove_unused_db_entries: begin"); + sg_addlog("sg_remove_unused_db_entries: Begin.", 0); // black list entries // * worked only with 'blacklist entries list file - else may be deleted black list entry @@ -541,8 +536,9 @@ function sg_remove_unused_db_entries() { // diff between file list and entries list $file_list = scan_dir($dbhome); - if (is_array($file_list) and is_array($db_entries)) + if (is_array($file_list) and is_array($db_entries)) { $file_for_del = array_diff($file_list, $db_entries); + } // delete if (is_array($file_for_del) and !empty($file_for_del)) { @@ -550,10 +546,10 @@ function sg_remove_unused_db_entries() { $file_fd = "$dbhome/$fd"; if (($fd != "") && ($fd != ".") && ($fd != "..")) { if (file_exists($file_fd)) { - mwexec("rm -R . $file_fd"); - sg_addlog("sg_remove_unused_db_entries: Removed file '$file_fd'", 1); + mwexec("rm -R $file_fd"); + sg_addlog("sg_remove_unused_db_entries: Removed file '$file_fd'.", 1); } else - sg_addlog("sg_remove_unused_db_entries: File $file_fd not found", 2); + sg_addlog("sg_remove_unused_db_entries: File'$file_fd' not found.", 2); } } } @@ -569,7 +565,6 @@ function sg_remove_unused_db_entries() { # dest_DB_path - path without '$rdb_dbhome' # example: ['ads_ban']='ads/banners' -> '/var/db/squidGuard/ads/banners' # ------------------------------------------------------------------------------ - function sg_rebuild_db($shtag, $rdb_dbhome, $rdb_itemslist) { global $squidguard_config; $conf = ''; @@ -585,7 +580,7 @@ function sg_rebuild_db($shtag, $rdb_dbhome, $rdb_itemslist) { $conf_path = "/tmp/squidGuard_rebuild.conf" . $shtag; // make rebuild config; include all found dest items - $conf = sg_create_rebuild_config($dbhome, $rdb_itemslist); + $conf = sg_create_simple_config($dbhome, $rdb_itemslist); file_put_contents($conf_path, $conf); set_file_access($conf_path, OWNER_NAME, 0750); sg_addlog("sg_rebuild_db: Create temporary config '$conf_path'.", 1); @@ -594,8 +589,7 @@ function sg_rebuild_db($shtag, $rdb_dbhome, $rdb_itemslist) { $sh_scr = Array(); $sh_scr[] = "#!/bin/sh"; $sh_scr[] = "cd $dbhome"; - $cmd = $squidguard_config[FLD_BINPATH] . "/squidGuard -c $conf_path -C all"; - $sh_scr[] = $cmd; + $sh_scr[] = $squidguard_config[FLD_BINPATH] . "/squidGuard -c $conf_path -C all"; $sh_scr[] = "wait"; // wait while SG rebuild DB // set DB owner and right access @@ -609,77 +603,16 @@ function sg_rebuild_db($shtag, $rdb_dbhome, $rdb_itemslist) { $shfile = DB_REBUILD_SH . $shtag; file_put_contents($shfile, $sh_scr); set_file_access($shfile, OWNER_NAME, 0750); - mwexec_bg($shfile); + # ! not background exec ! + mwexec($shfile); sg_addlog("sg_rebuild_db: Started SH script '$shfile'.", 1); - sg_addlog("sg_rebuild_db: End."); } +# ============================================================================== +# Log # ------------------------------------------------------------------------------ -# sg_create_rebuild_config -# Create config for DB rebuilding -# Default rule - block all -# Variables: -# $blk_dbhome - temporary DB home dir, may be different with DBHOME -# $blk_destlist - is array as [dst_name] = 'path', -# where path - catalog without dbhome path -# For example: dbhome is '/var/db/squidGuard/', -# path can be 'usr/ads' or 'bl/poxy' +# sg_addlog # ------------------------------------------------------------------------------ -function sg_create_rebuild_config($blk_dbhome, $blk_destlist) { - global $squidguard_config; - $sgconf = array(); - $logdir = $squidguard_config[FLD_LOGDIR]; - $dbhome = $squidguard_config[FLD_DBHOME]; - - // current dbhome dir - if (!empty($blk_dbhome)) $dbhome = $blk_dbhome; - sg_addlog("sg_create_rebuild_config: Begin with dbhome='$dbhome'.", 1); - - // header - $sgconf[] = CONFIG_SG_HEADER; - - // init section - $sgconf[] = "logdir $logdir"; - $sgconf[] = "dbhome $dbhome"; - $sgconf[] = ""; - - // destination section - if (is_array($blk_destlist)) { - foreach($blk_destlist as $dst => $dpath) { - $tmp_s = array(); - // check item elements - if (file_exists("$dbhome/$dpath/domains")) $tmp_s[] = "\t domainlist $dpath/domains"; - if (file_exists("$dbhome/$dpath/urls")) $tmp_s[] = "\t urllist $dpath/urls"; - if (file_exists("$dbhome/$dpath/expressions")) $tmp_s[] = "\t expressionlist $dpath/expressions"; - // create only valid items - if (!empty($tmp_s)) { - $sgconf[] = "dest $dst {"; - $sgconf[] = implode("\n", $tmp_s); - $sgconf[] = "}"; - $sgconf[] = ""; - sg_addlog("sg_create_rebuild_config: -- added item '$dst' = '$dbhome/$dpath'.", 1); - } else - sg_addlog("sg_create_rebuild_config: -- ignored empty item '$dst' = '$dbhome/$dpath'.", 2); - } - } - - // acl section - $sgconf[] = "acl {"; - $sgconf[] = "\t default {"; - $sgconf[] = "\t\t pass all"; // yes, now this 'pass all' - this is only temp config - $sgconf[] = "\t\t redirect " . sg_redirector_base_url('404', true); // use sgerror only! - $sgconf[] = "\t }"; - $sgconf[] = "}"; - - sg_addlog("sg_create_rebuild_config: End."); - return implode("\n", $sgconf); -} - -// ============================================================ -// Log -// ------------------------------------------------------------ -// sg_addlog -// ------------------------------------------------------------ function sg_addlog($log, $level = 0) { global $squidguard_config; @@ -698,7 +631,7 @@ function sg_addlog($log, $level = 0) { if (file_exists($squidguard_config[FLD_LOGDIR])) $logfile = $squidguard_config[FLD_LOGDIR] . SQUIDGUARDCONF_LOGFILE; } else - $log_content[] = "$dt : " . "sg_addlog: ERROR: squidguard_config is empty"; + $log_content[] = "$dt : " . "sg_addlog: Error: squidguard_config is empty"; $tmplog = ''; if (file_exists($logfile)) @@ -712,9 +645,9 @@ function sg_addlog($log, $level = 0) { file_put_contents($logfile, implode("\n", $log_content)); } -// ------------------------------------------------------------ -// sg_getlog -// ------------------------------------------------------------ +# ------------------------------------------------------------------------------ +# sg_getlog +# ------------------------------------------------------------------------------ function sg_getlog($last_entries_count) { global $squidguard_config; $log_content = ''; @@ -737,108 +670,29 @@ function sg_getlog($last_entries_count) { return $log_content; } -# ------------------------------------------------------------- -# sg_build_default_config -# default rule - block all -# $dest_list - is array as [dst_name] = path, where path - without dbhome -# For example: dbhome is '/var/db/squidGuard', path can be 'usr/ads' or 'bl/poxy' -# ------------------------------------------------------------- -function sg_build_default_config() { - global $squidguard_config; - $sgconf = array(); - - // header - $sgconf[] = CONFIG_SG_HEADER; - // init section - $sgconf[] = "logdir {$squidguard_config[FLD_LOGDIR]}"; - $sgconf[] = "dbhome {$squidguard_config[FLD_DBHOME]}"; - $sgconf[] = ""; - // acl section - $sgconf[] = "acl {"; - $sgconf[] = "\t default {"; - $sgconf[] = "\t\t pass none"; - $sgconf[] = "\t\t redirect " . sg_redirector_base_url('404 Check proxy filter settings on errors.', true); # use only sgerror.php - $sgconf[] = "\t }"; - $sgconf[] = "}"; - - sg_addlog("sg_build_default_config: ATTENTION! Created default configuration. All content will blocked.", 2); - sg_addlog("sg_build_default_config: End."); - return implode("\n", $sgconf); -} - -// ------------------------------------------------------------------------------------------------ -// sg_redirector_base_url -// $url - url where redirect to -// $use_internal - ignore 'Redirect mode' option, use internal (for rebuild config, for example) -// ------------------------------------------------------------------------------------------------ -function sg_redirector_base_url($url, $use_internal = false) { - global $squidguard_config; - $rdr_path = ''; - - // Redirect option must have any valid URL - // 301:redirect_url - if (!$use_internal and !empty($url) and ($squidguard_config[FLD_REDIRECTMODE] === 'rmod_301')) { - $rdr_path = "301:$url"; - } - // 302:redirect_url - elseif (!$use_internal and !empty($url) and ($squidguard_config[FLD_REDIRECTMODE] === 'rmod_302')) { - $rdr_path = "302:$url"; - } - // sgerror.php - else { - $rdr_path = REDIRECT_BASE_URL; - - // check GUI port settings - if (isset($squidguard_config[FLD_CURRENT_GUI_PORT]) and !empty($squidguard_config[FLD_CURRENT_GUI_PORT])) { - $rdr_path = ":" . $squidguard_config[FLD_CURRENT_GUI_PORT] . $rdr_path; - } - - // check Lan IP port settings - $rdr_path = $squidguard_config[FLD_CURRENT_LAN_IP] . $rdr_path; - - // check GUI protocol settings - if ($squidguard_config[FLD_CURRENT_GUI_PROTO] === "https") - $rdr_path = "https://" . $rdr_path; - else $rdr_path = "http://" . $rdr_path; - - // arguments - // Attention: - // order arg's must be: first-URL, last-SG variables - // SG have bug, what broke data after his var's - $tmp_url = ltrim($url); - // not need encoded url string. only err_code line - if (eregi("^https{0,1}://", $tmp_url) === false) - $tmp_url = rawurlencode($tmp_url); - $rdr_path = $rdr_path . "?url=" . $tmp_url . REDIRECT_URL_ARGS; // rawurlencode($tmp_url) . REDIRECT_URL_ARGS; - unset($tmp_url); - } - - sg_addlog("sg_redirector_base_url: select redirector base url ($rdr_path)", 1); - sg_addlog("sg_redirector_base_url: End."); - return $rdr_path; -} -// ------------------------------------------------------------ -// sg_build_config -// ------------------------------------------------------------ -function sg_build_config() { +# ============================================================================== +# make config +# ============================================================================== +# sg_create_config +# ------------------------------------------------------------------------------ +function sg_create_config() { global $squidguard_config; $sgconf = array(); -# $redirect_base_url = REDIRECT_BASE_URL; - sg_addlog("sg_build_config: create squidGuard config."); + sg_addlog("sg_create_config: Create squidGuard config."); if(!is_array($squidguard_config)) { - sg_addlog("sg_build_config: error configuration in squidguard_config.", 2); - return sg_build_default_config(); + sg_addlog("sg_create_config: Error configuration in squidguard_config.", 2); + return sg_create_simple_config('', '', SG_ERR0 . " (sg_create_config: [1])."); } // check configuration data - sg_addlog("sg_build_config: checking configuration data."); + sg_addlog("sg_create_config: Checking configuration data."); $s = sg_check_config_data(); if ($s) { - sg_addlog("sg_build_config: error configuration data. It's all errors: \n$s", 2); - sg_addlog("sg_build_config: terminated.", 2); - return sg_build_default_config(); + sg_addlog("sg_create_config: Error configuration data. It's all errors: \n$s", 2); + sg_addlog("sg_create_config: Terminated.", 2); + return sg_create_simple_config('', '', SG_ERR0 . " (sg_create_config: [2])."); } unset($s); @@ -851,7 +705,7 @@ function sg_build_config() { // --- Times --- if ($squidguard_config[FLD_TIMES]) { - sg_addlog("sg_build_config: add times", 1); + sg_addlog("sg_create_config: add times", 1); foreach($squidguard_config[FLD_TIMES][FLD_ITEM] as $tm) { $sgconf[] = ""; if ($tm[FLD_DESCRIPTION]) @@ -873,7 +727,7 @@ function sg_build_config() { // --- Sources --- if ($squidguard_config[FLD_SOURCES]) { - sg_addlog("sg_build_config: add sources", 1); + sg_addlog("sg_create_config: add sources", 1); foreach($squidguard_config[FLD_SOURCES][FLD_ITEM] as $src) { $sgconf[] = ""; if ($src[FLD_DESCRIPTION]) @@ -905,7 +759,7 @@ function sg_build_config() { if (($squidguard_config[FLD_BLACKLISTENABLED] === 'on') and $db_entries) { $log_entr_added = ''; $log_entr_ignored = ''; - sg_addlog("sg_build_config: add blacklist entries", 1); + sg_addlog("sg_create_config: add blacklist entries", 1); foreach($db_entries as $key => $ent) { $ent_state = array(); $file_dms = $squidguard_config[FLD_DBHOME] . "/$ent/domains"; @@ -945,16 +799,16 @@ function sg_build_config() { // log 'added' if (!empty($log_entr_added)) - sg_addlog("sg_build_config: added: \n $log_entr_added \n", 1); + sg_addlog("sg_create_config: added: \n $log_entr_added \n", 1); // log 'ignored' if (!empty($log_entr_ignored)) - sg_addlog("sg_build_config: ignored: \n $log_entr_ignored \n", 2); + sg_addlog("sg_create_config: ignored: \n $log_entr_ignored \n", 2); } // --- Destinations --- if ($squidguard_config[FLD_DESTINATIONS]) { - sg_addlog("sg_build_config: add destinations", 1); + sg_addlog("sg_create_config: add destinations", 1); $sgconf[] = ""; $log_entr_added = ''; foreach($squidguard_config[FLD_DESTINATIONS][FLD_ITEM] as $dst) { @@ -978,13 +832,13 @@ function sg_build_config() { } // log if (!empty($log_entr_added)) - sg_addlog("sg_build_config: added: \n $log_entr_added \n", 1); - else sg_addlog("sg_build_config: added: Nothing.", 1); + sg_addlog("sg_create_config: added: \n $log_entr_added \n", 1); + else sg_addlog("sg_create_config: added: Nothing.", 1); } // --- Rewrites --- if ($squidguard_config[FLD_REWRITES]) { - sg_addlog("sg_build_config: add rewrites.", 1); + sg_addlog("sg_create_config: add rewrites.", 1); $log_entr_added = ''; $log_entr_err = ''; foreach($squidguard_config[FLD_REWRITES][FLD_ITEM] as $rew) { @@ -1002,20 +856,19 @@ function sg_build_config() { } // log if (!empty($log_entr_added)) - sg_addlog("sg_build_config: added: \n $log_entr_added", 1); + sg_addlog("sg_create_config: added: \n $log_entr_added", 1); if (!empty($log_entr_err)) - sg_addlog("sg_build_config: ERROR: \n $log_entr_err ", 2); - else sg_addlog("sg_build_config: added: Nothing.", 1); + sg_addlog("sg_create_config: ERROR: \n $log_entr_err ", 2); + else sg_addlog("sg_create_config: added: Nothing.", 1); } # ---------------------------------------- $entry_blacklist = sg_entries_blacklist(); // --- ACL --- - $sgconf[] = ""; $sgconf[] = "acl {"; if ($squidguard_config[FLD_ACLS]) { - sg_addlog("sg_build_config: add ACL", 1); + sg_addlog("sg_create_config: add ACL", 1); $log_entr_added = ''; foreach($squidguard_config[FLD_ACLS][FLD_ITEM] as $acl) { @@ -1025,19 +878,25 @@ function sg_build_config() { // delete blacklist entries from 'pass' if blacklist disabled if (is_array($entry_blacklist) and !empty($entry_blacklist)) { - foreach($entry_blacklist as $entry) { - $tk = array_search($entry, $tarray); - if ($tk !== false) unset ($tarray[$tk]); + foreach($entry_blacklist as $entry) { + $tk = array_search($entry, $tarray); + if ($tk !== false) unset ($tarray[$tk]); + + $tk = array_search("!$entry", $tarray); + if ($tk !== false) unset($tarray[$tk]); - $tk = array_search("!$entry", $tarray); - if ($tk !== false) unset($tarray[$tk]); + $tk = array_search("^$entry", $tarray); + if ($tk !== false) unset($tarray[$tk]); - $tk = array_search($entry, $varray); - if ($tk !== false) unset ($varray[$tk]); + $tk = array_search($entry, $varray); + if ($tk !== false) unset ($varray[$tk]); - $tk = array_search("!$entry", $varray); - if ($tk !== false) unset ($varray[$tk]); - } + $tk = array_search("!$entry", $varray); + if ($tk !== false) unset ($varray[$tk]); + + $tk = array_search("^$entry", $varray); + if ($tk !== false) unset ($varray[$tk]); + } } $acl[FLD_DESTINATIONNAME] = implode (" ", $tarray); @@ -1103,13 +962,13 @@ function sg_build_config() { } // log if (!empty($log_entr_added)) - sg_addlog("sg_build_config: added: \n $log_entr_added \n", 1); - else sg_addlog("sg_build_config: added: Nothing.", 1); + sg_addlog("sg_create_config: added: \n $log_entr_added \n", 1); + else sg_addlog("sg_create_config: added: Nothing.", 1); } // --- Default --- $def = $squidguard_config[FLD_DEFAULT]; - sg_addlog("sg_build_config: add Default", 1); + sg_addlog("sg_create_config: add Default", 1); if ($def) { // delete blacklist entries from 'pass' if blacklist disabled if ($squidguard_config[FLD_BLACKLISTENABLED] !== 'on') { @@ -1145,7 +1004,7 @@ function sg_build_config() { } // if def else { - sg_addlog("sg_build_config: error - ACL 'default' is empty, use as default 'block all'.", 2); + sg_addlog("sg_create_config: error - ACL 'default' is empty, use as default 'block all'.", 2); $sgconf[] = "\t default { "; $sgconf[] = "\t\t pass none"; $sgconf[] = "\t\t redirect " . sg_redirector_base_url(''); # $redirect_base_url; @@ -1156,10 +1015,121 @@ function sg_build_config() { $sgconf[] = "}"; return implode("\n", $sgconf); -# return $sgconf; } +# ------------------------------------------------------------------------------ +# sg_create_simple_config +# Create config for DB rebuilding +# Default rule - block all +# Variables: +# $blk_dbhome - temporary DB home dir, may be different with DBHOME +# $blk_destlist - is array as [dst_name] = 'path', +# where path - catalog without dbhome path +# For example: dbhome is '/var/db/squidGuard/', +# path can be 'usr/ads' or 'bl/poxy' +# $redirect_to - redirector string +# ------------------------------------------------------------------------------ +function sg_create_simple_config($blk_dbhome, $blk_destlist, $redirect_to = "404") { + global $squidguard_config; + $sgconf = array(); + $logdir = $squidguard_config[FLD_LOGDIR]; + $dbhome = $squidguard_config[FLD_DBHOME]; + + // current dbhome dir + if (!empty($blk_dbhome)) $dbhome = $blk_dbhome; + sg_addlog("sg_create_simple_config: Begin with dbhome='$dbhome'.", 1); + + // header + $sgconf[] = CONFIG_SG_HEADER; + + // init section + $sgconf[] = "logdir $logdir"; + $sgconf[] = "dbhome $dbhome"; + $sgconf[] = ""; + + // destination section + if (is_array($blk_destlist)) { + foreach($blk_destlist as $dst => $dpath) { + $tmp_s = array(); + + // check item elements + if (file_exists("$dbhome/$dpath/domains")) $tmp_s[] = "\t domainlist $dpath/domains"; + if (file_exists("$dbhome/$dpath/urls")) $tmp_s[] = "\t urllist $dpath/urls"; + if (file_exists("$dbhome/$dpath/expressions")) $tmp_s[] = "\t expressionlist $dpath/expressions"; + + // create only valid items + if (!empty($tmp_s)) { + $tmp_s = implode("\n", $tmp_s); + $sgconf[] = "dest $dst {\n $tmp_s \n}\n"; + sg_addlog("sg_create_simple_config: -- added item '$dst' = '$dbhome/$dpath'."); + } else + sg_addlog("sg_create_simple_config: -- ignored empty item '$dst' = '$dbhome/$dpath'."); + } + } + + // acl section + $sgconf[] = "acl {\n\t default {\n\t\t pass all "; + $sgconf[] = "\t\t redirect " . sg_redirector_base_url($redirect_to, true); // use sgerror only! + $sgconf[] = "\t } \n}"; + + sg_addlog("sg_create_simple_config: End."); + return implode("\n", $sgconf); +} + +# ------------------------------------------------------------------------------------------------- +# sg_redirector_base_url +# $url - url where redirect to +# $use_internal - ignore 'Redirect mode' option, use internal (for rebuild config, for example) +# +# ------------------------------------------------------------------------------------------------- +function sg_redirector_base_url($url, $use_internal = false) { + global $squidguard_config; + $rdr_path = ''; + + // Redirect option must have any valid URL + // 301:redirect_url + $rdrmode = $squidguard_config[FLD_REDIRECTMODE]; + if (!$use_internal and !empty($url) and ($rdrmode === 'rmod_301')) { + $rdr_path = "301:$url"; + } + // 302:redirect_url + elseif (!$use_internal and !empty($url) and ($rdrmode === 'rmod_302')) { + $rdr_path = "302:$url"; + } + // sgerror.php + else { + $rdr_path = REDIRECT_BASE_URL; + + // check GUI port settings + if (isset($squidguard_config[FLD_CURRENT_GUI_PORT]) and !empty($squidguard_config[FLD_CURRENT_GUI_PORT])) { + $rdr_path = ":" . $squidguard_config[FLD_CURRENT_GUI_PORT] . $rdr_path; + } + + // check Lan IP port settings + $rdr_path = $squidguard_config[FLD_CURRENT_LAN_IP] . $rdr_path; + + // check GUI protocol settings + if ($squidguard_config[FLD_CURRENT_GUI_PROTO] === "https") + $rdr_path = "https://" . $rdr_path; + else $rdr_path = "http://" . $rdr_path; + + // arguments + // Attention: + // order arg's must be: first-URL, last-SG variables + // SG have bug, what broke data after his var's + $tmp_url = ltrim($url); + // not need encoded url string. only err_code line + if (eregi("^https{0,1}://", $tmp_url) === false) + $tmp_url = rawurlencode($tmp_url); + $rdr_path = "{$rdr_path}?url={$tmp_url}" . REDIRECT_URL_ARGS; + unset($tmp_url); + } + + sg_addlog("sg_redirector_base_url: Select redirector base url ($rdr_path)"); + return $rdr_path; +} + // ------------------------------------------------------------ -// +// sg_aclpass_reorder // ------------------------------------------------------------ function sg_aclpass_reorder($pass) { $ar_pass = explode(" ", $pass); @@ -1167,17 +1137,22 @@ function sg_aclpass_reorder($pass) { // 'pass' order: if (is_array($ar_pass)) { $pass_end = ''; - $pass_fst = array(); - $pass_lst = array(); + $pass_fst = array(); // whitelist - '^' prefix (will deleted) + $pass_sec = array(); // blacklist - '!' prefix + $pass_lst = array(); // allow foreach ($ar_pass as $val) { $tk = trim($val); if ($tk === 'all' or $tk === 'none') - $pass_end = $val; + $pass_end = $val; + elseif (strpos($tk, "^") !== false) + // delete '^' prefix + $pass_fst[] = str_replace('^', '', $val); elseif (strpos($tk, "!") !== false) - $pass_lst[] = $val; - else $pass_fst[] = $val; + $pass_sec[] = $val; + else + $pass_lst[] = $val; } - $ar_pass = array_merge($pass_fst, $pass_lst); + $ar_pass = array_merge($pass_fst, $pass_sec, $pass_lst); $ar_pass[] = $pass_end; } return implode(" ", $ar_pass); @@ -1313,7 +1288,9 @@ function sg_check_config_data () { // check destinations if ($acl[FLD_DESTINATIONNAME]) { - $acldest = str_replace("!", "", $acl[FLD_DESTINATIONNAME]); + $acldest = $acl[FLD_DESTINATIONNAME]; + $acldest = str_replace("!", "", $acldest); + $acldest = str_replace("^", "", $acldest); $acldest = explode(" ", $acldest); $key_acldest = array_count_values($acldest); foreach($acldest as $adest) { @@ -1332,7 +1309,9 @@ function sg_check_config_data () { // check overtime destinations if ($time) { if ($acl[FLD_OVERDESTINATIONNAME]) { - $acloverdest = str_replace("!", "", $acl[FLD_OVERDESTINATIONNAME]); + $acloverdest = $acl[FLD_OVERDESTINATIONNAME]; + $acloverdest = str_replace("!", "", $acloverdest); + $acloverdest = str_replace("^", "", $acloverdest); $acloverdest = explode(" ", $acloverdest); $key_acloverdest = array_count_values($acloverdest); foreach($acloverdest as $adest) { @@ -1377,7 +1356,9 @@ function sg_check_config_data () { // check destinations if ($def[FLD_DESTINATIONNAME]) { - $defdest = str_replace("!", "", $def[FLD_DESTINATIONNAME]); + $defdest = $def[FLD_DESTINATIONNAME]; + $defdest = str_replace("!", "", $defdest); + $defdest = str_replace("^", "", $defdest); $defdest = explode(" ", $defdest); $key_defdest = array_count_values($defdest); foreach($defdest as $adest) { @@ -1425,44 +1406,37 @@ function sg_reconfigure_blacklist($source_filename, $opt = '') { $sf = trim($source_filename); $sf_contents = ''; - sg_addlog("sg_reconfigure_blacklist: start "); + sg_addlog("sg_reconfigure_blacklist: Begin with '$sf'.", 1); // 1. check system sg_check_system(); // 2. upload - sg_addlog("sg_reconfigure_blacklist: begin upload from '$sf'.", 1); if ($sf[0] === "/") { // local file - example '/tmp/blacklists.tar' + sg_addlog("sg_reconfigure_blacklist: Update from file '$sf'.", 1); if (file_exists($sf)) { $sf_contents = file_get_contents($sf); - sg_addlog("sg_reconfigure_blacklist: get file '$sf'.", 1); } else { - sg_addlog("sg_reconfigure_blacklist: ERROR: get file '$sf', file not found.", 2); + sg_addlog("sg_reconfigure_blacklist: Error, file '$sf' not found.", 2); return; } } - // url + // from url else { - sg_addlog("sg_reconfigure_blacklist: get url '$sf'.", 1); + sg_addlog("sg_reconfigure_blacklist: Upload from url '$sf'.", 1); $sf_contents = sg_uploadfile_from_url($sf, BLK_LOCALFILE, $opt); } // 3. update if (empty($sf_contents)) { - sg_addlog("sg_reconfigure_blacklist: ERROR: file content '$sf'.", 2); + sg_addlog("sg_reconfigure_blacklist: Error content from '$sf'.", 2); return; } - - // 4. save black list archive content to local file + // save black list archive content to local file file_put_contents(BLK_LOCALFILE, $sf_contents); - // 5. update blacklist + // 4. update blacklist sg_update_blacklist(BLK_LOCALFILE); - - // 6. rebuild db -# sg_full_rebuild_db(); - - sg_addlog("sg_reconfigure_blacklist: end"); } # ------------------------------------------------------------------------------ @@ -1482,113 +1456,120 @@ function sg_update_blacklist($from_file) { $tmp_unpack_dir = SQUIDGUARD_TMP . SQUIDGUARD_BL_UNPACK; $arc_db_dir = SQUIDGUARD_VAR . SG_BLK_ARC; - sg_addlog("sg_update_blacklist: begin."); + sg_addlog("sg_update_blacklist: Begin with '$from_file'.", 1); if (file_exists($from_file)) { - // check work and DB dir's + # check work and DB dir's if (file_exists($squidguard_config[FLD_DBHOME])) $dbhome = $squidguard_config[FLD_DBHOME]; if (file_exists($squidguard_config[FLD_WORKDIR])) $workdir = $squidguard_config[FLD_WORKDIR]; - // delete old tmp dir's + # delete old tmp dir's if (file_exists($tmp_unpack_dir)) mwexec("rm -R . $tmp_unpack_dir"); if (file_exists($arc_db_dir)) mwexec("rm -R . $arc_db_dir"); - // create new tmp/arc dir's - mwexec("mkdir -p -m 0750 $tmp_unpack_dir"); - mwexec("mkdir -p -m 0750 $arc_db_dir"); + # create new tmp/arc dir's + mwexec("mkdir -p -m 0664 $tmp_unpack_dir"); + mwexec("mkdir -p -m 0664 $arc_db_dir"); - // unpack archive + # 1. unpack archive mwexec("tar zxvf $from_file -C $tmp_unpack_dir"); - set_file_access($tmp_unpack_dir, OWNER_NAME, 0750); + set_file_access($tmp_unpack_dir, OWNER_NAME, 0664); sg_addlog("sg_update_blacklist: Unpack uploaded file '$from_file' -> '$tmp_unpack_dir'.", 1); - // 2. copy blacklist to squidGuard base & create entries list + # 2. copy blacklist to squidGuard base & create entries list if (file_exists($tmp_unpack_dir)) { $blk_items = array(); $blk_list = array(); - // scan blacklist items + # scan blacklist items scan_blacklist_cat($tmp_unpack_dir, "blk", & $blk_items); - // modify blacklist catalog structure to 'one level' + # move blacklist catalog structure to 'one level' (from tmp_DB to arch_DB) foreach ($blk_items as $key => $val) { $current_dbpath = "$arc_db_dir/$key"; if (count($val)) { - // make blk_list for config file + # make blk_list for config file $blk_list[$key] = $key; - // delete '$current_dbpath' for correct moving - // need moving $val['path'] to $current_dbpath - // if $current_dbpath exists, - // then $val['path'] will created as subdir - !it's worng! + # delete '$current_dbpath' for correct moving + # need moving $val['path'] to $current_dbpath + # if $current_dbpath exists, + # then $val['path'] will created as subdir - !it's worng! if (file_exists($current_dbpath)) mwexec("rm -R $current_dbpath"); mwexec("mv -f {$val['path']}/ $current_dbpath"); sg_addlog("sg_update_blacklist: Move {$val['path']}/ -> $current_dbpath.", 1); } } - // copy unrebuilded blacklist to work DB - mwexec("cp -R $arc_db_dir/ $dbhome"); + set_file_access($arc_db_dir, OWNER_NAME, 0664); + + # -- DISABLED -- copy unrebuilded blacklist from arch_DB_to work DB & set access rights +# mwexec("cp -R $arc_db_dir/ $dbhome"); +# set_file_access($dbhome, OWNER_NAME, 0664); - // create entries list + # create entries list if (count($blk_items)) { + # save to temp DB $blklist_file = SQUIDGUARD_VAR . SQUIDGUARD_BLK_ENTRIES; - - // save to temp DB file_put_contents($blklist_file, implode("\n", array_keys($blk_items))); - set_file_access ($blklist_file, OWNER_NAME, 0750); + set_file_access ($blklist_file, OWNER_NAME, 0664); - // save copy to squidGuard config dir - $blklist_file = "{$squidguard_config[FLD_WORKDIR]}/" . SQUIDGUARD_BLK_ENTRIES; - file_put_contents($blklist_file, implode("\n", array_keys($blk_items))); - set_file_access ($blklist_file, OWNER_NAME, 0750); - sg_addlog("sg_update_blacklist: create entries '$blklist_file'", 1); + # -- DISABLED -- save copy to squidGuard config dir +# $blklist_file = "{$squidguard_config[FLD_WORKDIR]}/" . SQUIDGUARD_BLK_ENTRIES; +# file_put_contents($blklist_file, implode("\n", array_keys($blk_items))); +# set_file_access ($blklist_file, OWNER_NAME, 0664); + sg_addlog("sg_update_blacklist: Create DB entries list '$blklist_file'.", 1); } - set_file_access($arc_db_dir, OWNER_NAME, 0750); - - // make rebuild config; include all found dest items - $conf_path = "/tmp/squidGuard_rebuild_blk.conf"; - $conf = sg_create_rebuild_config($arc_db_dir, $blk_list); - // copy to temp DB - file_put_contents($conf_path, $conf); - set_file_access($conf_path, OWNER_NAME, 0750); - sg_addlog("sg_update_blacklist: Create temporary config '$conf_path'.", 1); + # make rebuild config (included all found dest items) & save to work dir + $conf_path = SQUIDGUARD_VAR . DB_REBUILD_BLK_CONF; # "/tmp/squidGuard_rebuild_blk.conf"; + file_put_contents($conf_path, sg_create_simple_config($arc_db_dir, $blk_list)); + set_file_access($conf_path, OWNER_NAME, 0664); + sg_addlog("sg_update_blacklist: Create rebuild config '$conf_path'.", 1); - // *** SH script *** + # *** SH script *********************************************** $sh_scr = Array(); $sh_scr[] = "#!/bin/sh"; $sh_scr[] = "cd $arc_db_dir"; - $cmd = $squidguard_config[FLD_BINPATH] . "/squidGuard -c $conf_path -C all"; - $sh_scr[] = $cmd; - $sh_scr[] = "wait"; // wait while SG rebuild DB - - // copy temp db to '/var/db/squidGuard (-R - recursive; -p - copy access rights) - // '$bl_temp_dbhome/' - slash in end of path - copy only dir content (not self dir) - $sh_scr[] = "cp -R $arc_db_dir/ $dbhome"; - - // set DB owner and right access -# $sh_scr[] = "chown -R -v " . OWNER_NAME . " $dbhome"; - - // restart squid for changes to take effects -# $sh_scr[] = "/usr/local/sbin/squid -k reconfigure"; + $sh_scr[] = $squidguard_config[FLD_BINPATH] . "/squidGuard -c $conf_path -C all"; + $sh_scr[] = "wait"; # wait while SG rebuild DB + $sh_scr[] = "chown -R -v " . OWNER_NAME . " $arc_db_dir"; + $sh_scr[] = "chmod -R -v 0664 $arc_db_dir"; + + # copy temp db to '/var/db/squidGuard (-R - recursive; -p - copy access rights) + # '$bl_temp_dbhome/' - slash in end of path - copy only dir content (not self dir) + $sh_scr[] = "cp -R -p $arc_db_dir/ $dbhome"; + $sh_scr[] = "cp -f -p $blklist_file " . SQUIDGUARD_WORKDIR_DEF; + # set DB owner and right access + $sh_scr[] = "chown -R -v " . OWNER_NAME . " $dbhome"; + $sh_scr[] = "chmod -R -v 0664 $dbhome"; + + # if new blacklist some as already installed, then restart squid for changes to take effects + $blk_items_old = ''; + $blk_file_old = $squidguard_config[FLD_WORKDIR] . SQUIDGUARD_BLK_ENTRIES; + if (file_exists($blk_items_old)) + $blk_items_old = file_get_contents($blk_file_old); + if (!empty($blk_items_old) && ($blk_items_old === implode("\n", array_keys($blk_items)))) { + $sh_scr[] = "/usr/local/sbin/squid -k reconfigure"; + $sh_scr[] = "wait"; # wait while process + } + unset($blk_file_old); + unset($blk_items_old); - // store & exec sh + # store & exec sh $sh_scr = implode("\n", $sh_scr); $shfile = DB_REBUILD_SH . "_blk"; file_put_contents($shfile, $sh_scr); - set_file_access($shfile, OWNER_NAME, 0750); - mwexec_bg($shfile); - sg_addlog("sg_update_blacklist: started SH script '$shfile'.", 1); - - sg_remove_unused_db_entries(); + set_file_access($shfile, OWNER_NAME, 0755); # 0755 - script will execute + # kill exists rebuild processes + mwexec("kill `ps auxw | grep \"$shfile\" | grep -v \"grep\" | awk '{print $2}'`"); # sh script + mwexec("kill `ps auxw | grep \"squidGuard_blk_rebuild\" | grep -v \"grep\" | awk '{print $2}'`"); # squidGuard process + mwexec_bg("nice -n 5 $shfile"); + sg_addlog("sg_update_blacklist: Started sh script '$shfile'.", 1); // clearing temp # mwexec("rm -R $bl_temp"); } -# set_file_access($squidguard_config[FLD_DBHOME], OWNER_NAME, 0755); -# sg_full_rebuild_db(); } - sg_addlog("sg_update_blacklist: end"); } @@ -1599,42 +1580,36 @@ function sg_entries_blacklist() { global $squidguard_config; $contents = ''; $fl = SQUIDGUARD_WORKDIR_DEF . SQUIDGUARD_BLK_ENTRIES; - if (file_exists($squidguard_config[FLD_WORKDIR])) + if (file_exists($squidguard_config[FLD_WORKDIR])) { $fl = $squidguard_config[FLD_WORKDIR] . SQUIDGUARD_BLK_ENTRIES; - + } if (file_exists($fl)) { - $contents = file_get_contents($fl); - $contents = explode("\n", $contents); + $contents = explode("\n", file_get_contents($fl)); } return $contents; } -// ----------------------------------------------------------------------------- -// sg_blacklist_rebuild_db - rebuild current Blacklist DB (default: '/var/db/squidGuard') -// ----------------------------------------------------------------------------- +# ----------------------------------------------------------------------------- +# sg_blacklist_rebuild_db - rebuild current Blacklist DB (default: '/var/db/squidGuard') +# ----------------------------------------------------------------------------- function sg_blacklist_rebuild_db() { // $shtag, $rdb_dbhome, $rdb_workdir) { global $squidguard_config; $dst_list = array(); $dbhome = $squidguard_config[FLD_DBHOME]; $workdir = $squidguard_config[FLD_WORKDIR]; - // current dbhome and work dir's -# disabled in current ver -# if (!empty($rdb_dbhome)) $dbhome = $rdb_dbhome; -# if (!empty($rdb_workdir)) $workdir = $rdb_workdir; - sg_addlog("sg_blacklist_rebuild_db: Begin with path '$dbhome'.", 1); + # current dbhome and work dir's + sg_addlog("sg_blacklist_rebuild_db: Start with path '$dbhome'.", 1); - // make dest list + # make dest list $blklist_file = "$workdir/" . SQUIDGUARD_BLK_ENTRIES; if (file_exists($blklist_file)) { $blklist = explode("\n", file_get_contents($blklist_file)); if (is_array($blklist)) - foreach($blklist as $bl) - $dst_list[$bl] = $bl; + foreach($blklist as $bl) { $dst_list[$bl] = $bl; } } - // rebuild user db ('/var/db/squidGuard') + # rebuild user db ('/var/db/squidGuard') sg_rebuild_db("_blkdb", $dbhome, $dst_list); - sg_addlog("sg_blacklist_rebuild_db: End."); } # ========================== UTILS ============================================= @@ -1669,13 +1644,11 @@ function sg_uploadfile_from_url($url_file, $destination_file, $proxy = '') { curl_close ($ch); if (!empty($destination_file)) file_put_contents($destination_file, $result); - else sg_addlog("sg_uploadfile_from_url: error upload file", 2); - + else sg_addlog("sg_uploadfile_from_url: Error upload file", 2); // for test file_put_contents(BLK_LOCALFILE, $result); - sg_addlog("sg_uploadfile_from_url: end"); return $result; } @@ -1685,44 +1658,53 @@ function sg_uploadfile_from_url($url_file, $destination_file, $proxy = '') { # Set file access # ------------------------------------------------------------------------------ function set_file_access($dir, $owner, $mod) { - - if (!file_exists($dir)) return; - - chown($dir, $owner); - chgrp($dir, $owner); - chmod($dir, $mod); - - // if $dir - directory - set subitem's access - if (is_dir($dir)) { - $hd = opendir($dir); - while (($item = readdir($hd)) !== false) { - if (($item != ".") && ($item != "..")) { - $path = "$dir/$item"; - if (is_dir($path)) - set_file_access($path, $owner, $mod); - else { - chown($path, $owner); - chgrp($path, $owner); - chmod($path, $mod); - } - } - } - } + $mod = sprintf("%o", $mod); + if (!file_exists($dir)) return; + # recursive change access + mwexec("chown -R -v $owner $dir"); + mwexec("chgrp -R -v $owner $dir"); + mwexec("chmod -R -v $mod $dir"); } # ------------------------------------------------------------------------------ # scan_dir - build files listing for $dir # ------------------------------------------------------------------------------ function scan_dir($dir) { - $files = array(); - if (file_exists($dir)) { - $dh = opendir($dir); - while (false !== ($filename = readdir($dh))) { - // skip '.' and '..' names - if (($filename !== '.') and ($filename !== '..')) $files[] = $filename; - } - sort($files); - } - return $files; + $files = array(); + if (file_exists($dir)) { + $dh = opendir($dir); + while (false !== ($filename = readdir($dh))) { + // skip '.' and '..' names + if (($filename !== '.') and ($filename !== '..')) $files[] = $filename; + } + sort($files); + } + return $files; +} +# ------------------------------------------------------------------------------ +# restore_arc_blacklist - copy arc blacklist to db +# ------------------------------------------------------------------------------ +function restore_arc_blacklist() { + global $squidguard_config; + $dbhome = SQUIDGUARD_DBHOME_DEF; + $blklist_file = SQUIDGUARD_WORKDIR_DEF . SQUIDGUARD_BLK_ENTRIES; + $arc_db_dir = SQUIDGUARD_VAR . SG_BLK_ARC; + $arc_blklist_file = SQUIDGUARD_VAR . SQUIDGUARD_BLK_ENTRIES; + + sg_addlog("restore_arc_blacklist: Begin.", 0); + if (file_exists($arc_db_dir) and file_exists($arc_blklist_file)) { + + // copy arc blacklist to work DB with permissions + mwexec("cp -R -p $arc_db_dir/ $dbhome"); + set_file_access($dbhome, OWNER_NAME, 0664); + sg_addlog("restore_arc_blacklist: Restore blacklist archive from '$arc_db_dir'.", 1); + + // copy black list file + copy($arc_blklist_file, $blklist_file); + set_file_access($blklist_file, OWNER_NAME, 0664); + sg_addlog("restore_arc_blacklist: Restore black list file from '$arc_blklist_file' to '$blklist_file'.", 1); + } else { + sg_addlog("restore_arc_blacklist: Error, file '$arc_db_dir' or '$blklist_file' not found.", 2); + } } # ------------------------------------------------------------------------------ @@ -1789,21 +1771,27 @@ function is_url($url) { if (eregi("^((30[1235]{1})|(40[0-9]{1})|(41[0-7]{1})|(50[0-5]{1}))", $url)) return true; // http error code 30x, 4xx, 50x. return false; } + # ------------------------------------------------------------------------------ # check name # ------------------------------------------------------------------------------ function check_name ($name) { $err = ''; $val = trim($name); - if ((strlen($val) < 2) || (strlen($val) > 16)) $err .= " Size of name '$val' must be between [2..16]."; - // All symbols must be [a-zA-Z_0-9\-] First symbol = letter. if (!eregi("^([a-zA-Z]{1})([a-zA-Z_0-9\-]+)$", $val)) $err .= " Invalid name $name. Valid name symbols: ['a-Z', '_', '0-9', '-']. First symbol must be a letter."; - return $err; } -?> \ No newline at end of file +# ------------------------------------------------------------------------------ +# check rebuild blacklist +# ------------------------------------------------------------------------------ +function is_blacklist_update_started() { + return exec("ps auxw | grep \"[s]quidGuard_blk_rebuild\" | awk '{print $2}' | wc -l | awk '{ print $1 }'"); +} +# ------------------------------------------------------------------------------ + +?> -- cgit v1.2.3
For saving configuration YOU need click button 'Save' on bottom of page
After changing configuration Squid or squidGuard you must apply all changes
For saving configuration YOU need click button 'Save' on bottom of page
After changing configuration squidGuard you must apply all changes
SquidGuard service state: $sgstate
SquidGuard service state: $sgstate
Web GUI log (Latest 50)
$log_content
Web GUI log (Latest 50)
$log_content
$description [$name]deny accessaccess$description [$name]deny accessaccess
Destinations in uptimeDestinations in overtime
Select destinations for uptime ruleSelect destination for overtime rule.
" . - "If time not defined, this part must be ignored
$hdr1up$hdr1ov
$hdr2up$hdr2ov
If 'Time' not defined, this part must be ignored
$hds3
Destinations in uptime
Select destinations for uptime rule
$hdr1up
$hdr2up
$hds3