Changed redirector to be more dynamic and handle new redirectors
Changed proxy cgi to support one new redirector and allways use the default
Added recent changes to core 11
Changed clamd.conf file to handle streams up to 50M and not using the defaul
Started building squidclamav redirector to scan for viruses when using the p
##
## ipfire config file for the Clam AV daemon
##
##
## ipfire config file for the Clam AV daemon
##
PidFile /var/run/clamav/clamd.pid
LocalSocket /var/run/clamav/clamd
PidFile /var/run/clamav/clamd.pid
LocalSocket /var/run/clamav/clamd
+StreamMaxLength 50M
+ScanPDF yes
usr/lib/php/data/PEAR/package.dtd
usr/lib/php/data/PEAR/template.spec
usr/lib/php/pearcmd.php
usr/lib/php/data/PEAR/package.dtd
usr/lib/php/data/PEAR/template.spec
usr/lib/php/pearcmd.php
+srv/web/ipfire/cgi-bin/proxy.cgi
+usr/sbin/redirect_wrapper
+var/ipfire/langs
/usr/local/bin/backupctrl exclude >/dev/null 2>&1
/etc/init.d/squid stop
extract_files
/usr/local/bin/backupctrl exclude >/dev/null 2>&1
/etc/init.d/squid stop
extract_files
+perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
squidGuard -d -C all
chmod 666 /var/ipfire/urlfilter/blacklist/*/*.db
/etc/init.d/squid start
squidGuard -d -C all
chmod 666 /var/ipfire/urlfilter/blacklist/*/*.db
/etc/init.d/squid start
+usr/bin/squidclamav
+etc/squidclamav.conf
+srv/web/ipfire/html/clwarn.cgi
proxy none
logfile /var/log/squidclamav.log
proxy none
logfile /var/log/squidclamav.log
-redirect http://192.168.255.1:81/clwarn.cgi
+redirect http://127.0.0.1:81/clwarn.cgi
use strict;
use IPC::Open2;
use IO::Handle;
use strict;
use IPC::Open2;
use IO::Handle;
+require '/var/ipfire/general-functions.pl';
+
+my %proxysettings=();
+&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
# define here your redirectors (use a comma sperated list)
# define here your redirectors (use a comma sperated list)
-my $redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];
+my @redirectors = "";
+if ( $proxysettings{'ENABLE_FILTER'} eq 'on' && -e '/usr/bin/squidGuard' ){push(@redirectors,"/usr/bin/squidGuard"); }
+if ( $proxysettings{'ENABLE_CLAMAV'} eq 'on' && -e '/usr/bin/squidclamav' ){ push(@redirectors,"/usr/bin/squidclamav"); }
+if ( $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' && -e '/usr/sbin/updxlrator' ) { push(@redirectors,"/usr/sbin/updxlrator"); }
+
+#my $redirectors = [ '/usr/bin/squidclamav', '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];
# Attention: keep in mind that the order of your redirectors is important.
# It doesn't make sense to scan for viruses on pages you restrict access to...
# So place first your tools which restrict access, then the tools which do the
# content filtering!
# Attention: keep in mind that the order of your redirectors is important.
# It doesn't make sense to scan for viruses on pages you restrict access to...
# So place first your tools which restrict access, then the tools which do the
# content filtering!
+#print "Anzahl ".$#redirectors."\n";
##### no need to change anything below this line #####
##### no need to change anything below this line #####
my $pidlist = [];
my $rlist = [];
my $wlist = [];
my $pidlist = [];
my $rlist = [];
my $wlist = [];
-for($i = 0; $i < @$redirectors; $i++) {
- $pidlist->[$i] = open2($rlist->[$i], $wlist->[$i], $redirectors->[$i]);
+for($i = 1; $i <= $#redirectors; $i++) {
+ #print "i=".$i." redirector ".$redirectors[$i]."\n";
+ $pidlist->[$i] = open2($rlist->[$i], $wlist->[$i], $redirectors[$i] );
}
# wait for data...
while($line = <>) {
}
# wait for data...
while($line = <>) {
- for($i = 0; $i < @$redirectors; $i++) {
+ for($i = 1; $i <= $#redirectors; $i++) {
$wlist->[$i]->print($line);
$return = $rlist->[$i]->getline;
last if($return ne "\n" and $return ne $line);
$wlist->[$i]->print($line);
$return = $rlist->[$i]->getline;
last if($return ne "\n" and $return ne $line);
$proxysettings{'IDENT_USER_ACL'} = 'positive';
$proxysettings{'ENABLE_FILTER'} = 'off';
$proxysettings{'ENABLE_UPDXLRATOR'} = 'off';
$proxysettings{'IDENT_USER_ACL'} = 'positive';
$proxysettings{'ENABLE_FILTER'} = 'off';
$proxysettings{'ENABLE_UPDXLRATOR'} = 'off';
+$proxysettings{'ENABLE_CLAMAV'} = 'off';
$ncsa_buttontext = $Lang::tr{'advproxy NCSA create user'};
$ncsa_buttontext = $Lang::tr{'advproxy NCSA create user'};
$stdproxysettings{'PROXY_PORT'} = $proxysettings{'PROXY_PORT'};
$stdproxysettings{'ENABLE_FILTER'} = $proxysettings{'ENABLE_FILTER'};
$stdproxysettings{'ENABLE_UPDXLRATOR'} = $proxysettings{'ENABLE_UPDXLRATOR'};
$stdproxysettings{'PROXY_PORT'} = $proxysettings{'PROXY_PORT'};
$stdproxysettings{'ENABLE_FILTER'} = $proxysettings{'ENABLE_FILTER'};
$stdproxysettings{'ENABLE_UPDXLRATOR'} = $proxysettings{'ENABLE_UPDXLRATOR'};
+ $stdproxysettings{'ENABLE_CLAMAV'} = $proxysettings{'ENABLE_CLAMAV'};
&General::writehash("${General::swroot}/proxy/settings", \%stdproxysettings);
&writeconfig;
&General::writehash("${General::swroot}/proxy/settings", \%stdproxysettings);
&writeconfig;
$checked{'ENABLE_UPDXLRATOR'}{'on'} = '';
$checked{'ENABLE_UPDXLRATOR'}{$proxysettings{'ENABLE_UPDXLRATOR'}} = "checked='checked'";
$checked{'ENABLE_UPDXLRATOR'}{'on'} = '';
$checked{'ENABLE_UPDXLRATOR'}{$proxysettings{'ENABLE_UPDXLRATOR'}} = "checked='checked'";
+$checked{'ENABLE_CLAMAV'}{'off'} = '';
+$checked{'ENABLE_CLAMAV'}{'on'} = '';
+$checked{'ENABLE_CLAMAV'}{$proxysettings{'ENABLE_CLAMAV'}} = "checked='checked'";
+
&Header::openpage($Lang::tr{'advproxy advanced web proxy configuration'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
&Header::openpage($Lang::tr{'advproxy advanced web proxy configuration'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
</table>
<hr size='1'>
<table width='100%'>
</table>
<hr size='1'>
<table width='100%'>
-<tr>
- <td class='base' width='50%'><b>$Lang::tr{'advproxy url filter'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_FILTER' $checked{'ENABLE_FILTER'}{'on'} /></td>
- <td class='base' width='50%'><b>$Lang::tr{'advproxy update accelerator'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_UPDXLRATOR' $checked{'ENABLE_UPDXLRATOR'}{'on'} /></td>
+END
+;
+if ( -e "/usr/bin/squidclamav" ) {
+ print "<td class='base' width='33%'><b>$Lang::tr{'advproxy url filter'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_FILTER' $checked{'ENABLE_FILTER'}{'on'} /></td>";
+ print "<td class='base' width='33%'><b>$Lang::tr{'advproxy update accelerator'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_UPDXLRATOR' $checked{'ENABLE_UPDXLRATOR'}{'on'} /></td>";
+ print "<td class='base' width='33%'><b>$Lang::tr{'advproxy squidclamav'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_CLAMAV' $checked{'ENABLE_CLAMAV'}{'on'} /></td>";
+}
+else
+{
+ print "<td class='base' width='50%'><b>$Lang::tr{'advproxy url filter'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_FILTER' $checked{'ENABLE_FILTER'}{'on'} /></td>";
+ print "<td class='base' width='50%'><b>$Lang::tr{'advproxy update accelerator'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_UPDXLRATOR' $checked{'ENABLE_UPDXLRATOR'}{'on'} /></td>";
+}
+print <<END
</tr>
</table>
<hr size='1'>
</tr>
</table>
<hr size='1'>
if ($proxysettings{'AUTH_REALM'} eq '')
{
if ($proxysettings{'AUTH_REALM'} eq '')
{
- $authrealm = "IPCop Advanced Proxy Server";
+ $authrealm = "IPFire Advanced Proxy Server";
} else {
$authrealm = $proxysettings{'AUTH_REALM'};
}
} else {
$authrealm = $proxysettings{'AUTH_REALM'};
}
if ($proxysettings{'ENABLE_FILTER'} eq 'on')
{
print FILE <<END
if ($proxysettings{'ENABLE_FILTER'} eq 'on')
{
print FILE <<END
-url_rewrite_program /usr/bin/squidGuard
+url_rewrite_program /usr/sbin/redirect_wrapper
url_rewrite_children $filtersettings{'CHILDREN'}
END
url_rewrite_children $filtersettings{'CHILDREN'}
END
if ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on')
{
print FILE <<END
if ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on')
{
print FILE <<END
-url_rewrite_program /usr/sbin/updxlrator
+url_rewrite_program /usr/sbin/redirect_wrapper
url_rewrite_children $xlratorsettings{'CHILDREN'}
END
url_rewrite_children $xlratorsettings{'CHILDREN'}
END
close(FILE);
} else {
&deluser($str_user);
close(FILE);
} else {
&deluser($str_user);
- system("/usr/bin/htpasswd -b $userdb $str_user $str_pass");
+ system("/usr/sbin/htpasswd -b $userdb $str_user $str_pass");
}
if ($str_group eq 'standard') { open(FILE, ">>$stdgrp");
}
if ($str_group eq 'standard') { open(FILE, ">>$stdgrp");
'advproxy AUTH method' => 'Authentifizierungsmethode',
'advproxy AUTH method ident' => 'identd',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method' => 'Authentifizierungsmethode',
'advproxy AUTH method ident' => 'identd',
'advproxy AUTH method ldap' => 'LDAP',
+'advproxy squidclamav' => 'SquidClamav',
'advproxy AUTH method ncsa' => 'Lokal',
'advproxy AUTH method none' => 'Keine',
'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method ncsa' => 'Lokal',
'advproxy AUTH method none' => 'Keine',
'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method' => 'Authentication method',
'advproxy AUTH method ident' => 'identd',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method' => 'Authentication method',
'advproxy AUTH method ident' => 'identd',
'advproxy AUTH method ldap' => 'LDAP',
+'advproxy squidclamav' => 'SquidClamav',
'advproxy AUTH method ncsa' => 'Local',
'advproxy AUTH method none' => 'None',
'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method ncsa' => 'Local',
'advproxy AUTH method none' => 'None',
'advproxy AUTH method ntlm' => 'Windows',