X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=config%2Furlfilter%2Fredirect_wrapper;h=c3bbf7c9f45ff7549abed98768b729a9dfc24601;hb=e5db8f6fbba4715dc17cc1e3385cd47dcaa2cbd6;hp=076764188abbe562714cda383443ce40d0e340df;hpb=70df830214c97a68fcb7e89ae0d7df58c35590be;p=people%2Fpmueller%2Fipfire-2.x.git

diff --git a/config/urlfilter/redirect_wrapper b/config/urlfilter/redirect_wrapper
index 076764188a..c3bbf7c9f4 100644
--- a/config/urlfilter/redirect_wrapper
+++ b/config/urlfilter/redirect_wrapper
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007  Michael Tremer & Christian Schmidt                      #
+# Copyright (C) 2009  Michael Tremer & Christian Schmidt                      #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -25,15 +25,31 @@ use strict;
 use IPC::Open2;
 use IO::Handle;
 
+my $redirectors;
+
+require '/var/ipfire/general-functions.pl';
+
+my %proxysettings=();
+$proxysettings{'ENABLE_FILTER'} = 'off';
+$proxysettings{'ENABLE_CLAMAV'} = 'off';
+$proxysettings{'ENABLE_UPDXLRATOR'} = 'off';
+&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
+
 # define here your redirectors (use a comma sperated list)
-my $redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];
+if ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/bin/squidclamav', '/usr/sbin/updxlrator' ];}
+elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/bin/squidclamav' ];}
+elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];}
+elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidGuard' ];}
+elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidclamav', '/usr/sbin/updxlrator' ];}
+elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidclamav' ];}
+elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/sbin/updxlrator' ];}
+else  { $redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];}
 
 # Attention: keep in mind that the order of your redirectors is important.
 # It doesn't make sense to scan for viruses on pages you restrict access to...
 # So place first your tools which restrict access, then the tools which do the
 # content filtering!
 
-
 ##### no need to change anything below this line #####
 
 # init
@@ -42,23 +58,65 @@ STDOUT->autoflush(1);
 my $line;
 my $return;
 my $i;
+my $debug=0; # enable only for debugging
+
+if ( -e "/var/ipfire/proxy/enable_redirector_debug" ){
+	$debug = 1;
+	writetolog("Urlfilter = ".$proxysettings{'ENABLE_FILTER'}." Clamav = ".$proxysettings{'ENABLE_CLAMAV'}." Updxlrator = ".$proxysettings{'ENABLE_UPDXLRATOR'});
+	}
 
 # open progamms
 my $pidlist = [];
 my $rlist = [];
 my $wlist = [];
+
 for($i = 0; $i < @$redirectors; $i++) {
-        $pidlist->[$i] = open2($rlist->[$i], $wlist->[$i], $redirectors->[$i]);
-}
+	$pidlist->[$i] = open2($rlist->[$i], $wlist->[$i], $redirectors->[$i]);
+	if ($debug){
+		writetolog("Current redirector is ".$redirectors->[$i]." number ".$i." PID ".$pidlist->[$i]);
+		}
+	}
 
 # wait for data...
 while($line = <>) {
-        for($i = 0; $i < @$redirectors; $i++) {
-                $wlist->[$i]->print($line);
-                $return = $rlist->[$i]->getline;
-                last if($return ne "\n" and $return ne $line);
-								# break if redirector changes data
-        }
-        print $return;
-}
+	$return = "";
+
+	for($i = 0; $i < @$redirectors; $i++) {
+		$wlist->[$i]->print($line);
+		$return = $rlist->[$i]->getline;
+
+		if ( $return eq "Processing file and database" ){
+			system("logger -t ipfire 'Emergency - squidGuard not initialised please run squidGuard -C all'");
+			}
+
+		if ($debug){
+			my $dline = $line;my $dreturn = $return;chomp $dline;chomp $dreturn;
+			if ( $return eq $line or $return eq "\n" or $return eq "" ){
+				writetolog("Request equals result by ".$redirectors->[$i]." ".$dline);
+				}
+			else {
+				writetolog($redirectors->[$i]." answers ".$dreturn."\n   Querried ".$dline);
+				}
+			}
+
+		# break if redirector changes data
+		if($return ne "\n" and $return ne $line ){
+			if ( $redirectors->[$i] ne "/usr/sbin/updxlrator"){
+				if ($debug){
+					writetolog($redirectors->[$i]." is stopping querry because block was found.");
+					}
+				$i = @$redirectors;
+				}
+			}
+		}
+	print $return;
+	}
+
 exit 0;
+
+sub writetolog {
+	open(DATEI, ">>/var/log/squid/redirector_debug") || die "Unable to acces file /var/log/redirector_debug";
+	my $log = shift;
+	print DATEI $log."\n";
+	close(DATEI);
+	}