Connections.cgi neu geschrieben.
authorms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Thu, 12 Apr 2007 16:28:06 +0000 (16:28 +0000)
committerms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Thu, 12 Apr 2007 16:28:06 +0000 (16:28 +0000)
URL-Filter aktualisiert.

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@495 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8

12 files changed:
config/urlfilter/autoupdate.pl
config/urlfilter/autoupdate.urls
config/urlfilter/prebuild.pl
config/urlfilter/squidGuard.conf
doc/language_issues.de
doc/language_issues.en
html/cgi-bin/connections.cgi
html/cgi-bin/urlfilter.cgi
langs/de/cgi-bin/de.pl
langs/en/cgi-bin/en.pl
src/misc-progs/tripwirectrl.c
src/scripts/scanhd

index f9af67e..6d61f43 100644 (file)
@@ -1,7 +1,10 @@
 #!/usr/bin/perl
-
 #
-# $Id: autoupdate.pl,v 1.0 2005/06/15 00:00:00 marco Exp $
+# This code is distributed under the terms of the GPL
+#
+# (c) 2004-2007 marco.s - http://www.urlfilter.net
+#
+# $Id: autoupdate.pl,v 1.1 2007/03/14 00:00:00 marco.s Exp $
 #
 use strict;
 
@@ -9,6 +12,7 @@ my $make_clean = 1;
 
 my $swroot = "/var/ipfire";
 my $target = "$swroot/urlfilter/download";
+my $tempdb = "$target/blacklists";
 my $dbdir  = "$swroot/urlfilter/blacklists";
 
 my $sourceurlfile = "$swroot/urlfilter/autoupdate/autoupdate.urls";
@@ -23,6 +27,7 @@ my $source_url;
 my $source_name;
 my @source_urllist;
 
+my @categories;
 my $blacklist;
 my $category;
 
@@ -72,24 +77,32 @@ unless ($blacklist_url eq '')
        if (-e $blacklist)
        {
                system("/bin/tar --no-same-owner -xzf $blacklist -C $target");
-               if (-d "$target/blacklists")
+               if (-d "$target/BL") { system ("mv $target/BL $target/blacklists"); }
+               if (-d "$tempdb")
                {
+                       undef(@categories);
+                       &getblockcategory ($tempdb);
+                       foreach (@categories) { $_ = substr($_,length($tempdb)+1); }
+
                        open(FILE, ">$target/update.conf");
                        flock FILE, 2;
                        print FILE "logdir $target\n";
-                       print FILE "dbhome $target/blacklists\n\n";
-
-                       foreach (<$target/blacklists/*>)
-                       {
-                               if ((-d $_) && ((-s "$_/domains") || (-s "$_/urls")))
-                               {
-                                       $category=substr($_,rindex($_,"/")+1);
-                                       print FILE "dest $category {\n";
-                                       if (-s "$_/domains") { print FILE "    domainlist  $category/domains\n"; }
-                                       if (-s "$_/urls")    { print FILE "    urllist     $category/urls\n"; }
-                                       print FILE "}\n\n";
+                       print FILE "dbhome $tempdb\n\n";
+
+                       foreach $category (@categories) {
+                               $blacklist = $category;
+                               $category =~ s/\//_/g;
+                               print FILE "dest $category {\n";
+                               if (-s "$tempdb/$blacklist/domains") {
+                                       print FILE "    domainlist     $blacklist\/domains\n";
                                }
+                               if (-s "$tempdb/$blacklist/urls") {
+                                       print FILE "    urllist        $blacklist\/urls\n";
+                               }
+                               print FILE "}\n\n";
+                               $category = $blacklist;
                        }
+
                        print FILE "acl {\n";
                        print FILE "    default {\n";
                        print FILE "        pass none\n";
@@ -103,19 +116,7 @@ unless ($blacklist_url eq '')
 
                        system("chown -R nobody.nobody $dbdir");
 
-                       foreach $category (<$dbdir/*>)
-                       {
-                               if (-d $category)
-                               {
-                                       system("chmod 755 $category &> /dev/null");
-                                       foreach $blacklist (<$category/*>)
-                                       {
-                                               if (-f $blacklist){ system("chmod 644 $blacklist &> /dev/null"); }
-                                               if (-d $blacklist){ system("chmod 755 $blacklist &> /dev/null"); }
-                                       }
-                                       system("chmod 666 $category/*.db &> /dev/null");
-                               }
-                       }
+                       &setpermissions ($dbdir);
 
                        system("touch $updflagfile");
                        system("chown nobody.nobody $updflagfile");
@@ -172,3 +173,41 @@ sub readhash
 }
 
 # -------------------------------------------------------------------
+
+sub getblockcategory
+{
+       foreach $category (<$_[0]/*>)
+       {
+               if (-d $category)
+               {
+                       if ((-s "$category/domains") || (-s "$category/urls"))
+                       {
+                               unless ($category =~ /\bcustom\b/) { push(@categories,$category); }
+                       }
+                       &getblockcategory ($category);
+               }
+       }
+}
+
+# -------------------------------------------------------------------
+
+sub setpermissions
+{
+       my $bldir = $_[0];
+
+       foreach $category (<$bldir/*>)
+       {
+                if (-d $category){
+                       system("chmod 755 $category &> /dev/null");
+                       foreach $blacklist (<$category/*>)
+                       {
+                               if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
+                               if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
+                       }
+                       system("chmod 666 $category/*.db &> /dev/null");
+                       &setpermissions ($category);
+               }
+        }
+}
+
+# -------------------------------------------------------------------
index 33b62d5..a421919 100644 (file)
@@ -1,3 +1,3 @@
-squidGuard,http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz
+Shalla Secure Services,http://squidguard.shalla.de/Downloads/shallalist.tar.gz
 MESD,http://squidguard.mesd.k12.or.us/blacklists.tgz
 Univ. Toulouse,ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
index b95ca89..94138e1 100644 (file)
@@ -4,8 +4,6 @@
 #
 # (c) written from scratch
 #
-# $Id: prebuild.pl,v 0.3 2005/04/16 00:00:00 marco Exp $
-#
 
 $dbdir="/var/ipfire/urlfilter/blacklists";
 
@@ -18,15 +16,27 @@ if (-e "$dbdir/custom/blocked/urls.db")    { unlink("$dbdir/custom/blocked/urls.
 
 system("chown -R nobody.nobody $dbdir");
 
-foreach $category (<$dbdir/*>)
+&setpermissions ($dbdir);
+
+# -------------------------------------------------------------------
+
+sub setpermissions
 {
-         if (-d $category){
-               system("chmod 755 $category &> /dev/null");
-               foreach $blacklist (<$category/*>)
-               {
-                       if (-f $blacklist){ system("chmod 644 $blacklist &> /dev/null"); }
-                       if (-d $blacklist){ system("chmod 755 $blacklist &> /dev/null"); }
+       my $bldir = $_[0];
+
+       foreach $category (<$bldir/*>)
+       {
+                if (-d $category){
+                       system("chmod 755 $category &> /dev/null");
+                       foreach $blacklist (<$category/*>)
+                       {
+                               if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
+                               if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
+                       }
+                       system("chmod 666 $category/*.db &> /dev/null");
+                       &setpermissions ($category);
                }
-               system("chmod 666 $category/*.db &> /dev/null");
         }
 }
+
+# -------------------------------------------------------------------
index 0232ead..4f43648 100644 (file)
@@ -1,5 +1,5 @@
 logdir /var/log/squidGuard
-dbhome /var/ipfire/urlfilter/blacklists
+dbhome /var/ipcop/urlfilter/blacklists
 
 acl {
     default {
index 3341149..94eff7c 100644 (file)
@@ -285,11 +285,9 @@ WARNING: translation string unused: upstream password
 WARNING: translation string unused: upstream proxy host:port
 WARNING: translation string unused: upstream username
 WARNING: translation string unused: uptime and users
-WARNING: translation string unused: urlfilter background text
 WARNING: translation string unused: urlfilter update information
 WARNING: translation string unused: urlfilter update notification
 WARNING: translation string unused: urlfilter update results
-WARNING: translation string unused: urlfilter upload background
 WARNING: translation string unused: use
 WARNING: translation string unused: used memory
 WARNING: translation string unused: used swap
@@ -336,6 +334,7 @@ WARNING: untranslated string: traffics
 WARNING: untranslated string: trafficsum
 WARNING: untranslated string: trafficto
 WARNING: untranslated string: up
+WARNING: untranslated string: urlfilter background image
 WARNING: untranslated string: urlfilter log
 WARNING: untranslated string: user log
 WARNING: untranslated string: user proxy logs
index 2884baa..33d290d 100644 (file)
@@ -290,11 +290,9 @@ WARNING: translation string unused: upstream password
 WARNING: translation string unused: upstream proxy host:port
 WARNING: translation string unused: upstream username
 WARNING: translation string unused: uptime and users
-WARNING: translation string unused: urlfilter background text
 WARNING: translation string unused: urlfilter update information
 WARNING: translation string unused: urlfilter update notification
 WARNING: translation string unused: urlfilter update results
-WARNING: translation string unused: urlfilter upload background
 WARNING: translation string unused: use
 WARNING: translation string unused: used memory
 WARNING: translation string unused: used swap
@@ -324,6 +322,7 @@ WARNING: untranslated string: remove x509
 WARNING: untranslated string: settingsc
 WARNING: untranslated string: smbrestart
 WARNING: untranslated string: up
+WARNING: untranslated string: urlfilter background image
 WARNING: untranslated string: urlfilter log
 WARNING: untranslated string: user log
 WARNING: untranslated string: user proxy logs
index b38ade0..aeaf0db 100644 (file)
@@ -20,7 +20,7 @@ use Net::IPv4Addr qw( :all );
 use strict;
 
 # enable only the following on debugging purpose
-use warnings;
+#use warnings;
 use CGI::Carp 'fatalsToBrowser';
 
 require '/var/ipfire/general-functions.pl';
@@ -36,13 +36,13 @@ undef (@dummy);
 my %netsettings=();
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 
-open (ACTIVE, "/proc/net/ip_conntrack") or die 'Unable to open ip_conntrack';
+open (ACTIVE, 'iptstate -1rbt |') or die 'Unable to open ip_conntrack';
 my @active = <ACTIVE>;
 close (ACTIVE);
 
 my @vpn = ('none');
-open (ACTIVE, "/proc/net/ipsec_eroute") and @vpn = <ACTIVE>;
-close (ACTIVE);
+#open (ACTIVE, "/proc/net/ipsec_eroute") and @vpn = <ACTIVE>;
+#close (ACTIVE);
 
 my $aliasfile = "${General::swroot}/ethernet/aliases";
 open(ALIASES, $aliasfile) or die 'Unable to open aliases file.';
@@ -212,197 +212,15 @@ our %entries = ();       # will hold the lines analyzed correctly
 my $unknownlines = ''; # should be empty all the time...
 my $index = 0;         # just a counter to make unique entryies in entries
 
-foreach my $line (@active) {
-        my $protocol='';
-        my $expires='';
-        my $status='';
-        my $orgsip='';
-        my $orgdip='';
-        my $orgsp='';
-        my $orgdp='';
-        my $exsip='';
-        my $exdip='';
-        my $exsp='';
-        my $exdp='';
-        my $marked='';
-        my $use='';
-
-        chomp($line);
-        my @temp = split(' ',$line);
-
-           if ($temp[0] eq 'icmp') {
-                $protocol  = $temp[0];
-                $status    = $Lang::tr{'all'};
-                $orgsip   = substr $temp[3], 4;
-                     $orgdip   = substr $temp[4], 4;
-                     $marked   = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : ' ';
-              }
-           if ($temp[0] eq 'udp') {
-                $protocol  = $temp[0];
-                $status  = $Lang::tr{'all'};
-                $orgsip = substr $temp[3], 4;
-                     $orgdip  = substr $temp[4], 4;
-                     $marked   = $temp[7] eq '[UNREPLIED]' ? '[UNREPLIED]' : defined ($temp[12]) ? $temp[11] : ' ';
-              }
-        if ($temp[0] eq 'tcp') {
-                $protocol  = $temp[0];
-                $status  = $temp[3];
-                $orgsip = substr $temp[4], 4;
-                $orgdip   = substr $temp[5], 4;
-                     $marked   = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : defined ($temp[13]) ? $temp[12] : ' ';
-        }
-
-        # filter the line if we found a known proto
-        next if( !(
-                   (($cgiparams{'SEE_PROTO'}  eq $Lang::tr{'all'}) || ($protocol  eq $cgiparams{'SEE_PROTO'} ))
-                && (($cgiparams{'SEE_STATE'}  eq $Lang::tr{'all'}) || ($status    eq $cgiparams{'SEE_STATE'} ))
-                && (($cgiparams{'SEE_MARK'}   eq $Lang::tr{'all'}) || ($marked    eq $cgiparams{'SEE_MARK'}  ))
-                && (($cgiparams{'SEE_SRC'}    eq "*.*.*.*")        || ($orgsip    eq $cgiparams{'SEE_SRC'}   ))
-                && (($cgiparams{'SEE_DEST'}   eq "*.*.*.*")               || ($orgdip    eq $cgiparams{'SEE_DEST'}  ))
-                ));
-
-        if ($temp[0] eq 'icmp') {
-                my $offset = 0;
-                    $protocol = $temp[0] . " (" . $temp[1] . ")";
-                    $expires = $temp[2];
-                $status = ' ';
-                    if ($temp[8] eq '[UNREPLIED]' ) {
-                        $offset = +1;
-                }      
-                    $orgsip = substr $temp[3], 4;
-                    $orgdip = substr $temp[4], 4;
-                    $orgsp = &General::GetIcmpDescription(substr( $temp[5], 5)) . "/" . substr( $temp[6], 5);;
-                    $orgdp = 'id=' . substr( $temp[7], 3);
-                    $exsip = substr $temp[8 + $offset], 4;
-                    $exdip = substr $temp[9 + $offset], 4;
-                $exsp = &General::GetIcmpDescription(substr( $temp[10 + $offset], 5)). "/" . substr( $temp[11 + $offset], 5); 
-                $exdp = 'id=' . substr( $temp[11 + $offset], 5);
-                     $marked   = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : ' ';
-                $use = substr( $temp[13 + $offset], 4 );
-        }
-        if ($temp[0] eq 'udp') {
-                my $offset = 0;
-                $marked = '';
-                $protocol = $temp[0] . " (" . $temp[1] . ")";
-                $expires = $temp[2];
-                $status = ' ';
-                $orgsip = substr $temp[3], 4;
-                $orgdip = substr $temp[4], 4;
-                $orgsp = substr $temp[5], 6;
-                $orgdp = substr $temp[6], 6;
-                if ($temp[7] eq '[UNREPLIED]') {
-                    $offset = 1;
-                    $marked = $temp[7];
-                    $use = substr $temp[12], 4;
-                } else {
-                    if ((substr $temp[11], 0, 3) eq 'use' ) {
-                        $marked = '';
-                        $use = substr $temp[11], 4;
-                    } else {
-                        $marked = $temp[11];
-                        $use = substr $temp[12], 4;
-                    }
-                }
-                $exsip = substr $temp[7 + $offset], 4;
-                $exdip = substr $temp[8 + $offset], 4;
-                $exsp = substr $temp[9 + $offset], 6;
-                $exdp = substr $temp[10 + $offset], 6;
-        }
-        if ($temp[0] eq 'tcp') {
-                my $offset = 0;
-                $protocol = $temp[0] . " (" . $temp[1] . ")";
-                $expires = $temp[2];
-                $status = $temp[3];
-                $orgsip = substr $temp[4], 4;
-                $orgdip = substr $temp[5], 4;
-                $orgsp = substr $temp[6], 6;
-                $orgdp = substr $temp[7], 6;
-                if ($temp[8] eq '[UNREPLIED]') {
-                        $marked = $temp[8];
-                        $offset = 1;
-                } else {
-                        $marked = $temp[16];
-                }
-                $exsip = substr $temp[10 + $offset], 4;
-                $exdip = substr $temp[11 + $offset], 4;
-                $exsp = substr $temp[12 + $offset], 6;
-                $exdp = substr $temp[13 + $offset], 6;
-                $use = substr $temp[18], 4;
-        }
-        if ($temp[0] eq 'unknown') {
-                my $offset = 0;
-                $protocol = "??? (" . $temp[1] . ")";
-                $protocol = "esp (" . $temp[1] . ")" if ($temp[1] == 50);
-                $protocol = "ah (" . $temp[1] . ")" if ($temp[1] == 51);
-                $expires = $temp[2];
-                $status = ' ';
-                $orgsip = substr $temp[3], 4;
-                $orgdip = substr $temp[4], 4;
-                $orgsp = ' ';
-                $orgdp = ' ';
-                $exsip = substr $temp[5], 4;
-                $exdip = substr $temp[6], 4;
-                $exsp = ' ';
-                $exdp = ' ';
-                $marked = ' ';
-                $use = ' ';
-        }
-        if ($temp[0] eq 'gre') {
-                my $offset = 0;
-                $protocol = $temp[0] . " (" . $temp[1] . ")";
-                $expires = $temp[2];
-                $orgsip = substr $temp[5], 4;
-                $orgdip = substr $temp[6], 4;
-                $orgsp = ' ';
-                $orgdp = ' ';
-                $exsip = substr $temp[11], 4;
-                $exdip = substr $temp[12], 4;
-                $exsp = ' ';
-                $exdp = ' ';
-                $marked = $temp[17];
-                $use = $temp[18];
-        }
-        # Only from this point, lines have the same known format/field
-        # The floating fields [UNREPLIED] [ASSURED] etc are ok.
-
-        # Store the line in a hash array for sorting
-        if ( $protocol ) { # line is decoded ?
-                my @record = (  'index', $index++,
-                            'protocol', $protocol,
-                            'expires',  $expires,
-                            'status',   $status,
-                            'orgsip',   $orgsip,
-                            'orgdip',   $orgdip,
-                            'orgsp',    $orgsp,
-                            'orgdp',    $orgdp,
-                            'exsip',    $exsip,
-                            'exdip',   $exdip,
-                            'exsp',    $exsp,
-                            'exdp',    $exdp,
-                            'marked',  $marked,
-                            'use',     $use);
-                my $record = {};                               # create a reference to empty hash
-                %{$record} = @record;                  # populate that hash with @record
-                $entries{$record->{index}} = $record;  # add this to a hash of hashes      
-        } else { # it was not a known line
-                $unknownlines .= "<tr bgcolor='${Header::table1colour}'>";
-                $unknownlines .= "<td colspan='9'> unknown:$line></td></tr>";
-        }
-}
-
-# Build listbox objects
-my $menu_proto = &make_select ('SEE_PROTO', $cgiparams{'SEE_PROTO'}, @list_proto);
-my $menu_state = &make_select ('SEE_STATE', $cgiparams{'SEE_STATE'}, @list_state);
-my $menu_src   = &make_select ('SEE_SRC',   $cgiparams{'SEE_SRC'},   &get_known_ips('orgsip'));
-my $menu_dest  = &make_select ('SEE_DEST',  $cgiparams{'SEE_DEST'},  &get_known_ips('orgdip'));
-my $menu_mark  = &make_select ('SEE_MARK',  $cgiparams{'SEE_MARK'},  @list_mark);
-my $menu_sort  = &make_select ('SEE_SORT',  $cgiparams{'SEE_SORT'},  @list_sort);
-
 &Header::showhttpheaders();
 &Header::openpage($Lang::tr{'connections'}, 1, '');
 &Header::openbigbox('100%', 'left');
 &Header::openbox('100%', 'left', $Lang::tr{'connection tracking'});
 
+# Build listbox objects
+my $menu_proto = &make_select ('SEE_PROTO', $cgiparams{'SEE_PROTO'}, @list_proto);
+my $menu_state = &make_select ('SEE_STATE', $cgiparams{'SEE_STATE'}, @list_state);
+
 print <<END
 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
 <table width='100%'>
@@ -416,69 +234,109 @@ print <<END
     <td align='center' bgcolor='${Header::colourovpn}'><b><font color='#FFFFFF'>$Lang::tr{'OpenVPN'}</font></b></td>
 </tr>
 </table>
-<br></br>
+<br />
 <table width='100%'>
-<tr><td align='center'><font size=2>$Lang::tr{'protocol'}</font></td>
+<tr><td align='center'><font size=2>$Lang::tr{'source ip and port'}</font></td>
+               <td>&nbsp;</td>
+               <td align='center'><font size=2>$Lang::tr{'dest ip and port'}</font></td>
+               <td>&nbsp;</td>
+               <td align='center'><font size=2>$Lang::tr{'protocol'}</font></td>
+               <td align='center'><font size=2>$Lang::tr{'connection'}<br></br>$Lang::tr{'status'}</font></td>
     <td align='center'><font size=2>$Lang::tr{'expires'}<br></br>($Lang::tr{'seconds'})</font></td>
-    <td align='center'><font size=2>$Lang::tr{'connection'}<br></br>$Lang::tr{'status'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'original'}<br></br>$Lang::tr{'source ip and port'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'original'}<br></br>$Lang::tr{'dest ip and port'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'expected'}<br></br>$Lang::tr{'source ip and port'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'expected'}<br></br>$Lang::tr{'dest ip and port'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'marked'}</font></td>
+    
 </tr>
-<tr>
-    <td align='center'>$menu_proto</td>
-    <td>&nbsp;</td>
+<tr><td colspan='4'>&nbsp;</td>
+               <td align='center'>$menu_proto</td>
     <td align='center'>$menu_state</td>
-    <td align='center'>$menu_src</td>
-    <td align='center'>$menu_dest</td>
-    <td align='center' colspan='2'></td>
-    <td align='center'>$menu_mark</td>
+    <td>&nbsp;</td>
 </tr>
 <tr>
-    <td align='center' colspan='8'></td>
+    <td align='center' colspan='7'></td>
 </tr>
 <tr>
-    <td align='center' colspan='8'><input type='submit' value='Aktualisieren' /></td>
+    <td align='center' colspan='7'><input type='submit' value="$Lang::tr{'update'}" /></td>
 </tr>
 
 END
 ;
 
-foreach my $entry (sort sort_entries keys %entries) {
-        my $orgsipcolour = &ipcolour( $entries{$entry}->{orgsip} );
-        my $orgdipcolour = &ipcolour( $entries{$entry}->{orgdip} );
-        my $exsipcolour  = &ipcolour( $entries{$entry}->{exsip} );
-        my $exdipcolour  = &ipcolour( $entries{$entry}->{exdip} );
-       print <<END
-        <tr bgcolor='${Header::table1colour}'>
-        <td align='center'><font size=2>$entries{$entry}->{protocol}</font></td>
-        <td align='center'><font size=2>$entries{$entry}->{expires}</font></td>
-        <td align='center'><font size=2>$entries{$entry}->{status}</font></td>
-        <td align='center' bgcolor='$orgsipcolour'>
-            <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{orgsip}'>
-            <font color='#FFFFFF' size=2>$entries{$entry}->{orgsip}</font>
-            </a><font color='#FFFFFF' size=2>:$entries{$entry}->{orgsp}</font></td>
-        <td align='center' bgcolor='$orgdipcolour'>
-            <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{orgdip}'>
-            <font color='#FFFFFF' size=2>$entries{$entry}->{orgdip}</font>
-            </a><font color='#FFFFFF' size=2>:$entries{$entry}->{orgdp}</font></td>
-        <td align='center' bgcolor='$exsipcolour'>
-            <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{exsip}'>
-            <font color='#FFFFFF' size=2>$entries{$entry}->{exsip}</font>
-            </a><font color='#FFFFFF' size=2>:$entries{$entry}->{exsp}</font></td>
-        <td align='center' bgcolor='$exdipcolour'>
-            <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{exdip}'>
-            <font color='#FFFFFF' size=2>$entries{$entry}->{exdip}</font>
-            </a><font color='#FFFFFF' size=2>:$entries{$entry}->{exdp}</font></td>
-        <td align='center'><font size=2>$entries{$entry}->{marked}</font></td>
-        </tr>
+my $i=0;
+foreach my $line (@active) {
+    $i++;
+    if ($i < 3) {
+                       next;
+    }
+    chomp($line);
+    my @temp = split(' ',$line);
+
+    my ($sip, $sport) = split(':', $temp[0]);
+    my ($dip, $dport) = split(':', $temp[1]);
+    my $proto = $temp[2];
+    my $state = $temp[3];
+    my $ttl = $temp[4];
+    
+    next if( !(
+                       (($cgiparams{'SEE_PROTO'}  eq $Lang::tr{'all'}) || ($proto  eq $cgiparams{'SEE_PROTO'} ))
+                && (($cgiparams{'SEE_STATE'}  eq $Lang::tr{'all'}) || ($state  eq $cgiparams{'SEE_STATE'} ))
+               && (($cgiparams{'SEE_SRC'}    eq "*.*.*.*")        || ($sip    eq $cgiparams{'SEE_SRC'}   ))
+               && (($cgiparams{'SEE_DEST'}   eq "*.*.*.*")       || ($dip    eq $cgiparams{'SEE_DEST'}  ))
+              ));
+
+    if (($proto eq 'udp') && ($ttl eq '')) {
+                       $ttl = $state;
+                       $state = '&nbsp;';      
+    }
+
+    my $sipcol = ipcolour($sip);
+    my $dipcol = ipcolour($dip);
+
+    my $sserv = '';
+    if ($sport < 1024) {
+       $sserv = uc(getservbyport($sport, lc($proto)));
+       if ($sserv ne '') {
+           $sserv = "&nbsp;($sserv)";
+       }
+    }
+
+    my $dserv = '';
+    if ($dport < 1024) {
+       $dserv = uc(getservbyport($dport, lc($proto)));
+       if ($dserv ne '') {
+           $dserv = "&nbsp;($dserv)";
+       }
+    }
+
+    print <<END
+    <tr >
+      <td align='center' bgcolor='$sipcol'>
+        <a href='/cgi-bin/ipinfo.cgi?ip=$sip'>
+          <font color='#FFFFFF'>$sip</font>
+        </a>
+      </td>
+      <td align='center' bgcolor='$sipcol'>
+        <a href='http://isc.sans.org/port_details.php?port=$sport' target='top'>
+          <font color='#FFFFFF'>$sport$sserv</font>
+        </a>
+      </td>
+      <td align='center' bgcolor='$dipcol'>
+        <a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
+          <font color='#FFFFFF'>$dip</font>
+        </a>
+      </td>
+      <td align='center' bgcolor='$dipcol'>
+        <a href='http://isc.sans.org/port_details.php?port=$dport' target='top'>
+          <font color='#FFFFFF'>$dport$dserv</font>
+        </a>
+      </td>
+      <td align='center'>$proto</td>
+      <td align='center' bgcolor="${Header::table1colour}">$state</td>
+      <td align='center'>$ttl</td>
+    </tr>
 END
 ;
 }
 
-print "$unknownlines</table></form>";
+print "</table></form>";
 
 &Header::closebox();
 &Header::closebigbox();
@@ -491,15 +349,15 @@ sub ipcolour($) {
         my ($ip) = $_[0];
         my $found = 0;
         foreach $line (@network) {
-               if ($network[$id] eq '') {
-                $id++;
-               } else {
-                    if (!$found && ipv4_in_network( $network[$id] , $masklen[$id], $ip) ) {
-                        $found = 1;
-                        $colour = $colour[$id];
-                    }
-                 $id++;
-               }
+                                       if ($network[$id] eq '') {
+                                               $id++;
+                                       } else {
+                                               if (!$found && ipv4_in_network( $network[$id] , $masklen[$id], $ip) ) {
+                                                       $found = 1;
+                                                       $colour = $colour[$id];
+                                               }
+                                               $id++;
+                                       }
         }
         return $colour
 }
index 3b3b9aa..538569b 100644 (file)
@@ -1,19 +1,17 @@
 #!/usr/bin/perl
 #
-# SmoothWall CGIs
-#
 # This code is distributed under the terms of the GPL
 #
-# (c) written from scratch
+# (c) 2004-2007 marco.s - http://www.urlfilter.net
 #
-# $Id: urlfilter.cgi,v 1.7 2006/05/08 00:00:00 marco Exp $
+# $Id: urlfilter.cgi,v 1.9.1 2007/03/22 00:00:00 marco.s Exp $
 #
 
 use strict;
 
 # enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
+use warnings;
+use CGI::Carp 'fatalsToBrowser';
 
 use File::Copy;
 use IO::Socket;
@@ -22,6 +20,7 @@ require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
 
+my $http_port='81';
 my %netsettings=();
 my %mainsettings=();
 my %proxysettings=();
@@ -74,6 +73,7 @@ my @filtergroups=();
 my @tclist=();
 my @uqlist=();
 my @source_urllist=();
+my @clients=();
 my @temp=();
 
 my $lastslashpos=0;
@@ -147,10 +147,30 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
     ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter save and restart'}) ||
     ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload file'}) ||
     ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter remove file'}) ||
+    ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload background'}) ||
     ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload blacklist'}) ||
     ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter backup'}) ||
     ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter restore'}))
-{ 
+{
+
+       @clients = split(/\n/,$filtersettings{'UNFILTERED_CLIENTS'});
+       foreach (@clients)
+       {
+               s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+               if (/.*-.*-.*/) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; }
+               @temp = split(/-/);
+               foreach (@temp) { unless ((&General::validipormask($_)) || (&General::validipandmask($_))) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; } }
+       }
+       @clients = split(/\n/,$filtersettings{'BANNED_CLIENTS'});
+       foreach (@clients)
+       {
+               s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+               if (/.*-.*-.*/) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; }
+               @temp = split(/-/);
+               foreach (@temp) { unless ((&General::validipormask($_)) || (&General::validipandmask($_))) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; } }
+       }
+       if ($errormessage) { goto ERROR; }
+
        if (!($filtersettings{'CHILDREN'} =~ /^\d+$/) || ($filtersettings{'CHILDREN'} < 1))
        {
                $errormessage = $Lang::tr{'urlfilter invalid num of children'};
@@ -186,6 +206,17 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
 
        }
        
+       if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload background'})
+       {
+               &Header::getcgihash(\%filtersettings, {'wantfile' => 1, 'filevar' => 'BACKGROUND'});
+
+               if (copy($filtersettings{'BACKGROUND'}, "/home/httpd/html/images/urlfilter/background.jpg") != 1)
+               {
+                       $errormessage = $!;
+                       goto ERROR;
+               }
+       }
+       
        if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload blacklist'})
        {
                &Header::getcgihash(\%filtersettings, {'wantfile' => 1, 'filevar' => 'UPDATEFILE'});
@@ -211,6 +242,11 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
                        $errormessage = $Lang::tr{'urlfilter tar error'};
                } else {
 
+                       if (-d "${General::swroot}/urlfilter/update/BL")
+                       {
+                               system("mv ${General::swroot}/urlfilter/update/BL ${General::swroot}/urlfilter/update/blacklists");
+                       }
+
                        if (-d "${General::swroot}/urlfilter/update/category")
                        {
                                system("mv ${General::swroot}/urlfilter/update/category ${General::swroot}/urlfilter/update/blacklists");
@@ -310,7 +346,7 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
 
        if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter save and restart'})
        {
-               if (!(-e "${General::swroot}/proxy/enable"))
+               if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
                {
                        $errormessage = $Lang::tr{'urlfilter web proxy service required'};
                        goto ERROR;
@@ -331,29 +367,10 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
                if (-e "$dbdir/custom/blocked/domains.db") { unlink("$dbdir/custom/blocked/domains.db"); }
                if (-e "$dbdir/custom/blocked/urls.db")    { unlink("$dbdir/custom/blocked/urls.db"); }
 
-               foreach (<$dbdir/*>)
-               {
-                       if (-d $_){ system("chmod 644 $_/*"); }
-                       if (-d $_){ system("chmod 666 $_/*.db"); }
-               }
-               if (-d "$dbdir/custom/allowed")
-               {
-                       system("chmod 755 $dbdir/custom/allowed");
-                       system("chmod 644 $dbdir/custom/allowed/*");
-               }
-               if (-d "$dbdir/custom/blocked")
-               {
-                       system("chmod 755 $dbdir/custom/blocked");
-                       system("chmod 644 $dbdir/custom/blocked/*");
-               }
+               &setpermissions ($dbdir);
 
                system('/usr/local/bin/restartsquid');
        }
-
-ERROR:
-
-       if ($errormessage) { $filtersettings{'VALID'} = 'no'; }
-
 }
 
 if ($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter set time constraints'}) { $tcsettings{'TCMODE'} = 'on'}
@@ -384,6 +401,16 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
 
        if (!$errormessage)
        {
+               # transform to pre1.8 client definitions
+               @clients = split(/\n/,$tcsettings{'SRC'});
+               undef $tcsettings{'SRC'};
+               foreach(@clients)
+               {
+                       s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+                       $tcsettings{'SRC'} .= "$_ ";
+               }
+               $tcsettings{'SRC'} =~ s/\s+$//;
+
                if ($tcsettings{'DST'} =~ /^any/) { $tcsettings{'DST'} = 'any'; }
                if ($tcsettings{'ENABLERULE'} eq 'on') { $tcsettings{'ACTIVE'} = $tcsettings{'ENABLERULE'}; } else { $tcsettings{'ACTIVE'} = 'off'}
 
@@ -418,6 +445,38 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
        }
 }
 
+if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter copy rule'}) && (!$errormessage))
+{
+       $id = 0;
+       foreach $line (@tclist)
+       {
+               $id++;
+               if ($tcsettings{'ID'} eq $id)
+               {
+                       chomp($line);
+                       @temp = split(/\,/,$line);
+                       $tcsettings{'DEFINITION'} = $temp[0];
+                       $tcsettings{'MON'} = $temp[1];
+                       $tcsettings{'TUE'} = $temp[2];
+                       $tcsettings{'WED'} = $temp[3];
+                       $tcsettings{'THU'} = $temp[4];
+                       $tcsettings{'FRI'} = $temp[5];
+                       $tcsettings{'SAT'} = $temp[6];
+                       $tcsettings{'SUN'} = $temp[7];
+                       $tcsettings{'FROM_HOUR'} = $temp[8];
+                       $tcsettings{'FROM_MINUTE'} = $temp[9];
+                       $tcsettings{'TO_HOUR'} = $temp[10];
+                       $tcsettings{'TO_MINUTE'} = $temp[11];
+                       $tcsettings{'SRC'} = $temp[12];
+                       $tcsettings{'DST'} = $temp[13];
+                       $tcsettings{'ACCESS'} = $temp[14];
+                       $tcsettings{'ENABLERULE'} = $temp[15];
+                       $tcsettings{'COMMENT'} = $temp[16];
+               }
+       }
+       $tcsettings{'TCMODE'}='on';
+}
+
 if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'remove'}))
 {
        $id = 0;
@@ -439,7 +498,7 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
        {
                $errormessage = $Lang::tr{'urlfilter not enabled'};
        }
-       if (!(-e "${General::swroot}/proxy/enable"))
+       if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
        {
                $errormessage = $Lang::tr{'urlfilter web proxy service required'};
        }
@@ -470,11 +529,6 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
        $tcsettings{'TCMODE'}='on';
 }
 
-if (!$errormessage) {
-       $tcsettings{'ENABLERULE'}='on';
-       $tcsettings{'TO_HOUR'}='24';
-}
-
 if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'edit'}) && (!$errormessage))
 {
        $id = 0;
@@ -507,6 +561,11 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
        $tcsettings{'TCMODE'}='on';
 }
 
+if ((!$errormessage) && (!($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter copy rule'})) && (!($tcsettings{'ACTION'} eq $Lang::tr{'edit'}))) {
+       $tcsettings{'ENABLERULE'}='on';
+       $tcsettings{'TO_HOUR'}='24';
+}
+
 if ($uqsettings{'ACTION'} eq $Lang::tr{'urlfilter set user quota'}) { $uqsettings{'UQMODE'} = 'on'}
 
 if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{'add'}))
@@ -642,7 +701,7 @@ if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{
        {
                $errormessage = $Lang::tr{'urlfilter not enabled'};
        }
-       if (!(-e "${General::swroot}/proxy/enable"))
+       if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
        {
                $errormessage = $Lang::tr{'urlfilter web proxy service required'};
        }
@@ -969,6 +1028,10 @@ if (-e "${General::swroot}/urlfilter/settings") { &General::readhash("${General:
 
 &readcustomlists;
 
+ERROR:
+
+if ($errormessage) { $filtersettings{'VALID'} = 'no'; }
+
 $checked{'ENABLE_CUSTOM_BLACKLIST'}{'off'} = '';
 $checked{'ENABLE_CUSTOM_BLACKLIST'}{'on'} = '';
 $checked{'ENABLE_CUSTOM_BLACKLIST'}{$filtersettings{'ENABLE_CUSTOM_BLACKLIST'}} = "checked='checked'";
@@ -1313,10 +1376,46 @@ print <<END
         <td>&nbsp;</td>
 </tr>
 <tr>
-        <td class='base'>$Lang::tr{'urlfilter unfiltered clients'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
-        <td><input type='text' name='UNFILTERED_CLIENTS' value='$filtersettings{'UNFILTERED_CLIENTS'}' size='30' /></td>
-        <td class='base'>$Lang::tr{'urlfilter banned clients'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
-        <td><input type='text' name='BANNED_CLIENTS' value='$filtersettings{'BANNED_CLIENTS'}' size='30' /></td>
+       <td colspan='2'>$Lang::tr{'urlfilter unfiltered clients'}&nbsp;<img src='/blob.gif' alt='*' /></td>
+       <td colspan='2'>$Lang::tr{'urlfilter banned clients'}&nbsp;<img src='/blob.gif' alt='*' /></td>
+</tr>
+<tr>
+       <td colspan='2' width='50%'><textarea name='UNFILTERED_CLIENTS' cols='32' rows='6' wrap='off'>
+END
+;
+
+# transform from pre1.8 client definitions
+$filtersettings{'UNFILTERED_CLIENTS'} =~ s/^\s+//g;
+$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+$//g;
+$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+-\s+/-/g;
+$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+/ /g;
+
+@clients = split(/ /,$filtersettings{'UNFILTERED_CLIENTS'});
+undef $filtersettings{'UNFILTERED_CLIENTS'};
+foreach (@clients) { $filtersettings{'UNFILTERED_CLIENTS'} .= "$_\n"; }
+
+print $filtersettings{'UNFILTERED_CLIENTS'};
+
+print <<END
+</textarea></td>
+       <td colspan='2' width='50%'><textarea name='BANNED_CLIENTS' cols='32' rows='6' wrap='off'>
+END
+;
+
+# transform from pre1.8 client definitions
+$filtersettings{'BANNED_CLIENTS'} =~ s/^\s+//g;
+$filtersettings{'BANNED_CLIENTS'} =~ s/\s+$//g;
+$filtersettings{'BANNED_CLIENTS'} =~ s/\s+-\s+/-/g;
+$filtersettings{'BANNED_CLIENTS'} =~ s/\s+/ /g;
+
+@clients = split(/ /,$filtersettings{'BANNED_CLIENTS'});
+undef $filtersettings{'BANNED_CLIENTS'};
+foreach (@clients) { $filtersettings{'BANNED_CLIENTS'} .= "$_\n"; }
+
+print $filtersettings{'BANNED_CLIENTS'};
+
+print <<END
+</textarea></td>
 </tr>
 </table>
 <hr size='1'>
@@ -1367,6 +1466,17 @@ print <<END
        <td>&nbsp;</td>
 </tr>
 </table>
+<table width='100%'>
+<tr>
+       <td class='base'><b>$Lang::tr{'urlfilter background image'}</b></td>
+</tr>
+<tr>
+       <td><br>$Lang::tr{'urlfilter background text'}:</td>
+</tr>
+<tr>
+       <td><input type='file' name='BACKGROUND' size='40' /> &nbsp; <input type='submit' name='ACTION' value='$Lang::tr{'urlfilter upload background'}' /></td>
+</tr>
+</table>
 <hr size='1'>
 <table width='100%'>
 <tr>
@@ -1411,7 +1521,7 @@ print <<END
        <font class='base'>$Lang::tr{'this field may be blank'}</font>
        </td>
        <td align='right'>&nbsp;
-</td>
+       </td>
 </tr>
 </table>
 <table width='100%'>
@@ -1795,10 +1905,28 @@ print <<END
                <td>&nbsp;</td>
        </tr>
        <tr>
-               <td valign='top'><input type='text' name='SRC' value='$tcsettings{'SRC'}' size='32' /></td>
+        <td rowspan='2'><textarea name='SRC' cols='28' rows='5' wrap='off'>
+END
+;
+
+# transform from pre1.8 client definitions
+$tcsettings{'SRC'} =~ s/^\s+//g;
+$tcsettings{'SRC'} =~ s/\s+$//g;
+$tcsettings{'SRC'} =~ s/\s+-\s+/-/g;
+$tcsettings{'SRC'} =~ s/\s+/ /g;
+
+@clients = split(/ /,$tcsettings{'SRC'});
+undef $tcsettings{'SRC'};
+foreach (@clients) { $tcsettings{'SRC'} .= "$_\n"; }
+
+print $tcsettings{'SRC'};
+
+print <<END
+</textarea></td>
+
                <td>&nbsp;</td>
-               <td class='base' rowspan='3' valign='top'>
-               <select name='DST' size='4' multiple>
+               <td class='base' rowspan='2' valign='top'>
+               <select name='DST' size='6' multiple>
                <option value='any' $selected{'DST'}{'any'} = "selected='selected'">$Lang::tr{'urlfilter category all'}</option>
                <option value='in-addr' $selected{'DST'}{'in-addr'} = "selected='selected'">in-addr</option>
 END
@@ -1825,12 +1953,19 @@ print <<END
                </td>
                <td>&nbsp;</td>
        </tr>
+       <tr>
+               <td>&nbsp;</td>
+               <td>&nbsp;</td>
+               <td>&nbsp;</td>
+               <td>&nbsp;</td>
+       </tr>
        <tr>
                <td>$Lang::tr{'remark'}&nbsp;<img src='/blob.gif' alt='*'></td>
                <td>&nbsp;</td>
                <td>&nbsp;</td>
                <td>&nbsp;</td>
                <td>&nbsp;</td>
+               <td>&nbsp;</td>
        </tr>
        <tr>
                <td><input type='text' name='COMMENT' value='$tcsettings{'COMMENT'}' size='32' /></td>
@@ -1838,6 +1973,7 @@ print <<END
                <td>&nbsp;</td>
                <td>&nbsp;</td>
                <td>&nbsp;</td>
+               <td>&nbsp;</td>
        </tr>
 </table>
 
@@ -1890,7 +2026,7 @@ print <<END
                <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter time space'}</b></td>
                <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter src'}</b></td>
                <td width='5%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter dst'}</b></td>
-               <td width='10%' class='boldbase' colspan='4' align='center'>&nbsp;</td>
+               <td width='10%' class='boldbase' colspan='5' align='center'>&nbsp;</td>
        </tr>
 END
 ;
@@ -1959,6 +2095,15 @@ print <<END
 
                <td align='center'>
                <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
+               <input type='image' name='$Lang::tr{'urlfilter copy rule'}' src='/images/urlfilter/copy.gif' title='$Lang::tr{'urlfilter copy rule'}' alt='$Lang::tr{'urlfilter copy rule'}' />
+               <input type='hidden' name='MODE' value='TIMECONSTRAINT' />
+               <input type='hidden' name='ID' value='$id' />
+               <input type='hidden' name='ACTION' value='$Lang::tr{'urlfilter copy rule'}' />
+               </form>
+               </td>
+
+               <td align='center'>
+               <form method='post' name='frmd$id' action='$ENV{'SCRIPT_NAME'}'>
                <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
                <input type='hidden' name='MODE' value='TIMECONSTRAINT' />
                <input type='hidden' name='ID' value='$id' />
@@ -1978,7 +2123,7 @@ END
 print <<END
                <td align='center' colspan='4'>$temp[16]
                </td>
-               <td align='center' colspan='4'>
+               <td align='center' colspan='5'>
                </td>
        </tr>
 END
@@ -2004,6 +2149,8 @@ print <<END
                <td class='base'>$Lang::tr{'click to enable'}</td>
                <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
                <td class='base'>$Lang::tr{'edit'}</td>
+               <td>&nbsp; &nbsp; <img src='/images/urlfilter/copy.gif' alt='$Lang::tr{'urlfilter copy rule'}' /></td>
+               <td class='base'>$Lang::tr{'urlfilter copy rule'}</td>
                <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
                <td class='base'>$Lang::tr{'remove'}</td>
        </tr>
@@ -2385,6 +2532,26 @@ print "</form>\n";
 
 sub savesettings
 {
+       # transform to pre1.8 client definitions
+       @clients = split(/\n/,$filtersettings{'UNFILTERED_CLIENTS'});
+       undef $filtersettings{'UNFILTERED_CLIENTS'};
+       foreach(@clients)
+       {
+               s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+               $filtersettings{'UNFILTERED_CLIENTS'} .= "$_ ";
+       }
+       $filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+$//;
+
+       # transform to pre1.8 client definitions
+       @clients = split(/\n/,$filtersettings{'BANNED_CLIENTS'});
+       undef $filtersettings{'BANNED_CLIENTS'};
+       foreach(@clients)
+       {
+               s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+               $filtersettings{'BANNED_CLIENTS'} .= "$_ ";
+       }
+       $filtersettings{'BANNED_CLIENTS'} =~ s/\s+$//;
+
        &writeconfigfile;
 
        delete $filtersettings{'CUSTOM_BLACK_DOMAINS'};
@@ -2403,20 +2570,15 @@ sub savesettings
 sub readblockcategories
 {
        undef(@categories);
-       foreach $blacklist (<$dbdir/*>) {
-         if (-d $blacklist) {
-           $lastslashpos = rindex($blacklist,"/");
-           if ($lastslashpos > -1) {
-             $section = substr($blacklist,$lastslashpos+1);
-           } else {
-             $section = $blacklist;
-           }
-           if (!($section eq 'custom')) { push(@categories,$section) };
-         }
-       }
+
+       &getblockcategory ($dbdir);
+
+       foreach (@categories) { $_ = substr($_,length($dbdir)+1); }
 
        @filtergroups = @categories;
+
        foreach (@filtergroups) {
+               s/\//_SLASH_/g;
                tr/a-z/A-Z/;
                $_ = "FILTER_".$_;
        }
@@ -2424,6 +2586,23 @@ sub readblockcategories
 
 # -------------------------------------------------------------------
 
+sub getblockcategory
+{
+       foreach $category (<$_[0]/*>)
+       {
+               if (-d $category)
+               {
+                       if ((-e "$category/domains") || (-e "$category/urls"))
+                       {
+                               unless ($category =~ /\bcustom\b/) { push(@categories,$category); }
+                       }
+                       &getblockcategory ($category);
+               }
+       }
+}
+
+# -------------------------------------------------------------------
+
 sub readcustomlists
 {
        if (-e "$dbdir/custom/blocked/domains") {
@@ -2488,7 +2667,7 @@ sub aggregatedconstraints
                        foreach (@new)
                        {
                                @tmp2 = split(/\,/);
-                               if ($tmp2[15] eq 'on')
+                               if (($tmp1[15] eq 'on') && ($tmp2[15] eq 'on'))
                                {
                                        if (($tmp1[0] eq $tmp2[0]) && ($tmp1[12] eq $tmp2[12]) && ($tmp1[13] eq $tmp2[13]) && ($tmp1[14] eq $tmp2[14]))
                                        {
@@ -2530,10 +2709,31 @@ sub aggregatedconstraints
 
 # -------------------------------------------------------------------
 
+sub setpermissions
+{
+       my $bldir = $_[0];
+
+       foreach $category (<$bldir/*>)
+       {
+                if (-d $category){
+                       system("chmod 755 $category &> /dev/null");
+                       foreach $blacklist (<$category/*>)
+                       {
+                               if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
+                               if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
+                       }
+                       system("chmod 666 $category/*.db &> /dev/null");
+                       &setpermissions ($category);
+               }
+        }
+}
+
+# -------------------------------------------------------------------
+
 sub writeconfigfile
 {
        my $executables = "\\.\(ade|adp|asx|bas|bat|chm|com|cmd|cpl|crt|dll|eml|exe|hiv|hlp|hta|inc|inf|ins|isp|jse|jtd|lnk|msc|msh|msi|msp|mst|nws|ocx|oft|ops|pcd|pif|plx|reg|scr|sct|sha|shb|shm|shs|sys|tlb|tsp|url|vbe|vbs|vxd|wsc|wsf|wsh\)\$";
-       my $audiovideo = "\\.\(aiff|asf|avi|dif|divx|mov|movie|mp3|mpe?g?|mpv2|ogg|ra?m|snd|qt|wav|wmf|wmv\)\$";
+       my $audiovideo = "\\.\(aiff|asf|avi|dif|divx|mov|movie|mp3|mpe?g?|mpv2|ogg|ra?m|snd|qt|wav|wma|wmf|wmv\)\$";
        my $archives = "\\.\(bin|bz2|cab|cdr|dmg|gz|hqx|rar|smi|sit|sea|tar|tgz|zip\)\$";
 
        my $ident = " anonymous";
@@ -2583,9 +2783,9 @@ sub writeconfigfile
                        if ($filtersettings{'SHOW_URL'} eq 'on') { $redirect .= "&url=%u"; }
                        if ($filtersettings{'SHOW_IP'} eq 'on') { $redirect .= "&ip=%a"; }
                        $redirect  =~ s/^&/?/;
-                       $redirect = "http:\/\/$netsettings{'GREEN_ADDRESS'}:81\/redirect.cgi".$redirect; 
+                       $redirect = "http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/redirect.cgi".$redirect; 
                } else {
-                       $redirect="http:\/\/$netsettings{'GREEN_ADDRESS'}:81\/redirect.cgi";
+                       $redirect="http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/redirect.cgi";
                }
        } else { $redirect=$filtersettings{'REDIRECT_PAGE'}; }
 
@@ -2630,6 +2830,8 @@ sub writeconfigfile
                $defaultrule .= "any";
        }
 
+       $defaultrule =~ s/\//_/g;
+
        open(FILE, ">${General::swroot}/urlfilter/squidGuard.conf") or die "Unable to write squidGuard.conf file";
        flock(FILE, 2);
 
@@ -2648,14 +2850,14 @@ sub writeconfigfile
 
        if ((($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles)) || ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on'))
        {
-               print FILE "rewrite rew-rule-0 {\n";
+               print FILE "rewrite rew-rule-1 {\n";
 
                if (($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles))
                {
                        print FILE "    # rewrite localfiles\n";
                        foreach (@repositoryfiles)
                        {
-                               print FILE "    s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:81/repository/$_\@i\n";
+                               print FILE "    s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:$http_port/repository/$_\@i\n";
                        }
                }
 
@@ -2672,13 +2874,13 @@ sub writeconfigfile
                print FILE "}\n\n";
 
                if ((!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) && ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on')) {
-                       print FILE "rewrite rew-rule-1 {\n";
+                       print FILE "rewrite rew-rule-2 {\n";
                        if (($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles))
                        {
                                print FILE "    # rewrite localfiles\n";
                                foreach (@repositoryfiles)
                                {
-                                       print FILE "    s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:81/repository/$_\@i\n";
+                                       print FILE "    s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:$http_port/repository/$_\@i\n";
                                }
                        } else {
                                print FILE "    # rewrite nothing\n";
@@ -2687,6 +2889,26 @@ sub writeconfigfile
                }
        }
 
+       if (!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) {
+               print FILE "src unfiltered {\n";
+               print FILE "    ip $filtersettings{'UNFILTERED_CLIENTS'}\n";
+               print FILE "}\n\n";
+       }
+       if (!($filtersettings{'BANNED_CLIENTS'} eq '')) {
+               print FILE "src banned {\n";
+               print FILE "    ip $filtersettings{'BANNED_CLIENTS'}\n";
+               if ($filtersettings{'ENABLE_LOG'} eq 'on')
+               {
+                       if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
+                       {
+                               print FILE "    logfile       ".$ident." banned.log\n";
+                       } else {
+                               print FILE "    logfile       ".$ident." urlfilter.log\n";
+                       }
+               }
+               print FILE "}\n\n";
+       }
+
        if (-e $uqfile)
        {
                open(UQ, $uqfile);
@@ -2733,7 +2955,30 @@ sub writeconfigfile
                        {
                                $idx++;
                                print FILE "src network-$idx {\n";
-                               print FILE "    ip $tc[12]\n";
+                               @clients = split(/ /,$tc[12]);
+                               @temp = split(/-/,$clients[0]);
+                               if ( (&General::validipormask($temp[0])) || (&General::validipandmask($temp[0])))
+                               {
+                                       print FILE "    ip $tc[12]\n";
+                               } else {
+                                       print FILE "    user";
+                                       @clients = split(/ /,$tc[12]);
+                                       foreach $line (@clients)
+                                       {
+                                               $line =~ s/(^\w+)\\(\w+$)/$1%5c$2/;
+                                               print FILE " $line";
+                                       }
+                                       print FILE "\n";
+                               }
+                               if (($filtersettings{'ENABLE_LOG'} eq 'on') && ($tc[14] eq 'block') && ($tc[13] eq 'any'))
+                               {
+                                       if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
+                                       {
+                                               print FILE "    logfile       ".$ident." timeconst.log\n";
+                                       } else {
+                                               print FILE "    logfile       ".$ident." urlfilter.log\n";
+                                       }
+                               }
                                print FILE "}\n\n";
                        }
                }
@@ -2753,31 +2998,22 @@ sub writeconfigfile
                }
        }
 
-       if (!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) {
-               print FILE "src unfiltered {\n";
-               print FILE "    ip $filtersettings{'UNFILTERED_CLIENTS'}\n";
-               print FILE "}\n\n";
-       }
-       if (!($filtersettings{'BANNED_CLIENTS'} eq '')) {
-               print FILE "src banned {\n";
-               print FILE "    ip $filtersettings{'BANNED_CLIENTS'}\n";
-               print FILE "}\n\n";
-       }
-
        foreach $category (@categories) {
+               $blacklist = $category;
+               $category =~ s/\//_/g;
                print FILE "dest $category {\n";
-               if (-e "$dbdir/$category/domains") {
-                       print FILE "    domainlist     $category\/domains\n";
+               if (-e "$dbdir/$blacklist/domains") {
+                       print FILE "    domainlist     $blacklist\/domains\n";
                }
-               if (-e "$dbdir/$category/urls") {
-                       print FILE "    urllist        $category\/urls\n";
+               if (-e "$dbdir/$blacklist/urls") {
+                       print FILE "    urllist        $blacklist\/urls\n";
                }
-               if ((-e "$dbdir/$category/expressions") && ($filtersettings{'ENABLE_EXPR_LISTS'} eq 'on')) {
-                       print FILE "    expressionlist $category\/expressions\n";
+               if ((-e "$dbdir/$blacklist/expressions") && ($filtersettings{'ENABLE_EXPR_LISTS'} eq 'on')) {
+                       print FILE "    expressionlist $blacklist\/expressions\n";
                }
-               if (($category eq 'ads') && ($filtersettings{'ENABLE_EMPTY_ADS'} eq 'on'))
+               if ((($category eq 'ads') || ($category eq 'adv')) && ($filtersettings{'ENABLE_EMPTY_ADS'} eq 'on'))
                {
-                       print FILE "    redirect       http:\/\/$netsettings{'GREEN_ADDRESS'}:81\/images/urlfilter/1x1.gif\n";
+                       print FILE "    redirect       http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/images/urlfilter/1x1.gif\n";
                }
                if ($filtersettings{'ENABLE_LOG'} eq 'on')
                {
@@ -2789,6 +3025,7 @@ sub writeconfigfile
                        }
                }
                print FILE "}\n\n";
+               $category = $blacklist;
        }
        
        print FILE "dest files {\n";
@@ -2842,7 +3079,7 @@ sub writeconfigfile
                print FILE "        pass all\n";
                if ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on')
                {
-                       print FILE "        rewrite rew-rule-1\n";
+                       print FILE "        rewrite rew-rule-2\n";
                }
                print FILE "    }\n\n";
        }
@@ -2894,6 +3131,7 @@ sub writeconfigfile
                        chomp;
                        @tc = split(/\,/);
                        @ec = split(/\|/,$tc[13]);
+                       foreach (@ec) { s/\//_/g; }
                        if ($tc[15] eq 'on')
                        {
                                $idx++;
@@ -2939,12 +3177,17 @@ sub writeconfigfile
                                                print FILE $tcrule unless ((@ec == 1) && ($ec[0] eq 'any'));
                                        } else {
                                                $tcrule = $defaultrule;
-                                               foreach (@ec)
+                                               if ((@ec == 1) && ($ec[0] eq 'any'))
                                                {
-                                                       $tcrule =~ s/!$_ //;
-                                                       print FILE "$_ " if ($_ eq 'any');
+                                                       print FILE "any";
+                                               } else {
+                                                       foreach (@ec)
+                                                       {
+                                                               $tcrule = "$_ ".$tcrule unless (index($defaultrule,"!".$_." ") ge 0);
+                                                               $tcrule =~ s/!$_ //;
+                                                       }
+                                                       print FILE $tcrule;
                                                }
-                                               print FILE $tcrule unless ((@ec == 1) && ($ec[0] eq 'any'));
                                        }
                                }
 
@@ -2968,7 +3211,7 @@ sub writeconfigfile
        }
        if ((($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles)) || ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on'))
        {
-               print FILE "        rewrite rew-rule-0\n";
+               print FILE "        rewrite rew-rule-1\n";
        }
        print FILE "        redirect $redirect\n";
        print FILE "    }\n";
index 0460a74..12dae3c 100644 (file)
 'updxlrtr source checkup schedule' => 'Zeitplanung der Quellenprüfung',
 'updxlrtr unknown' => 'Unbekannt',
 'updxlrtr update accelerator' => 'Update-Accelerator',
-'updxlrtr update information' => 'Eine aktualisierte Version steht zum Download bereit. Besuchen Sie <a href="http://www.advproxy.net/update-accelerator" target="_blank">http://www.advproxy.net/update-accelerator</a> für weitere Informationen.',
-'updxlrtr update notification' => 'Update-Benachrichtigung!',
 'updxlrtr web proxy service required' => 'Der Web-Proxy muss aktiviert sein um den Update-Accelerator zu verwenden',
 'updxlrtr week' => 'einer Woche',
 'updxlrtr weekly' => 'wöchentlich',
 'urlfilter constraint definition' => 'Definition',
 'urlfilter constraint outside' => 'ausserhalb',
 'urlfilter constraint within' => 'innerhalb',
+'urlfilter copy rule' => 'Kopieren',
 'urlfilter current files' => 'Aktuelle Dateien in der lokalen Dateiablage',
 'urlfilter custom blacklist' => 'Angepasste Blacklist',
 'urlfilter custom expression list' => 'Angepasste Ausdrucksliste',
 'urlfilter install information' => 'Die neue Blacklist wird automatisch in vorgefertigte Datenbanken übersetzt. Abhängig von der Größe der Blacklist kann dies einige Minuten dauern.',
 'urlfilter invalid content' => 'Datei ist keine squidGuard-kompatible Blacklist',
 'urlfilter invalid import file' => 'Datei ist keine gültige URL-Filter Blacklist-Editor Datei',
+'urlfilter invalid ip or mask error' => 'Ungültige IP-Adresse oder Subnetzmaske',
 'urlfilter invalid num of children' => 'Ungültige Anzahl Filterprozesse',
 'urlfilter invalid restore file' => 'Datei ist keine gültige URL-Filter Sicherungsdatei',
 'urlfilter invalid user error' => 'Ungültiger Benutzername',
index 18b9e76..1e74bbe 100644 (file)
 'updxlrtr source checkup schedule' => 'Source checkup schedule',
 'updxlrtr unknown' => 'Unknown',
 'updxlrtr update accelerator' => 'Update Accelerator',
-'updxlrtr update information' => 'There is an updated version available for download. Visit <a href="http://www.advproxy.net" target="_blank">http://www.advproxy.net</a> for more information.',
-'updxlrtr update notification' => 'Update notification!',
 'updxlrtr web proxy service required' => 'Web proxy service must be enabled to use Update Accelerator',
 'updxlrtr week' => 'one week',
 'updxlrtr weekly' => 'weekly',
 'urlfilter constraint definition' => 'Definition',
 'urlfilter constraint outside' => 'outside',
 'urlfilter constraint within' => 'within',
+'urlfilter copy rule' => 'Copy',
 'urlfilter current files' => 'Current files in local repository',
 'urlfilter custom blacklist' => 'Custom blacklist',
 'urlfilter custom expression list' => 'Custom expression list',
 'urlfilter install information' => 'The new blacklist will be automatically compiled to prebuilt databases. Depending on the size of the blacklist, this may take several minutes.',
 'urlfilter invalid content' => 'File is not a squidGuard compatible blacklist',
 'urlfilter invalid import file' => 'File is not a valid URL filter blacklist editor file',
+'urlfilter invalid ip or mask error' => 'Invalid IP address or network mask',
 'urlfilter invalid num of children' => 'Invalid number of filter processes',
 'urlfilter invalid restore file' => 'File is not a valid URL filter backup file',
 'urlfilter invalid user error' => 'Invalid username',
index 628e419..ab06a4a 100644 (file)
@@ -32,55 +32,62 @@ int main(int argc, char *argv[])
 
         if (strcmp(argv[1], "generatereport")==0)
         {
-            safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol");
+            safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol  >/dev/null 2>&1");
+            return 0;
+        }
+
+        if (strcmp(argv[1], "deletereport")==0)
+        {
+                       sprintf(command, "rm -f /var/ipfire/tripwire/report/%s", argv[2]);
+            safe_system(command);
             return 0;
         }
 
         if (strcmp(argv[1], "updatedatabase")==0)
         {
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s", argv[2], argv[3]);
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s  >/dev/null 2>&1", argv[2], argv[3]);
             safe_system(command);
             return 0;
         }
 
         if (strcmp(argv[1], "keys")==0)
         {
-            printf("\nGenerating Site-Key");
-            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key", argv[2]);
+            printf("Generating Site Key<br />");
+            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key  >/dev/null 2>&1", argv[2]);
             safe_system(command);
-            printf("\nGenerating Local-Key");
-            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/local.key", argv[3]);
+            printf("Generating Local Key<br />");
+            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/local.key  >/dev/null 2>&1", argv[3]);
             safe_system(command);
-            printf("\nGenerating Config File");
-            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]);
+            printf("Generating Config File<br />");
+            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg  >/dev/null 2>&1", argv[2]);
             safe_system(command);
-            printf("\nGenerating Policy File");
-            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]);
+            printf("Generating Policy File<br />");
+            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol  >/dev/null 2>&1", argv[2]);
             safe_system(command);
-            printf("\nInitialising - This may take a while depending on your Policy");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]);
+            printf("Initialising - This may take a while depending on your Policy<br />");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s  >/dev/null 2>&1", argv[3]);
             safe_system(command);
             return 0;
         }
 
         if (strcmp(argv[1], "generatepolicy")==0)
         {
-            printf("\nGenerating Policy File");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt", argv[2]);
+            printf("Generating Policy File<br />");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt  >/dev/null 2>&1", argv[2]);
             safe_system(command);
-            printf("\nInitialising - This may take a while depending on your Policy");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --local-passphrase %s", argv[3]);
+            printf("Initialising - This may take a while depending on your Policy<br />");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s  >/dev/null 2>&1", argv[3]);
             safe_system(command);
             return 0;
         }
 
         if (strcmp(argv[1], "resetpolicy")==0)
         {
-            printf("\nGenerating Policy File");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default", argv[2]);
+            printf("Generating Policy File<br />");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default  >/dev/null 2>&1", argv[2]);
             safe_system(command);
-            printf("\nInitialising - This may take a while depending on your Policy");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --local-passphrase %s", argv[3]);
+            printf("Initialising - This may take a while depending on your Policy");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s  >/dev/null 2>&1", argv[3]);
             safe_system(command);
             return 0;
         }
@@ -97,4 +104,4 @@ int main(int argc, char *argv[])
             return 0;
         }
 return 0;
-}
\ No newline at end of file
+}
index fbee30a..f7f50d3 100644 (file)
@@ -2,7 +2,7 @@
 
 case "$1" in
        ide)
-               /sbin/kudzu -qps -c HD | egrep "desc|device" | awk -F': ' '{print $2}' | sed -e '/"$/a\\' -e "s/$/\;/g" | tr "\n" "XX" | sed -e "s/XX/\n/g" -e "s/\;X/\;/g" > /var/ipfire/extrahd/scan
+               /sbin/kudzu -qps -c HD | egrep "desc|device:" | awk -F': ' '{print $2}' | sed -e '/"$/a\\' -e "s/$/\;/g" | tr "\n" "XX" | sed -e "s/XX/\n/g" -e "s/\;X/\;/g" > /var/ipfire/extrahd/scan
                ;;
        partitions)
                cat /proc/partitions | awk '{print $4 ";"  $3 ";"}' | grep -v name | grep -v "^;;$" > /var/ipfire/extrahd/partitions