USE_PROCD=1
PROG=/usr/sbin/e2guardian
CONFIGFILE="/tmp/e2guardian/e2guardian.conf"
+LOGFILE="/tmp/e2guardian/access.log"
+GROUPCONFIG="/tmp/e2guardian/e2guardianf1.conf"
validate_e2guardian_section() {
uci_validate_section e2guardian e2guardian "${1}" \
- 'config_file:string' \
'accessdeniedaddress:string' \
'bannediplist:string' \
'contentscanexceptions:string' \
+ 'contentscanner:string'
'contentscannertimeout:uinteger' \
'createlistcachefiles:string' \
'custombannedflashfile:string' \
start_service() {
- local config_file accessdeniedaddress bannediplist contentscanexceptions contentscannertimeout \
+ local accessdeniedaddress bannediplist contentscanexceptions contentscanner contentscannertimeout \
createlistcachefiles custombannedflashfile custombannedimagefile deletedownloadedtempfiles \
downloadmanager exceptioniplist filecachedir loglocation \
filtergroups filtergroupslist filterip filterports forcequicksearch forwardedfor hexdecodecontent \
}
mkdir -p $(dirname $CONFIGFILE)
- ln -sf $config_file $(dirname $CONFIGFILE)
+ chown -R nobody:nogroup $(dirname $CONFIGFILE)
+
+ mkdir -p $(dirname $loglocation)
+ chown -R nobody:nogroup $(dirname $loglocation)
+
+ touch $loglocation
+ chown nobody:nogroup $loglocation
+
+ ln -sf $loglocation $(dirname $LOGFILE)
+ ln -sf /etc/e2guardian/e2guardian.conf $CONFIGFILE
+ ln -sf /etc/e2guardian/e2guardianf1.conf $GROUPCONFIG
echo "accessdeniedaddress = " $accessdeniedaddress > $CONFIGFILE
echo "bannediplist = " $bannediplist >> $CONFIGFILE
+
+ if [ "$contentscanner" != "" ]
+ then
+ echo "contentscanner = " $contentscanner >> $CONFIGFILE
+ fi
+
echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE
echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE
echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE
echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE
procd_open_instance
- procd_set_param command $PROG -N -c "$CONFIGFILE"
+ procd_set_param command $PROG -c $CONFIGFILE
procd_set_param file $CONFIGFILE
- procd_set_param respawn
procd_close_instance
+
}
stop_service()
{
- e2guardian -s | awk -F':' '{ print $2}' | xargs kill -9
+ PID=`cat /tmp/e2guardian/e2guardian.pid`
+ kill $PID
+ rm -f /tmp/e2guardian/e2guardian.pid
}
service_triggers()
-# e2guardian filter group config file for version 3.0.4
+# e2guardian filter group config file for version 3.1.2
# Filter group mode
groupname = ''
# Content filtering files location
-bannedphraselist = 'etc/e2guardian/lists/bannedphraselist'
-weightedphraselist = 'etc/e2guardian/lists/weightedphraselist'
-exceptionphraselist = 'etc/e2guardian/lists/exceptionphraselist'
-bannedsitelist = 'etc/e2guardian/lists/bannedsitelist'
-greysitelist = 'etc/e2guardian/lists/greysitelist'
-bannedsslsitelist = 'etc/e2guardian/lists/bannedsslsitelist'
-greysslsitelist = 'etc/e2guardian/lists/greysslsitelist'
-exceptionsitelist = 'etc/e2guardian/lists/exceptionsitelist'
-bannedurllist = 'etc/e2guardian/lists/bannedurllist'
-greyurllist = 'etc/e2guardian/lists/greyurllist'
-exceptionurllist = 'etc/e2guardian/lists/exceptionurllist'
-exceptionregexpurllist = 'etc/e2guardian/lists/exceptionregexpurllist'
-bannedregexpurllist = 'etc/e2guardian/lists/bannedregexpurllist'
-picsfile = 'etc/e2guardian/lists/pics'
-contentregexplist = 'etc/e2guardian/lists/contentregexplist'
-urlregexplist = 'etc/e2guardian/lists/urlregexplist'
-refererexceptionsitelist = 'etc/e2guardian/lists/refererexceptionsitelist'
-refererexceptionurllist = 'etc/e2guardian/lists/refererexceptionurllist'
-embededreferersitelist = 'etc/e2guardian/lists/embededreferersitelist'
-embededrefererurllist = 'etc/e2guardian/lists/embededrefererurllist'
-urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
+bannedphraselist = '/etc/e2guardian/lists/bannedphraselist'
+weightedphraselist = '/etc/e2guardian/lists/weightedphraselist'
+exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist'
+bannedsitelist = '/etc/e2guardian/lists/bannedsitelist'
+greysitelist = '/etc/e2guardian/lists/greysitelist'
+bannedsslsitelist = '/etc/e2guardian/lists/bannedsslsitelist'
+greysslsitelist = '/etc/e2guardian/lists/greysslsitelist'
+exceptionsitelist = '/etc/e2guardian/lists/exceptionsitelist'
+bannedurllist = '/etc/e2guardian/lists/bannedurllist'
+greyurllist = '/etc/e2guardian/lists/greyurllist'
+exceptionurllist = '/etc/e2guardian/lists/exceptionurllist'
+exceptionregexpurllist = '/etc/e2guardian/lists/exceptionregexpurllist'
+bannedregexpurllist = '/etc/e2guardian/lists/bannedregexpurllist'
+picsfile = '/etc/e2guardian/lists/pics'
+contentregexplist = '/etc/e2guardian/lists/contentregexplist'
+urlregexplist = '/etc/e2guardian/lists/urlregexplist'
+refererexceptionsitelist = '/etc/e2guardian/lists/refererexceptionsitelist'
+refererexceptionurllist = '/etc/e2guardian/lists/refererexceptionurllist'
+embededreferersitelist = '/etc/e2guardian/lists/embededreferersitelist'
+embededrefererurllist = '/etc/e2guardian/lists/embededrefererurllist'
+urlredirectregexplist = '/etc/e2guardian/lists/urlredirectregexplist'
# local versions of lists (where LOCAL_LISTS enabled)
-#localbannedsitelist = 'etc/e2guardian/lists/localbannedsitelist'
-#localgreysitelist = 'etc/e2guardian/lists/localgreysitelist'
-#localexceptionsitelist = 'etc/e2guardian/lists/localexceptionsitelist'
-#localbannedurllist = 'etc/e2guardian/lists/localbannedurllist'
-#localgreyurllist = 'etc/e2guardian/lists/localgreyurllist'
-#localexceptionurllist = 'etc/e2guardian/lists/localexceptionurllist'
-#localbannedsslsitelist = 'etc/e2guardian/lists/localbannedsslsitelist'
-#localgreysslsitelist = 'etc/e2guardian/lists/localgreysslsitelist'
-#localbannedsearchlist = 'etc/e2guardian/lists/localbannedsearchlist'
-
-!! Not compiled !! authexceptionsitelist = 'etc/e2guardian/lists/authexceptionsitelist'
-!! Not compiled !! authexceptionurllist = 'etc/e2guardian/lists/authexceptionurllist'
+#localbannedsitelist = '/etc/e2guardian/lists/localbannedsitelist'
+#localgreysitelist = '/etc/e2guardian/lists/localgreysitelist'
+#localexceptionsitelist = '/etc/e2guardian/lists/localexceptionsitelist'
+#localbannedurllist = '/etc/e2guardian/lists/localbannedurllist'
+#localgreyurllist = '/etc/e2guardian/lists/localgreyurllist'
+#localexceptionurllist = '/etc/e2guardian/lists/localexceptionurllist'
+#localbannedsslsitelist = '/etc/e2guardian/lists/localbannedsslsitelist'
+#localgreysslsitelist = '/etc/e2guardian/lists/localgreysslsitelist'
+#localbannedsearchlist = '/etc/e2guardian/lists/localbannedsearchlist'
+
+!! Not compiled !! authexceptionsitelist = '/etc/e2guardian/lists/authexceptionsitelist'
+!! Not compiled !! authexceptionurllist = '/etc/e2guardian/lists/authexceptionurllist'
# Filetype filtering
#
# (on | off)
#
blockdownloads = off
-exceptionextensionlist = 'etc/e2guardian/lists/exceptionextensionlist'
-exceptionmimetypelist = 'etc/e2guardian/lists/exceptionmimetypelist'
+exceptionextensionlist = '/etc/e2guardian/lists/exceptionextensionlist'
+exceptionmimetypelist = '/etc/e2guardian/lists/exceptionmimetypelist'
#
# Use the following lists to block specific kinds of file downloads.
# The two exception lists above can be used to override these.
#
-bannedextensionlist = 'etc/e2guardian/lists/bannedextensionlist'
-bannedmimetypelist = 'etc/e2guardian/lists/bannedmimetypelist'
+bannedextensionlist = '/etc/e2guardian/lists/bannedextensionlist'
+bannedmimetypelist = '/etc/e2guardian/lists/bannedmimetypelist'
#
# In either file filtering mode, the following list can be used to override
# MIME type & extension blocks for particular domains & URLs (trusted download sites).
#
-exceptionfilesitelist = 'etc/e2guardian/lists/exceptionfilesitelist'
-exceptionfileurllist = 'etc/e2guardian/lists/exceptionfileurllist'
+exceptionfilesitelist = '/etc/e2guardian/lists/exceptionfilesitelist'
+exceptionfileurllist = '/etc/e2guardian/lists/exceptionfileurllist'
# POST protection (web upload and forms)
# does not block forms without any file upload, i.e. this is just for
# Supply categorised lists here and the category string shall be logged against
# matching requests, but matching these lists does not perform any filtering
# action.
-#logsitelist = 'etc/e2guardian/lists/logsitelist'
-#logurllist = 'etc/e2guardian/lists/logurllist'
-#logregexpurllist = 'etc/e2guardian/lists/logregexpurllist'
+#logsitelist = '/etc/e2guardian/lists/logsitelist'
+#logurllist = '/etc/e2guardian/lists/logurllist'
+#logregexpurllist = '/etc/e2guardian/lists/logregexpurllist'
# Outgoing HTTP header rules:
# Optional lists for blocking based on, and modification of, outgoing HTTP
# Headers are matched/replaced on a line-by-line basis, not as a contiguous
# block.
# Use for example, to remove cookies or prevent certain user-agents.
-headerregexplist = 'etc/e2guardian/lists/headerregexplist'
-bannedregexpheaderlist = 'etc/e2guardian/lists/bannedregexpheaderlist'
-addheaderregexplist = 'etc/e2guardian/lists/addheaderregexplist'
+headerregexplist = '/etc/e2guardian/lists/headerregexplist'
+bannedregexpheaderlist = '/etc/e2guardian/lists/bannedregexpheaderlist'
+addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist'
# Weighted phrase mode
# Optional; overrides the weightedphrasemode option in e2guardian.conf
# List of regular expressions for matching search engine URLs. It is assumed
# that the search terms themselves will be contained in the
# of output of each expression.
-#searchregexplist = 'etc/e2guardian/lists/searchregexplist'
+#searchregexplist = '/etc/e2guardian/lists/searchregexplist'
#
# Banned Search Term list(s) for option 1
-#bannedsearchlist = 'etc/e2guardian/lists/bannedsearchlist'
-#bannedsearchoveridelist = 'etc/e2guardian/lists/bannedsearchoveridelist'
+#bannedsearchlist = '/etc/e2guardian/lists/bannedsearchlist'
+#bannedsearchoveridelist = '/etc/e2guardian/lists/bannedsearchoveridelist'
# Search term limit (for Option 2)
# of text.
# Please note that all or none of the below should be uncommented, not a
# mixture.
-#bannedsearchtermlist = 'etc/e2guardian/lists/bannedsearchtermlist'
-#weightedsearchtermlist = 'etc/e2guardian/lists/weightedsearchtermlist'
-#exceptionsearchtermlist = 'etc/e2guardian/lists/exceptionsearchtermlist'
+#bannedsearchtermlist = '/etc/e2guardian/lists/bannedsearchtermlist'
+#weightedsearchtermlist = '/etc/e2guardian/lists/weightedsearchtermlist'
+#exceptionsearchtermlist = '/etc/e2guardian/lists/exceptionsearchtermlist'
# Category display threshold
# This option only applies to pages blocked by weighted phrase filtering.
# only used in reporting level 3.
#
# The default template file path is <languagedir>/<language>/template.h
-# e.g. share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
+# e.g. /share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
# language.
#
# This option generates a file path of the form:
# <languagedir>/<language>/<htmltemplate>
-# e.g. share/e2guardian/languages/ukenglish/custom.html
+# e.g. /share/e2guardian/languages/ukenglish/custom.html
#
#htmltemplate = 'custom.html'
sslcertcheck = off
#SSL man in the middle
-# Forge ssl certificates for all sites, decrypt the data then re encrypt it
+# Forge ssl certificates for all non-exception sites, decrypt the data then re encrypt it
# using a different private key. Used to filter ssl sites
sslmitm = off
+#Limit SSL MITM to sites in greysslsitelist(s)
+# ignored if sslmitm is off
+# SSL sites not matching greysslsitelist will be treat as if sslmitm is off.
+onlymitmsslgrey = off