You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
399 lines
18 KiB
399 lines
18 KiB
--[[
|
|
|
|
LuCI E2Guardian module
|
|
|
|
Copyright (C) 2015, Itus Networks, Inc.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Author: Marko Ratkaj <marko.ratkaj@sartura.hr>
|
|
Luka Perkov <luka.perkov@sartura.hr>
|
|
|
|
]]--
|
|
|
|
local fs = require "nixio.fs"
|
|
local sys = require "luci.sys"
|
|
|
|
m = Map("e2guardian", translate("E2Guardian"))
|
|
m.on_after_commit = function() luci.sys.call("/etc/init.d/e2guardian restart") end
|
|
|
|
s = m:section(TypedSection, "e2guardian")
|
|
s.anonymous = true
|
|
s.addremove = false
|
|
|
|
s:tab("tab_general", translate("General Settings"))
|
|
s:tab("tab_additional", translate("Additional Settings"))
|
|
s:tab("tab_logs", translate("Logs"))
|
|
|
|
|
|
----------------- General Settings Tab -----------------------
|
|
|
|
filterip = s:taboption("tab_general", Value, "filterip", translate("IP that E2Guardian listens"))
|
|
filterip.datatype = "ip4addr"
|
|
|
|
filterports = s:taboption("tab_general", Value, "filterports", translate("Port that E2Guardian listens"))
|
|
filterports.datatype = "portrange"
|
|
filterports.placeholder = "0-65535"
|
|
|
|
proxyip = s:taboption("tab_general", Value, "proxyip", translate("IP address of the proxy"))
|
|
proxyip.datatype = "ip4addr"
|
|
proxyip.default = "127.0.0.1"
|
|
|
|
proxyport = s:taboption("tab_general", Value, "proxyport", translate("Port of the proxy"))
|
|
proxyport.datatype = "portrange"
|
|
proxyport.placeholder = "0-65535"
|
|
|
|
languagedir = s:taboption("tab_general", Value, "languagedir", translate("Language dir"))
|
|
languagedir.datatype = "string"
|
|
languagedir.default = "/usr/share/e2guardian/languages"
|
|
|
|
language = s:taboption("tab_general", Value, "language", translate("Language to use"))
|
|
language.datatype = "string"
|
|
language.default = "ukenglish"
|
|
|
|
loglevel = s:taboption("tab_general", ListValue, "loglevel", translate("Logging Settings"))
|
|
loglevel:value("0", translate("none"))
|
|
loglevel:value("1", translate("just denied"))
|
|
loglevel:value("2", translate("all text based"))
|
|
loglevel:value("3", translate("all requests"))
|
|
loglevel.default = "2"
|
|
|
|
logexceptionhits = s:taboption("tab_general", ListValue, "logexceptionhits", translate("Log Exception Hits"))
|
|
logexceptionhits:value("0", translate("never"))
|
|
logexceptionhits:value("1", translate("log, but don't mark as exceptions"))
|
|
logexceptionhits:value("2", translate("log and mark"))
|
|
logexceptionhits.default = "2"
|
|
|
|
logfileformat = s:taboption("tab_general", ListValue, "logfileformat", translate("Log File Format"))
|
|
logfileformat:value("1", translate("DansgGuardian format, space delimited"))
|
|
logfileformat:value("2", translate("CSV-style format"))
|
|
logfileformat:value("3", translate("Squid Log File Format"))
|
|
logfileformat:value("4", translate("Tab delimited"))
|
|
logfileformat:value("5", translate("Protex format"))
|
|
logfileformat:value("6", translate("Protex format with server field blanked"))
|
|
logfileformat.default = "1"
|
|
|
|
accessdeniedaddress = s:taboption("tab_general", Value, "accessdeniedaddress", translate("Access denied address"),
|
|
translate("Server to which the cgi e2guardian reporting script was copied. Reporting levels 1 and 2 only"))
|
|
accessdeniedaddress.datatype = "string"
|
|
accessdeniedaddress.default = "http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl"
|
|
|
|
usecustombannedimage = s:taboption("tab_general", ListValue, "usecustombannedimage", translate("Banned image replacement"))
|
|
usecustombannedimage:value("on", translate("Yes"))
|
|
usecustombannedimage:value("off", translate("No"))
|
|
usecustombannedimage.default = "on"
|
|
|
|
custombannedimagefile = s:taboption("tab_general", Value, "custombannedimagefile", translate("Custom banned image file"))
|
|
custombannedimagefile.datatype = "string"
|
|
custombannedimagefile.default = "/usr/share/e2guardian/transparent1x1.gif"
|
|
|
|
usecustombannedflash = s:taboption("tab_general", ListValue, "usecustombannedflash", translate("Banned flash replacement"))
|
|
usecustombannedflash:value("on", translate("Yes"))
|
|
usecustombannedflash:value("off", translate("No"))
|
|
usecustombannedflash.default = "on"
|
|
|
|
custombannedflashfile = s:taboption("tab_general", Value, "custombannedflashfile", translate("Custom banned flash file"))
|
|
custombannedflashfile.datatype = "string"
|
|
custombannedflashfile.default = "/usr/share/e2guardian/blockedflash.swf"
|
|
|
|
filtergroups = s:taboption("tab_general", Value, "filtergroups", translate("Number of filter groups"))
|
|
filtergroups.datatype = "and(uinteger,min(1))"
|
|
filtergroups.default = "1"
|
|
|
|
filtergroupslist = s:taboption("tab_general", Value, "filtergroupslist", translate("List of filter groups"))
|
|
filtergroupslist.datatype = "string"
|
|
filtergroupslist.default = "/etc/e2guardian/lists/filtergroupslist"
|
|
|
|
bannediplist = s:taboption("tab_general", Value, "bannediplist", translate("List of banned IPs"))
|
|
bannediplist.datatype = "string"
|
|
bannediplist.default = "/etc/e2guardian/lists/bannediplist"
|
|
|
|
exceptioniplist = s:taboption("tab_general", Value, "exceptioniplist", translate("List of IP exceptions"))
|
|
exceptioniplist.datatype = "string"
|
|
exceptioniplist.default = "/etc/e2guardian/lists/exceptioniplist"
|
|
|
|
perroomblockingdirectory = s:taboption("tab_general", Value, "perroomblockingdirectory", translate("Per-Room blocking definition directory"))
|
|
perroomblockingdirectory.datatype = "string"
|
|
perroomblockingdirectory.default = "/etc/e2guardian/lists/bannedrooms/"
|
|
|
|
showweightedfound = s:taboption("tab_general", ListValue, "showweightedfound", translate("Show weighted phrases found"))
|
|
showweightedfound:value("on", translate("Yes"))
|
|
showweightedfound:value("off", translate("No"))
|
|
showweightedfound.default = "on"
|
|
|
|
weightedphrasemode = s:taboption("tab_general", ListValue, "weightedphrasemode", translate("Weighted phrase mode"))
|
|
weightedphrasemode:value("0", translate("off"))
|
|
weightedphrasemode:value("1", translate("on, normal operation"))
|
|
weightedphrasemode:value("2", translate("on, phrase found only counts once on a page"))
|
|
weightedphrasemode.default = "2"
|
|
|
|
urlcachenumber = s:taboption("tab_general", Value, "urlcachenumber", translate("Clean result caching for URLs"))
|
|
urlcachenumber.datatype = "and(uinteger,min(0))"
|
|
urlcachenumber.default = "1000"
|
|
|
|
urlcacheage = s:taboption("tab_general", Value, "urlcacheage", translate("Age before they should be ignored in seconds"))
|
|
urlcacheage.datatype = "and(uinteger,min(0))"
|
|
urlcacheage.default = "900"
|
|
|
|
scancleancache = s:taboption("tab_general", ListValue, "scancleancache", translate("Cache for content (AV) scans as 'clean'"))
|
|
scancleancache:value("on", translate("Yes"))
|
|
scancleancache:value("off", translate("No"))
|
|
scancleancache.default = "on"
|
|
|
|
phrasefiltermode = s:taboption("tab_general", ListValue, "phrasefiltermode", translate("Filtering options"))
|
|
phrasefiltermode:value("0", translate("raw"))
|
|
phrasefiltermode:value("1", translate("smart"))
|
|
phrasefiltermode:value("2", translate("both raw and smart"))
|
|
phrasefiltermode:value("3", translate("meta/title"))
|
|
phrasefiltermode.default = "2"
|
|
|
|
preservecase = s:taboption("tab_general", ListValue, "perservecase", translate("Lower caseing options"))
|
|
preservecase:value("0", translate("force lower case"))
|
|
preservecase:value("1", translate("don't change"))
|
|
preservecase:value("2", translate("scan fist in lower, then in original"))
|
|
preservecase.default = "0"
|
|
|
|
hexdecodecontent = s:taboption("tab_general", ListValue, "hexdecodecontent", translate("Hex decoding options"))
|
|
hexdecodecontent:value("on", translate("Yes"))
|
|
hexdecodecontent:value("off", translate("No"))
|
|
hexdecodecontent.default = "off"
|
|
|
|
forcequicksearch = s:taboption("tab_general", ListValue, "forcequicksearch", translate("Quick search"))
|
|
forcequicksearch:value("on", translate("Yes"))
|
|
forcequicksearch:value("off", translate("No"))
|
|
forcequicksearch.default = "off"
|
|
|
|
reverseaddresslookups= s:taboption("tab_general", ListValue, "reverseaddresslookups", translate("Reverse lookups for banned site and URLs"))
|
|
reverseaddresslookups:value("on", translate("Yes"))
|
|
reverseaddresslookups:value("off", translate("No"))
|
|
reverseaddresslookups.default = "off"
|
|
|
|
reverseclientiplookups = s:taboption("tab_general", ListValue, "reverseclientiplookups", translate("Reverse lookups for banned and exception IP lists"))
|
|
reverseclientiplookups:value("on", translate("Yes"))
|
|
reverseclientiplookups:value("off", translate("No"))
|
|
reverseclientiplookups.default = "off"
|
|
|
|
logclienthostnames = s:taboption("tab_general", ListValue, "logclienthostnames", translate("Perform reverse lookups on client IPs for successful requests"))
|
|
logclienthostnames:value("on", translate("Yes"))
|
|
logclienthostnames:value("off", translate("No"))
|
|
logclienthostnames.default = "off"
|
|
|
|
createlistcachefiles = s:taboption("tab_general", ListValue, "createlistcachefiles", translate("Build bannedsitelist and bannedurllist cache files"))
|
|
createlistcachefiles:value("on",translate("Yes"))
|
|
createlistcachefiles:value("off",translate("No"))
|
|
createlistcachefiles.default = "on"
|
|
|
|
prefercachedlists = s:taboption("tab_general", ListValue, "prefercachedlists", translate("Prefer cached list files"))
|
|
prefercachedlists:value("on", translate("Yes"))
|
|
prefercachedlists:value("off", translate("No"))
|
|
prefercachedlists.default = "off"
|
|
|
|
maxuploadsize = s:taboption("tab_general", Value, "maxuploadsize", translate("Max upload size (in Kbytes)"))
|
|
maxuploadsize:value("-1", translate("no blocking"))
|
|
maxuploadsize:value("0", translate("complete block"))
|
|
maxuploadsize.default = "-1"
|
|
|
|
maxcontentfiltersize = s:taboption("tab_general", Value, "maxcontentfiltersize", translate("Max content filter size"),
|
|
translate("The value must not be higher than max content ram cache scan size or 0 to match it"))
|
|
maxcontentfiltersize.datatype = "and(uinteger,min(0))"
|
|
maxcontentfiltersize.default = "256"
|
|
|
|
maxcontentramcachescansize = s:taboption("tab_general", Value, "maxcontentramcachescansize", translate("Max content ram cache scan size"),
|
|
translate("This is the max size of file that DG will download and cache in RAM"))
|
|
maxcontentramcachescansize.datatype = "and(uinteger,min(0))"
|
|
maxcontentramcachescansize.default = "2000"
|
|
|
|
maxcontentfilecachescansize = s:taboption("tab_general", Value, "maxcontentfilecachescansize", translate("Max content file cache scan size"))
|
|
maxcontentfilecachescansize.datatype = "and(uinteger,min(0))"
|
|
maxcontentfilecachescansize.default = "20000"
|
|
|
|
proxytimeout = s:taboption("tab_general", Value, "proxytimeout", translate("Proxy timeout (5-100)"))
|
|
proxytimeout.datatype = "range(5,100)"
|
|
proxytimeout.default = "20"
|
|
|
|
proxyexchange = s:taboption("tab_general", Value, "proxyexchange", translate("Proxy header excahnge (20-300)"))
|
|
proxyexchange.datatype = "range(20,300)"
|
|
proxyexchange.default = "20"
|
|
|
|
pcontimeout = s:taboption("tab_general", Value, "pcontimeout", translate("Pconn timeout"),
|
|
translate("How long a persistent connection will wait for other requests"))
|
|
pcontimeout.datatype = "range(5,300)"
|
|
pcontimeout.default = "55"
|
|
|
|
filecachedir = s:taboption("tab_general", Value, "filecachedir", translate("File cache directory"))
|
|
filecachedir.datatype = "string"
|
|
filecachedir.default = "/tmp"
|
|
|
|
deletedownloadedtempfiles = s:taboption("tab_general", ListValue, "deletedownloadedtempfiles", translate("Delete file cache after user completes download"))
|
|
deletedownloadedtempfiles:value("on", translate("Yes"))
|
|
deletedownloadedtempfiles:value("off", translate("No"))
|
|
deletedownloadedtempfiles.default = "on"
|
|
|
|
initialtrickledelay = s:taboption("tab_general", Value, "initialtrickledelay", translate("Initial Trickle delay"),
|
|
translate("Number of seconds a browser connection is left waiting before first being sent *something* to keep it alive"))
|
|
initialtrickledelay.datatype = "and(uinteger,min(0))"
|
|
initialtrickledelay.default = "20"
|
|
|
|
trickledelay = s:taboption("tab_general", Value, "trickledelay", translate("Trickle delay"),
|
|
translate("Number of seconds a browser connection is left waiting before being sent more *something* to keep it alive"))
|
|
trickledelay.datatype = "and(uinteger,min(0))"
|
|
trickledelay.default = "10"
|
|
|
|
downloadmanager = s:taboption("tab_general", Value, "downloadmanager", translate("Download manager"))
|
|
downloadmanager.datatype = "string"
|
|
downloadmanager.default = "/etc/e2guardian/downloadmanagers/default.conf"
|
|
|
|
contentscannertimeout = s:taboption("tab_general", Value, "contentscannertimeout", translate("Content scanner timeout"))
|
|
contentscannertimeout.datatype = "and(uinteger,min(0))"
|
|
contentscannertimeout.default = "60"
|
|
|
|
contentscanexceptions = s:taboption("tab_general", ListValue, "contentscanexceptions", translate("Content scan exceptions"))
|
|
contentscanexceptions:value("on", translate("Yes"))
|
|
contentscanexceptions:value("off", translate("No"))
|
|
contentscanexceptions.default = "off"
|
|
|
|
recheckreplacedurls = s:taboption("tab_general", ListValue, "recheckreplacedurls", translate("e-check replaced URLs"))
|
|
recheckreplacedurls:value("on", translate("Yes"))
|
|
recheckreplacedurls:value("off", translate("No"))
|
|
recheckreplacedurls.default = "off"
|
|
|
|
forwardedfor = s:taboption("tab_general", ListValue, "forwardedfor", translate("Misc setting: forwardedfor"),
|
|
translate("If on, it may help solve some problem sites that need to know the source ip."))
|
|
forwardedfor:value("on", translate("Yes"))
|
|
forwardedfor:value("off", translate("No"))
|
|
forwardedfor.default = "off"
|
|
|
|
usexforwardedfor = s:taboption("tab_general", ListValue, "usexforwardedfor", translate("Misc setting: usexforwardedfor"),
|
|
translate("This is for when you have squid between the clients and E2Guardian"))
|
|
usexforwardedfor:value("on", translate("Yes"))
|
|
usexforwardedfor:value("off", translate("No"))
|
|
usexforwardedfor.default = "off"
|
|
|
|
logconnectionhandlingerrors = s:taboption("tab_general", ListValue, "logconnectionhandlingerrors", translate("Log debug info about log()ing and accept()ing"))
|
|
logconnectionhandlingerrors:value("on", translate("Yes"))
|
|
logconnectionhandlingerrors:value("off", translate("No"))
|
|
logconnectionhandlingerrors.default = "on"
|
|
|
|
logchildprocesshandling = s:taboption("tab_general", ListValue, "logchildprocesshandling", translate("Log child process handling"))
|
|
logchildprocesshandling:value("on", translate("Yes"))
|
|
logchildprocesshandling:value("off", translate("No"))
|
|
logchildprocesshandling.default = "off"
|
|
|
|
maxchildren = s:taboption("tab_general", Value, "maxchildren", translate("Max number of processes to spawn"))
|
|
maxchildren.datatype = "and(uinteger,min(0))"
|
|
maxchildren.default = "180"
|
|
|
|
minchildren = s:taboption("tab_general", Value, "minchildren", translate("Min number of processes to spawn"))
|
|
minchildren.datatype = "and(uinteger,min(0))"
|
|
minchildren.default = "20"
|
|
|
|
minsparechildren = s:taboption("tab_general", Value, "minsparechildren", translate("Min number of processes to keep ready"))
|
|
minsparechildren.datatype = "and(uinteger,min(0))"
|
|
minsparechildren.default = "16"
|
|
|
|
preforkchildren = s:taboption("tab_general", Value, "preforkchildren", translate("Sets minimum nuber of processes when it runs out"))
|
|
preforkchildren.datatype = "and(uinteger,min(0))"
|
|
preforkchildren.default = "10"
|
|
|
|
maxsparechildren = s:taboption("tab_general", Value, "maxsparechildren", translate("Sets the maximum number of processes to have doing nothing"))
|
|
maxsparechildren.datatype = "and(uinteger,min(0))"
|
|
maxsparechildren.default = "32"
|
|
|
|
maxagechildren = s:taboption("tab_general", Value, "maxagechildren", translate("Max age of child process"))
|
|
maxagechildren.datatype = "and(uinteger,min(0))"
|
|
maxagechildren.default = "500"
|
|
|
|
maxips = s:taboption("tab_general", Value, "maxips", translate("Max number of clinets allowed to connect"))
|
|
maxips:value("0", translate("no limit"))
|
|
maxips.default = "0"
|
|
|
|
ipipcfilename = s:taboption("tab_general", Value, "ipipcfilename", translate("IP list IPC server directory and filename"))
|
|
ipipcfilename.datatype = "string"
|
|
ipipcfilename.default = "/tmp/.dguardianipc"
|
|
|
|
urlipcfilename = s:taboption("tab_general", Value, "urlipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process"))
|
|
urlipcfilename.datatype = "string"
|
|
urlipcfilename.default = "/tmp/.dguardianurlipc"
|
|
|
|
ipcfilename = s:taboption("tab_general", Value, "ipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process"))
|
|
ipcfilename.datatype = "string"
|
|
ipcfilename.default = "/tmp/.dguardianipipc"
|
|
|
|
nodeamon = s:taboption("tab_general", ListValue, "nodeamon", translate("Disable deamoning"))
|
|
nodeamon:value("on", translate("Yes"))
|
|
nodeamon:value("off", translate("No"))
|
|
nodeamon.default = "off"
|
|
|
|
nologger = s:taboption("tab_general", ListValue, "nologger", translate("Disable logger"))
|
|
nologger:value("on", translate("Yes"))
|
|
nologger:value("off", translate("No"))
|
|
nologger.default = "off"
|
|
|
|
logadblock = s:taboption("tab_general", ListValue, "logadblock", translate("Enable logging of ADs"))
|
|
logadblock:value("on", translate("Yes"))
|
|
logadblock:value("off", translate("No"))
|
|
logadblock.default = "off"
|
|
|
|
loguseragent = s:taboption("tab_general", ListValue, "loguseragent", translate("Enable logging of client user agent"))
|
|
loguseragent:value("on", translate("Yes"))
|
|
loguseragent:value("off", translate("No"))
|
|
loguseragent.default = "off"
|
|
|
|
softrestart = s:taboption("tab_general", ListValue, "softrestart", translate("Enable soft restart"))
|
|
softrestart:value("on", translate("Yes"))
|
|
softrestart:value("off", translate("No"))
|
|
softrestart.default = "off"
|
|
|
|
|
|
------------------------ Additional Settings Tab ----------------------------
|
|
|
|
e2guardian_config_file = s:taboption("tab_additional", TextValue, "_data", "")
|
|
e2guardian_config_file.wrap = "off"
|
|
e2guardian_config_file.rows = 25
|
|
e2guardian_config_file.rmempty = false
|
|
|
|
function e2guardian_config_file.cfgvalue()
|
|
local uci = require "luci.model.uci".cursor_state()
|
|
file = "/etc/e2guardian/e2guardianf1.conf"
|
|
if file then
|
|
return fs.readfile(file) or ""
|
|
else
|
|
return ""
|
|
end
|
|
end
|
|
|
|
function e2guardian_config_file.write(self, section, value)
|
|
if value then
|
|
local uci = require "luci.model.uci".cursor_state()
|
|
file = "/etc/e2guardian/e2guardianf1.conf"
|
|
fs.writefile(file, value:gsub("\r\n", "\n"))
|
|
end
|
|
end
|
|
|
|
|
|
---------------------------- Logs Tab -----------------------------
|
|
|
|
e2guardian_logfile = s:taboption("tab_logs", TextValue, "lines", "")
|
|
e2guardian_logfile.wrap = "off"
|
|
e2guardian_logfile.rows = 25
|
|
e2guardian_logfile.rmempty = true
|
|
|
|
function e2guardian_logfile.cfgvalue()
|
|
local uci = require "luci.model.uci".cursor_state()
|
|
file = "/tmp/e2guardian/access.log"
|
|
if file then
|
|
return fs.readfile(file) or ""
|
|
else
|
|
return "Can't read log file"
|
|
end
|
|
end
|
|
|
|
function e2guardian_logfile.write()
|
|
return ""
|
|
end
|
|
|
|
return m
|