]> git.ipfire.org Git - ipfire-2.x.git/blob - config/urlfilter/autoupdate.pl
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
suricata: Change midstream policy to "pass-flow"
[ipfire-2.x.git] / config / urlfilter / autoupdate.pl
1 #!/usr/bin/perl
2 #
3 # This code is distributed under the terms of the GPL
4 #
5 # (c) 2004-2007 marco.s - http://www.urlfilter.net
6 #
7 # $Id: autoupdate.pl,v 1.1 2007/03/14 00:00:00 marco.s Exp $
8 #
9 use strict;
10
11 require "/var/ipfire/general-functions.pl";
12
13 my $make_clean = 1;
14
15 my $swroot = "/var/ipfire";
16 my $target = "$swroot/urlfilter/download";
17 my $tempdb = "$target/blacklists";
18 my $dbdir = "$swroot/urlfilter/blacklists";
19
20 my $sourceurlfile = "$swroot/urlfilter/autoupdate/autoupdate.urls";
21 my $updconffile = "$swroot/urlfilter/autoupdate/autoupdate.conf";
22 my $updflagfile = "$swroot/urlfilter/blacklists/.autoupdate.last";
23
24 my %cgiparams;
25 my %updatesettings;
26 my $blacklist_url;
27 my $blacklist_src;
28 my $source_url;
29 my $source_name;
30 my @source_urllist;
31
32 my @categories;
33 my $blacklist;
34 my $category;
35
36 my $exitcode = 1;
37
38 if (-e "$sourceurlfile")
39 {
40 open(FILE, $sourceurlfile);
41 @source_urllist = <FILE>;
42 close(FILE);
43 }
44
45 if (-e "$updconffile") { &readhash("$updconffile", \%updatesettings); }
46
47 if (@ARGV[0] =~ m@^(f|h)tt?ps?://@) { $updatesettings{'UPDATE_SOURCE'} = @ARGV[0]; }
48
49 if ($updatesettings{'UPDATE_SOURCE'} eq 'custom')
50 {
51 $blacklist_url=$updatesettings{'CUSTOM_UPDATE_URL'};
52 } else {
53 $blacklist_url=$updatesettings{'UPDATE_SOURCE'};
54 foreach (@source_urllist)
55 {
56 chomp;
57 $source_name = substr($_,0,rindex($_,","));
58 $source_url = substr($_,index($_,",")+1);
59 if ($blacklist_url eq $source_url) { $blacklist_src=$source_name; }
60 }
61 }
62
63 if ($blacklist_src eq '') { $blacklist_src="custom source URL"; }
64
65 $blacklist_url =~ s/\&/\\\&/;
66
67 $blacklist=substr($blacklist_url,rindex($blacklist_url,"/")+1);
68 if (($blacklist =~ /\?/) || (!($blacklist =~ /\.t(ar\.)?gz$/))) { $blacklist = 'blacklist.tar.gz'; }
69 $blacklist=$target.'/'.$blacklist;
70
71 unless ($blacklist_url eq '')
72 {
73
74 if (-d $target) { system("rm -rf $target"); }
75 system("mkdir $target");
76
77 &Network::setup_upstream_proxy();
78 system("/usr/bin/wget -o $target/wget.log -O $blacklist $blacklist_url");
79
80 if (-e $blacklist)
81 {
82 system("/bin/tar --no-same-owner -xzf $blacklist -C $target");
83 if (-d "$target/BL") { system ("mv $target/BL $target/blacklists"); }
84 if (-d "$tempdb")
85 {
86 undef(@categories);
87 &getblockcategory ($tempdb);
88 foreach (@categories) { $_ = substr($_,length($tempdb)+1); }
89
90 open(FILE, ">$target/update.conf");
91 flock FILE, 2;
92 print FILE "logdir $target\n";
93 print FILE "dbhome $tempdb\n\n";
94
95 foreach $category (@categories) {
96 $blacklist = $category;
97 $category =~ s/\//_/g;
98 print FILE "dest $category {\n";
99 if (-s "$tempdb/$blacklist/domains") {
100 print FILE " domainlist $blacklist\/domains\n";
101 }
102 if (-s "$tempdb/$blacklist/urls") {
103 print FILE " urllist $blacklist\/urls\n";
104 }
105 print FILE "}\n\n";
106 $category = $blacklist;
107 }
108
109 print FILE "acl {\n";
110 print FILE " default {\n";
111 print FILE " pass none\n";
112 print FILE " }\n";
113 print FILE "}\n";
114 close FILE;
115
116 system("/usr/bin/squidGuard -d -c $target/update.conf -C all");
117
118 system("cp -r $target/blacklists/* $dbdir");
119
120 system("chown -R nobody.nobody $dbdir");
121
122 &setpermissions ($dbdir);
123
124 system("touch $updflagfile");
125 system("chown nobody.nobody $updflagfile");
126
127 system("/etc/init.d/squid restart");
128
129 system("logger -t installpackage[urlfilter] \"URL filter blacklist - Update from $blacklist_src completed\"");
130
131 $exitcode = 0;
132
133 } else {
134 system("logger -t installpackage[urlfilter] \"URL filter blacklist - ERROR: Not a valid URL filter blacklist\"");
135 }
136 } else {
137 system("logger -t installpackage[urlfilter] \"URL filter blacklist - ERROR: Unable to retrieve blacklist from $blacklist_src\"");
138 }
139
140 } else {
141 system("logger -t installpackage[urlfilter] \"URL filter blacklist - ERROR: No update source defined\"");
142 }
143
144 if ((-d $target) && ($make_clean)) { system("rm -rf $target"); }
145
146 exit $exitcode;
147
148 # -------------------------------------------------------------------
149
150 sub readhash
151 {
152 my $filename = $_[0];
153 my $hash = $_[1];
154 my ($var, $val);
155
156 if (-e $filename)
157 {
158 open(FILE, $filename) or die "Unable to read file $filename";
159 while (<FILE>)
160 {
161 chop;
162 ($var, $val) = split /=/, $_, 2;
163 if ($var)
164 {
165 $val =~ s/^\'//g;
166 $val =~ s/\'$//g;
167
168 # Untaint variables read from hash
169 $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
170 $val =~ /([\w\W]*)/; $val = $1;
171 $hash->{$var} = $val;
172 }
173 }
174 close FILE;
175 }
176 }
177
178 # -------------------------------------------------------------------
179
180 sub getblockcategory
181 {
182 foreach $category (<$_[0]/*>)
183 {
184 if (-d $category)
185 {
186 if ((-s "$category/domains") || (-s "$category/urls"))
187 {
188 unless ($category =~ /\bcustom\b/) { push(@categories,$category); }
189 }
190 &getblockcategory ($category);
191 }
192 }
193 }
194
195 # -------------------------------------------------------------------
196
197 sub setpermissions
198 {
199 my $bldir = $_[0];
200
201 foreach $category (<$bldir/*>)
202 {
203 if (-d $category){
204 system("chmod 755 $category &> /dev/null");
205 foreach $blacklist (<$category/*>)
206 {
207 if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
208 if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
209 }
210 system("chmod 666 $category/*.db &> /dev/null");
211 &setpermissions ($category);
212 }
213 }
214 }
215
216 # -------------------------------------------------------------------
IPFire 2.x development tree