1
0

e2guardian.lua 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399
  1. --[[
  2. LuCI E2Guardian module
  3. Copyright (C) 2015, Itus Networks, Inc.
  4. Licensed under the Apache License, Version 2.0 (the "License");
  5. you may not use this file except in compliance with the License.
  6. You may obtain a copy of the License at
  7. http://www.apache.org/licenses/LICENSE-2.0
  8. Author: Marko Ratkaj <marko.ratkaj@sartura.hr>
  9. Luka Perkov <luka.perkov@sartura.hr>
  10. ]]--
  11. local fs = require "nixio.fs"
  12. local sys = require "luci.sys"
  13. m = Map("e2guardian", translate("E2Guardian"))
  14. m.on_after_commit = function() luci.sys.call("/etc/init.d/e2guardian restart") end
  15. s = m:section(TypedSection, "e2guardian")
  16. s.anonymous = true
  17. s.addremove = false
  18. s:tab("tab_general", translate("General Settings"))
  19. s:tab("tab_additional", translate("Additional Settings"))
  20. s:tab("tab_logs", translate("Logs"))
  21. ----------------- General Settings Tab -----------------------
  22. filterip = s:taboption("tab_general", Value, "filterip", translate("IP that E2Guardian listens"))
  23. filterip.datatype = "ip4addr"
  24. filterports = s:taboption("tab_general", Value, "filterports", translate("Port that E2Guardian listens"))
  25. filterports.datatype = "portrange"
  26. filterports.placeholder = "0-65535"
  27. proxyip = s:taboption("tab_general", Value, "proxyip", translate("IP address of the proxy"))
  28. proxyip.datatype = "ip4addr"
  29. proxyip.default = "127.0.0.1"
  30. proxyport = s:taboption("tab_general", Value, "proxyport", translate("Port of the proxy"))
  31. proxyport.datatype = "portrange"
  32. proxyport.placeholder = "0-65535"
  33. languagedir = s:taboption("tab_general", Value, "languagedir", translate("Language dir"))
  34. languagedir.datatype = "string"
  35. languagedir.default = "/usr/share/e2guardian/languages"
  36. language = s:taboption("tab_general", Value, "language", translate("Language to use"))
  37. language.datatype = "string"
  38. language.default = "ukenglish"
  39. loglevel = s:taboption("tab_general", ListValue, "loglevel", translate("Logging Settings"))
  40. loglevel:value("0", translate("none"))
  41. loglevel:value("1", translate("just denied"))
  42. loglevel:value("2", translate("all text based"))
  43. loglevel:value("3", translate("all requests"))
  44. loglevel.default = "2"
  45. logexceptionhits = s:taboption("tab_general", ListValue, "logexceptionhits", translate("Log Exception Hits"))
  46. logexceptionhits:value("0", translate("never"))
  47. logexceptionhits:value("1", translate("log, but don't mark as exceptions"))
  48. logexceptionhits:value("2", translate("log and mark"))
  49. logexceptionhits.default = "2"
  50. logfileformat = s:taboption("tab_general", ListValue, "logfileformat", translate("Log File Format"))
  51. logfileformat:value("1", translate("DansgGuardian format, space delimited"))
  52. logfileformat:value("2", translate("CSV-style format"))
  53. logfileformat:value("3", translate("Squid Log File Format"))
  54. logfileformat:value("4", translate("Tab delimited"))
  55. logfileformat:value("5", translate("Protex format"))
  56. logfileformat:value("6", translate("Protex format with server field blanked"))
  57. logfileformat.default = "1"
  58. accessdeniedaddress = s:taboption("tab_general", Value, "accessdeniedaddress", translate("Access denied address"),
  59. translate("Server to which the cgi e2guardian reporting script was copied. Reporting levels 1 and 2 only"))
  60. accessdeniedaddress.datatype = "string"
  61. accessdeniedaddress.default = "http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl"
  62. usecustombannedimage = s:taboption("tab_general", ListValue, "usecustombannedimage", translate("Banned image replacement"))
  63. usecustombannedimage:value("on", translate("Yes"))
  64. usecustombannedimage:value("off", translate("No"))
  65. usecustombannedimage.default = "on"
  66. custombannedimagefile = s:taboption("tab_general", Value, "custombannedimagefile", translate("Custom banned image file"))
  67. custombannedimagefile.datatype = "string"
  68. custombannedimagefile.default = "/usr/share/e2guardian/transparent1x1.gif"
  69. usecustombannedflash = s:taboption("tab_general", ListValue, "usecustombannedflash", translate("Banned flash replacement"))
  70. usecustombannedflash:value("on", translate("Yes"))
  71. usecustombannedflash:value("off", translate("No"))
  72. usecustombannedflash.default = "on"
  73. custombannedflashfile = s:taboption("tab_general", Value, "custombannedflashfile", translate("Custom banned flash file"))
  74. custombannedflashfile.datatype = "string"
  75. custombannedflashfile.default = "/usr/share/e2guardian/blockedflash.swf"
  76. filtergroups = s:taboption("tab_general", Value, "filtergroups", translate("Number of filter groups"))
  77. filtergroups.datatype = "and(uinteger,min(1))"
  78. filtergroups.default = "1"
  79. filtergroupslist = s:taboption("tab_general", Value, "filtergroupslist", translate("List of filter groups"))
  80. filtergroupslist.datatype = "string"
  81. filtergroupslist.default = "/etc/e2guardian/lists/filtergroupslist"
  82. bannediplist = s:taboption("tab_general", Value, "bannediplist", translate("List of banned IPs"))
  83. bannediplist.datatype = "string"
  84. bannediplist.default = "/etc/e2guardian/lists/bannediplist"
  85. exceptioniplist = s:taboption("tab_general", Value, "exceptioniplist", translate("List of IP exceptions"))
  86. exceptioniplist.datatype = "string"
  87. exceptioniplist.default = "/etc/e2guardian/lists/exceptioniplist"
  88. perroomblockingdirectory = s:taboption("tab_general", Value, "perroomblockingdirectory", translate("Per-Room blocking definition directory"))
  89. perroomblockingdirectory.datatype = "string"
  90. perroomblockingdirectory.default = "/etc/e2guardian/lists/bannedrooms/"
  91. showweightedfound = s:taboption("tab_general", ListValue, "showweightedfound", translate("Show weighted phrases found"))
  92. showweightedfound:value("on", translate("Yes"))
  93. showweightedfound:value("off", translate("No"))
  94. showweightedfound.default = "on"
  95. weightedphrasemode = s:taboption("tab_general", ListValue, "weightedphrasemode", translate("Weighted phrase mode"))
  96. weightedphrasemode:value("0", translate("off"))
  97. weightedphrasemode:value("1", translate("on, normal operation"))
  98. weightedphrasemode:value("2", translate("on, phrase found only counts once on a page"))
  99. weightedphrasemode.default = "2"
  100. urlcachenumber = s:taboption("tab_general", Value, "urlcachenumber", translate("Clean result caching for URLs"))
  101. urlcachenumber.datatype = "and(uinteger,min(0))"
  102. urlcachenumber.default = "1000"
  103. urlcacheage = s:taboption("tab_general", Value, "urlcacheage", translate("Age before they should be ignored in seconds"))
  104. urlcacheage.datatype = "and(uinteger,min(0))"
  105. urlcacheage.default = "900"
  106. scancleancache = s:taboption("tab_general", ListValue, "scancleancache", translate("Cache for content (AV) scans as 'clean'"))
  107. scancleancache:value("on", translate("Yes"))
  108. scancleancache:value("off", translate("No"))
  109. scancleancache.default = "on"
  110. phrasefiltermode = s:taboption("tab_general", ListValue, "phrasefiltermode", translate("Filtering options"))
  111. phrasefiltermode:value("0", translate("raw"))
  112. phrasefiltermode:value("1", translate("smart"))
  113. phrasefiltermode:value("2", translate("both raw and smart"))
  114. phrasefiltermode:value("3", translate("meta/title"))
  115. phrasefiltermode.default = "2"
  116. preservecase = s:taboption("tab_general", ListValue, "perservecase", translate("Lower caseing options"))
  117. preservecase:value("0", translate("force lower case"))
  118. preservecase:value("1", translate("don't change"))
  119. preservecase:value("2", translate("scan fist in lower, then in original"))
  120. preservecase.default = "0"
  121. hexdecodecontent = s:taboption("tab_general", ListValue, "hexdecodecontent", translate("Hex decoding options"))
  122. hexdecodecontent:value("on", translate("Yes"))
  123. hexdecodecontent:value("off", translate("No"))
  124. hexdecodecontent.default = "off"
  125. forcequicksearch = s:taboption("tab_general", ListValue, "forcequicksearch", translate("Quick search"))
  126. forcequicksearch:value("on", translate("Yes"))
  127. forcequicksearch:value("off", translate("No"))
  128. forcequicksearch.default = "off"
  129. reverseaddresslookups= s:taboption("tab_general", ListValue, "reverseaddresslookups", translate("Reverse lookups for banned site and URLs"))
  130. reverseaddresslookups:value("on", translate("Yes"))
  131. reverseaddresslookups:value("off", translate("No"))
  132. reverseaddresslookups.default = "off"
  133. reverseclientiplookups = s:taboption("tab_general", ListValue, "reverseclientiplookups", translate("Reverse lookups for banned and exception IP lists"))
  134. reverseclientiplookups:value("on", translate("Yes"))
  135. reverseclientiplookups:value("off", translate("No"))
  136. reverseclientiplookups.default = "off"
  137. logclienthostnames = s:taboption("tab_general", ListValue, "logclienthostnames", translate("Perform reverse lookups on client IPs for successful requests"))
  138. logclienthostnames:value("on", translate("Yes"))
  139. logclienthostnames:value("off", translate("No"))
  140. logclienthostnames.default = "off"
  141. createlistcachefiles = s:taboption("tab_general", ListValue, "createlistcachefiles", translate("Build bannedsitelist and bannedurllist cache files"))
  142. createlistcachefiles:value("on",translate("Yes"))
  143. createlistcachefiles:value("off",translate("No"))
  144. createlistcachefiles.default = "on"
  145. prefercachedlists = s:taboption("tab_general", ListValue, "prefercachedlists", translate("Prefer cached list files"))
  146. prefercachedlists:value("on", translate("Yes"))
  147. prefercachedlists:value("off", translate("No"))
  148. prefercachedlists.default = "off"
  149. maxuploadsize = s:taboption("tab_general", Value, "maxuploadsize", translate("Max upload size (in Kbytes)"))
  150. maxuploadsize:value("-1", translate("no blocking"))
  151. maxuploadsize:value("0", translate("complete block"))
  152. maxuploadsize.default = "-1"
  153. maxcontentfiltersize = s:taboption("tab_general", Value, "maxcontentfiltersize", translate("Max content filter size"),
  154. translate("The value must not be higher than max content ram cache scan size or 0 to match it"))
  155. maxcontentfiltersize.datatype = "and(uinteger,min(0))"
  156. maxcontentfiltersize.default = "256"
  157. maxcontentramcachescansize = s:taboption("tab_general", Value, "maxcontentramcachescansize", translate("Max content ram cache scan size"),
  158. translate("This is the max size of file that DG will download and cache in RAM"))
  159. maxcontentramcachescansize.datatype = "and(uinteger,min(0))"
  160. maxcontentramcachescansize.default = "2000"
  161. maxcontentfilecachescansize = s:taboption("tab_general", Value, "maxcontentfilecachescansize", translate("Max content file cache scan size"))
  162. maxcontentfilecachescansize.datatype = "and(uinteger,min(0))"
  163. maxcontentfilecachescansize.default = "20000"
  164. proxytimeout = s:taboption("tab_general", Value, "proxytimeout", translate("Proxy timeout (5-100)"))
  165. proxytimeout.datatype = "range(5,100)"
  166. proxytimeout.default = "20"
  167. proxyexchange = s:taboption("tab_general", Value, "proxyexchange", translate("Proxy header excahnge (20-300)"))
  168. proxyexchange.datatype = "range(20,300)"
  169. proxyexchange.default = "20"
  170. pcontimeout = s:taboption("tab_general", Value, "pcontimeout", translate("Pconn timeout"),
  171. translate("How long a persistent connection will wait for other requests"))
  172. pcontimeout.datatype = "range(5,300)"
  173. pcontimeout.default = "55"
  174. filecachedir = s:taboption("tab_general", Value, "filecachedir", translate("File cache directory"))
  175. filecachedir.datatype = "string"
  176. filecachedir.default = "/tmp"
  177. deletedownloadedtempfiles = s:taboption("tab_general", ListValue, "deletedownloadedtempfiles", translate("Delete file cache after user completes download"))
  178. deletedownloadedtempfiles:value("on", translate("Yes"))
  179. deletedownloadedtempfiles:value("off", translate("No"))
  180. deletedownloadedtempfiles.default = "on"
  181. initialtrickledelay = s:taboption("tab_general", Value, "initialtrickledelay", translate("Initial Trickle delay"),
  182. translate("Number of seconds a browser connection is left waiting before first being sent *something* to keep it alive"))
  183. initialtrickledelay.datatype = "and(uinteger,min(0))"
  184. initialtrickledelay.default = "20"
  185. trickledelay = s:taboption("tab_general", Value, "trickledelay", translate("Trickle delay"),
  186. translate("Number of seconds a browser connection is left waiting before being sent more *something* to keep it alive"))
  187. trickledelay.datatype = "and(uinteger,min(0))"
  188. trickledelay.default = "10"
  189. downloadmanager = s:taboption("tab_general", Value, "downloadmanager", translate("Download manager"))
  190. downloadmanager.datatype = "string"
  191. downloadmanager.default = "/etc/e2guardian/downloadmanagers/default.conf"
  192. contentscannertimeout = s:taboption("tab_general", Value, "contentscannertimeout", translate("Content scanner timeout"))
  193. contentscannertimeout.datatype = "and(uinteger,min(0))"
  194. contentscannertimeout.default = "60"
  195. contentscanexceptions = s:taboption("tab_general", ListValue, "contentscanexceptions", translate("Content scan exceptions"))
  196. contentscanexceptions:value("on", translate("Yes"))
  197. contentscanexceptions:value("off", translate("No"))
  198. contentscanexceptions.default = "off"
  199. recheckreplacedurls = s:taboption("tab_general", ListValue, "recheckreplacedurls", translate("e-check replaced URLs"))
  200. recheckreplacedurls:value("on", translate("Yes"))
  201. recheckreplacedurls:value("off", translate("No"))
  202. recheckreplacedurls.default = "off"
  203. forwardedfor = s:taboption("tab_general", ListValue, "forwardedfor", translate("Misc setting: forwardedfor"),
  204. translate("If on, it may help solve some problem sites that need to know the source ip."))
  205. forwardedfor:value("on", translate("Yes"))
  206. forwardedfor:value("off", translate("No"))
  207. forwardedfor.default = "off"
  208. usexforwardedfor = s:taboption("tab_general", ListValue, "usexforwardedfor", translate("Misc setting: usexforwardedfor"),
  209. translate("This is for when you have squid between the clients and E2Guardian"))
  210. usexforwardedfor:value("on", translate("Yes"))
  211. usexforwardedfor:value("off", translate("No"))
  212. usexforwardedfor.default = "off"
  213. logconnectionhandlingerrors = s:taboption("tab_general", ListValue, "logconnectionhandlingerrors", translate("Log debug info about log()ing and accept()ing"))
  214. logconnectionhandlingerrors:value("on", translate("Yes"))
  215. logconnectionhandlingerrors:value("off", translate("No"))
  216. logconnectionhandlingerrors.default = "on"
  217. logchildprocesshandling = s:taboption("tab_general", ListValue, "logchildprocesshandling", translate("Log child process handling"))
  218. logchildprocesshandling:value("on", translate("Yes"))
  219. logchildprocesshandling:value("off", translate("No"))
  220. logchildprocesshandling.default = "off"
  221. maxchildren = s:taboption("tab_general", Value, "maxchildren", translate("Max number of processes to spawn"))
  222. maxchildren.datatype = "and(uinteger,min(0))"
  223. maxchildren.default = "180"
  224. minchildren = s:taboption("tab_general", Value, "minchildren", translate("Min number of processes to spawn"))
  225. minchildren.datatype = "and(uinteger,min(0))"
  226. minchildren.default = "20"
  227. minsparechildren = s:taboption("tab_general", Value, "minsparechildren", translate("Min number of processes to keep ready"))
  228. minsparechildren.datatype = "and(uinteger,min(0))"
  229. minsparechildren.default = "16"
  230. preforkchildren = s:taboption("tab_general", Value, "preforkchildren", translate("Sets minimum nuber of processes when it runs out"))
  231. preforkchildren.datatype = "and(uinteger,min(0))"
  232. preforkchildren.default = "10"
  233. maxsparechildren = s:taboption("tab_general", Value, "maxsparechildren", translate("Sets the maximum number of processes to have doing nothing"))
  234. maxsparechildren.datatype = "and(uinteger,min(0))"
  235. maxsparechildren.default = "32"
  236. maxagechildren = s:taboption("tab_general", Value, "maxagechildren", translate("Max age of child process"))
  237. maxagechildren.datatype = "and(uinteger,min(0))"
  238. maxagechildren.default = "500"
  239. maxips = s:taboption("tab_general", Value, "maxips", translate("Max number of clinets allowed to connect"))
  240. maxips:value("0", translate("no limit"))
  241. maxips.default = "0"
  242. ipipcfilename = s:taboption("tab_general", Value, "ipipcfilename", translate("IP list IPC server directory and filename"))
  243. ipipcfilename.datatype = "string"
  244. ipipcfilename.default = "/tmp/.dguardianipc"
  245. urlipcfilename = s:taboption("tab_general", Value, "urlipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process"))
  246. urlipcfilename.datatype = "string"
  247. urlipcfilename.default = "/tmp/.dguardianurlipc"
  248. ipcfilename = s:taboption("tab_general", Value, "ipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process"))
  249. ipcfilename.datatype = "string"
  250. ipcfilename.default = "/tmp/.dguardianipipc"
  251. nodeamon = s:taboption("tab_general", ListValue, "nodeamon", translate("Disable deamoning"))
  252. nodeamon:value("on", translate("Yes"))
  253. nodeamon:value("off", translate("No"))
  254. nodeamon.default = "off"
  255. nologger = s:taboption("tab_general", ListValue, "nologger", translate("Disable logger"))
  256. nologger:value("on", translate("Yes"))
  257. nologger:value("off", translate("No"))
  258. nologger.default = "off"
  259. logadblock = s:taboption("tab_general", ListValue, "logadblock", translate("Enable logging of ADs"))
  260. logadblock:value("on", translate("Yes"))
  261. logadblock:value("off", translate("No"))
  262. logadblock.default = "off"
  263. loguseragent = s:taboption("tab_general", ListValue, "loguseragent", translate("Enable logging of client user agent"))
  264. loguseragent:value("on", translate("Yes"))
  265. loguseragent:value("off", translate("No"))
  266. loguseragent.default = "off"
  267. softrestart = s:taboption("tab_general", ListValue, "softrestart", translate("Enable soft restart"))
  268. softrestart:value("on", translate("Yes"))
  269. softrestart:value("off", translate("No"))
  270. softrestart.default = "off"
  271. ------------------------ Additional Settings Tab ----------------------------
  272. e2guardian_config_file = s:taboption("tab_additional", TextValue, "_data", "")
  273. e2guardian_config_file.wrap = "off"
  274. e2guardian_config_file.rows = 25
  275. e2guardian_config_file.rmempty = false
  276. function e2guardian_config_file.cfgvalue()
  277. local uci = require "luci.model.uci".cursor_state()
  278. file = "/etc/e2guardian/e2guardianf1.conf"
  279. if file then
  280. return fs.readfile(file) or ""
  281. else
  282. return ""
  283. end
  284. end
  285. function e2guardian_config_file.write(self, section, value)
  286. if value then
  287. local uci = require "luci.model.uci".cursor_state()
  288. file = "/etc/e2guardian/e2guardianf1.conf"
  289. fs.writefile(file, value:gsub("\r\n", "\n"))
  290. end
  291. end
  292. ---------------------------- Logs Tab -----------------------------
  293. e2guardian_logfile = s:taboption("tab_logs", TextValue, "lines", "")
  294. e2guardian_logfile.wrap = "off"
  295. e2guardian_logfile.rows = 25
  296. e2guardian_logfile.rmempty = true
  297. function e2guardian_logfile.cfgvalue()
  298. local uci = require "luci.model.uci".cursor_state()
  299. file = "/tmp/e2guardian/access.log"
  300. if file then
  301. return fs.readfile(file) or ""
  302. else
  303. return "Can't read log file"
  304. end
  305. end
  306. function e2guardian_logfile.write()
  307. return ""
  308. end
  309. return m