summaryrefslogtreecommitdiff
path: root/src/op_mode/webproxy_update_blacklist.sh
diff options
context:
space:
mode:
authoraapostoliuk <108394744+aapostoliuk@users.noreply.github.com>2022-12-17 09:20:56 +0200
committerGitHub <noreply@github.com>2022-12-17 08:20:56 +0100
commite78235213c7409ae0ddb50edc1ba83095d1c9080 (patch)
tree02cb4f8786366d2e339adaf666503692a427db14 /src/op_mode/webproxy_update_blacklist.sh
parent86a2d0fc2bfea4757c6413b37540d619e79a8980 (diff)
downloadvyos-1x-e78235213c7409ae0ddb50edc1ba83095d1c9080.tar.gz
vyos-1x-e78235213c7409ae0ddb50edc1ba83095d1c9080.zip
webproxy: T3810: multiple squidGuard fixes
1. Added in script update webproxy blacklists generation of all DBs 2. Fixed: if the blacklist category does not have generated db, the template generates an empty dest category in squidGuard.conf and a Warning message. 3. Added template generation for local's categories in the rule section. 4. Changed syntax in the generation dest section for blacklist's categories 4. Fixed generation dest local sections in squidGuard.conf 5. Fixed bug in syntax. The word 'allow' changed to the word 'any' in acl squidGuard.conf
Diffstat (limited to 'src/op_mode/webproxy_update_blacklist.sh')
-rwxr-xr-xsrc/op_mode/webproxy_update_blacklist.sh27
1 files changed, 27 insertions, 0 deletions
diff --git a/src/op_mode/webproxy_update_blacklist.sh b/src/op_mode/webproxy_update_blacklist.sh
index d5f301b75..4fb9a54c6 100755
--- a/src/op_mode/webproxy_update_blacklist.sh
+++ b/src/op_mode/webproxy_update_blacklist.sh
@@ -18,6 +18,23 @@ blacklist_url='ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/black
data_dir="/opt/vyatta/etc/config/url-filtering"
archive="${data_dir}/squidguard/archive"
db_dir="${data_dir}/squidguard/db"
+conf_file="/etc/squidguard/squidGuard.conf"
+tmp_conf_file="/tmp/sg_update_db.conf"
+
+#$1-category
+#$2-type
+#$3-list
+create_sg_db ()
+{
+ FILE=$db_dir/$1/$2
+ if test -f "$FILE"; then
+ rm -f ${tmp_conf_file}
+ printf "dbhome $db_dir\ndest $1 {\n $3 $1/$2\n}\nacl {\n default {\n pass any\n }\n}" >> ${tmp_conf_file}
+ /usr/bin/squidGuard -b -c ${tmp_conf_file} -C $FILE
+ rm -f ${tmp_conf_file}
+ fi
+
+}
while [ $# -gt 0 ]
do
@@ -88,6 +105,16 @@ if [[ -n $update ]] && [[ $update -eq "yes" ]]; then
# fix permissions
chown -R proxy:proxy ${db_dir}
+
+ #create db
+ category_list=(`find $db_dir -type d -exec basename {} \; `)
+ for category in ${category_list[@]}
+ do
+ create_sg_db $category "domains" "domainlist"
+ create_sg_db $category "urls" "urllist"
+ create_sg_db $category "expressions" "expressionlist"
+ done
+ chown -R proxy:proxy ${db_dir}
chmod 755 ${db_dir}
logger --priority WARNING "webproxy blacklist entries updated (${count_before}/${count_after})"