From c8ed8ada1665c74da24df72d44d487304925bf9e Mon Sep 17 00:00:00 2001 From: danrl Date: Wed, 15 Feb 2017 13:48:56 +0100 Subject: [PATCH] luci-app-e2guardian: add e2guardian application This application was moved from the packages repository to luci. Signed-off-by: Dan Luedtke --- applications/luci-app-e2guardian/Makefile | 18 + .../luasrc/controller/e2guardian.lua | 22 ++ .../luasrc/model/cbi/e2guardian.lua | 399 +++++++++++++++++++++ 3 files changed, 439 insertions(+) create mode 100644 applications/luci-app-e2guardian/Makefile create mode 100644 applications/luci-app-e2guardian/luasrc/controller/e2guardian.lua create mode 100644 applications/luci-app-e2guardian/luasrc/model/cbi/e2guardian.lua diff --git a/applications/luci-app-e2guardian/Makefile b/applications/luci-app-e2guardian/Makefile new file mode 100644 index 000000000..c3ac02988 --- /dev/null +++ b/applications/luci-app-e2guardian/Makefile @@ -0,0 +1,18 @@ +# +# Copyright (C) 2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +LUCI_TITLE:=E2Guardian LuCI Interface +LUCI_DEPENDS:=+luci-mod-admin-full +e2guardian + +PKG_MAINTAINER:=Marko Ratkaj +PKG_LICENSE:=Apache-2.0 + +include ../../luci.mk + +# call BuildPackage - OpenWrt buildroot signature diff --git a/applications/luci-app-e2guardian/luasrc/controller/e2guardian.lua b/applications/luci-app-e2guardian/luasrc/controller/e2guardian.lua new file mode 100644 index 000000000..dd545f50b --- /dev/null +++ b/applications/luci-app-e2guardian/luasrc/controller/e2guardian.lua @@ -0,0 +1,22 @@ +--[[ + +LuCI E2Guardian module + +Copyright (C) 2015, Itus Networks, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Author: Marko Ratkaj + Luka Perkov + +]]-- + +module("luci.controller.e2guardian", package.seeall) + +function index() + entry({"admin", "services", "e2guardian"}, cbi("e2guardian"), _("E2Guardian")) +end diff --git a/applications/luci-app-e2guardian/luasrc/model/cbi/e2guardian.lua b/applications/luci-app-e2guardian/luasrc/model/cbi/e2guardian.lua new file mode 100644 index 000000000..b62132108 --- /dev/null +++ b/applications/luci-app-e2guardian/luasrc/model/cbi/e2guardian.lua @@ -0,0 +1,399 @@ +--[[ + +LuCI E2Guardian module + +Copyright (C) 2015, Itus Networks, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Author: Marko Ratkaj + Luka Perkov + +]]-- + +local fs = require "nixio.fs" +local sys = require "luci.sys" + +m = Map("e2guardian", translate("E2Guardian")) +m.on_after_commit = function() luci.sys.call("/etc/init.d/e2guardian restart") end + +s = m:section(TypedSection, "e2guardian") +s.anonymous = true +s.addremove = false + +s:tab("tab_general", translate("General Settings")) +s:tab("tab_additional", translate("Additional Settings")) +s:tab("tab_logs", translate("Logs")) + + +----------------- General Settings Tab ----------------------- + +filterip = s:taboption("tab_general", Value, "filterip", translate("IP that E2Guardian listens")) +filterip.datatype = "ip4addr" + +filterports = s:taboption("tab_general", Value, "filterports", translate("Port that E2Guardian listens")) +filterports.datatype = "portrange" +filterports.placeholder = "0-65535" + +proxyip = s:taboption("tab_general", Value, "proxyip", translate("IP address of the proxy")) +proxyip.datatype = "ip4addr" +proxyip.default = "127.0.0.1" + +proxyport = s:taboption("tab_general", Value, "proxyport", translate("Port of the proxy")) +proxyport.datatype = "portrange" +proxyport.placeholder = "0-65535" + +languagedir = s:taboption("tab_general", Value, "languagedir", translate("Language dir")) +languagedir.datatype = "string" +languagedir.default = "/usr/share/e2guardian/languages" + +language = s:taboption("tab_general", Value, "language", translate("Language to use")) +language.datatype = "string" +language.default = "ukenglish" + +loglevel = s:taboption("tab_general", ListValue, "loglevel", translate("Logging Settings")) +loglevel:value("0", translate("none")) +loglevel:value("1", translate("just denied")) +loglevel:value("2", translate("all text based")) +loglevel:value("3", translate("all requests")) +loglevel.default = "2" + +logexceptionhits = s:taboption("tab_general", ListValue, "logexceptionhits", translate("Log Exception Hits")) +logexceptionhits:value("0", translate("never")) +logexceptionhits:value("1", translate("log, but don't mark as exceptions")) +logexceptionhits:value("2", translate("log and mark")) +logexceptionhits.default = "2" + +logfileformat = s:taboption("tab_general", ListValue, "logfileformat", translate("Log File Format")) +logfileformat:value("1", translate("DansgGuardian format, space delimited")) +logfileformat:value("2", translate("CSV-style format")) +logfileformat:value("3", translate("Squid Log File Format")) +logfileformat:value("4", translate("Tab delimited")) +logfileformat:value("5", translate("Protex format")) +logfileformat:value("6", translate("Protex format with server field blanked")) +logfileformat.default = "1" + +accessdeniedaddress = s:taboption("tab_general", Value, "accessdeniedaddress", translate("Access denied address"), +translate("Server to which the cgi e2guardian reporting script was copied. Reporting levels 1 and 2 only")) +accessdeniedaddress.datatype = "string" +accessdeniedaddress.default = "http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl" + +usecustombannedimage = s:taboption("tab_general", ListValue, "usecustombannedimage", translate("Banned image replacement")) +usecustombannedimage:value("on", translate("Yes")) +usecustombannedimage:value("off", translate("No")) +usecustombannedimage.default = "on" + +custombannedimagefile = s:taboption("tab_general", Value, "custombannedimagefile", translate("Custom banned image file")) +custombannedimagefile.datatype = "string" +custombannedimagefile.default = "/usr/share/e2guardian/transparent1x1.gif" + +usecustombannedflash = s:taboption("tab_general", ListValue, "usecustombannedflash", translate("Banned flash replacement")) +usecustombannedflash:value("on", translate("Yes")) +usecustombannedflash:value("off", translate("No")) +usecustombannedflash.default = "on" + +custombannedflashfile = s:taboption("tab_general", Value, "custombannedflashfile", translate("Custom banned flash file")) +custombannedflashfile.datatype = "string" +custombannedflashfile.default = "/usr/share/e2guardian/blockedflash.swf" + +filtergroups = s:taboption("tab_general", Value, "filtergroups", translate("Number of filter groups")) +filtergroups.datatype = "and(uinteger,min(1))" +filtergroups.default = "1" + +filtergroupslist = s:taboption("tab_general", Value, "filtergroupslist", translate("List of filter groups")) +filtergroupslist.datatype = "string" +filtergroupslist.default = "/etc/e2guardian/lists/filtergroupslist" + +bannediplist = s:taboption("tab_general", Value, "bannediplist", translate("List of banned IPs")) +bannediplist.datatype = "string" +bannediplist.default = "/etc/e2guardian/lists/bannediplist" + +exceptioniplist = s:taboption("tab_general", Value, "exceptioniplist", translate("List of IP exceptions")) +exceptioniplist.datatype = "string" +exceptioniplist.default = "/etc/e2guardian/lists/exceptioniplist" + +perroomblockingdirectory = s:taboption("tab_general", Value, "perroomblockingdirectory", translate("Per-Room blocking definition directory")) +perroomblockingdirectory.datatype = "string" +perroomblockingdirectory.default = "/etc/e2guardian/lists/bannedrooms/" + +showweightedfound = s:taboption("tab_general", ListValue, "showweightedfound", translate("Show weighted phrases found")) +showweightedfound:value("on", translate("Yes")) +showweightedfound:value("off", translate("No")) +showweightedfound.default = "on" + +weightedphrasemode = s:taboption("tab_general", ListValue, "weightedphrasemode", translate("Weighted phrase mode")) +weightedphrasemode:value("0", translate("off")) +weightedphrasemode:value("1", translate("on, normal operation")) +weightedphrasemode:value("2", translate("on, phrase found only counts once on a page")) +weightedphrasemode.default = "2" + +urlcachenumber = s:taboption("tab_general", Value, "urlcachenumber", translate("Clean result caching for URLs")) +urlcachenumber.datatype = "and(uinteger,min(0))" +urlcachenumber.default = "1000" + +urlcacheage = s:taboption("tab_general", Value, "urlcacheage", translate("Age before they should be ignored in seconds")) +urlcacheage.datatype = "and(uinteger,min(0))" +urlcacheage.default = "900" + +scancleancache = s:taboption("tab_general", ListValue, "scancleancache", translate("Cache for content (AV) scans as 'clean'")) +scancleancache:value("on", translate("Yes")) +scancleancache:value("off", translate("No")) +scancleancache.default = "on" + +phrasefiltermode = s:taboption("tab_general", ListValue, "phrasefiltermode", translate("Filtering options")) +phrasefiltermode:value("0", translate("raw")) +phrasefiltermode:value("1", translate("smart")) +phrasefiltermode:value("2", translate("both raw and smart")) +phrasefiltermode:value("3", translate("meta/title")) +phrasefiltermode.default = "2" + +preservecase = s:taboption("tab_general", ListValue, "perservecase", translate("Lower caseing options")) +preservecase:value("0", translate("force lower case")) +preservecase:value("1", translate("don't change")) +preservecase:value("2", translate("scan fist in lower, then in original")) +preservecase.default = "0" + +hexdecodecontent = s:taboption("tab_general", ListValue, "hexdecodecontent", translate("Hex decoding options")) +hexdecodecontent:value("on", translate("Yes")) +hexdecodecontent:value("off", translate("No")) +hexdecodecontent.default = "off" + +forcequicksearch = s:taboption("tab_general", ListValue, "forcequicksearch", translate("Quick search")) +forcequicksearch:value("on", translate("Yes")) +forcequicksearch:value("off", translate("No")) +forcequicksearch.default = "off" + +reverseaddresslookups= s:taboption("tab_general", ListValue, "reverseaddresslookups", translate("Reverse lookups for banned site and URLs")) +reverseaddresslookups:value("on", translate("Yes")) +reverseaddresslookups:value("off", translate("No")) +reverseaddresslookups.default = "off" + +reverseclientiplookups = s:taboption("tab_general", ListValue, "reverseclientiplookups", translate("Reverse lookups for banned and exception IP lists")) +reverseclientiplookups:value("on", translate("Yes")) +reverseclientiplookups:value("off", translate("No")) +reverseclientiplookups.default = "off" + +logclienthostnames = s:taboption("tab_general", ListValue, "logclienthostnames", translate("Perform reverse lookups on client IPs for successful requests")) +logclienthostnames:value("on", translate("Yes")) +logclienthostnames:value("off", translate("No")) +logclienthostnames.default = "off" + +createlistcachefiles = s:taboption("tab_general", ListValue, "createlistcachefiles", translate("Build bannedsitelist and bannedurllist cache files")) +createlistcachefiles:value("on",translate("Yes")) +createlistcachefiles:value("off",translate("No")) +createlistcachefiles.default = "on" + +prefercachedlists = s:taboption("tab_general", ListValue, "prefercachedlists", translate("Prefer cached list files")) +prefercachedlists:value("on", translate("Yes")) +prefercachedlists:value("off", translate("No")) +prefercachedlists.default = "off" + +maxuploadsize = s:taboption("tab_general", Value, "maxuploadsize", translate("Max upload size (in Kbytes)")) +maxuploadsize:value("-1", translate("no blocking")) +maxuploadsize:value("0", translate("complete block")) +maxuploadsize.default = "-1" + +maxcontentfiltersize = s:taboption("tab_general", Value, "maxcontentfiltersize", translate("Max content filter size"), +translate("The value must not be higher than max content ram cache scan size or 0 to match it")) +maxcontentfiltersize.datatype = "and(uinteger,min(0))" +maxcontentfiltersize.default = "256" + +maxcontentramcachescansize = s:taboption("tab_general", Value, "maxcontentramcachescansize", translate("Max content ram cache scan size"), +translate("This is the max size of file that DG will download and cache in RAM")) +maxcontentramcachescansize.datatype = "and(uinteger,min(0))" +maxcontentramcachescansize.default = "2000" + +maxcontentfilecachescansize = s:taboption("tab_general", Value, "maxcontentfilecachescansize", translate("Max content file cache scan size")) +maxcontentfilecachescansize.datatype = "and(uinteger,min(0))" +maxcontentfilecachescansize.default = "20000" + +proxytimeout = s:taboption("tab_general", Value, "proxytimeout", translate("Proxy timeout (5-100)")) +proxytimeout.datatype = "range(5,100)" +proxytimeout.default = "20" + +proxyexchange = s:taboption("tab_general", Value, "proxyexchange", translate("Proxy header excahnge (20-300)")) +proxyexchange.datatype = "range(20,300)" +proxyexchange.default = "20" + +pcontimeout = s:taboption("tab_general", Value, "pcontimeout", translate("Pconn timeout"), +translate("How long a persistent connection will wait for other requests")) +pcontimeout.datatype = "range(5,300)" +pcontimeout.default = "55" + +filecachedir = s:taboption("tab_general", Value, "filecachedir", translate("File cache directory")) +filecachedir.datatype = "string" +filecachedir.default = "/tmp" + +deletedownloadedtempfiles = s:taboption("tab_general", ListValue, "deletedownloadedtempfiles", translate("Delete file cache after user completes download")) +deletedownloadedtempfiles:value("on", translate("Yes")) +deletedownloadedtempfiles:value("off", translate("No")) +deletedownloadedtempfiles.default = "on" + +initialtrickledelay = s:taboption("tab_general", Value, "initialtrickledelay", translate("Initial Trickle delay"), +translate("Number of seconds a browser connection is left waiting before first being sent *something* to keep it alive")) +initialtrickledelay.datatype = "and(uinteger,min(0))" +initialtrickledelay.default = "20" + +trickledelay = s:taboption("tab_general", Value, "trickledelay", translate("Trickle delay"), +translate("Number of seconds a browser connection is left waiting before being sent more *something* to keep it alive")) +trickledelay.datatype = "and(uinteger,min(0))" +trickledelay.default = "10" + +downloadmanager = s:taboption("tab_general", Value, "downloadmanager", translate("Download manager")) +downloadmanager.datatype = "string" +downloadmanager.default = "/etc/e2guardian/downloadmanagers/default.conf" + +contentscannertimeout = s:taboption("tab_general", Value, "contentscannertimeout", translate("Content scanner timeout")) +contentscannertimeout.datatype = "and(uinteger,min(0))" +contentscannertimeout.default = "60" + +contentscanexceptions = s:taboption("tab_general", ListValue, "contentscanexceptions", translate("Content scan exceptions")) +contentscanexceptions:value("on", translate("Yes")) +contentscanexceptions:value("off", translate("No")) +contentscanexceptions.default = "off" + +recheckreplacedurls = s:taboption("tab_general", ListValue, "recheckreplacedurls", translate("e-check replaced URLs")) +recheckreplacedurls:value("on", translate("Yes")) +recheckreplacedurls:value("off", translate("No")) +recheckreplacedurls.default = "off" + +forwardedfor = s:taboption("tab_general", ListValue, "forwardedfor", translate("Misc setting: forwardedfor"), +translate("If on, it may help solve some problem sites that need to know the source ip.")) +forwardedfor:value("on", translate("Yes")) +forwardedfor:value("off", translate("No")) +forwardedfor.default = "off" + +usexforwardedfor = s:taboption("tab_general", ListValue, "usexforwardedfor", translate("Misc setting: usexforwardedfor"), +translate("This is for when you have squid between the clients and E2Guardian")) +usexforwardedfor:value("on", translate("Yes")) +usexforwardedfor:value("off", translate("No")) +usexforwardedfor.default = "off" + +logconnectionhandlingerrors = s:taboption("tab_general", ListValue, "logconnectionhandlingerrors", translate("Log debug info about log()ing and accept()ing")) +logconnectionhandlingerrors:value("on", translate("Yes")) +logconnectionhandlingerrors:value("off", translate("No")) +logconnectionhandlingerrors.default = "on" + +logchildprocesshandling = s:taboption("tab_general", ListValue, "logchildprocesshandling", translate("Log child process handling")) +logchildprocesshandling:value("on", translate("Yes")) +logchildprocesshandling:value("off", translate("No")) +logchildprocesshandling.default = "off" + +maxchildren = s:taboption("tab_general", Value, "maxchildren", translate("Max number of processes to spawn")) +maxchildren.datatype = "and(uinteger,min(0))" +maxchildren.default = "180" + +minchildren = s:taboption("tab_general", Value, "minchildren", translate("Min number of processes to spawn")) +minchildren.datatype = "and(uinteger,min(0))" +minchildren.default = "20" + +minsparechildren = s:taboption("tab_general", Value, "minsparechildren", translate("Min number of processes to keep ready")) +minsparechildren.datatype = "and(uinteger,min(0))" +minsparechildren.default = "16" + +preforkchildren = s:taboption("tab_general", Value, "preforkchildren", translate("Sets minimum nuber of processes when it runs out")) +preforkchildren.datatype = "and(uinteger,min(0))" +preforkchildren.default = "10" + +maxsparechildren = s:taboption("tab_general", Value, "maxsparechildren", translate("Sets the maximum number of processes to have doing nothing")) +maxsparechildren.datatype = "and(uinteger,min(0))" +maxsparechildren.default = "32" + +maxagechildren = s:taboption("tab_general", Value, "maxagechildren", translate("Max age of child process")) +maxagechildren.datatype = "and(uinteger,min(0))" +maxagechildren.default = "500" + +maxips = s:taboption("tab_general", Value, "maxips", translate("Max number of clinets allowed to connect")) +maxips:value("0", translate("no limit")) +maxips.default = "0" + +ipipcfilename = s:taboption("tab_general", Value, "ipipcfilename", translate("IP list IPC server directory and filename")) +ipipcfilename.datatype = "string" +ipipcfilename.default = "/tmp/.dguardianipc" + +urlipcfilename = s:taboption("tab_general", Value, "urlipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process")) +urlipcfilename.datatype = "string" +urlipcfilename.default = "/tmp/.dguardianurlipc" + +ipcfilename = s:taboption("tab_general", Value, "ipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process")) +ipcfilename.datatype = "string" +ipcfilename.default = "/tmp/.dguardianipipc" + +nodeamon = s:taboption("tab_general", ListValue, "nodeamon", translate("Disable deamoning")) +nodeamon:value("on", translate("Yes")) +nodeamon:value("off", translate("No")) +nodeamon.default = "off" + +nologger = s:taboption("tab_general", ListValue, "nologger", translate("Disable logger")) +nologger:value("on", translate("Yes")) +nologger:value("off", translate("No")) +nologger.default = "off" + +logadblock = s:taboption("tab_general", ListValue, "logadblock", translate("Enable logging of ADs")) +logadblock:value("on", translate("Yes")) +logadblock:value("off", translate("No")) +logadblock.default = "off" + +loguseragent = s:taboption("tab_general", ListValue, "loguseragent", translate("Enable logging of client user agent")) +loguseragent:value("on", translate("Yes")) +loguseragent:value("off", translate("No")) +loguseragent.default = "off" + +softrestart = s:taboption("tab_general", ListValue, "softrestart", translate("Enable soft restart")) +softrestart:value("on", translate("Yes")) +softrestart:value("off", translate("No")) +softrestart.default = "off" + + +------------------------ Additional Settings Tab ---------------------------- + +e2guardian_config_file = s:taboption("tab_additional", TextValue, "_data", "") +e2guardian_config_file.wrap = "off" +e2guardian_config_file.rows = 25 +e2guardian_config_file.rmempty = false + +function e2guardian_config_file.cfgvalue() + local uci = require "luci.model.uci".cursor_state() + file = "/etc/e2guardian/e2guardianf1.conf" + if file then + return fs.readfile(file) or "" + else + return "" + end +end + +function e2guardian_config_file.write(self, section, value) + if value then + local uci = require "luci.model.uci".cursor_state() + file = "/etc/e2guardian/e2guardianf1.conf" + fs.writefile(file, value:gsub("\r\n", "\n")) + end +end + + +---------------------------- Logs Tab ----------------------------- + +e2guardian_logfile = s:taboption("tab_logs", TextValue, "lines", "") +e2guardian_logfile.wrap = "off" +e2guardian_logfile.rows = 25 +e2guardian_logfile.rmempty = true + +function e2guardian_logfile.cfgvalue() + local uci = require "luci.model.uci".cursor_state() + file = "/tmp/e2guardian/access.log" + if file then + return fs.readfile(file) or "" + else + return "Can't read log file" + end +end + +function e2guardian_logfile.write() + return "" +end + +return m -- 2.11.0