]>
Commit | Line | Data |
---|---|---|
a393e0ba | 1 | #!/usr/bin/perl |
70df8302 MT |
2 | ############################################################################### |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
88d73bef | 5 | # Copyright (C) 2007-2012 IPFire Team <info@ipfire.org> # |
70df8302 MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | # Based on Steffen Schoch (sschoch@users.sourceforge.net) # | |
21 | # # | |
22 | ############################################################################### | |
a393e0ba | 23 | |
a393e0ba MT |
24 | use strict; |
25 | use IPC::Open2; | |
26 | use IO::Handle; | |
ff5ec02a | 27 | |
e775d06c | 28 | my $redirectors; |
ff5ec02a | 29 | |
d12aede7 CS |
30 | require '/var/ipfire/general-functions.pl'; |
31 | ||
32 | my %proxysettings=(); | |
e5a63a6f CS |
33 | $proxysettings{'ENABLE_FILTER'} = 'off'; |
34 | $proxysettings{'ENABLE_CLAMAV'} = 'off'; | |
35 | $proxysettings{'ENABLE_UPDXLRATOR'} = 'off'; | |
d12aede7 | 36 | &General::readhash("${General::swroot}/proxy/settings", \%proxysettings); |
a393e0ba MT |
37 | |
38 | # define here your redirectors (use a comma sperated list) | |
e775d06c CS |
39 | if ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/bin/squidclamav', '/usr/sbin/updxlrator' ];} |
40 | elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/bin/squidclamav' ];} | |
41 | elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];} | |
42 | elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidGuard' ];} | |
43 | elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidclamav', '/usr/sbin/updxlrator' ];} | |
44 | elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidclamav' ];} | |
45 | elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/sbin/updxlrator' ];} | |
46 | else { $redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];} | |
a393e0ba MT |
47 | |
48 | # Attention: keep in mind that the order of your redirectors is important. | |
49 | # It doesn't make sense to scan for viruses on pages you restrict access to... | |
50 | # So place first your tools which restrict access, then the tools which do the | |
51 | # content filtering! | |
52 | ||
a393e0ba MT |
53 | ##### no need to change anything below this line ##### |
54 | ||
55 | # init | |
56 | $| = 1; | |
57 | STDOUT->autoflush(1); | |
58 | my $line; | |
59 | my $return; | |
60 | my $i; | |
ff5ec02a | 61 | my $debug=0; # enable only for debugging |
a393e0ba | 62 | |
0acb39d3 CS |
63 | if ( -e "/var/ipfire/proxy/enable_redirector_debug" ){ |
64 | $debug = 1; | |
65 | writetolog("Urlfilter = ".$proxysettings{'ENABLE_FILTER'}." Clamav = ".$proxysettings{'ENABLE_CLAMAV'}." Updxlrator = ".$proxysettings{'ENABLE_UPDXLRATOR'}); | |
66 | } | |
e775d06c | 67 | |
a393e0ba MT |
68 | # open progamms |
69 | my $pidlist = []; | |
70 | my $rlist = []; | |
71 | my $wlist = []; | |
0acb39d3 | 72 | |
ff5ec02a | 73 | for($i = 0; $i < @$redirectors; $i++) { |
0acb39d3 CS |
74 | $pidlist->[$i] = open2($rlist->[$i], $wlist->[$i], $redirectors->[$i]); |
75 | if ($debug){ | |
76 | writetolog("Current redirector is ".$redirectors->[$i]." number ".$i." PID ".$pidlist->[$i]); | |
77 | } | |
78 | } | |
a393e0ba MT |
79 | |
80 | # wait for data... | |
81 | while($line = <>) { | |
0acb39d3 CS |
82 | $return = ""; |
83 | ||
84 | for($i = 0; $i < @$redirectors; $i++) { | |
85 | $wlist->[$i]->print($line); | |
86 | $return = $rlist->[$i]->getline; | |
87 | ||
0ba563aa | 88 | if ( $return eq "Processing file and database" ){ |
9ce08b2a | 89 | system("logger -t ipfire 'Emergency - squidGuard not initialised please run squidGuard -C all'"); |
0acb39d3 | 90 | } |
ff5ec02a | 91 | |
0ba563aa | 92 | if ($debug){ |
0acb39d3 CS |
93 | my $dline = $line;my $dreturn = $return;chomp $dline;chomp $dreturn; |
94 | if ( $return eq $line or $return eq "\n" or $return eq "" ){ | |
95 | writetolog("Request equals result by ".$redirectors->[$i]." ".$dline); | |
96 | } | |
97 | else { | |
98 | writetolog($redirectors->[$i]." answers ".$dreturn."\n Querried ".$dline); | |
99 | } | |
100 | } | |
101 | ||
102 | # break if redirector changes data | |
103 | if($return ne "\n" and $return ne $line ){ | |
104 | if ( $redirectors->[$i] ne "/usr/sbin/updxlrator"){ | |
9ce08b2a CS |
105 | if ($debug){ |
106 | writetolog($redirectors->[$i]." is stopping querry because block was found."); | |
107 | } | |
0acb39d3 CS |
108 | $i = @$redirectors; |
109 | } | |
110 | } | |
0ba563aa | 111 | } |
0acb39d3 CS |
112 | print $return; |
113 | } | |
114 | ||
a393e0ba | 115 | exit 0; |
0ba563aa CS |
116 | |
117 | sub writetolog { | |
88d73bef | 118 | open(DATEI, ">>/var/log/squid/redirector_debug") || die "Unable to acces file /var/log/squid/redirector_debug"; |
0acb39d3 | 119 | my $log = shift; |
0ba563aa CS |
120 | print DATEI $log."\n"; |
121 | close(DATEI); | |
0acb39d3 | 122 | } |