2 * AUTHOR: Pedro Lineu Orso pedro.orso@gmail.com
4 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
7 * please look at http://sarg.sourceforge.net/donations.php
8 * ---------------------------------------------------------------------
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
26 #include "include/conf.h"
27 #include "include/defs.h"
29 #define REPORT_EVERY_X_LINES 5000
36 numlist weekdays
= { { 0, 1, 2, 3, 4, 5, 6 }, 7 };
37 numlist hours
= { { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
38 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 }, 24 };
40 static void getusers(const char *pwdfile
, int debug
);
41 static void gethexclude(const char *hexfile
, int debug
);
42 static void getuexclude(const char *uexfile
, int debug
);
44 int main(int argc
,char *argv
[])
55 ISACOL_Last
//last entry of the list !
63 ILF_Last
//last entry of the list !
66 FILE *fp_in
= NULL
, *fp_denied
=NULL
, *fp_authfail
=NULL
, *fp_log
=NULL
;
68 char sz_Download_Unsort
[ 20000 ] ;
69 FILE * fp_Download_Unsort
= NULL
;
70 FILE * fp_Write_User
= NULL
;
83 char smartfilter
[MAXLEN
];
94 char hm
[15], hmf
[15], hmr
[15];
97 char hexclude
[MAXLEN
];
107 enum InputLogFormat ilf
;
108 int ilf_count
[ILF_Last
];
120 int isa_ncols
=0,isa_cols
[ISACOL_Last
];
126 long int max_elapsed
=0;
129 unsigned long recs1
=0UL;
130 unsigned long recs2
=0UL;
131 int OutputNonZero
= REPORT_EVERY_X_LINES
;
133 char download_url
[MAXLEN
];
134 char sz_Last_User
[MAXLEN
]="";
135 struct getwordstruct gwarea
;
142 UserAgentLog
[0]='\0';
143 ExcludeHosts
[0]='\0';
144 ExcludeUsers
[0]='\0';
151 ExternalCSSFile
[0]='\0';
152 SquidGuardLogFormat
[0]='\0';
153 SquidGuardLogAlternate
[0]='\0';
154 for (ilf
=0 ; ilf
<ILF_Last
; ilf
++) ilf_count
[ilf
]=0;
156 sprintf(ExcludeCodes
,"%s/exclude_codes",SYSCONFDIR
);
157 strcpy(GraphDaysBytesBarColor
,"orange");
158 strcpy(BgColor
,"#ffffff");
159 strcpy(TxColor
,"#000000");
160 strcpy(TxBgColor
,"lavender");
161 strcpy(TiColor
,"darkblue");
164 strcpy(LogoTextColor
,"#000000");
165 strcpy(HeaderColor
,"darkblue");
166 strcpy(HeaderBgColor
,"#dddddd");
167 strcpy(LogoTextColor
,"#006699");
168 strcpy(FontSize
,"9px");
169 strcpy(TempDir
,"/tmp");
170 strcpy(OutputDir
,"/var/www/html/squid-reports");
172 strcpy(DateFormat
,"u");
175 strcpy(ReplaceIndex
,"index.html");
177 strcpy(RecordsWithoutUser
,"ip");
179 strcpy(MailUtility
,"mailx");
180 strcpy(TopSitesNum
,"100");
182 strcpy(TopuserSortField
,"BYTES");
183 strcpy(UserSortField
,"BYTES");
184 strcpy(TopuserSortOrder
,"reverse");
185 strcpy(UserSortOrder
,"reverse");
186 strcpy(TopsitesSortField
,"CONNECT");
187 strcpy(TopsitesSortType
,"D");
189 strcpy(language
,"English");
190 strcpy(FontFace
,"Verdana,Tahoma,Arial");
191 strcpy(datetimeby
,"elap");
192 strcpy(CharSet
,"ISO-8859-1");
194 strcpy(PrivacyString
,"***.***.***.***");
195 strcpy(PrivacyStringColor
,"blue");
197 strcpy(TopUserFields
,"NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE");
198 strcpy(UserReportFields
,"CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE");
199 strcpy(DataFileDelimiter
,";");
200 strcpy(DataFileFields
,"user;date;time;url;connect;bytes;in_cache;out_cache;elapsed");
201 strcpy(SiteUserTimeDateType
,"table");
202 ShowReadStatistics
=1;
203 strcpy(IndexSortOrder
,"D");
206 strcpy(ParsedOutputLog
,"no");
207 strcpy(ParsedOutputLogCompress
,"/bin/gzip");
208 strcpy(DisplayedValues
,"abbreviation");
209 strcpy(HeaderFontSize
,"9px");
210 strcpy(TitleFontSize
,"11px");
211 strcpy(AuthUserFile
,"/usr/local/sarg/passwd");
212 strcpy(AuthName
,"SARG, Restricted Access");
213 strcpy(AuthType
,"basic");
214 strcpy(Require
,"require user admin %u");
215 set_download_suffix("7z,ace,arj,avi,bat,bin,bz2,bzip,cab,com,cpio,dll,doc,dot,exe,gz,iso,lha,lzh,mdb,mov,mp3,mpeg,mpg,mso,nrg,ogg,ppt,rar,rtf,shs,src,sys,tar,tgz,vcd,vob,wma,wmv,zip");
217 strcpy(Ulimit
,"20000");
218 strcpy(NtlmUserFormat
,"domainname+username");
219 strcpy(IndexTree
,"file");
220 strcpy(RealtimeTypes
,"GET,PUT,CONNECT");
221 strcpy(RealtimeUnauthRec
,"show");
222 SquidguardIgnoreDate
=0;
223 DansguardianIgnoreDate
=0;
224 strcpy(DataFileUrl
,"ip");
225 strcpy(MaxElapsed
,"28800000");
226 BytesInSitesUsersReport
=0;
227 UserAuthentication
=0;
251 UserInvalidChar
[0]='\0';
253 SquidGuardConf
[0]='\0';
254 DansGuardianConf
[0]='\0';
259 dansguardian_count
=0;
261 DeniedReportLimit
=10;
262 AuthfailReportLimit
=10;
263 DansGuardianReportLimit
=10;
264 SquidGuardReportLimit
=10;
265 DownloadReportLimit
=50;
278 realtime_access_log_lines
=1000;
284 bzero(IncludeUsers
, MAXLEN
);
285 bzero(ExcludeString
, MAXLEN
);
288 setlocale(LC_TIME
,"");
292 for(x
=0; x
<=MAXLOGS
; x
++)
293 AccessLog
[x
][0]='\0';
294 AccessLogFromCmdLine
=0;
296 language_load(language
);
297 strcpy(Title
,text
[88]);
299 while((ch
= getopt(argc
, argv
, "a:b:c:d:e:f:g:u:l:L:o:s:t:w:hijmnprvxyz")) != -1){
306 strcpy(uagent
,optarg
);
309 strcpy(hexclude
,optarg
);
312 strncpy(date
,optarg
,sizeof(date
)-1);
313 date
[sizeof(date
)-1]='\0';
314 getword_start(&gwarea
,optarg
);
315 if (getword(cdfrom
,sizeof(cdfrom
),&gwarea
,'-')<0 || getword(cduntil
,sizeof(cduntil
),&gwarea
,0)<0) {
316 printf("SARG: Maybe you have a broken record or garbage in your date range.\n");
319 date_from(date
, cdfrom
, cduntil
);
321 duntil
=atoi(cduntil
);
324 strcpy(email
,optarg
);
327 strcpy(ConfigFile
,optarg
);
340 if (NAccessLog
>=MAXLOGS
) {
341 printf("SARG: Too many log files.\n");
344 strcpy(AccessLog
[NAccessLog
],optarg
);
346 AccessLogFromCmdLine
++;
349 strcpy(SquidGuardLogAlternate
,optarg
);
358 strcpy(outdir
,optarg
);
373 if(strstr(optarg
,"-") == 0) {
377 getword_start(&gwarea
,optarg
);
378 if (getword(hm
,sizeof(hm
),&gwarea
,'-')<0 || getword(hmf
,sizeof(hmf
),&gwarea
,0)<0) {
379 fprintf(stderr
,"SARG: Maybe you have a broken record or garbage in your time range.\n");
383 if(sscanf(hm
,"%d:%d",&h
,&m
)!=2) {
384 fprintf(stderr
,"SARG: time period must be MM or MM:SS. Exit.\n");
387 sprintf(hm
,"%02d%02d",h
,m
);
388 if(sscanf(hmf
,"%d:%d",&h
,&m
)!=2) {
389 fprintf(stderr
,"SARG: time period must be MM or MM:SS. Exit.\n");
392 sprintf(hmf
,"%02d%02d",h
,m
);
414 fprintf(stderr
, "Option -%c require an argument\n",optopt
);
430 if(debug
) debuga("Init");
432 if(ConfigFile
[0] == '\0') sprintf(ConfigFile
,"%s/sarg.conf",SYSCONFDIR
);
433 if(access(ConfigFile
, R_OK
) != 0) {
434 debuga("Cannot open config file: %s - %s",ConfigFile
,strerror(errno
));
438 if(access(ConfigFile
, R_OK
) == 0)
446 if(strcmp(IndexTree
,"file") == 0)
447 strcpy(ImageFile
,"../images");
449 strcpy(ImageFile
,"../../../images");
452 if(DataFile
[0] != '\0')
455 subs(TopUserFields
,sizeof(TopUserFields
),"%BYTES","SETYB");
457 subs(UserReportFields
,sizeof(UserReportFields
),"%BYTES","SETYB");
460 strcpy(AccessLog
[0],"/var/log/squid/access.log");
464 if(strcmp(hexclude
,"onvert") == 0 && strcmp(site
,"plit") != 0) {
465 convlog(AccessLog
[0], df
, dfrom
, duntil
);
469 if(strcmp(site
,"plit") == 0) {
470 splitlog(AccessLog
[0], df
, dfrom
, duntil
, hexclude
);
474 load_excludecodes(ExcludeCodes
);
476 if(access(PasswdFile
, R_OK
) == 0) {
477 getusers(PasswdFile
,debug
);
481 if(hexclude
[0] == '\0')
482 strcpy(hexclude
,ExcludeHosts
);
483 if(strlen(hexclude
) > 0) {
484 if(access(hexclude
, R_OK
) != 0) {
485 debuga("Cannot open exclude_hosts file: %s - %s",hexclude
,strerror(errno
));
488 gethexclude(hexclude
,debug
);
492 if(ReportType
[0] == '\0')
493 strcpy(ReportType
,"topusers topsites users_sites sites_users date_time denied auth_failures site_user_time_date downloads");
495 if(access(ExcludeUsers
, R_OK
) == 0) {
496 getuexclude(ExcludeUsers
,debug
);
502 if(strstr(excludeuser
,"indexonly") != 0)
505 if(strcmp(ExcludeUsers
,"indexonly") == 0) indexonly
++;
506 if(strcmp(Index
,"only") == 0) indexonly
++;
512 if(strlen(MaxElapsed
)>1) max_elapsed
=atol(MaxElapsed
);
514 if(strlen(outdir
)<1) strcpy(outdir
,OutputDir
);
517 if(uagent
[0] == '\0') strcpy(uagent
,UserAgentLog
);
519 if(tmp
[0] == '\0') strcpy(tmp
,TempDir
);
520 else strcpy(TempDir
,tmp
);
522 if(df
[0] == '\0') strcpy(df
,DateFormat
);
523 else strcpy(DateFormat
,df
);
527 strcpy(DateFormat
,"u");
530 if(email
[0] == '\0' && OutputEmail
[0] != '\0') strcpy(email
,OutputEmail
);
534 if(email
[0] != '\0') {
535 sprintf(wtemp2
,"%s/sarg",tmp2
);
537 strcat(tmp2
,"/sarg");
542 strcat(tmp2
,"/sarg.log");
544 sprintf(warea
,"%s/sarg",tmp
);
545 if(access(warea
, R_OK
) == 0) {
546 if (snprintf(tmp3
,sizeof(tmp3
),"rm -rf \"%s\"",warea
)>=sizeof(tmp3
)) {
547 fprintf(stderr
,"SARG: Directory name too long: %s\n",warea
);
550 cstatus
=system(tmp3
);
551 if (!WIFEXITED(cstatus
) || WEXITSTATUS(cstatus
)) {
552 fprintf(stderr
, "SARG: command return status %d\n",WEXITSTATUS(cstatus
));
553 fprintf(stderr
, "SARG: command: %s\n",tmp3
);
558 sprintf(tmp3
,"%s/sarg",tmp
);
563 strcat(tmp4
,"/denied.log.unsort");
564 strcat(tmp5
,"/denied.log");
565 strcat(tmp6
,"/authfail.log.unsort");
568 fprintf(stderr
, "SARG: %s:\nSARG:\n",text
[22]);
569 fprintf(stderr
, "SARG: %35s (-a) = %s\n",text
[23],addr
);
570 fprintf(stderr
, "SARG: %35s (-b) = %s\n",text
[71],uagent
);
571 fprintf(stderr
, "SARG: %35s (-c) = %s\n",text
[69],hexclude
);
572 fprintf(stderr
, "SARG: %35s (-d) = %s\n",text
[24],date
);
573 fprintf(stderr
, "SARG: %35s (-e) = %s\n",text
[41],email
);
574 fprintf(stderr
, "SARG: %35s (-f) = %s\n",text
[70],ConfigFile
);
575 if(strcmp(df
,"e") == 0)
576 fprintf(stderr
, "SARG: %35s (-g) = %s (dd/mm/yyyy)\n",text
[25],text
[26]);
577 if(strcmp(df
,"u") == 0)
578 fprintf(stderr
, "SARG: %35s (-g) = %s (mm/dd/yyyy)\n",text
[25],text
[27]);
579 if(strcmp(df
,"w") == 0)
580 fprintf(stderr
, "SARG: %35s (-g) = %s (yyyy/ww)\n",text
[25],text
[85]);
582 fprintf(stderr
, "SARG: %35s (-i) = %s\n",text
[28],text
[1]);
584 fprintf(stderr
, "SARG: %35s (-i) = %s\n",text
[28],text
[2]);
585 for (iarq
=0 ; iarq
<NAccessLog
; iarq
++)
586 fprintf(stderr
, "SARG: %35s (-l) = %s\n",text
[37],AccessLog
[iarq
]);
588 fprintf(stderr
, "SARG: %35s (-n) = %s\n",text
[65],text
[1]);
590 fprintf(stderr
, "SARG: %35s (-n) = %s\n",text
[65],text
[2]);
591 fprintf(stderr
, "SARG: %35s (-o) = %s\n",text
[38],outdir
);
593 fprintf(stderr
, "SARG: %35s (-p) = %s\n",text
[29],text
[1]);
595 fprintf(stderr
, "SARG: %35s (-p) = %s\n",text
[29],text
[2]);
596 fprintf(stderr
, "SARG: %35s (-s) = %s\n",text
[30],site
);
597 fprintf(stderr
, "SARG: %35s (-t) = %s\n",text
[31],hm
);
598 fprintf(stderr
, "SARG: %35s (-u) = %s\n",text
[32],us
);
599 fprintf(stderr
, "SARG: %35s (-w) = %s\n",text
[34],tmp
);
601 fprintf(stderr
, "SARG: %35s (-x) = %s\n",text
[35],text
[1]);
603 fprintf(stderr
, "SARG: %35s (-x) = %s\n",text
[35],text
[2]);
605 fprintf(stderr
, "SARG: %35s (-z) = %s\n",text
[36],text
[1]);
607 fprintf(stderr
, "SARG: %35s (-z) = %s\n",text
[36],text
[2]);
608 fprintf(stderr
, "SARG:\n");
612 printf("%s:\nSARG:\n",text
[22]);
613 printf("%35s (-a) = %s\n",text
[23],addr
);
614 printf("%35s (-b) = %s\n",text
[71],uagent
);
615 printf("%35s (-c) = %s\n",text
[69],hexclude
);
616 printf("%35s (-d) = %s\n",text
[24],date
);
617 printf("%35s (-e) = %s\n",text
[41],email
);
618 printf("%35s (-f) = %s\n",text
[70],ConfigFile
);
619 if(strcmp(df
,"e") == 0)
620 printf("%35s (-g) = %s (dd/mm/yyyy)\n",text
[25],text
[26]);
621 if(strcmp(df
,"u") == 0)
622 printf("%35s (-g) = %s (mm/dd/yyyy)\n",text
[25],text
[27]);
623 if(strcmp(df
,"w") == 0)
624 printf("%35s (-g) = %s (yyyy/ww)\n",text
[25],text
[85]);
626 printf("%35s (-i) = %s\n",text
[28],text
[1]);
628 printf("%35s (-i) = %s\n",text
[28],text
[2]);
629 for (iarq
=0 ; iarq
<NAccessLog
; iarq
++)
630 printf("%35s (-l) = %s\n",text
[37],AccessLog
[iarq
]);
632 printf("%35s (-n) = %s\n",text
[65],text
[1]);
634 printf("%35s (-n) = %s\n",text
[65],text
[2]);
635 printf("%35s (-o) = %s\n",text
[38],outdir
);
637 printf("%35s (-p) = %s\n",text
[29],text
[1]);
639 printf("%35s (-p) = %s\n",text
[29],text
[2]);
640 printf("%35s (-s) = %s\n",text
[30],site
);
641 printf("%35s (-t) = %s\n",text
[31],hm
);
642 printf("%35s (-u) = %s\n",text
[32],us
);
643 printf("%35s (-w) = %s\n",text
[34],tmp
);
645 printf("%35s (-x) = %s\n",text
[35],text
[1]);
647 printf("%35s (-x) = %s\n",text
[35],text
[2]);
649 printf("%35s (-z) = %s\n",text
[36],text
[1]);
651 printf("%35s (-z) = %s\n",text
[36],text
[2]);
652 printf("sarg %s: %s\n",text
[73],VERSION
);
653 printf("Language=%s\n\n",text
[3]);
657 debuga("sarg %s: %s",text
[73],VERSION
);
660 if (Ulimit
[0] != '\0') {
665 #if defined(RLIMIT_NOFILE)
666 getrlimit (RLIMIT_NOFILE
, &rl
);
667 #elif defined(RLIMIT_OFILE)
668 getrlimit (RLIMIT_OFILE
, &rl
);
670 #warning "No rlimit resource for the number of open files"
675 rl
.rlim_cur
= atol(Ulimit
);
676 rl
.rlim_max
= atol(Ulimit
);
677 #if defined(RLIMIT_NOFILE)
678 rc
=setrlimit (RLIMIT_NOFILE
, &rl
);
679 #elif defined(RLIMIT_OFILE)
680 rc
=setrlimit (RLIMIT_OFILE
, &rl
);
682 #warning "No rlimit resource for the number of open files"
685 debuga("setrlimit error - %s\n",strerror(errno
));
689 debuga("Maximum file descriptor: cur=%ld max=%ld, changed to cur="RLIM_STRING
" max="RLIM_STRING
,l1
,l2
,rl
.rlim_cur
,rl
.rlim_max
);
693 read_usertab(UserTabFile
);
695 sprintf ( sz_Download_Unsort
, "%s/sarg/download.unsort", tmp
);
697 if(strstr(ReportType
,"denied") != 0) {
698 if((fp_denied
=MY_FOPEN(tmp4
,"w"))==NULL
) {
699 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[45],tmp4
,strerror(errno
));
704 if(DataFile
[0]=='\0') {
705 if(strstr(ReportType
,"denied") != 0 || strstr(ReportType
,"auth_failures") != 0) {
706 if((fp_authfail
=MY_FOPEN(tmp6
,"w"))==NULL
) {
707 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[45],tmp6
,strerror(errno
));
713 for (iarq
=0 ; iarq
<NAccessLog
; iarq
++) {
714 strcpy(arq
,AccessLog
[iarq
]);
718 if(strcmp(arq
,"-")==0) {
720 debuga("%s: %s",text
[7],"stdin");
726 debuga("%s: %s",text
[7],arq
);
727 if((fp_in
=MY_FOPEN(arq
,"r"))==NULL
) {
728 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[8],arq
,strerror(errno
));
734 // pre-Read the file only if I have to show stats
735 if(ShowReadStatistics
&& !from_stdin
) {
740 while( fgets(bufz
,sizeof(bufz
),fp_in
) != NULL
) recs1
++;
742 printf("SARG: Records in file: %lu, reading: %3.2f%%\r",recs1
,(float) 0);
746 while(fgets(bufz
,sizeof(bufz
),fp_in
)!=NULL
) {
748 if (ilf
==ILF_Unknown
) {
749 if(strncmp(bufz
,"#Software: Mic",14) == 0) {
751 debuga("%s: %s",text
[143],bufz
);
757 if(strncmp(bufz
,"*** SARG Log ***",16) == 0) {
758 getword_start(&gwarea
,arqtt
);
759 if (getword(val2
,sizeof(val2
),&gwarea
,'-')<0 || getword(val2
,sizeof(val2
),&gwarea
,'_')<0 ||
760 getword(val3
,sizeof(val3
),&gwarea
,'-')<0 || getword(val3
,sizeof(val3
),&gwarea
,'_')<0) {
761 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
764 sprintf(period
,"%s-%s",val2
,val3
);
771 if(strcmp(ParsedOutputLog
, "no") != 0 && ilf
!=ILF_Sarg
) {
772 if(access(ParsedOutputLog
,R_OK
) != 0) {
773 sprintf(csort
,"%s",ParsedOutputLog
);
776 sprintf(arq_log
,"%s/sarg_temp.log",ParsedOutputLog
);
777 if((fp_log
=MY_FOPEN(arq_log
,"w"))==NULL
) {
778 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[8],arq_log
,strerror(errno
));
781 fputs("*** SARG Log ***\n",fp_log
);
785 if( ShowReadStatistics
&& !from_stdin
&& ! --OutputNonZero
) {
787 perc
= perc
/ recs1
;
788 printf("SARG: Records in file: %lu, reading: %3.2f%%\r",recs1
,perc
);
790 OutputNonZero
= REPORT_EVERY_X_LINES
;
792 if(strlen(bufz
) > MAXLEN
-1) continue;
793 if(!bufz
[0]) continue;
794 if(strstr(bufz
,"HTTP/0.0") != 0) continue;
795 if(strstr(bufz
,"logfile turned over") != 0) continue;
796 if(bufz
[0] == ' ') continue;
797 if(strlen(bufz
) < 58) continue;
799 // Record only hours usage which is required
800 tt
= (time_t) strtoul( bufz
, NULL
, 10 );
801 t
= localtime( &tt
);
803 if( bsearch( &( t
-> tm_wday
), weekdays
.list
, weekdays
.len
,
804 sizeof( int ), compar
) == NULL
)
807 if( bsearch( &( t
-> tm_hour
), hours
.list
, hours
.len
,
808 sizeof( int ), compar
) == NULL
)
813 if(ExcludeString
[0] != '\0') {
815 getword_start(&gwarea
,ExcludeString
);
816 while(strchr(gwarea
.current
,':') != 0) {
817 if (getword_multisep(val1
,sizeof(val1
),&gwarea
,':')<0) {
818 printf("SARG: Maybe you have a broken record or garbage in your exclusion string.\n");
821 if((str
=(char *) strstr(warea
,val1
)) != (char *) NULL
)
824 if((str
=(char *) strstr(warea
,gwarea
.current
)) != (char *) NULL
)
827 if(exstring
) continue;
830 if ((str
= strchr(bufz
, '\n')) != NULL
)
831 *str
= '\0'; /* strip \n */
835 printf("BUF=%s\n",bufz
);
837 if (ilf
==ILF_Squid
|| ilf
==ILF_Common
|| ilf
==ILF_Unknown
) {
838 getword_start(&gwarea
,bufz
);
839 if (getword(data
,sizeof(data
),&gwarea
,' ')<0) {
840 printf("SARG: Maybe you have a broken record or garbage in your access.log file.\n");
843 if((str
=(char *) strchr(data
, '.')) != (char *) NULL
) {
844 if((str
=(char *) strchr(str
+1, '.')) != (char *) NULL
) {
848 if (getword(user
,sizeof(user
),&gwarea
,' ')<0 || getword_skip(255,&gwarea
,' ')<0) {
849 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
853 if (getword_skip(255,&gwarea
,' ')<0 || getword(user
,sizeof(user
),&gwarea
,' ')<0) {
854 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
858 if (getword(data
,sizeof(data
),&gwarea
,']')<0 || getword_skip(MAXLEN
,&gwarea
,'"')<0 ||
859 getword(fun
,sizeof(fun
),&gwarea
,' ')<0 || getword(url
,sizeof(url
),&gwarea
,' ')<0 ||
860 getword_skip(MAXLEN
,&gwarea
,' ')<0 || getword(code2
,sizeof(code2
),&gwarea
,' ')<0 ||
861 getword(tam
,sizeof(tam
),&gwarea
,' ')<0) {
862 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
865 if((str
=(char *) strchr(gwarea
.current
, ' ')) != (char *) NULL
) {
866 if (getword(code
,sizeof(code
),&gwarea
,' ')<0) {
867 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
871 if (getword(code
,sizeof(code
),&gwarea
,'\0')<0) {
872 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
877 if ((str
= strchr(code
, ':')) != NULL
)
880 if(strcmp(tam
,"\0") == 0)
888 if(ilf
==ILF_Unknown
|| ilf
==ILF_Squid
) {
889 if (getword(elap
,sizeof(elap
),&gwarea
,' ')<0) {
890 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
893 while(strcmp(elap
,"") == 0 && gwarea
.current
[0] != '\0')
894 if (getword(elap
,sizeof(elap
),&gwarea
,' ')<0) {
895 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
898 if(strlen(elap
) < 1) continue;
899 if (getword(ip
,sizeof(ip
),&gwarea
,' ')<0){
900 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
903 if (getword(code
,sizeof(code
),&gwarea
,' ')<0){
904 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
907 if (getword(tam
,sizeof(tam
),&gwarea
,' ')<0){
908 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
911 if (getword(fun
,sizeof(fun
),&gwarea
,' ')<0){
912 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
915 if (getword(url
,sizeof(url
),&gwarea
,' ')<0){
916 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
919 // while (strstr(bufz,"%20") != 0) {
920 // getword(warea,bufz,' ');
921 // strcat(url,warea);
923 if (getword(user
,sizeof(user
),&gwarea
,' ')<0){
924 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
932 getword_start(&gwarea
,bufz
);
933 if (getword(data
,sizeof(data
),&gwarea
,' ')<0){
934 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
937 if (getword(hora
,sizeof(hora
),&gwarea
,' ')<0) {
938 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
941 if (getword(user
,sizeof(user
),&gwarea
,' ')<0) {
942 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
945 if (getword(ip
,sizeof(ip
),&gwarea
,' ')<0) {
946 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
949 if (getword(url
,sizeof(url
),&gwarea
,' ')<0){
950 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
953 if (getword(tam
,sizeof(tam
),&gwarea
,' ')<0){
954 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
957 if (getword(code
,sizeof(code
),&gwarea
,' ')<0){
958 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
961 if (getword(elap
,sizeof(elap
),&gwarea
,' ')<0){
962 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
965 if (getword(smartfilter
,sizeof(smartfilter
),&gwarea
,' ')<0){
966 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
971 if (bufz
[0] == '#') {
972 int ncols
,cols
[ISACOL_Last
];
975 getword_start(&gwarea
,bufz
);
976 // remove the #Fields: column at the beginning of the line
977 if (getword_skip(1000,&gwarea
,' ')<0){
978 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
981 for (ncols
=0 ; ncols
<ISACOL_Last
; ncols
++) cols
[ncols
]=-1;
983 while(gwarea
.current
[0] != '\0') {
984 if (getword(val1
,sizeof(val1
),&gwarea
,'\t')<0){
985 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
988 if(strcmp(val1
,"c-ip") == 0) cols
[ISACOL_Ip
]=ncols
;
989 if(strcmp(val1
,"cs-username") == 0) cols
[ISACOL_UserName
]=ncols
;
990 if(strcmp(val1
,"date") == 0) cols
[ISACOL_Date
]=ncols
;
991 if(strcmp(val1
,"time") == 0) cols
[ISACOL_Time
]=ncols
;
992 if(strcmp(val1
,"time-taken") == 0) cols
[ISACOL_TimeTaken
]=ncols
;
993 if(strcmp(val1
,"sc-bytes") == 0) cols
[ISACOL_Bytes
]=ncols
;
994 if(strcmp(val1
,"cs-uri") == 0) cols
[ISACOL_Uri
]=ncols
;
995 if(strcmp(val1
,"sc-status") == 0) cols
[ISACOL_Status
]=ncols
;
998 if (cols
[ISACOL_Ip
]>=0) {
1000 for (isa_ncols
=0 ; isa_ncols
<ncols
; isa_ncols
++)
1001 isa_cols
[isa_ncols
]=cols
[isa_ncols
];
1005 if (!isa_ncols
) continue;
1006 getword_start(&gwarea
,bufz
);
1007 for (x
=0 ; x
<isa_ncols
; x
++) {
1008 if (getword(val1
,sizeof(val1
),&gwarea
,'\t')<0) {
1009 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
1012 if (x
==isa_cols
[ISACOL_Ip
]) {
1013 if (strlen(val1
)>=sizeof(ip
)) {
1014 printf("SARG: Maybe you have a broken IP in your %s file.\n",arq
);
1018 } else if (x
==isa_cols
[ISACOL_UserName
]) {
1019 if (strlen(val1
)>=sizeof(user
)) {
1020 printf("SARG: Maybe you have a broken user in your %s file.\n",arq
);
1024 } else if (x
==isa_cols
[ISACOL_Date
]) {
1025 if (strlen(val1
)>=sizeof(data
)) {
1026 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1030 } else if (x
==isa_cols
[ISACOL_Time
]) {
1031 if (strlen(val1
)>=sizeof(hora
)) {
1032 printf("SARG: Maybe you have a broken time in your %s file.\n",arq
);
1036 } else if (x
==isa_cols
[ISACOL_TimeTaken
]) {
1037 if (strlen(val1
)>=sizeof(elap
)) {
1038 printf("SARG: Maybe you have a broken download duration in your %s file.\n",arq
);
1042 } else if (x
==isa_cols
[ISACOL_Bytes
]) {
1043 if (strlen(val1
)>=sizeof(tam
)) {
1044 printf("SARG: Maybe you have a broken download size in your %s file.\n",arq
);
1048 } else if (x
==isa_cols
[ISACOL_Uri
]) {
1049 if (strlen(val1
)>=sizeof(url
)) {
1050 printf("SARG: Maybe you have a broken URL in your %s file.\n",arq
);
1054 } else if (x
==isa_cols
[ISACOL_Status
]) {
1055 if (strlen(val1
)>=sizeof(code
)) {
1056 printf("SARG: Maybe you have a broken access code in your %s file.\n",arq
);
1063 if(strcmp(code
,"401") == 0 || strcmp(code
,"403") == 0 || strcmp(code
,"407") == 0) {
1064 sprintf(val1
,"DENIED/%s",code
);
1067 getword_start(&gwarea
,data
);
1068 if (getword(ano
,sizeof(ano
),&gwarea
,'-')<0){
1069 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
1072 if (getword(mes
,sizeof(mes
),&gwarea
,'-')<0){
1073 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
1076 if (getword(dia
,sizeof(dia
),&gwarea
,'\0')<0){
1077 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
1080 conv_month_name(mes
);
1081 sprintf(data
," %s/%s/%s:%s",dia
,mes
,ano
,hora
);
1084 if(strlen(user
) > 150) {
1085 if (debugm
) printf("User too long: %s\n",user
);
1091 if(IncludeUsers
[0] != '\0') {
1092 sprintf(val1
,":%s:",user
);
1093 if((str
=(char *) strstr(IncludeUsers
,val1
)) == (char *) NULL
)
1098 if (debugm
) printf("Excluded code: %s\n",code
);
1103 if(testvaliduserchar(user
))
1107 if((str
= strstr(user
,"%20")) != NULL
) {
1109 Why is it necessary to truncate the user name at the first space ?
1111 The old code used to truncate the user name at the first % if a %20 was
1112 found anywhere in the string. That means the string could be truncated
1113 at the wrong place if another % occured before the %20. This new code should
1114 avoid that problem and only truncate at the space. There is no bug
1115 report indicating that anybody noticed this.
1121 Code prior to 2.2.7 used to replace any %xx by a dot as long as a %5c was
1122 found in the user name.
1124 while((str
= strstr(user
,"%5c")) != NULL
) {
1126 for (x
=3 ; str
[x
] ; x
++) str
[x
-2]=str
[x
];
1130 for(str
=user
; *str
; str
++) {
1131 if(*str
=='.') dotinuser
++;
1132 if(*str
=='?' || *str
=='.' || *str
==':' || *str
=='/' || *str
=='\\')
1137 if(strncmp(NtlmUserFormat
,"user",4) == 0) {
1138 if((str
= strchr(user
,'_')) != 0) {
1139 strcpy(warea
,str
+1);
1142 if((str
= strchr(user
,'+')) != 0) {
1143 strcpy(warea
,str
+1);
1148 if(strstr(ReportType
,"denied") != 0)
1151 download_flag
=is_download_suffix(url
);
1152 if (download_flag
) {
1153 strcpy(download_url
,url
);
1157 // remove any protocol:// at the beginning of the URL
1158 if ((str
= strchr(url
,'/')) != NULL
&& str
[1] == '/') {
1162 for (i
=0 ; str
[i
] ; i
++)
1168 char *endofhost
=strchr(url
,'/');
1171 if(strlen(url
) > 512 && (endofhost
=strchr(url
,'%')) != NULL
) {
1176 if(ilf
==ILF_Squid
) {
1180 strftime(tbuf2
, sizeof(tbuf2
), "%H%M", t
);
1181 sprintf(mes
,"%d",t
->tm_mon
+1);
1182 conv_month_name(mes
);
1183 if(strncmp(df
,"u",1) == 0)
1184 sprintf(tbuf
, "%04d%s%02d", t
->tm_year
+1900, mes
, t
->tm_mday
);
1185 if(strncmp(df
,"e",1) == 0)
1186 sprintf(tbuf
, "%02d%s%04d", t
->tm_mday
, mes
, t
->tm_year
+1900);
1187 if(strncmp(df
,"w",1) == 0) {
1188 strcpy(IndexTree
,"file");
1189 strftime(tbuf
, sizeof(tbuf
), "%Y.%U", t
);
1192 strftime(wdata
, sizeof(wdata
), "%Y%m%d", t
);
1195 if(strncmp(df
,"u",1)==0)
1196 strftime(dia
, sizeof(dia
), "%m/%d/%Y", t
);
1198 strftime(dia
, sizeof(dia
), "%d/%m/%Y", t
);
1199 sprintf(hora
,"%02d:%02d:%02d",t
->tm_hour
,t
->tm_min
,t
->tm_sec
);
1200 } else if(ilf
==ILF_Common
|| ilf
==ILF_Isa
) {
1201 getword_start(&gwarea
,data
+1);
1202 if (getword_multisep(data
,sizeof(data
),&gwarea
,':')<0){
1203 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1206 if (getword_multisep(hora
,sizeof(hora
),&gwarea
,' ')<0){
1207 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1210 getword_start(&gwarea
,data
);
1211 if (getword_multisep(dia
,sizeof(dia
),&gwarea
,'/')<0){
1212 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1215 if (getword_multisep(mes
,sizeof(mes
),&gwarea
,'/')<0){
1216 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1219 if (getword_multisep(ano
,sizeof(ano
),&gwarea
,'/')<0){
1220 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1224 if(strcmp(df
,"u") == 0)
1225 snprintf(tbuf
,sizeof(tbuf
),"%s%s%s",ano
,mes
,dia
);
1226 if(strcmp(df
,"e") == 0)
1227 snprintf(tbuf
,sizeof(tbuf
),"%s%s%s",dia
,mes
,ano
);
1228 builddia(dia
,mes
,ano
,df
,wdata
);
1230 } else if (ilf
==ILF_Sarg
) {
1231 getword_start(&gwarea
,data
);
1232 if (getword_multisep(mes
,sizeof(mes
),&gwarea
,'/')<0){
1233 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1236 if (getword_multisep(dia
,sizeof(dia
),&gwarea
,'/')<0){
1237 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1240 if (getword_multisep(ano
,sizeof(ano
),&gwarea
,0)<0){
1241 printf("SARG: Maybe you have a broken date in your %s file.\n",arq
);
1247 printf("DATE=%s IDATA=%d DFROM=%d DUNTIL=%d\n",date
,idata
,dfrom
,duntil
);
1251 if(addr
[0] != '\0'){
1252 if(strcmp(addr
,ip
)==0)
1256 // l=vhexclude(excludefile,ip);
1257 l
=vhexclude(excludefile
,url
);
1259 if (debugm
) printf("Excluded site: %s\n",url
);
1266 if(date
[0] != '\0'){
1267 if(idata
>= dfrom
&& idata
<= duntil
)
1273 bzero(hmr
,sizeof(hmr
));
1275 getword_start(&gwarea
,hora
);
1277 if (getword_multisep(warea
,sizeof(warea
),&gwarea
,':')<0){
1278 printf("SARG: Maybe you have a broken time in your %s file.\n",arq
);
1281 strncat(hmr
,warea
,2);
1284 strncat(hmr
,gwarea
.current
,2);
1286 if(atoi(hmr
) >= atoi(hm
) && atoi(hmr
) <= atoi(hmf
))
1291 if(site
[0] != '\0'){
1292 if(strstr(url
,site
)!=0)
1300 if(strcmp(user
,"-") == 0 || strcmp(user
," ") == 0 || strcmp(user
,"") == 0) {
1301 if(strcmp(RecordsWithoutUser
,"ip") == 0)
1303 if(strcmp(RecordsWithoutUser
,"ignore") == 0)
1305 if(strcmp(RecordsWithoutUser
,"everybody") == 0)
1306 strcpy(user
,"everybody");
1309 if(strcmp(user
,us
)==0)
1316 subs(user
,sizeof(user
),"_",".");
1321 sprintf(wuser
,":%s:",user
);
1322 if(strstr(userfile
, wuser
) == 0)
1328 l
=vuexclude(excludeuser
,user
);
1330 if (debugm
) printf("Excluded user: %s\n",user
);
1341 if(l
&& max_elapsed
) {
1342 if(atol(elap
)>max_elapsed
) {
1349 if(strcmp(user
,"-") !=0 && url
[0] != '\0' && strcmp(user
," ") !=0 && strcmp(user
,"") !=0 && strcmp(user
,":") !=0){
1350 if((str
=(char *) strstr(bufz
, "[SmartFilter:")) != (char *) NULL
) {
1352 sprintf(smartfilter
,"\"%s\"",str
+1);
1353 } else sprintf(smartfilter
,"\"\"");
1355 sprintf(bufz
, "%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n",dia
,hora
,user
,ip
,url
,tam
,code
,elap
,smartfilter
);
1357 if ( strcmp ( user
, sz_Last_User
) != 0 ) {
1358 if ( fp_Write_User
)
1359 fclose( fp_Write_User
) ;
1360 sprintf (tmp3
, "%s/sarg/%s.unsort", tmp
, user
);
1362 if ((fp_Write_User
= MY_FOPEN (tmp3
, "a")) == NULL
) {
1363 fprintf (stderr
, "%s: (log) %s: %s - %s\n", argv
[0], text
[9], tmp3
, strerror(errno
));
1366 strcpy( sz_Last_User
, user
) ;
1368 fputs (bufz
, fp_Write_User
);
1370 if(strcmp(ParsedOutputLog
, "no") != 0 && ilf
!=ILF_Sarg
)
1375 if(download_flag
&& strstr(code
,"DENIED") == 0) {
1378 if ( ! fp_Download_Unsort
) {
1379 if ((fp_Download_Unsort
= MY_FOPEN ( sz_Download_Unsort
, "a")) == NULL
) {
1380 fprintf (stderr
, "%s: (log) %s: %s - %s\n", argv
[0], text
[9], tmp3
, strerror(errno
));
1384 fprintf(fp_Download_Unsort
,"%s\t%s\t%s\t%s\t%s\n",dia
,hora
,user
,ip
,download_url
);
1387 if(strstr(ReportType
,"denied") != 0 || strstr(ReportType
,"auth_failures") != 0) {
1388 if(strstr(code
,"DENIED/403") != 0) {
1389 fprintf(fp_denied
, "%s\t%s\t%s\t%s\t%s\n",dia
,hora
,user
,ip
,urly
);
1392 if(strstr(code
,"DENIED/401") != 0 || strstr(code
,"DENIED/407") != 0) {
1394 fprintf(fp_authfail
, "%s\t%s\t%s\t%s\t%s\n",dia
,hora
,user
,ip
,urly
);
1399 if((!totper
|| idata
<mindate
) && ilf
!=ILF_Sarg
){
1402 sprintf(period
,"%s-",tbuf
);
1403 sprintf(per_hour
,"%s-",tbuf2
);
1405 fixper(tbuf
, period
, cduntil
);
1407 debugaz("tbuf",tbuf
);
1408 debugaz("period",period
);
1414 printf("IP=\t%s\n",ip
);
1415 printf("USER=\t%s\n",user
);
1416 printf("ELAP=\t%s\n",elap
);
1417 printf("DATE=\t%s\n",dia
);
1418 printf("TIME=\t%s\n",hora
);
1419 printf("FUNC=\t%s\n",fun
);
1420 printf("URL=\t%s\n",url
);
1421 printf("CODE=\t%s\n",code
);
1422 printf("LEN=\t%s\n",tam
);
1428 if( ShowReadStatistics
)
1429 printf("SARG: Records in file: %lu, reading: %3.2f%%\n",recs1
, (float) 100 );
1433 if ( fp_Download_Unsort
)
1434 fclose (fp_Download_Unsort
);
1437 fclose (fp_Write_User
);
1442 for (ilf
=0 ; ilf
<ILF_Last
; ilf
++) totalcount
+=ilf_count
[ilf
];
1444 debuga(" %s: %ld, %s: %ld, %s: %ld",text
[10],totregsl
,text
[11],totregsg
,text
[68],totregsx
);
1446 if(ilf_count
[ILF_Common
]>0 && ilf_count
[ILF_Squid
]>0)
1447 debuga("%s",text
[12]);
1449 if(ilf_count
[ILF_Common
]>0 && ilf_count
[ILF_Squid
]==0)
1450 debuga("%s",text
[13]);
1452 if(ilf_count
[ILF_Common
]==0 && ilf_count
[ILF_Squid
]>0)
1453 debuga("%s",text
[14]);
1455 if(ilf_count
[ILF_Sarg
]>0)
1456 debuga("%s",text
[124]);
1460 fprintf(stderr
, "SARG: %s\n",text
[16]);
1461 fprintf(stderr
, "SARG: %s\n",text
[21]);
1462 } else fprintf(stderr
, "SARG: %s\n",text
[15]);
1463 bzero(msg
,sizeof(msg
));
1467 fclose(fp_authfail
);
1468 free_excludecodes();
1484 fprintf(stderr
, "SARG: %s\n",text
[16]);
1485 fprintf(stderr
, "SARG: %s\n",text
[21]);
1490 fclose(fp_authfail
);
1491 free_excludecodes();
1502 if(date
[0] == '\0' && ilf_count
[ILF_Sarg
]==0) {
1503 strcat(period
,tbuf
);
1504 strcat(per_hour
,tbuf2
);
1508 debugaz("data",dia
);
1509 debugaz("tbuf",tbuf
);
1510 debugaz("period",period
);
1514 debuga("%s: %s",text
[17],period
);
1520 fclose(fp_authfail
);
1522 if(fp_log
!= NULL
) {
1524 getword_start(&gwarea
,period
);
1525 if (getword_multisep(val2
,sizeof(val2
),&gwarea
,'-')<0){
1526 printf("SARG: Maybe you have a broken date range definition.\n");
1529 if (getword_multisep(val1
,sizeof(val1
),&gwarea
,'\0')<0){
1530 printf("SARG: Maybe you have a broken date range definition.\n");
1533 getword_start(&gwarea
,per_hour
);
1534 if (getword_multisep(val3
,sizeof(val3
),&gwarea
,'-')<0){
1535 printf("SARG: Maybe you have a broken date range definition.\n");
1538 sprintf(val4
,"%s/sarg-%s_%s-%s_%s.log",ParsedOutputLog
,val2
,val3
,val1
,gwarea
.current
);
1539 rename(arq_log
,val4
);
1540 strcpy(arq_log
,val4
);
1542 if(strcmp(ParsedOutputLogCompress
,"nocompress") != 0) {
1543 sprintf(val1
,"\"%s\" \"%s\"",ParsedOutputLogCompress
,arq_log
);
1544 cstatus
=system(val1
);
1545 if (!WIFEXITED(cstatus
) || WEXITSTATUS(cstatus
)) {
1546 fprintf(stderr
, "SARG: command return status %d\n",WEXITSTATUS(cstatus
));
1547 fprintf(stderr
, "SARG: command: %s\n",val1
);
1553 debuga("%s %s",text
[123],arq_log
);
1556 if(strstr(ReportType
,"denied") != 0) {
1557 sprintf(csort
,"sort -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"",tmp
,tmp5
,tmp4
);
1558 cstatus
=system(csort
);
1559 if (!WIFEXITED(cstatus
) || WEXITSTATUS(cstatus
)) {
1560 fprintf(stderr
, "SARG: sort command return status %d\n",WEXITSTATUS(cstatus
));
1561 fprintf(stderr
, "SARG: sort command: %s\n",csort
);
1567 sort_users_log(tmp
, debug
);
1569 if(DataFile
[0] != '\0')
1575 if(strstr(ReportType
,"denied") != 0)
1578 if(zip
[0] != '\0' && strcmp(zip
,"zcat") !=0) {
1581 // else unlink(arq);
1583 if(strcmp(tmp
,"/tmp") != 0) {
1584 if (snprintf(tmp4
,sizeof(tmp4
),"rm -rf \"%s\"",tmp
)>=sizeof(tmp4
)) {
1585 fprintf(stderr
,"SARG: Directory name too long: %s\n",tmp
);
1588 cstatus
=system(tmp4
);
1589 if (!WIFEXITED(cstatus
) || WEXITSTATUS(cstatus
)) {
1590 fprintf(stderr
, "SARG: command return status %d\n",WEXITSTATUS(cstatus
));
1591 fprintf(stderr
, "SARG: command: %s\n",tmp4
);
1596 free_excludecodes();
1606 debuga("%s",text
[21]);
1613 static void getusers(const char *pwdfile
, int debug
)
1622 debuga("%s: %s",text
[60],pwdfile
);
1624 if ((fp_usr
= fopen(pwdfile
, "r")) == NULL
) {
1625 fprintf(stderr
, "SARG: (getusers) %s: %s - %s\n",text
[45],pwdfile
,strerror(errno
));
1629 fseek(fp_usr
, 0, SEEK_END
);
1630 nreg
= ftell(fp_usr
);
1632 printf("SARG: Cannot get the size of file %s",pwdfile
);
1636 fseek(fp_usr
, 0, SEEK_SET
);
1638 if((userfile
=(char *) malloc(nreg
))==NULL
){
1639 fprintf(stderr
, "SARG: %s (%ld):\n",text
[59],nreg
);
1643 bzero(userfile
,nreg
);
1644 strcpy(userfile
,":");
1646 while(fgets(buf
,sizeof(buf
),fp_usr
)!=NULL
) {
1647 str
=strchr(buf
,':');
1649 printf("SARG: You have an invalid user in your %s file.\n",pwdfile
);
1653 strcat(userfile
,buf
);
1662 static void gethexclude(const char *hexfile
, int debug
)
1670 debuga("%s: %s",text
[67],hexfile
);
1672 if ((fp_ex
= fopen(hexfile
, "r")) == NULL
) {
1673 fprintf(stderr
, "SARG: (gethexclude) %s: %s - %s\n",text
[45],hexfile
,strerror(errno
));
1677 fseek(fp_ex
, 0, SEEK_END
);
1678 nreg
= ftell(fp_ex
);
1680 printf("SARG: Cannot get the size of file %s",hexfile
);
1684 fseek(fp_ex
, 0, SEEK_SET
);
1686 if((excludefile
=(char *) malloc(nreg
))==NULL
){
1687 fprintf(stderr
, "SARG: %s (%ld):\n",text
[59],nreg
);
1691 bzero(excludefile
,nreg
);
1693 while(fgets(buf
,sizeof(buf
),fp_ex
)!=NULL
){
1694 if(strchr(buf
,'#') != NULL
)
1697 strcat(excludefile
,buf
);
1698 strcat(excludefile
," ");
1701 strcat(excludefile
,"*END* ");
1709 static void getuexclude(const char *uexfile
, int debug
)
1717 debuga("%s: %s",text
[67],uexfile
);
1719 if ((fp_ex
= fopen(uexfile
, "r")) == NULL
) {
1720 fprintf(stderr
, "SARG: (gethexclude) %s: %s - %s\n",text
[45],uexfile
,strerror(errno
));
1724 fseek(fp_ex
, 0, SEEK_END
);
1725 nreg
= ftell(fp_ex
);
1727 printf("SARG: Cannot get the size of file %s",uexfile
);
1731 fseek(fp_ex
, 0, SEEK_SET
);
1733 if((excludeuser
=(char *) malloc(nreg
))==NULL
){
1734 fprintf(stderr
, "SARG: %s (%ld):\n",text
[59],nreg
);
1738 bzero(excludeuser
,nreg
);
1740 while(fgets(buf
,sizeof(buf
),fp_ex
)!=NULL
){
1741 if(strchr(buf
,'#') != NULL
)
1744 strcat(excludeuser
,buf
);
1745 strcat(excludeuser
," ");
1748 strcat(excludeuser
,"*END* ");