Commit bce89738 authored by Andreas Brodmann's avatar Andreas Brodmann

initial import of the dansguardian stuff after separation from squid

git-svn-id: svn://svn.alpinelinux.org/acf/dansguardian/trunk@615 ab2d0c66-481e-0410-8bed-d214d4d58bed
parent a8f15535
APP_NAME=dansguardian
PACKAGE=acf-$(APP_NAME)
VERSION=0.1
APP_DIST=dansguardian-controller.lua \
dansguardian-model.lua \
dansguardian-general-html.lsp \
dansguardian-advanced-html.lsp \
dansguardian-edit-html.lsp \
dansguardian-plain-html.lsp \
dansguardian.menu
EXTRA_DIST=README Makefile config.mk
DISTFILES=$(APP_DIST) $(EXTRA_DIST)
TAR=tar
P=$(PACKAGE)-$(VERSION)
tarball=$(P).tar.bz2
install_dir=$(DESTDIR)/$(appdir)/$(APP_NAME)
all:
clean:
rm -rf $(tarball) $(P)
dist: $(tarball)
install:
mkdir -p "$(install_dir)"
cp -a $(APP_DIST) "$(install_dir)"
$(tarball): $(DISTFILES)
rm -rf $(P)
mkdir -p $(P)
cp $(DISTFILES) $(P)
$(TAR) -jcf $@ $(P)
rm -rf $(P)
# target that creates a tar package, unpacks is and install from package
dist-install: $(tarball)
$(TAR) -jxf $(tarball)
$(MAKE) -C $(P) install DESTDIR=$(DESTDIR)
rm -rf $(P)
include config.mk
.PHONY: all clean dist install dist-install
prefix=/usr
datadir=${prefix}/share
sysconfdir=${prefix}/etc
localstatedir=${prefix}/var
acfdir=${datadir}/acf
wwwdir=${acfdir}/www
cgibindir=${acfdir}/cgi-bin
appdir=${acfdir}/app
acflibdir=${acfdir}/lib
sessionsdir=${localstatedir}/lib/acf/sessions
squid-cfg-dir=/etc/squid
<?
local form = ...
local data = form.option
local service = form.service
local config = form.service.config
local srv1fill = ""
local srv2fill = "disabled"
if service.status == "running" then
srv1fill = "disabled"
srv2fill = ""
end
local ifthen = function( variable, value, result )
if variable == value then
io.write( result )
end
end
?>
<h1>Content Filter</h1>
<h2>General Information</h2>
<p>
DansGuardian is web content filtering software. It works as a web proxy,
making web requests in behalf of the client, and inspecting the returned
content before passing on to the client. DansGuardian uses phraselists to
identify harmful content. This means that updated "blacklists" are
generally not necessary. DansGuardian must be used in combination with a
"smart proxy", such as squid.
</p>
<p>
This page lets you manually configure the filter rule files for DansGuardian.
</p>
<h2>Status</h2>
<dt>Program version</dt><dd><? io.write( form.info.version.value ) ?></dd>
<dt>Process status</dt><dd><? io.write( form.info.status.value ) ?></dd>
<dt>Process information</dt><dd>This process runs as a service. When you make and save changes, the configuration
files for the service are changed. However, the changes will not be <i>applied</i>
until you restart the service.</dd>
<form action="" method="POST">
<dt>Daemon control</dt>
<dd><input class="submit" type="submit" name="srvcmd" value="start" <? io.write( srv1fill ) ?> style="width:100px">
<input class="submit" type="submit" name="srvcmd" value="stop" <? io.write( srv2fill ) ?> style="width:100px">
<input class="submit" type="submit" name="srvcmd" value="restart" <? io.write( srv2fill ) ?> style="width:100px"></dd>
<p class="error"><? io.write( service.message ) ?></p>
</form>
<h2>Configuration</h2>
<pre style="color: #ff2020;"><? io.write( service.cfgerr ) ?></pre>
<h3>Files</h3>
<p>
Click on one of the files to edit it.
</p>
<table>
<?
for k,v in ipairs( config.files ) do
io.write( "<tr><td><a href=\"" .. data.script .. data.prefix .. data.controller .. "/edit?name=" .. v .. "\">" .. v .. "</a></td></tr>\n" )
end
?>
</table>
<?
local form = ...
local data = form.option
local service = form.service
local config = form.service.config
local srv1fill = ""
local srv2fill = "disabled"
if service.status == "running" then
srv1fill = "disabled"
srv2fill = ""
end
local ifthen = function( variable, value, result )
if variable == value then
io.write( result )
end
end
?>
<h1>Content Filter</h1>
DansGuardian is web content filtering software. It works as a web proxy,
making web requests in behalf of the client, and inspecting the returned
content before passing on to the client. DansGuardian uses phraselists to
identify harmful content. This means that updated "blacklists" are
generally not necessary. DansGuardian must be used in combination with a
"smart proxy", such as squid.
<b>This page lets you manually add/remove categories for DansGuardian.</b><br><br>
<h1>Status</h1>
<form action="" method="POST">
<table><tr>
<td>dansguardian is: <b><? io.write( service.status ) ?> </b> </td>
<td><input class="submit" type="submit" name="srvcmd" value="start" <? io.write( srv1fill ) ?> style="width:100px"></td>
<td><input class="submit" type="submit" name="srvcmd" value="stop" <? io.write( srv2fill ) ?> style="width:100px"></td>
<td><input class="submit" type="submit" name="srvcmd" value="restart" <? io.write( srv2fill ) ?> style="width:100px"></td>
</tr></table>
</form>
<pre style="color: #ff2020;"><? io.write( service.message ) ?></pre><br>
This process runs as a service. When you make and save changes, the configuration
files for the service are changed. However, the changes will not be <i>applied</i>
until you restart the service.<br><br><br>
<h1>Categories</h1>
<pre style="color: #ff2020;"><? io.write( service.cfgerr ) ?></pre><br>
<h2>Delete Category</h2>
<form action="" method="POST">
<table>
<?
for k,v in ipairs( config ) do
io.write( "<tr><td><input type=\"checkbox\" name=\"cats\" value=\"" .. v .. "\"> " .. v .. "</td></tr>\n" )
end
?>
<tr><td><input class="submit" type="submit" name="cmd" value="delete"></td></tr>
</table>
</form>
-- the squid controller
module (..., package.seeall)
-- Cause an http redirect to our "read" action
-- We use the self.conf table because it already has prefix,controller,etc
-- The redir code is defined in the application error handler (acf-controller)
local list_redir = function (self)
self.conf.action = "general"
self.conf.type = "redir"
error (self.conf)
end
local pvt = {}
mvc= {}
mvc.on_load = function( self, parent )
-- If they try to run a bogus action, send them to read
if ( rawget(self.worker, self.conf.action) == nil ) then
list_redir(self)
end
pvt.parent_on_exec = parent.worker.mvc.post_exec
end
mvc.pre_exec = function( self )
-- pvt.parent_on_exec ()
end
mvc.post_exec = function( self )
return pvt.parent_on_exec()
end
general = function( self )
local info = { status = { value = "stopped" }, version = { value = self.model.get_dansguardian_version() }, srvctrl = { value = srvctrl} };
local option = { script = ENV["SCRIPT_NAME"],
prefix = self.conf.prefix,
controller = self.conf.controller,
action = self.conf.action,
extra = ""
}
local service = { message="", status="", config="" }
if self.clientdata.srvcmd then
srvcmd = self.clientdata.srvcmd
if srvcmd == "start" or srvcmd == "stop" or srvcmd == "restart" then
service.message = self.model.service_control( srvcmd )
end
end
if self.clientdata.cmd then
if self.clientdata.cmd == "save" then
local conf = self.clientdata
local config = { filterip = conf.filterip, filterport = conf.filterport,
proxyip = conf.proxyip, proxyport = conf.proxyport,
accessdeniedaddress = conf.accessdeniedaddress,
naughtynesslimit = conf.naughtynesslimit
}
self.model.update_general_config( config )
end
end
service.status = self.model.get_status()
info.status.value = service.status
service.config, service.cfgerr = self.model.get_general_config()
return ( cfe ({ option = option, service = service, info = info }) )
end
advanced = function( self )
local info = { status = { value = "stopped" }, version = { value = self.model.get_dansguardian_version() }, srvctrl = { value = srvctrl} };
local option = { script = ENV["SCRIPT_NAME"],
prefix = self.conf.prefix,
controller = self.conf.controller,
action = self.conf.action,
extra = ""
}
local service = { message="", status="", config="" }
if self.clientdata.srvcmd then
srvcmd = self.clientdata.srvcmd
if srvcmd == "start" or srvcmd == "stop" or srvcmd == "restart" then
service.message = self.model.service_control( srvcmd )
end
end
service.status = self.model.get_status()
info.status.value = service.status
service.config, service.cfgerr = self.model.get_advanced_config()
return ( cfe ({ option = option, service = service, info = info }) )
end
plain = function( self )
local option = { script = ENV["SCRIPT_NAME"],
prefix = self.conf.prefix,
controller = self.conf.controller,
action = self.conf.action,
extra = ""
}
local service = { message="", status="", config="" }
if self.clientdata.srvcmd then
srvcmd = self.clientdata.srvcmd
if srvcmd == "start" or srvcmd == "stop" or srvcmd == "restart" then
service.message = self.model.service_control( srvcmd )
end
end
if self.clientdata.cmd then
if self.clientdata.cmd == "save" then
local conf = self.clientdata
local config = conf.config
self.model.update_plain_config( config )
end
end
service.status = self.model.get_status()
service.config, service.cfgerr = self.model.get_plain_config()
return ( cfe ({ option = option, service = service }) )
end
edit = function( self )
if not self.clientdata.name then
list_redir( self )
end
local option = { script = ENV["SCRIPT_NAME"],
prefix = self.conf.prefix,
controller = self.conf.controller,
action = self.conf.action,
extra = ""
}
local service = { message="", status="", config="" }
if self.clientdata.cmd then
if self.clientdata.cmd == "save" then
self.model.update_edit_config( self.clientdata.name, self.clientdata.config )
end
end
service.status = self.model.get_status()
service.config, service.cfgerr = self.model.get_edit_config( self.clientdata.name )
service.name = self.clientdata.name
if service.cfgerr == "Hacker" then
list_redir( self )
end
return ( cfe ({ option = option, service = service }) )
end
category = function( self )
local option = { script = ENV["SCRIPT_NAME"],
prefix = self.conf.prefix,
controller = self.conf.controller,
action = self.conf.action,
extra = ""
}
local service = { message="", status="", config="" }
service.config = self.model.get_categories()
return ( cfe ({ option = option, service = service }) )
end
<?
local form = ...
local data = form.option
local service = form.service
local config = form.service.config
local srv1fill = ""
local srv2fill = "disabled"
if service.status == "running" then
srv1fill = "disabled"
srv2fill = ""
end
local ifthen = function( variable, value, result )
if variable == value then
io.write( result )
end
end
?>
<h1>Content Filter (<? io.write( service.name ) ?>)</h1>
<form action="" method="POST">
<pre style="color: #ff2020;"><? io.write( service.cfgerr ) ?></pre><br>
These parameters define the interface and port that Dansguardian uses to accept connections.<br><br>
<table>
<tr><td><textarea name="config" style="width:100%"><? io.write( service.config ) ?></textarea></td></tr>
</table><br>
<input class="text" type="hidden" name="name" value="<? io.write( service.name ) ?>">
<h3>Save Changes</h3>
<dt>Save the content of the above box</dt><dd><input class="submit" type="submit" name="cmd" value="save" style="width:100px"></dd>
</form>
<?
local form = ...
local data = form.option
local service = form.service
local config = form.service.config
local srv1fill = ""
local srv2fill = "disabled"
if form.info.status.value == "running" then
srv1fill = "disabled"
srv2fill = ""
end
local ifthen = function( variable, value, result )
if variable == value then
io.write( result )
end
end
?>
<h1>Content Filter</h1>
<h2>General Information</h2>
<p>
DansGuardian is web content filtering software. It works as a web proxy,
making web requests in behalf of the client, and inspecting the returned
content before passing on to the client. DansGuardian uses phraselists to
identify harmful content. This means that updated "blacklists" are
generally not necessary. DansGuardian must be used in combination with a
"smart proxy", such as squid.
</p><p>
This page defines the basic network configuration settings for DansGuardian.
</p>
<h2>Status</h2>
<dt>Program version</dt><dd><? io.write( form.info.version.value ) ?></dd>
<dt>Process status</dt><dd><? io.write( form.info.status.value ) ?></dd>
<dt>Process information</dt><dd>This process runs as a service. When you make
and save changes, the configuration files for the service are changed.
However, the changes will not be applied until you restart the service.</dd>
<form action="" method="POST">
<dt>Daemon control</dt>
<dd><input class="submit" type="submit" name="srvcmd" value="start" <? io.write( srv1fill ) ?> style="width:100px">
<input class="submit" type="submit" name="srvcmd" value="stop" <? io.write( srv2fill ) ?> style="width:100px">
<input class="submit" type="submit" name="srvcmd" value="restart" <? io.write( srv2fill ) ?> style="width:100px"></dd>
</form>
<p>
<pre class="attention"><? io.write( service.message ) ?></pre>
</p>
<form action="" method="POST">
<h2>Configuration</h2>
<pre style="color: #ff2020;"><? io.write( service.cfgerr ) ?></pre>
<p>
These parameters define the interface and port that Dansguardian uses to accept connections.
</p>
<dt>filterip</dt><dd><input class="text" type="text" name="filterip" value="<? io.write( config.filterip.value ) ?>" style="width:100px"></dd>
<dt>filterport</dt><dd><input class="text" type="text" name="filterport" value="<? io.write( config.filterport.value ) ?>" style="width:100px"></dd>
<h3>Proxy service</h3>
<p>
These parameters define the ip address and port that Dansguardian should forward requests on to.
</p>
<dt>proxyip</dt><dd><input class="text" type="text" name="proxyip" value="<? io.write( config.proxyip.value ) ?>" style="width:100px"></dd>
<dt>proxyport</dt><dd><input class="text" type="text" name="proxyport" value="<? io.write( config.proxyport.value ) ?>" style="width:100px"></dd>
<h3>Filter Actions</h3>
<p>
These parameters define how sensitive the filter is, and where to redirect requests if the content filter
determines that the content is inappropriate. The "naughtynesslimit" is more sensitive the lower it is set.
The author recommends 50 for "young children", 100 for "older children" and 160 for "young adults".
</p>
<dt>accessdeniedaddress</dt><dd><input class="text" type="text" name="accessdeniedaddress" value="<? io.write( config.accessdeniedaddress.value ) ?>" style="width:350px"></dd>
<dt>naughtynesslimit</dt><dd><input class="text" type="text" name="naughtynesslimit" value="<? io.write( config.naughtynesslimit.value ) ?>" style="width:100px"></dd>
<h2>Save Changes</h2>
<dt>Save the above changes?</dt><dd><input class="submit" type="submit" name="cmd" value="save" style="width:100px"></dd>
</form>
-- acf model for squid
-- Copyright(c) 2007 A. Brodmann - Licensed under terms of GPL2
module (..., package.seeall)
require "posix"
require "format"
dansguardiancfg = "/etc/dansguardian/dansguardian.conf"
dansguardiancfg2 = "/etc/dansguardian/dansguardianf1.conf"
get_status = function()
local retval = "stopped"
local ptr = io.popen( "/bin/pidof dansguardian" )
local pid = ptr:read( "*a" )
ptr:close()
if pid ~= nil then
if #pid > 1 then
retval = "running"
end
end
return retval
end
service_control = function( control )
local retval = ""
local ptr = io.popen( "/etc/init.d/dansguardian " .. control, "r" )
if ptr ~= nil then
local retmsg = ptr:read( "*a" )
ptr:close()
if retmsg ~= nil then
retval = retmsg
else
retval = "service_control(): Failed to read output from initscript!\n"
end
else
retval = "service_control(): Failed to start/stop/restart service!\n"
end
return retval
end
get_dansguardian_version = function()
local retval = ""
local ptr = io.popen( "/usr/sbin/dansguardian -v" )
if ptr ~= nil then
retval = ptr:read( "*l" )
ptr:close()
else
retval = "Error - Failed to program version"
end
return retval
end
get_general_config = function()
local retval = {}
local error = ""
retval = { filterip = { label="Filter IP", type="text", value="" },
filterport = { label="Filter Port", type="text", value="" },
proxyip = { label="Proxy IP", type="text", value="" },
proxyport = { label="Proxy Port", type="text", value="" },
accessdeniedaddress = { label="AccessDeniedAddress", type="text", value="" },
naughtynesslimit = { label="NaughtynessLimit", type="text", value="" }
}
local fptr = io.open( dansguardiancfg, "r" )
if fptr ~= nil then
local line = fptr:read( "*l" )
while line ~= nil do
if string.sub( line, 1, 1 ) ~= "#" then
if string.sub( line, 1, 8 ) == "filterip" then
retval.filterip.value = get_cfg_value( line )
elseif string.sub( line, 1, 10 ) == "filterport" then
retval.filterport.value = get_cfg_value( line )
elseif string.sub( line, 1, 7 ) == "proxyip" then
retval.proxyip.value = get_cfg_value( line )
elseif string.sub( line, 1, 9 ) == "proxyport" then
retval.proxyport.value = get_cfg_value( line )
elseif string.sub( line, 1, 19 ) == "accessdeniedaddress" then
retval.accessdeniedaddress.value = get_cfg_value( line )
end
end
line = fptr:read( "*l" ) -- read one config file
end
fptr:close()
else
error = "Failed to open " .. dansguardiancfg .. " file!"
end
local fptr2 = io.open( dansguardiancfg2, "r" )
if fptr2 ~= nil then
local line = fptr2:read( "*l" )
while line ~= nil do
if string.sub( line, 1, 1 ) ~= "#" then
if string.sub( line, 1, 16 ) == "naughtynesslimit" then
retval.naughtynesslimit.value = get_cfg_value( line )
end
end
line = fptr2:read( "*l" ) -- read one config file line
end
fptr2:close()
else
error = "Failed to open " .. dansguardiancfg2 .. " file!"
end
return retval, error
end
get_plain_config = function()
local retval = ""
local error = ""
local fptr = io.open( dansguardiancfg, "r" )
if fptr ~= nil then
retval = fptr:read( "*a" )
fptr:close()
if retval == nil then
retval = ""
error = "Failed to read " .. dansguardiancfg .. " file!"
end
else
error = "Failed to open " .. dansguardiancfg .. " file!"
end
return retval, error
end
get_edit_config = function( name )
local retval = ""
local error = ""
if not is_valid_configfile( name ) then
return "", "Hacker"
end
local fptr = io.open( "/etc/dansguardian/" .. name )
if fptr ~= nil then
retval = fptr:read( "*a" )
fptr:close()
if retval == nil then
retval = ""
error = "Failed to read /etc/dansguardian/" .. name .. " file!"
end
else
error = "Failed to open /etc/dansguardian/" .. name .. " file!"
end
return retval, error
end
update_edit_config = function( name, config )
local retval = ""
if not is_valid_configfile( name ) then
return "", "Hacker"
end
local fptr = io.open( "/etc/dansguardian/" .. name, "wb+" )
if fptr ~= nil then
fptr:write( format.dostounix( config ) )
fptr:close()
retval = ""
else
error = "Failed to open /etc/dansguardian/" .. name .. " file!"
end
return retval
end
update_general_config = function( config )
local retval = ""
local tmpfilename = os.tmpname()
local tmpfile = -1
local cfgptr = -1
local line = ""
tmpfile = io.open( tmpfilename, "wb+" )
if tmpfile == nil then
return "Failed to create temporary config file!"
end
cfgptr = io.open( dansguardiancfg, "r" )
if cfgptr == nil then
tmpfile:close()
os.remove( tmpfilename )
return "Failed to open " .. dansguardiancfg .. "!"
end
line = cfgptr:read( "*l" )
while line ~= nil do
if string.sub( line, 1, 8 ) == "filterip" then
tmpfile:write( "filterip = " .. config.filterip .. "\n" )
elseif string.sub( line, 1, 10 ) == "filterport" then
tmpfile:write( "filterport = " .. config.filterport .. "\n" )
elseif string.sub( line, 1, 7 ) == "proxyip" then
tmpfile:write( "proxyip = " .. config.proxyip .. "\n" )
elseif string.sub( line, 1, 9 ) == "proxyport" then
tmpfile:write( "proxyport = " .. config.proxyport .. "\n" )
elseif string.sub( line, 1, 19 ) == "accessdeniedaddress" then
tmpfile:write( "accessdeniedaddress = " .. config.accessdeniedaddress .. "\n" )
else
tmpfile:write( line .. "\n" )
end
line = cfgptr:read( "*l" )
end
tmpfile:close()
cfgptr:close()
os.rename( tmpfilename, dansguardiancfg )
--- step 2 - dansguardiancfg2
tmpfile = io.open( tmpfilename, "wb+" )
if tmpfile == nil then
return "Failed to create temporary config file!"
end
cfgptr = io.open( dansguardiancfg2, "r" )
if cfgptr == nil then
tmpfile:close()
os.remove( tmpfilename )
return "Failed to open " .. dansguardiancfg2 .. "!"
end
line = cfgptr:read( "*l" )
while line ~= nil do
if string.sub( line, 1, 16 ) == "naughtynesslimit" then
tmpfile:write( "naughtynesslimit = " .. config.naughtynesslimit .. "\n" )
else
tmpfile:write( line .. "\n" )
end
line = cfgptr:read( "*l" )
end
tmpfile:close()
cfgptr:close()
os.rename( tmpfilename, dansguardiancfg2 )
return retval
end
update_plain_config = function( config )
local retval = ""
local cfgptr = -1
local error = ""
cfgptr = io.open( dansguardiancfg, "wb+" )
if cfgptr ~= nil then
cfgptr:write( config )
cfgptr:close()
else
retval = "Failed to open " .. dansguardiancfg .. " file!"
end
return retval
end