]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - config/urlfilter/redirect_wrapper
2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007-2012 IPFire Team <info@ipfire.org> #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 # Based on Steffen Schoch (sschoch@users.sourceforge.net) #
22 ###############################################################################
27 require '/var/ipfire/general-functions.pl';
30 $proxysettings{'ENABLE_FILTER'} = 'off';
31 $proxysettings{'ENABLE_CLAMAV'} = 'off';
32 $proxysettings{'ENABLE_UPDXLRATOR'} = 'off';
33 &General
::readhash
("${General::swroot}/proxy/settings", \
%proxysettings);
35 # define here your redirectors
38 if ($proxysettings{'ENABLE_FILTER'} eq 'on') {
39 push(@redirectors, "/usr/bin/squidGuard");
42 if ($proxysettings{'ENABLE_CLAMAV'} eq 'on') {
43 push(@redirectors, "/usr/bin/squidclamav");
46 if ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on') {
47 push(@redirectors, "/usr/sbin/updxlrator");
50 # Attention: keep in mind that the order of your redirectors is important.
51 # It doesn't make sense to scan for viruses on pages you restrict access to...
52 # So place first your tools which restrict access, then the tools which do the
55 ##### no need to change anything below this line #####
61 my $debug=0; # enable only for debugging
63 if (-e
"/var/ipfire/proxy/enable_redirector_debug") {
64 writetolog
("Urlfilter = ".$proxysettings{'ENABLE_FILTER'}." Clamav = ".$proxysettings{'ENABLE_CLAMAV'}." Updxlrator = ".$proxysettings{'ENABLE_UPDXLRATOR'});
68 # Open one instance for each redirector in the list and
69 # put them into an array with the STDIN and STDOUT file
73 foreach my $redirector (@redirectors) {
74 my $desc_out = new IO
::Handle
();
75 my $desc_in = new IO
::Handle
();
77 my $pid = open2
($desc_out, $desc_in, $redirector);
80 &writetolog
("Started an instance of $redirector with PID $pid");
83 push(@instances, [$redirector, $desc_out, $desc_in]);
91 foreach my $instance (@instances) {
92 my $redirector = @
$instance[0];
93 my $desc_out = @
$instance[1];
94 my $desc_in = @
$instance[2];
97 # Send request to the redirector.
98 $desc_in->print($line);
100 # Wait for a response.
101 $response = $desc_out->getline;
103 # Catch invalid responses from squidGuard.
104 if ($redirector eq "/usr/bin/squidGuard" && $response eq "Processing file and database") {
105 system("logger -t ipfire 'Emergency - squidGuard not initialised please run squidGuard -C all'");
109 # Writing debug output.
111 my $len_response = length($response);
113 &writetolog
("Queried $redirector for: $line");
114 &writetolog
(" --> Response ($len_response): $response");
117 # If we got a decisive response, we send it back to squid
118 # and stop querying any more redirectors.
119 if ($response =~ /^(OK|BH)/) {
121 &writetolog
(" -- Stopped querying redirectors");
129 # Send response back to squid.
131 &writetolog
("Sending back to squid: $return");
142 open(FILE
, ">>/var/log/squid/redirector_debug") || die "Unable to acces file /var/log/squid/redirector_debug";
143 print FILE
"$message\n";