1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
|
--[[
LuCI E2Guardian module
Copyright (C) 2015, Itus Networks, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Author: Marko Ratkaj <marko.ratkaj@sartura.hr>
Luka Perkov <luka.perkov@sartura.hr>
]]--
local fs = require "nixio.fs"
local sys = require "luci.sys"
m = Map("e2guardian", translate("E2Guardian"))
m.on_after_commit = function() luci.sys.call("/etc/init.d/e2guardian restart") end
s = m:section(TypedSection, "e2guardian")
s.anonymous = true
s.addremove = false
s:tab("tab_general", translate("General Settings"))
s:tab("tab_additional", translate("Additional Settings"))
s:tab("tab_logs", translate("Logs"))
----------------- General Settings Tab -----------------------
filterip = s:taboption("tab_general", Value, "filterip", translate("IP that E2Guardian listens"))
filterip.datatype = "ip4addr"
filterports = s:taboption("tab_general", Value, "filterports", translate("Port that E2Guardian listens"))
filterports.datatype = "portrange"
filterports.placeholder = "0-65535"
proxyip = s:taboption("tab_general", Value, "proxyip", translate("IP address of the proxy"))
proxyip.datatype = "ip4addr"
proxyip.default = "127.0.0.1"
proxyport = s:taboption("tab_general", Value, "proxyport", translate("Port of the proxy"))
proxyport.datatype = "portrange"
proxyport.placeholder = "0-65535"
languagedir = s:taboption("tab_general", Value, "languagedir", translate("Language dir"))
languagedir.datatype = "string"
languagedir.default = "/usr/share/e2guardian/languages"
language = s:taboption("tab_general", Value, "language", translate("Language to use"))
language.datatype = "string"
language.default = "ukenglish"
loglevel = s:taboption("tab_general", ListValue, "loglevel", translate("Logging Settings"))
loglevel:value("0", translate("none"))
loglevel:value("1", translate("just denied"))
loglevel:value("2", translate("all text based"))
loglevel:value("3", translate("all requests"))
loglevel.default = "2"
logexceptionhits = s:taboption("tab_general", ListValue, "logexceptionhits", translate("Log Exception Hits"))
logexceptionhits:value("0", translate("never"))
logexceptionhits:value("1", translate("log, but don't mark as exceptions"))
logexceptionhits:value("2", translate("log and mark"))
logexceptionhits.default = "2"
logfileformat = s:taboption("tab_general", ListValue, "logfileformat", translate("Log File Format"))
logfileformat:value("1", translate("DansgGuardian format, space delimited"))
logfileformat:value("2", translate("CSV-style format"))
logfileformat:value("3", translate("Squid Log File Format"))
logfileformat:value("4", translate("Tab delimited"))
logfileformat:value("5", translate("Protex format"))
logfileformat:value("6", translate("Protex format with server field blanked"))
logfileformat.default = "1"
accessdeniedaddress = s:taboption("tab_general", Value, "accessdeniedaddress", translate("Access denied address"),
translate("Server to which the cgi e2guardian reporting script was copied. Reporting levels 1 and 2 only"))
accessdeniedaddress.datatype = "string"
accessdeniedaddress.default = "http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl"
usecustombannedimage = s:taboption("tab_general", ListValue, "usecustombannedimage", translate("Banned image replacement"))
usecustombannedimage:value("on", translate("Yes"))
usecustombannedimage:value("off", translate("No"))
usecustombannedimage.default = "on"
custombannedimagefile = s:taboption("tab_general", Value, "custombannedimagefile", translate("Custom banned image file"))
custombannedimagefile.datatype = "string"
custombannedimagefile.default = "/usr/share/e2guardian/transparent1x1.gif"
usecustombannedflash = s:taboption("tab_general", ListValue, "usecustombannedflash", translate("Banned flash replacement"))
usecustombannedflash:value("on", translate("Yes"))
usecustombannedflash:value("off", translate("No"))
usecustombannedflash.default = "on"
custombannedflashfile = s:taboption("tab_general", Value, "custombannedflashfile", translate("Custom banned flash file"))
custombannedflashfile.datatype = "string"
custombannedflashfile.default = "/usr/share/e2guardian/blockedflash.swf"
filtergroups = s:taboption("tab_general", Value, "filtergroups", translate("Number of filter groups"))
filtergroups.datatype = "and(uinteger,min(1))"
filtergroups.default = "1"
filtergroupslist = s:taboption("tab_general", Value, "filtergroupslist", translate("List of filter groups"))
filtergroupslist.datatype = "string"
filtergroupslist.default = "/etc/e2guardian/lists/filtergroupslist"
bannediplist = s:taboption("tab_general", Value, "bannediplist", translate("List of banned IPs"))
bannediplist.datatype = "string"
bannediplist.default = "/etc/e2guardian/lists/bannediplist"
exceptioniplist = s:taboption("tab_general", Value, "exceptioniplist", translate("List of IP exceptions"))
exceptioniplist.datatype = "string"
exceptioniplist.default = "/etc/e2guardian/lists/exceptioniplist"
perroomblockingdirectory = s:taboption("tab_general", Value, "perroomblockingdirectory", translate("Per-Room blocking definition directory"))
perroomblockingdirectory.datatype = "string"
perroomblockingdirectory.default = "/etc/e2guardian/lists/bannedrooms/"
showweightedfound = s:taboption("tab_general", ListValue, "showweightedfound", translate("Show weighted phrases found"))
showweightedfound:value("on", translate("Yes"))
showweightedfound:value("off", translate("No"))
showweightedfound.default = "on"
weightedphrasemode = s:taboption("tab_general", ListValue, "weightedphrasemode", translate("Weighted phrase mode"))
weightedphrasemode:value("0", translate("off"))
weightedphrasemode:value("1", translate("on, normal operation"))
weightedphrasemode:value("2", translate("on, phrase found only counts once on a page"))
weightedphrasemode.default = "2"
urlcachenumber = s:taboption("tab_general", Value, "urlcachenumber", translate("Clean result caching for URLs"))
urlcachenumber.datatype = "and(uinteger,min(0))"
urlcachenumber.default = "1000"
urlcacheage = s:taboption("tab_general", Value, "urlcacheage", translate("Age before they should be ignored in seconds"))
urlcacheage.datatype = "and(uinteger,min(0))"
urlcacheage.default = "900"
scancleancache = s:taboption("tab_general", ListValue, "scancleancache", translate("Cache for content (AV) scans as 'clean'"))
scancleancache:value("on", translate("Yes"))
scancleancache:value("off", translate("No"))
scancleancache.default = "on"
phrasefiltermode = s:taboption("tab_general", ListValue, "phrasefiltermode", translate("Filtering options"))
phrasefiltermode:value("0", translate("raw"))
phrasefiltermode:value("1", translate("smart"))
phrasefiltermode:value("2", translate("both raw and smart"))
phrasefiltermode:value("3", translate("meta/title"))
phrasefiltermode.default = "2"
preservecase = s:taboption("tab_general", ListValue, "perservecase", translate("Lower caseing options"))
preservecase:value("0", translate("force lower case"))
preservecase:value("1", translate("don't change"))
preservecase:value("2", translate("scan fist in lower, then in original"))
preservecase.default = "0"
hexdecodecontent = s:taboption("tab_general", ListValue, "hexdecodecontent", translate("Hex decoding options"))
hexdecodecontent:value("on", translate("Yes"))
hexdecodecontent:value("off", translate("No"))
hexdecodecontent.default = "off"
forcequicksearch = s:taboption("tab_general", ListValue, "forcequicksearch", translate("Quick search"))
forcequicksearch:value("on", translate("Yes"))
forcequicksearch:value("off", translate("No"))
forcequicksearch.default = "off"
reverseaddresslookups= s:taboption("tab_general", ListValue, "reverseaddresslookups", translate("Reverse lookups for banned site and URLs"))
reverseaddresslookups:value("on", translate("Yes"))
reverseaddresslookups:value("off", translate("No"))
reverseaddresslookups.default = "off"
reverseclientiplookups = s:taboption("tab_general", ListValue, "reverseclientiplookups", translate("Reverse lookups for banned and exception IP lists"))
reverseclientiplookups:value("on", translate("Yes"))
reverseclientiplookups:value("off", translate("No"))
reverseclientiplookups.default = "off"
logclienthostnames = s:taboption("tab_general", ListValue, "logclienthostnames", translate("Perform reverse lookups on client IPs for successful requests"))
logclienthostnames:value("on", translate("Yes"))
logclienthostnames:value("off", translate("No"))
logclienthostnames.default = "off"
createlistcachefiles = s:taboption("tab_general", ListValue, "createlistcachefiles", translate("Build bannedsitelist and bannedurllist cache files"))
createlistcachefiles:value("on",translate("Yes"))
createlistcachefiles:value("off",translate("No"))
createlistcachefiles.default = "on"
prefercachedlists = s:taboption("tab_general", ListValue, "prefercachedlists", translate("Prefer cached list files"))
prefercachedlists:value("on", translate("Yes"))
prefercachedlists:value("off", translate("No"))
prefercachedlists.default = "off"
maxuploadsize = s:taboption("tab_general", Value, "maxuploadsize", translate("Max upload size (in Kbytes)"))
maxuploadsize:value("-1", translate("no blocking"))
maxuploadsize:value("0", translate("complete block"))
maxuploadsize.default = "-1"
maxcontentfiltersize = s:taboption("tab_general", Value, "maxcontentfiltersize", translate("Max content filter size"),
translate("The value must not be higher than max content ram cache scan size or 0 to match it"))
maxcontentfiltersize.datatype = "and(uinteger,min(0))"
maxcontentfiltersize.default = "256"
maxcontentramcachescansize = s:taboption("tab_general", Value, "maxcontentramcachescansize", translate("Max content ram cache scan size"),
translate("This is the max size of file that DG will download and cache in RAM"))
maxcontentramcachescansize.datatype = "and(uinteger,min(0))"
maxcontentramcachescansize.default = "2000"
maxcontentfilecachescansize = s:taboption("tab_general", Value, "maxcontentfilecachescansize", translate("Max content file cache scan size"))
maxcontentfilecachescansize.datatype = "and(uinteger,min(0))"
maxcontentfilecachescansize.default = "20000"
proxytimeout = s:taboption("tab_general", Value, "proxytimeout", translate("Proxy timeout (5-100)"))
proxytimeout.datatype = "range(5,100)"
proxytimeout.default = "20"
proxyexchange = s:taboption("tab_general", Value, "proxyexchange", translate("Proxy header excahnge (20-300)"))
proxyexchange.datatype = "range(20,300)"
proxyexchange.default = "20"
pcontimeout = s:taboption("tab_general", Value, "pcontimeout", translate("Pconn timeout"),
translate("How long a persistent connection will wait for other requests"))
pcontimeout.datatype = "range(5,300)"
pcontimeout.default = "55"
filecachedir = s:taboption("tab_general", Value, "filecachedir", translate("File cache directory"))
filecachedir.datatype = "string"
filecachedir.default = "/tmp"
deletedownloadedtempfiles = s:taboption("tab_general", ListValue, "deletedownloadedtempfiles", translate("Delete file cache after user completes download"))
deletedownloadedtempfiles:value("on", translate("Yes"))
deletedownloadedtempfiles:value("off", translate("No"))
deletedownloadedtempfiles.default = "on"
initialtrickledelay = s:taboption("tab_general", Value, "initialtrickledelay", translate("Initial Trickle delay"),
translate("Number of seconds a browser connection is left waiting before first being sent *something* to keep it alive"))
initialtrickledelay.datatype = "and(uinteger,min(0))"
initialtrickledelay.default = "20"
trickledelay = s:taboption("tab_general", Value, "trickledelay", translate("Trickle delay"),
translate("Number of seconds a browser connection is left waiting before being sent more *something* to keep it alive"))
trickledelay.datatype = "and(uinteger,min(0))"
trickledelay.default = "10"
downloadmanager = s:taboption("tab_general", Value, "downloadmanager", translate("Download manager"))
downloadmanager.datatype = "string"
downloadmanager.default = "/etc/e2guardian/downloadmanagers/default.conf"
contentscannertimeout = s:taboption("tab_general", Value, "contentscannertimeout", translate("Content scanner timeout"))
contentscannertimeout.datatype = "and(uinteger,min(0))"
contentscannertimeout.default = "60"
contentscanexceptions = s:taboption("tab_general", ListValue, "contentscanexceptions", translate("Content scan exceptions"))
contentscanexceptions:value("on", translate("Yes"))
contentscanexceptions:value("off", translate("No"))
contentscanexceptions.default = "off"
recheckreplacedurls = s:taboption("tab_general", ListValue, "recheckreplacedurls", translate("e-check replaced URLs"))
recheckreplacedurls:value("on", translate("Yes"))
recheckreplacedurls:value("off", translate("No"))
recheckreplacedurls.default = "off"
forwardedfor = s:taboption("tab_general", ListValue, "forwardedfor", translate("Misc setting: forwardedfor"),
translate("If on, it may help solve some problem sites that need to know the source ip."))
forwardedfor:value("on", translate("Yes"))
forwardedfor:value("off", translate("No"))
forwardedfor.default = "off"
usexforwardedfor = s:taboption("tab_general", ListValue, "usexforwardedfor", translate("Misc setting: usexforwardedfor"),
translate("This is for when you have squid between the clients and E2Guardian"))
usexforwardedfor:value("on", translate("Yes"))
usexforwardedfor:value("off", translate("No"))
usexforwardedfor.default = "off"
logconnectionhandlingerrors = s:taboption("tab_general", ListValue, "logconnectionhandlingerrors", translate("Log debug info about log()ing and accept()ing"))
logconnectionhandlingerrors:value("on", translate("Yes"))
logconnectionhandlingerrors:value("off", translate("No"))
logconnectionhandlingerrors.default = "on"
logchildprocesshandling = s:taboption("tab_general", ListValue, "logchildprocesshandling", translate("Log child process handling"))
logchildprocesshandling:value("on", translate("Yes"))
logchildprocesshandling:value("off", translate("No"))
logchildprocesshandling.default = "off"
maxchildren = s:taboption("tab_general", Value, "maxchildren", translate("Max number of processes to spawn"))
maxchildren.datatype = "and(uinteger,min(0))"
maxchildren.default = "180"
minchildren = s:taboption("tab_general", Value, "minchildren", translate("Min number of processes to spawn"))
minchildren.datatype = "and(uinteger,min(0))"
minchildren.default = "20"
minsparechildren = s:taboption("tab_general", Value, "minsparechildren", translate("Min number of processes to keep ready"))
minsparechildren.datatype = "and(uinteger,min(0))"
minsparechildren.default = "16"
preforkchildren = s:taboption("tab_general", Value, "preforkchildren", translate("Sets minimum nuber of processes when it runs out"))
preforkchildren.datatype = "and(uinteger,min(0))"
preforkchildren.default = "10"
maxsparechildren = s:taboption("tab_general", Value, "maxsparechildren", translate("Sets the maximum number of processes to have doing nothing"))
maxsparechildren.datatype = "and(uinteger,min(0))"
maxsparechildren.default = "32"
maxagechildren = s:taboption("tab_general", Value, "maxagechildren", translate("Max age of child process"))
maxagechildren.datatype = "and(uinteger,min(0))"
maxagechildren.default = "500"
maxips = s:taboption("tab_general", Value, "maxips", translate("Max number of clinets allowed to connect"))
maxips:value("0", translate("no limit"))
maxips.default = "0"
ipipcfilename = s:taboption("tab_general", Value, "ipipcfilename", translate("IP list IPC server directory and filename"))
ipipcfilename.datatype = "string"
ipipcfilename.default = "/tmp/.dguardianipc"
urlipcfilename = s:taboption("tab_general", Value, "urlipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process"))
urlipcfilename.datatype = "string"
urlipcfilename.default = "/tmp/.dguardianurlipc"
ipcfilename = s:taboption("tab_general", Value, "ipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process"))
ipcfilename.datatype = "string"
ipcfilename.default = "/tmp/.dguardianipipc"
nodeamon = s:taboption("tab_general", ListValue, "nodeamon", translate("Disable deamoning"))
nodeamon:value("on", translate("Yes"))
nodeamon:value("off", translate("No"))
nodeamon.default = "off"
nologger = s:taboption("tab_general", ListValue, "nologger", translate("Disable logger"))
nologger:value("on", translate("Yes"))
nologger:value("off", translate("No"))
nologger.default = "off"
logadblock = s:taboption("tab_general", ListValue, "logadblock", translate("Enable logging of ADs"))
logadblock:value("on", translate("Yes"))
logadblock:value("off", translate("No"))
logadblock.default = "off"
loguseragent = s:taboption("tab_general", ListValue, "loguseragent", translate("Enable logging of client user agent"))
loguseragent:value("on", translate("Yes"))
loguseragent:value("off", translate("No"))
loguseragent.default = "off"
softrestart = s:taboption("tab_general", ListValue, "softrestart", translate("Enable soft restart"))
softrestart:value("on", translate("Yes"))
softrestart:value("off", translate("No"))
softrestart.default = "off"
------------------------ Additional Settings Tab ----------------------------
e2guardian_config_file = s:taboption("tab_additional", TextValue, "_data", "")
e2guardian_config_file.wrap = "off"
e2guardian_config_file.rows = 25
e2guardian_config_file.rmempty = false
function e2guardian_config_file.cfgvalue()
local uci = require "luci.model.uci".cursor_state()
file = "/etc/e2guardian/e2guardianf1.conf"
if file then
return fs.readfile(file) or ""
else
return ""
end
end
function e2guardian_config_file.write(self, section, value)
if value then
local uci = require "luci.model.uci".cursor_state()
file = "/etc/e2guardian/e2guardianf1.conf"
fs.writefile(file, value:gsub("\r\n", "\n"))
end
end
---------------------------- Logs Tab -----------------------------
e2guardian_logfile = s:taboption("tab_logs", TextValue, "lines", "")
e2guardian_logfile.wrap = "off"
e2guardian_logfile.rows = 25
e2guardian_logfile.rmempty = true
function e2guardian_logfile.cfgvalue()
local uci = require "luci.model.uci".cursor_state()
file = "/tmp/e2guardian/access.log"
if file then
return fs.readfile(file) or ""
else
return "Can't read log file"
end
end
function e2guardian_logfile.write()
return ""
end
return m
|
