Connections.cgi neu geschrieben.

URL-Filter aktualisiert. git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@495 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
2026-04-09 18:45:54 +02:00 · 2007-04-12 16:28:06 +00:00
parent 9fb25b1c17
commit 1465b12776
12 changed files with 558 additions and 403 deletions
--- a/config/urlfilter/autoupdate.pl
+++ b/config/urlfilter/autoupdate.pl
@@ -1,7 +1,10 @@
 #!/usr/bin/perl
-
 #
-# $Id: autoupdate.pl,v 1.0 2005/06/15 00:00:00 marco Exp $
+# This code is distributed under the terms of the GPL
+#
+# (c) 2004-2007 marco.s - http://www.urlfilter.net
+#
+# $Id: autoupdate.pl,v 1.1 2007/03/14 00:00:00 marco.s Exp $
 #
 use strict;

@@ -9,6 +12,7 @@ my $make_clean = 1;

 my $swroot = "/var/ipfire";
 my $target = "$swroot/urlfilter/download";
+my $tempdb = "$target/blacklists";
 my $dbdir  = "$swroot/urlfilter/blacklists";

 my $sourceurlfile = "$swroot/urlfilter/autoupdate/autoupdate.urls";
@@ -23,6 +27,7 @@ my $source_url;
 my $source_name;
 my @source_urllist;

+my @categories;
 my $blacklist;
 my $category;

@@ -72,24 +77,32 @@ unless ($blacklist_url eq '')
 	if (-e $blacklist)
 	{
 		system("/bin/tar --no-same-owner -xzf $blacklist -C $target");
-		if (-d "$target/blacklists")
+		if (-d "$target/BL") { system ("mv $target/BL $target/blacklists"); }
+		if (-d "$tempdb")
 		{
+			undef(@categories);
+			&getblockcategory ($tempdb);
+			foreach (@categories) { $_ = substr($_,length($tempdb)+1); }
+
 			open(FILE, ">$target/update.conf");
 			flock FILE, 2;
 			print FILE "logdir $target\n";
-			print FILE "dbhome $target/blacklists\n\n";
+			print FILE "dbhome $tempdb\n\n";

-			foreach (<$target/blacklists/*>)
-			{
-        			if ((-d $_) && ((-s "$_/domains") || (-s "$_/urls")))
-				{
-					$category=substr($_,rindex($_,"/")+1);
-					print FILE "dest $category {\n";
-					if (-s "$_/domains") { print FILE "    domainlist  $category/domains\n"; }
-					if (-s "$_/urls")    { print FILE "    urllist     $category/urls\n"; }
-					print FILE "}\n\n";
+			foreach $category (@categories) {
+				$blacklist = $category;
+				$category =~ s/\//_/g;
+				print FILE "dest $category {\n";
+				if (-s "$tempdb/$blacklist/domains") {
+					print FILE "    domainlist     $blacklist\/domains\n";
 				}
+				if (-s "$tempdb/$blacklist/urls") {
+					print FILE "    urllist        $blacklist\/urls\n";
+				}
+				print FILE "}\n\n";
+				$category = $blacklist;
 			}
+
 			print FILE "acl {\n";
 			print FILE "    default {\n";
 			print FILE "        pass none\n";
@@ -103,19 +116,7 @@ unless ($blacklist_url eq '')

 			system("chown -R nobody.nobody $dbdir");

-			foreach $category (<$dbdir/*>)
-			{
-        			if (-d $category)
-				{
-		                	system("chmod 755 $category &> /dev/null");
-	        		        foreach $blacklist (<$category/*>)
-		        	        {
-                			        if (-f $blacklist){ system("chmod 644 $blacklist &> /dev/null"); }
-                        			if (-d $blacklist){ system("chmod 755 $blacklist &> /dev/null"); }
-			                }
-        			        system("chmod 666 $category/*.db &> /dev/null");
-				}
-			}
+			&setpermissions ($dbdir);

 			system("touch $updflagfile");
 			system("chown nobody.nobody $updflagfile");
@@ -172,3 +173,41 @@ sub readhash
 }

 # -------------------------------------------------------------------
+
+sub getblockcategory
+{
+	foreach $category (<$_[0]/*>)
+	{
+		if (-d $category)
+		{
+			if ((-s "$category/domains") || (-s "$category/urls"))
+			{
+				unless ($category =~ /\bcustom\b/) { push(@categories,$category); }
+			}
+			&getblockcategory ($category);
+		}
+	}
+}
+
+# -------------------------------------------------------------------
+
+sub setpermissions
+{
+	my $bldir = $_[0];
+
+	foreach $category (<$bldir/*>)
+	{
+        	 if (-d $category){
+			system("chmod 755 $category &> /dev/null");
+			foreach $blacklist (<$category/*>)
+			{
+         			if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
+         			if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
+			}
+        	 	system("chmod 666 $category/*.db &> /dev/null");
+			&setpermissions ($category);
+		}
+	 }
+}
+
+# -------------------------------------------------------------------
--- a/config/urlfilter/autoupdate.urls
+++ b/config/urlfilter/autoupdate.urls
@@ -1,3 +1,3 @@
-squidGuard,http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz
+Shalla Secure Services,http://squidguard.shalla.de/Downloads/shallalist.tar.gz
 MESD,http://squidguard.mesd.k12.or.us/blacklists.tgz
 Univ. Toulouse,ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
--- a/config/urlfilter/prebuild.pl
+++ b/config/urlfilter/prebuild.pl
@@ -4,8 +4,6 @@
 #
 # (c) written from scratch
 #
-# $Id: prebuild.pl,v 0.3 2005/04/16 00:00:00 marco Exp $
-#

 $dbdir="/var/ipfire/urlfilter/blacklists";

@@ -18,15 +16,27 @@ if (-e "$dbdir/custom/blocked/urls.db")    { unlink("$dbdir/custom/blocked/urls.

 system("chown -R nobody.nobody $dbdir");

-foreach $category (<$dbdir/*>)
+&setpermissions ($dbdir);
+
+# -------------------------------------------------------------------
+
+sub setpermissions
 {
-         if (-d $category){
-		system("chmod 755 $category &> /dev/null");
-		foreach $blacklist (<$category/*>)
-		{
-         		if (-f $blacklist){ system("chmod 644 $blacklist &> /dev/null"); }
-         		if (-d $blacklist){ system("chmod 755 $blacklist &> /dev/null"); }
+	my $bldir = $_[0];
+
+	foreach $category (<$bldir/*>)
+	{
+        	 if (-d $category){
+			system("chmod 755 $category &> /dev/null");
+			foreach $blacklist (<$category/*>)
+			{
+         			if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
+         			if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
+			}
+        	 	system("chmod 666 $category/*.db &> /dev/null");
+			&setpermissions ($category);
 		}
-         	system("chmod 666 $category/*.db &> /dev/null");
 	 }
 }
+
+# -------------------------------------------------------------------
--- a/config/urlfilter/squidGuard.conf
+++ b/config/urlfilter/squidGuard.conf
@@ -1,5 +1,5 @@
 logdir /var/log/squidGuard
-dbhome /var/ipfire/urlfilter/blacklists
+dbhome /var/ipcop/urlfilter/blacklists

 acl {
    default {
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -285,11 +285,9 @@ WARNING: translation string unused: upstream password
 WARNING: translation string unused: upstream proxy host:port
 WARNING: translation string unused: upstream username
 WARNING: translation string unused: uptime and users
-WARNING: translation string unused: urlfilter background text
 WARNING: translation string unused: urlfilter update information
 WARNING: translation string unused: urlfilter update notification
 WARNING: translation string unused: urlfilter update results
-WARNING: translation string unused: urlfilter upload background
 WARNING: translation string unused: use
 WARNING: translation string unused: used memory
 WARNING: translation string unused: used swap
@@ -336,6 +334,7 @@ WARNING: untranslated string: traffics
 WARNING: untranslated string: trafficsum
 WARNING: untranslated string: trafficto
 WARNING: untranslated string: up
+WARNING: untranslated string: urlfilter background image
 WARNING: untranslated string: urlfilter log
 WARNING: untranslated string: user log
 WARNING: untranslated string: user proxy logs
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -290,11 +290,9 @@ WARNING: translation string unused: upstream password
 WARNING: translation string unused: upstream proxy host:port
 WARNING: translation string unused: upstream username
 WARNING: translation string unused: uptime and users
-WARNING: translation string unused: urlfilter background text
 WARNING: translation string unused: urlfilter update information
 WARNING: translation string unused: urlfilter update notification
 WARNING: translation string unused: urlfilter update results
-WARNING: translation string unused: urlfilter upload background
 WARNING: translation string unused: use
 WARNING: translation string unused: used memory
 WARNING: translation string unused: used swap
@@ -324,6 +322,7 @@ WARNING: untranslated string: remove x509
 WARNING: untranslated string: settingsc
 WARNING: untranslated string: smbrestart
 WARNING: untranslated string: up
+WARNING: untranslated string: urlfilter background image
 WARNING: untranslated string: urlfilter log
 WARNING: untranslated string: user log
 WARNING: untranslated string: user proxy logs
--- a/html/cgi-bin/connections.cgi
+++ b/html/cgi-bin/connections.cgi
@@ -20,7 +20,7 @@ use Net::IPv4Addr qw( :all );
 use strict;

 # enable only the following on debugging purpose
-use warnings;
+#use warnings;
 use CGI::Carp 'fatalsToBrowser';

 require '/var/ipfire/general-functions.pl';
@@ -36,13 +36,13 @@ undef (@dummy);
 my %netsettings=();
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);

-open (ACTIVE, "/proc/net/ip_conntrack") or die 'Unable to open ip_conntrack';
+open (ACTIVE, 'iptstate -1rbt |') or die 'Unable to open ip_conntrack';
 my @active = <ACTIVE>;
 close (ACTIVE);

 my @vpn = ('none');
-open (ACTIVE, "/proc/net/ipsec_eroute") and @vpn = <ACTIVE>;
-close (ACTIVE);
+#open (ACTIVE, "/proc/net/ipsec_eroute") and @vpn = <ACTIVE>;
+#close (ACTIVE);

 my $aliasfile = "${General::swroot}/ethernet/aliases";
 open(ALIASES, $aliasfile) or die 'Unable to open aliases file.';
@@ -212,197 +212,15 @@ our %entries = ();	# will hold the lines analyzed correctly
 my $unknownlines = '';	# should be empty all the time...
 my $index = 0;		# just a counter to make unique entryies in entries

-foreach my $line (@active) {
-        my $protocol='';
-        my $expires='';
-        my $status='';
-        my $orgsip='';
-        my $orgdip='';
-        my $orgsp='';
-        my $orgdp='';
-        my $exsip='';
-        my $exdip='';
-        my $exsp='';
-        my $exdp='';
-        my $marked='';
-        my $use='';
-
-        chomp($line);
-        my @temp = split(' ',$line);
-
-           if ($temp[0] eq 'icmp') {
-                $protocol  = $temp[0];
-                $status    = $Lang::tr{'all'};
-                $orgsip   = substr $temp[3], 4;
-                     $orgdip   = substr $temp[4], 4;
-                     $marked   = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : ' ';
-              }
-           if ($temp[0] eq 'udp') {
-                $protocol  = $temp[0];
-                $status  = $Lang::tr{'all'};
-                $orgsip = substr $temp[3], 4;
-                     $orgdip  = substr $temp[4], 4;
-                     $marked   = $temp[7] eq '[UNREPLIED]' ? '[UNREPLIED]' : defined ($temp[12]) ? $temp[11] : ' ';
-              }
-        if ($temp[0] eq 'tcp') {
-                $protocol  = $temp[0];
-                $status  = $temp[3];
-                $orgsip = substr $temp[4], 4;
-                $orgdip   = substr $temp[5], 4;
-                     $marked   = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : defined ($temp[13]) ? $temp[12] : ' ';
-        }
-
-        # filter the line if we found a known proto
-        next if( !(
-                   (($cgiparams{'SEE_PROTO'}  eq $Lang::tr{'all'}) || ($protocol  eq $cgiparams{'SEE_PROTO'} ))
-                && (($cgiparams{'SEE_STATE'}  eq $Lang::tr{'all'}) || ($status    eq $cgiparams{'SEE_STATE'} ))
-                && (($cgiparams{'SEE_MARK'}   eq $Lang::tr{'all'}) || ($marked    eq $cgiparams{'SEE_MARK'}  ))
-                && (($cgiparams{'SEE_SRC'}    eq "*.*.*.*")        || ($orgsip    eq $cgiparams{'SEE_SRC'}   ))
-                && (($cgiparams{'SEE_DEST'}   eq "*.*.*.*")    	   || ($orgdip    eq $cgiparams{'SEE_DEST'}  ))
-                ));
-
-        if ($temp[0] eq 'icmp') {
-                my $offset = 0;
-                    $protocol = $temp[0] . " (" . $temp[1] . ")";
-                    $expires = $temp[2];
-                $status = ' ';
-                    if ($temp[8] eq '[UNREPLIED]' ) {
-                        $offset = +1;
-                }	
-                    $orgsip = substr $temp[3], 4;
-                    $orgdip = substr $temp[4], 4;
-                    $orgsp = &General::GetIcmpDescription(substr( $temp[5], 5)) . "/" . substr( $temp[6], 5);;
-                    $orgdp = 'id=' . substr( $temp[7], 3);
-                    $exsip = substr $temp[8 + $offset], 4;
-                    $exdip = substr $temp[9 + $offset], 4;
-                $exsp = &General::GetIcmpDescription(substr( $temp[10 + $offset], 5)). "/" . substr( $temp[11 + $offset], 5); 
-                $exdp = 'id=' . substr( $temp[11 + $offset], 5);
-                     $marked   = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : ' ';
-                $use = substr( $temp[13 + $offset], 4 );
-        }
-        if ($temp[0] eq 'udp') {
-                my $offset = 0;
-                $marked = '';
-                $protocol = $temp[0] . " (" . $temp[1] . ")";
-                $expires = $temp[2];
-                $status = ' ';
-                $orgsip = substr $temp[3], 4;
-                $orgdip = substr $temp[4], 4;
-                $orgsp = substr $temp[5], 6;
-                $orgdp = substr $temp[6], 6;
-                if ($temp[7] eq '[UNREPLIED]') {
-                    $offset = 1;
-                    $marked = $temp[7];
-                    $use = substr $temp[12], 4;
-                } else {
-                    if ((substr $temp[11], 0, 3) eq 'use' ) {
-                        $marked = '';
-                        $use = substr $temp[11], 4;
-                    } else {
-                        $marked = $temp[11];
-                        $use = substr $temp[12], 4;
-                    }
-                }
-                $exsip = substr $temp[7 + $offset], 4;
-                $exdip = substr $temp[8 + $offset], 4;
-                $exsp = substr $temp[9 + $offset], 6;
-                $exdp = substr $temp[10 + $offset], 6;
-        }
-        if ($temp[0] eq 'tcp') {
-                my $offset = 0;
-                $protocol = $temp[0] . " (" . $temp[1] . ")";
-                $expires = $temp[2];
-                $status = $temp[3];
-                $orgsip = substr $temp[4], 4;
-                $orgdip = substr $temp[5], 4;
-                $orgsp = substr $temp[6], 6;
-                $orgdp = substr $temp[7], 6;
-                if ($temp[8] eq '[UNREPLIED]') {
-                        $marked = $temp[8];
-                        $offset = 1;
-                } else {
-                        $marked = $temp[16];
-                }
-                $exsip = substr $temp[10 + $offset], 4;
-                $exdip = substr $temp[11 + $offset], 4;
-                $exsp = substr $temp[12 + $offset], 6;
-                $exdp = substr $temp[13 + $offset], 6;
-                $use = substr $temp[18], 4;
-        }
-        if ($temp[0] eq 'unknown') {
-                my $offset = 0;
-                $protocol = "??? (" . $temp[1] . ")";
-                $protocol = "esp (" . $temp[1] . ")" if ($temp[1] == 50);
-                $protocol = "ah (" . $temp[1] . ")" if ($temp[1] == 51);
-                $expires = $temp[2];
-                $status = ' ';
-                $orgsip = substr $temp[3], 4;
-                $orgdip = substr $temp[4], 4;
-                $orgsp = ' ';
-                $orgdp = ' ';
-                $exsip = substr $temp[5], 4;
-                $exdip = substr $temp[6], 4;
-                $exsp = ' ';
-                $exdp = ' ';
-                $marked = ' ';
-                $use = ' ';
-        }
-        if ($temp[0] eq 'gre') {
-                my $offset = 0;
-                $protocol = $temp[0] . " (" . $temp[1] . ")";
-                $expires = $temp[2];
-                $orgsip = substr $temp[5], 4;
-                $orgdip = substr $temp[6], 4;
-                $orgsp = ' ';
-                $orgdp = ' ';
-                $exsip = substr $temp[11], 4;
-                $exdip = substr $temp[12], 4;
-                $exsp = ' ';
-                $exdp = ' ';
-                $marked = $temp[17];
-                $use = $temp[18];
-        }
-        # Only from this point, lines have the same known format/field
-        # The floating fields [UNREPLIED] [ASSURED] etc are ok.
-
-        # Store the line in a hash array for sorting
-        if ( $protocol ) { # line is decoded ?
-                my @record = (  'index', $index++,
-                            'protocol', $protocol,
-                            'expires',  $expires,
-                            'status',   $status,
-                            'orgsip',   $orgsip,
-                            'orgdip',   $orgdip,
-                            'orgsp',    $orgsp,
-                            'orgdp',    $orgdp,
-                            'exsip',    $exsip,
-                            'exdip', 	$exdip,
-                            'exsp',	$exsp,
-                            'exdp',	$exdp,
-                            'marked',	$marked,
-                            'use',	$use);
-                my $record = {};                        	# create a reference to empty hash
-                %{$record} = @record;                	# populate that hash with @record
-                $entries{$record->{index}} = $record; 	# add this to a hash of hashes	    
-        } else { # it was not a known line
-                $unknownlines .= "<tr bgcolor='${Header::table1colour}'>";
-                $unknownlines .= "<td colspan='9'> unknown:$line></td></tr>";
-        }
-}
-
-# Build listbox objects
-my $menu_proto = &make_select ('SEE_PROTO', $cgiparams{'SEE_PROTO'}, @list_proto);
-my $menu_state = &make_select ('SEE_STATE', $cgiparams{'SEE_STATE'}, @list_state);
-my $menu_src   = &make_select ('SEE_SRC',   $cgiparams{'SEE_SRC'},   &get_known_ips('orgsip'));
-my $menu_dest  = &make_select ('SEE_DEST',  $cgiparams{'SEE_DEST'},  &get_known_ips('orgdip'));
-my $menu_mark  = &make_select ('SEE_MARK',  $cgiparams{'SEE_MARK'},  @list_mark);
-my $menu_sort  = &make_select ('SEE_SORT',  $cgiparams{'SEE_SORT'},  @list_sort);
-
 &Header::showhttpheaders();
 &Header::openpage($Lang::tr{'connections'}, 1, '');
 &Header::openbigbox('100%', 'left');
 &Header::openbox('100%', 'left', $Lang::tr{'connection tracking'});

+# Build listbox objects
+my $menu_proto = &make_select ('SEE_PROTO', $cgiparams{'SEE_PROTO'}, @list_proto);
+my $menu_state = &make_select ('SEE_STATE', $cgiparams{'SEE_STATE'}, @list_state);
+
 print <<END
 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
 <table width='100%'>
@@ -416,69 +234,109 @@ print <<END
    <td align='center' bgcolor='${Header::colourovpn}'><b><font color='#FFFFFF'>$Lang::tr{'OpenVPN'}</font></b></td>
 </tr>
 </table>
-<br></br>
+<br />
 <table width='100%'>
-<tr><td align='center'><font size=2>$Lang::tr{'protocol'}</font></td>
+<tr><td align='center'><font size=2>$Lang::tr{'source ip and port'}</font></td>
+		<td>&nbsp;</td>
+		<td align='center'><font size=2>$Lang::tr{'dest ip and port'}</font></td>
+		<td>&nbsp;</td>
+		<td align='center'><font size=2>$Lang::tr{'protocol'}</font></td>
+		<td align='center'><font size=2>$Lang::tr{'connection'}<br></br>$Lang::tr{'status'}</font></td>
    <td align='center'><font size=2>$Lang::tr{'expires'}<br></br>($Lang::tr{'seconds'})</font></td>
-    <td align='center'><font size=2>$Lang::tr{'connection'}<br></br>$Lang::tr{'status'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'original'}<br></br>$Lang::tr{'source ip and port'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'original'}<br></br>$Lang::tr{'dest ip and port'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'expected'}<br></br>$Lang::tr{'source ip and port'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'expected'}<br></br>$Lang::tr{'dest ip and port'}</font></td>
-    <td align='center'><font size=2>$Lang::tr{'marked'}</font></td>
+    
 </tr>
-<tr>
-    <td align='center'>$menu_proto</td>
-    <td>&nbsp;</td>
+<tr><td colspan='4'>&nbsp;</td>
+		<td align='center'>$menu_proto</td>
    <td align='center'>$menu_state</td>
-    <td align='center'>$menu_src</td>
-    <td align='center'>$menu_dest</td>
-    <td align='center' colspan='2'></td>
-    <td align='center'>$menu_mark</td>
+    <td>&nbsp;</td>
 </tr>
 <tr>
-    <td align='center' colspan='8'></td>
+    <td align='center' colspan='7'></td>
 </tr>
 <tr>
-    <td align='center' colspan='8'><input type='submit' value='Aktualisieren' /></td>
+    <td align='center' colspan='7'><input type='submit' value="$Lang::tr{'update'}" /></td>
 </tr>

 END
 ;

-foreach my $entry (sort sort_entries keys %entries) {
-        my $orgsipcolour = &ipcolour( $entries{$entry}->{orgsip} );
-        my $orgdipcolour = &ipcolour( $entries{$entry}->{orgdip} );
-        my $exsipcolour  = &ipcolour( $entries{$entry}->{exsip} );
-        my $exdipcolour  = &ipcolour( $entries{$entry}->{exdip} );
-	print <<END
-        <tr bgcolor='${Header::table1colour}'>
-        <td align='center'><font size=2>$entries{$entry}->{protocol}</font></td>
-        <td align='center'><font size=2>$entries{$entry}->{expires}</font></td>
-        <td align='center'><font size=2>$entries{$entry}->{status}</font></td>
-        <td align='center' bgcolor='$orgsipcolour'>
-            <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{orgsip}'>
-            <font color='#FFFFFF' size=2>$entries{$entry}->{orgsip}</font>
-            </a><font color='#FFFFFF' size=2>:$entries{$entry}->{orgsp}</font></td>
-        <td align='center' bgcolor='$orgdipcolour'>
-            <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{orgdip}'>
-            <font color='#FFFFFF' size=2>$entries{$entry}->{orgdip}</font>
-            </a><font color='#FFFFFF' size=2>:$entries{$entry}->{orgdp}</font></td>
-        <td align='center' bgcolor='$exsipcolour'>
-            <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{exsip}'>
-            <font color='#FFFFFF' size=2>$entries{$entry}->{exsip}</font>
-            </a><font color='#FFFFFF' size=2>:$entries{$entry}->{exsp}</font></td>
-        <td align='center' bgcolor='$exdipcolour'>
-            <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{exdip}'>
-            <font color='#FFFFFF' size=2>$entries{$entry}->{exdip}</font>
-            </a><font color='#FFFFFF' size=2>:$entries{$entry}->{exdp}</font></td>
-        <td align='center'><font size=2>$entries{$entry}->{marked}</font></td>
-        </tr>
+my $i=0;
+foreach my $line (@active) {
+    $i++;
+    if ($i < 3) {
+			next;
+    }
+    chomp($line);
+    my @temp = split(' ',$line);
+
+    my ($sip, $sport) = split(':', $temp[0]);
+    my ($dip, $dport) = split(':', $temp[1]);
+    my $proto = $temp[2];
+    my $state = $temp[3];
+    my $ttl = $temp[4];
+    
+    next if( !(
+              		(($cgiparams{'SEE_PROTO'}  eq $Lang::tr{'all'}) || ($proto  eq $cgiparams{'SEE_PROTO'} ))
+    	         && (($cgiparams{'SEE_STATE'}  eq $Lang::tr{'all'}) || ($state  eq $cgiparams{'SEE_STATE'} ))
+               && (($cgiparams{'SEE_SRC'}    eq "*.*.*.*")        || ($sip    eq $cgiparams{'SEE_SRC'}   ))
+               && (($cgiparams{'SEE_DEST'}   eq "*.*.*.*")    	  || ($dip    eq $cgiparams{'SEE_DEST'}  ))
+              ));
+
+    if (($proto eq 'udp') && ($ttl eq '')) {
+			$ttl = $state;
+			$state = '&nbsp;';	
+    }
+
+    my $sipcol = ipcolour($sip);
+    my $dipcol = ipcolour($dip);
+
+    my $sserv = '';
+    if ($sport < 1024) {
+	$sserv = uc(getservbyport($sport, lc($proto)));
+	if ($sserv ne '') {
+	    $sserv = "&nbsp;($sserv)";
+	}
+    }
+
+    my $dserv = '';
+    if ($dport < 1024) {
+	$dserv = uc(getservbyport($dport, lc($proto)));
+	if ($dserv ne '') {
+	    $dserv = "&nbsp;($dserv)";
+	}
+    }
+
+    print <<END
+    <tr >
+      <td align='center' bgcolor='$sipcol'>
+        <a href='/cgi-bin/ipinfo.cgi?ip=$sip'>
+          <font color='#FFFFFF'>$sip</font>
+        </a>
+      </td>
+      <td align='center' bgcolor='$sipcol'>
+        <a href='http://isc.sans.org/port_details.php?port=$sport' target='top'>
+          <font color='#FFFFFF'>$sport$sserv</font>
+        </a>
+      </td>
+      <td align='center' bgcolor='$dipcol'>
+        <a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
+          <font color='#FFFFFF'>$dip</font>
+        </a>
+      </td>
+      <td align='center' bgcolor='$dipcol'>
+        <a href='http://isc.sans.org/port_details.php?port=$dport' target='top'>
+          <font color='#FFFFFF'>$dport$dserv</font>
+        </a>
+      </td>
+      <td align='center'>$proto</td>
+      <td align='center' bgcolor="${Header::table1colour}">$state</td>
+      <td align='center'>$ttl</td>
+    </tr>
 END
 ;
 }

-print "$unknownlines</table></form>";
+print "</table></form>";

 &Header::closebox();
 &Header::closebigbox();
@@ -491,15 +349,15 @@ sub ipcolour($) {
        my ($ip) = $_[0];
        my $found = 0;
        foreach $line (@network) {
-		if ($network[$id] eq '') {
-		 $id++;
-		} else {
-                    if (!$found && ipv4_in_network( $network[$id] , $masklen[$id], $ip) ) {
-                        $found = 1;
-                        $colour = $colour[$id];
-                    }
-                 $id++;
-		}
+					if ($network[$id] eq '') {
+			 			$id++;
+					} else {
+						if (!$found && ipv4_in_network( $network[$id] , $masklen[$id], $ip) ) {
+							$found = 1;
+							$colour = $colour[$id];
+						}
+						$id++;
+					}
        }
        return $colour
 }
--- a/html/cgi-bin/urlfilter.cgi
+++ b/html/cgi-bin/urlfilter.cgi
@@ -1,19 +1,17 @@
 #!/usr/bin/perl
 #
-# SmoothWall CGIs
-#
 # This code is distributed under the terms of the GPL
 #
-# (c) written from scratch
+# (c) 2004-2007 marco.s - http://www.urlfilter.net
 #
-# $Id: urlfilter.cgi,v 1.7 2006/05/08 00:00:00 marco Exp $
+# $Id: urlfilter.cgi,v 1.9.1 2007/03/22 00:00:00 marco.s Exp $
 #

 use strict;

 # enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
+use warnings;
+use CGI::Carp 'fatalsToBrowser';

 use File::Copy;
 use IO::Socket;
@@ -22,6 +20,7 @@ require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";

+my $http_port='81';
 my %netsettings=();
 my %mainsettings=();
 my %proxysettings=();
@@ -74,6 +73,7 @@ my @filtergroups=();
 my @tclist=();
 my @uqlist=();
 my @source_urllist=();
+my @clients=();
 my @temp=();

 my $lastslashpos=0;
@@ -147,10 +147,30 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
    ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter save and restart'}) ||
    ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload file'}) ||
    ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter remove file'}) ||
+    ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload background'}) ||
    ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload blacklist'}) ||
    ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter backup'}) ||
    ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter restore'}))
-{ 
+{
+
+	@clients = split(/\n/,$filtersettings{'UNFILTERED_CLIENTS'});
+	foreach (@clients)
+	{
+		s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+		if (/.*-.*-.*/) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; }
+		@temp = split(/-/);
+		foreach (@temp) { unless ((&General::validipormask($_)) || (&General::validipandmask($_))) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; } }
+	}
+	@clients = split(/\n/,$filtersettings{'BANNED_CLIENTS'});
+	foreach (@clients)
+	{
+		s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+		if (/.*-.*-.*/) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; }
+		@temp = split(/-/);
+		foreach (@temp) { unless ((&General::validipormask($_)) || (&General::validipandmask($_))) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; } }
+	}
+	if ($errormessage) { goto ERROR; }
+
 	if (!($filtersettings{'CHILDREN'} =~ /^\d+$/) || ($filtersettings{'CHILDREN'} < 1))
 	{
 		$errormessage = $Lang::tr{'urlfilter invalid num of children'};
@@ -186,6 +206,17 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||

 	}
 	
+	if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload background'})
+	{
+		&Header::getcgihash(\%filtersettings, {'wantfile' => 1, 'filevar' => 'BACKGROUND'});
+
+		if (copy($filtersettings{'BACKGROUND'}, "/home/httpd/html/images/urlfilter/background.jpg") != 1)
+		{
+			$errormessage = $!;
+			goto ERROR;
+		}
+	}
+	
 	if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload blacklist'})
 	{
 		&Header::getcgihash(\%filtersettings, {'wantfile' => 1, 'filevar' => 'UPDATEFILE'});
@@ -211,6 +242,11 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
 			$errormessage = $Lang::tr{'urlfilter tar error'};
 		} else {

+			if (-d "${General::swroot}/urlfilter/update/BL")
+			{
+				system("mv ${General::swroot}/urlfilter/update/BL ${General::swroot}/urlfilter/update/blacklists");
+			}
+
 			if (-d "${General::swroot}/urlfilter/update/category")
 			{
 				system("mv ${General::swroot}/urlfilter/update/category ${General::swroot}/urlfilter/update/blacklists");
@@ -310,7 +346,7 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||

 	if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter save and restart'})
 	{
-		if (!(-e "${General::swroot}/proxy/enable"))
+		if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
 		{
 			$errormessage = $Lang::tr{'urlfilter web proxy service required'};
 			goto ERROR;
@@ -331,29 +367,10 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
 		if (-e "$dbdir/custom/blocked/domains.db") { unlink("$dbdir/custom/blocked/domains.db"); }
 		if (-e "$dbdir/custom/blocked/urls.db")    { unlink("$dbdir/custom/blocked/urls.db"); }

-		foreach (<$dbdir/*>)
-		{
-			if (-d $_){ system("chmod 644 $_/*"); }
-			if (-d $_){ system("chmod 666 $_/*.db"); }
-		}
-		if (-d "$dbdir/custom/allowed")
-		{
-			system("chmod 755 $dbdir/custom/allowed");
-			system("chmod 644 $dbdir/custom/allowed/*");
-		}
-		if (-d "$dbdir/custom/blocked")
-		{
-			system("chmod 755 $dbdir/custom/blocked");
-			system("chmod 644 $dbdir/custom/blocked/*");
-		}
+		&setpermissions ($dbdir);

 		system('/usr/local/bin/restartsquid');
 	}
-
-ERROR:
-
-	if ($errormessage) { $filtersettings{'VALID'} = 'no'; }
-
 }

 if ($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter set time constraints'}) { $tcsettings{'TCMODE'} = 'on'}
@@ -384,6 +401,16 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang

 	if (!$errormessage)
 	{
+		# transform to pre1.8 client definitions
+		@clients = split(/\n/,$tcsettings{'SRC'});
+		undef $tcsettings{'SRC'};
+		foreach(@clients)
+		{
+			s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+			$tcsettings{'SRC'} .= "$_ ";
+		}
+		$tcsettings{'SRC'} =~ s/\s+$//;
+
 		if ($tcsettings{'DST'} =~ /^any/) { $tcsettings{'DST'} = 'any'; }
 		if ($tcsettings{'ENABLERULE'} eq 'on') { $tcsettings{'ACTIVE'} = $tcsettings{'ENABLERULE'}; } else { $tcsettings{'ACTIVE'} = 'off'}

@@ -418,6 +445,38 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
 	}
 }

+if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter copy rule'}) && (!$errormessage))
+{
+	$id = 0;
+	foreach $line (@tclist)
+	{
+		$id++;
+		if ($tcsettings{'ID'} eq $id)
+		{
+			chomp($line);
+			@temp = split(/\,/,$line);
+			$tcsettings{'DEFINITION'} = $temp[0];
+			$tcsettings{'MON'} = $temp[1];
+			$tcsettings{'TUE'} = $temp[2];
+			$tcsettings{'WED'} = $temp[3];
+			$tcsettings{'THU'} = $temp[4];
+			$tcsettings{'FRI'} = $temp[5];
+			$tcsettings{'SAT'} = $temp[6];
+			$tcsettings{'SUN'} = $temp[7];
+			$tcsettings{'FROM_HOUR'} = $temp[8];
+			$tcsettings{'FROM_MINUTE'} = $temp[9];
+			$tcsettings{'TO_HOUR'} = $temp[10];
+			$tcsettings{'TO_MINUTE'} = $temp[11];
+			$tcsettings{'SRC'} = $temp[12];
+			$tcsettings{'DST'} = $temp[13];
+			$tcsettings{'ACCESS'} = $temp[14];
+			$tcsettings{'ENABLERULE'} = $temp[15];
+			$tcsettings{'COMMENT'} = $temp[16];
+		}
+	}
+	$tcsettings{'TCMODE'}='on';
+}
+
 if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'remove'}))
 {
 	$id = 0;
@@ -439,7 +498,7 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
 	{
 		$errormessage = $Lang::tr{'urlfilter not enabled'};
 	}
-	if (!(-e "${General::swroot}/proxy/enable"))
+	if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
 	{
 		$errormessage = $Lang::tr{'urlfilter web proxy service required'};
 	}
@@ -470,11 +529,6 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
 	$tcsettings{'TCMODE'}='on';
 }

-if (!$errormessage) {
-	$tcsettings{'ENABLERULE'}='on';
-	$tcsettings{'TO_HOUR'}='24';
-}
-
 if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'edit'}) && (!$errormessage))
 {
 	$id = 0;
@@ -507,6 +561,11 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
 	$tcsettings{'TCMODE'}='on';
 }

+if ((!$errormessage) && (!($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter copy rule'})) && (!($tcsettings{'ACTION'} eq $Lang::tr{'edit'}))) {
+	$tcsettings{'ENABLERULE'}='on';
+	$tcsettings{'TO_HOUR'}='24';
+}
+
 if ($uqsettings{'ACTION'} eq $Lang::tr{'urlfilter set user quota'}) { $uqsettings{'UQMODE'} = 'on'}

 if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{'add'}))
@@ -642,7 +701,7 @@ if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{
 	{
 		$errormessage = $Lang::tr{'urlfilter not enabled'};
 	}
-	if (!(-e "${General::swroot}/proxy/enable"))
+	if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
 	{
 		$errormessage = $Lang::tr{'urlfilter web proxy service required'};
 	}
@@ -969,6 +1028,10 @@ if (-e "${General::swroot}/urlfilter/settings") { &General::readhash("${General:

 &readcustomlists;

+ERROR:
+
+if ($errormessage) { $filtersettings{'VALID'} = 'no'; }
+
 $checked{'ENABLE_CUSTOM_BLACKLIST'}{'off'} = '';
 $checked{'ENABLE_CUSTOM_BLACKLIST'}{'on'} = '';
 $checked{'ENABLE_CUSTOM_BLACKLIST'}{$filtersettings{'ENABLE_CUSTOM_BLACKLIST'}} = "checked='checked'";
@@ -1313,10 +1376,46 @@ print <<END
        <td>&nbsp;</td>
 </tr>
 <tr>
-        <td class='base'>$Lang::tr{'urlfilter unfiltered clients'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
-        <td><input type='text' name='UNFILTERED_CLIENTS' value='$filtersettings{'UNFILTERED_CLIENTS'}' size='30' /></td>
-        <td class='base'>$Lang::tr{'urlfilter banned clients'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
-        <td><input type='text' name='BANNED_CLIENTS' value='$filtersettings{'BANNED_CLIENTS'}' size='30' /></td>
+	<td colspan='2'>$Lang::tr{'urlfilter unfiltered clients'}&nbsp;<img src='/blob.gif' alt='*' /></td>
+	<td colspan='2'>$Lang::tr{'urlfilter banned clients'}&nbsp;<img src='/blob.gif' alt='*' /></td>
+</tr>
+<tr>
+	<td colspan='2' width='50%'><textarea name='UNFILTERED_CLIENTS' cols='32' rows='6' wrap='off'>
+END
+;
+
+# transform from pre1.8 client definitions
+$filtersettings{'UNFILTERED_CLIENTS'} =~ s/^\s+//g;
+$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+$//g;
+$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+-\s+/-/g;
+$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+/ /g;
+
+@clients = split(/ /,$filtersettings{'UNFILTERED_CLIENTS'});
+undef $filtersettings{'UNFILTERED_CLIENTS'};
+foreach (@clients) { $filtersettings{'UNFILTERED_CLIENTS'} .= "$_\n"; }
+
+print $filtersettings{'UNFILTERED_CLIENTS'};
+
+print <<END
+</textarea></td>
+	<td colspan='2' width='50%'><textarea name='BANNED_CLIENTS' cols='32' rows='6' wrap='off'>
+END
+;
+
+# transform from pre1.8 client definitions
+$filtersettings{'BANNED_CLIENTS'} =~ s/^\s+//g;
+$filtersettings{'BANNED_CLIENTS'} =~ s/\s+$//g;
+$filtersettings{'BANNED_CLIENTS'} =~ s/\s+-\s+/-/g;
+$filtersettings{'BANNED_CLIENTS'} =~ s/\s+/ /g;
+
+@clients = split(/ /,$filtersettings{'BANNED_CLIENTS'});
+undef $filtersettings{'BANNED_CLIENTS'};
+foreach (@clients) { $filtersettings{'BANNED_CLIENTS'} .= "$_\n"; }
+
+print $filtersettings{'BANNED_CLIENTS'};
+
+print <<END
+</textarea></td>
 </tr>
 </table>
 <hr size='1'>
@@ -1367,6 +1466,17 @@ print <<END
 	<td>&nbsp;</td>
 </tr>
 </table>
+<table width='100%'>
+<tr>
+	<td class='base'><b>$Lang::tr{'urlfilter background image'}</b></td>
+</tr>
+<tr>
+	<td><br>$Lang::tr{'urlfilter background text'}:</td>
+</tr>
+<tr>
+	<td><input type='file' name='BACKGROUND' size='40' /> &nbsp; <input type='submit' name='ACTION' value='$Lang::tr{'urlfilter upload background'}' /></td>
+</tr>
+</table>
 <hr size='1'>
 <table width='100%'>
 <tr>
@@ -1411,7 +1521,7 @@ print <<END
 	<font class='base'>$Lang::tr{'this field may be blank'}</font>
 	</td>
 	<td align='right'>&nbsp;
-</td>
+	</td>
 </tr>
 </table>
 <table width='100%'>
@@ -1795,10 +1905,28 @@ print <<END
 		<td>&nbsp;</td>
 	</tr>
 	<tr>
-		<td valign='top'><input type='text' name='SRC' value='$tcsettings{'SRC'}' size='32' /></td>
+        <td rowspan='2'><textarea name='SRC' cols='28' rows='5' wrap='off'>
+END
+;
+
+# transform from pre1.8 client definitions
+$tcsettings{'SRC'} =~ s/^\s+//g;
+$tcsettings{'SRC'} =~ s/\s+$//g;
+$tcsettings{'SRC'} =~ s/\s+-\s+/-/g;
+$tcsettings{'SRC'} =~ s/\s+/ /g;
+
+@clients = split(/ /,$tcsettings{'SRC'});
+undef $tcsettings{'SRC'};
+foreach (@clients) { $tcsettings{'SRC'} .= "$_\n"; }
+
+print $tcsettings{'SRC'};
+
+print <<END
+</textarea></td>
+
 		<td>&nbsp;</td>
-		<td class='base' rowspan='3' valign='top'>
-		<select name='DST' size='4' multiple>
+		<td class='base' rowspan='2' valign='top'>
+		<select name='DST' size='6' multiple>
 		<option value='any' $selected{'DST'}{'any'} = "selected='selected'">$Lang::tr{'urlfilter category all'}</option>
 		<option value='in-addr' $selected{'DST'}{'in-addr'} = "selected='selected'">in-addr</option>
 END
@@ -1825,12 +1953,19 @@ print <<END
 		</td>
 		<td>&nbsp;</td>
 	</tr>
+	<tr>
+		<td>&nbsp;</td>
+		<td>&nbsp;</td>
+		<td>&nbsp;</td>
+		<td>&nbsp;</td>
+	</tr>
 	<tr>
 		<td>$Lang::tr{'remark'}&nbsp;<img src='/blob.gif' alt='*'></td>
 		<td>&nbsp;</td>
 		<td>&nbsp;</td>
 		<td>&nbsp;</td>
 		<td>&nbsp;</td>
+		<td>&nbsp;</td>
 	</tr>
 	<tr>
 		<td><input type='text' name='COMMENT' value='$tcsettings{'COMMENT'}' size='32' /></td>
@@ -1838,6 +1973,7 @@ print <<END
 		<td>&nbsp;</td>
 		<td>&nbsp;</td>
 		<td>&nbsp;</td>
+		<td>&nbsp;</td>
 	</tr>
 </table>

@@ -1890,7 +2026,7 @@ print <<END
 		<td width='10%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter time space'}</b></td>
 		<td width='15%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter src'}</b></td>
 		<td width='5%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter dst'}</b></td>
-		<td width='10%' class='boldbase' colspan='4' align='center'>&nbsp;</td>
+		<td width='10%' class='boldbase' colspan='5' align='center'>&nbsp;</td>
 	</tr>
 END
 ;
@@ -1959,6 +2095,15 @@ print <<END

 		<td align='center'>
 		<form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
+		<input type='image' name='$Lang::tr{'urlfilter copy rule'}' src='/images/urlfilter/copy.gif' title='$Lang::tr{'urlfilter copy rule'}' alt='$Lang::tr{'urlfilter copy rule'}' />
+		<input type='hidden' name='MODE' value='TIMECONSTRAINT' />
+		<input type='hidden' name='ID' value='$id' />
+		<input type='hidden' name='ACTION' value='$Lang::tr{'urlfilter copy rule'}' />
+		</form>
+		</td>
+
+		<td align='center'>
+		<form method='post' name='frmd$id' action='$ENV{'SCRIPT_NAME'}'>
 		<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
 		<input type='hidden' name='MODE' value='TIMECONSTRAINT' />
 		<input type='hidden' name='ID' value='$id' />
@@ -1978,7 +2123,7 @@ END
 print <<END
 		<td align='center' colspan='4'>$temp[16]
 		</td>
-		<td align='center' colspan='4'>
+		<td align='center' colspan='5'>
 		</td>
 	</tr>
 END
@@ -2004,6 +2149,8 @@ print <<END
 		<td class='base'>$Lang::tr{'click to enable'}</td>
 		<td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
 		<td class='base'>$Lang::tr{'edit'}</td>
+		<td>&nbsp; &nbsp; <img src='/images/urlfilter/copy.gif' alt='$Lang::tr{'urlfilter copy rule'}' /></td>
+		<td class='base'>$Lang::tr{'urlfilter copy rule'}</td>
 		<td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
 		<td class='base'>$Lang::tr{'remove'}</td>
 	</tr>
@@ -2385,6 +2532,26 @@ print "</form>\n";

 sub savesettings
 {
+	# transform to pre1.8 client definitions
+	@clients = split(/\n/,$filtersettings{'UNFILTERED_CLIENTS'});
+	undef $filtersettings{'UNFILTERED_CLIENTS'};
+	foreach(@clients)
+	{
+		s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+		$filtersettings{'UNFILTERED_CLIENTS'} .= "$_ ";
+	}
+	$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+$//;
+
+	# transform to pre1.8 client definitions
+	@clients = split(/\n/,$filtersettings{'BANNED_CLIENTS'});
+	undef $filtersettings{'BANNED_CLIENTS'};
+	foreach(@clients)
+	{
+		s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
+		$filtersettings{'BANNED_CLIENTS'} .= "$_ ";
+	}
+	$filtersettings{'BANNED_CLIENTS'} =~ s/\s+$//;
+
 	&writeconfigfile;

 	delete $filtersettings{'CUSTOM_BLACK_DOMAINS'};
@@ -2403,20 +2570,15 @@ sub savesettings
 sub readblockcategories
 {
 	undef(@categories);
-	foreach $blacklist (<$dbdir/*>) {
-	  if (-d $blacklist) {
-	    $lastslashpos = rindex($blacklist,"/");
-	    if ($lastslashpos > -1) {
-	      $section = substr($blacklist,$lastslashpos+1);
-	    } else {
-	      $section = $blacklist;
-	    }
-	    if (!($section eq 'custom')) { push(@categories,$section) };
-	  }
-	}
+
+	&getblockcategory ($dbdir);
+
+	foreach (@categories) { $_ = substr($_,length($dbdir)+1); }

 	@filtergroups = @categories;
+
 	foreach (@filtergroups) {
+		s/\//_SLASH_/g;
        	tr/a-z/A-Z/;
 	        $_ = "FILTER_".$_;
 	}
@@ -2424,6 +2586,23 @@ sub readblockcategories

 # -------------------------------------------------------------------

+sub getblockcategory
+{
+	foreach $category (<$_[0]/*>)
+	{
+		if (-d $category)
+		{
+			if ((-e "$category/domains") || (-e "$category/urls"))
+			{
+				unless ($category =~ /\bcustom\b/) { push(@categories,$category); }
+			}
+			&getblockcategory ($category);
+		}
+	}
+}
+
+# -------------------------------------------------------------------
+
 sub readcustomlists
 {
 	if (-e "$dbdir/custom/blocked/domains") {
@@ -2488,7 +2667,7 @@ sub aggregatedconstraints
 			foreach (@new)
 			{
 				@tmp2 = split(/\,/);
-				if ($tmp2[15] eq 'on')
+				if (($tmp1[15] eq 'on') && ($tmp2[15] eq 'on'))
 				{
 					if (($tmp1[0] eq $tmp2[0]) && ($tmp1[12] eq $tmp2[12]) && ($tmp1[13] eq $tmp2[13]) && ($tmp1[14] eq $tmp2[14]))
 					{
@@ -2530,10 +2709,31 @@ sub aggregatedconstraints

 # -------------------------------------------------------------------

+sub setpermissions
+{
+	my $bldir = $_[0];
+
+	foreach $category (<$bldir/*>)
+	{
+        	 if (-d $category){
+			system("chmod 755 $category &> /dev/null");
+			foreach $blacklist (<$category/*>)
+			{
+         			if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
+         			if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
+			}
+        	 	system("chmod 666 $category/*.db &> /dev/null");
+			&setpermissions ($category);
+		}
+	 }
+}
+
+# -------------------------------------------------------------------
+
 sub writeconfigfile
 {
 	my $executables = "\\.\(ade|adp|asx|bas|bat|chm|com|cmd|cpl|crt|dll|eml|exe|hiv|hlp|hta|inc|inf|ins|isp|jse|jtd|lnk|msc|msh|msi|msp|mst|nws|ocx|oft|ops|pcd|pif|plx|reg|scr|sct|sha|shb|shm|shs|sys|tlb|tsp|url|vbe|vbs|vxd|wsc|wsf|wsh\)\$";
-	my $audiovideo = "\\.\(aiff|asf|avi|dif|divx|mov|movie|mp3|mpe?g?|mpv2|ogg|ra?m|snd|qt|wav|wmf|wmv\)\$";
+	my $audiovideo = "\\.\(aiff|asf|avi|dif|divx|mov|movie|mp3|mpe?g?|mpv2|ogg|ra?m|snd|qt|wav|wma|wmf|wmv\)\$";
 	my $archives = "\\.\(bin|bz2|cab|cdr|dmg|gz|hqx|rar|smi|sit|sea|tar|tgz|zip\)\$";

 	my $ident = " anonymous";
@@ -2583,9 +2783,9 @@ sub writeconfigfile
 			if ($filtersettings{'SHOW_URL'} eq 'on') { $redirect .= "&url=%u"; }
 			if ($filtersettings{'SHOW_IP'} eq 'on') { $redirect .= "&ip=%a"; }
 			$redirect  =~ s/^&/?/;
-			$redirect = "http:\/\/$netsettings{'GREEN_ADDRESS'}:81\/redirect.cgi".$redirect; 
+			$redirect = "http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/redirect.cgi".$redirect; 
 		} else {
-			$redirect="http:\/\/$netsettings{'GREEN_ADDRESS'}:81\/redirect.cgi";
+			$redirect="http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/redirect.cgi";
 		}
 	} else { $redirect=$filtersettings{'REDIRECT_PAGE'}; }

@@ -2630,6 +2830,8 @@ sub writeconfigfile
 		$defaultrule .= "any";
 	}

+	$defaultrule =~ s/\//_/g;
+
 	open(FILE, ">${General::swroot}/urlfilter/squidGuard.conf") or die "Unable to write squidGuard.conf file";
 	flock(FILE, 2);

@@ -2648,14 +2850,14 @@ sub writeconfigfile

 	if ((($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles)) || ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on'))
 	{
-		print FILE "rewrite rew-rule-0 {\n";
+		print FILE "rewrite rew-rule-1 {\n";

 		if (($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles))
 		{
 			print FILE "    # rewrite localfiles\n";
 			foreach (@repositoryfiles)
 			{
-				print FILE "    s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:81/repository/$_\@i\n";
+				print FILE "    s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:$http_port/repository/$_\@i\n";
 			}
 		}

@@ -2672,13 +2874,13 @@ sub writeconfigfile
 		print FILE "}\n\n";

 		if ((!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) && ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on')) {
-			print FILE "rewrite rew-rule-1 {\n";
+			print FILE "rewrite rew-rule-2 {\n";
 			if (($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles))
 			{
 				print FILE "    # rewrite localfiles\n";
 				foreach (@repositoryfiles)
 				{
-					print FILE "    s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:81/repository/$_\@i\n";
+					print FILE "    s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:$http_port/repository/$_\@i\n";
 				}
 			} else {
 				print FILE "    # rewrite nothing\n";
@@ -2687,6 +2889,26 @@ sub writeconfigfile
 		}
 	}

+	if (!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) {
+		print FILE "src unfiltered {\n";
+		print FILE "    ip $filtersettings{'UNFILTERED_CLIENTS'}\n";
+		print FILE "}\n\n";
+	}
+	if (!($filtersettings{'BANNED_CLIENTS'} eq '')) {
+		print FILE "src banned {\n";
+		print FILE "    ip $filtersettings{'BANNED_CLIENTS'}\n";
+		if ($filtersettings{'ENABLE_LOG'} eq 'on')
+		{
+			if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
+			{
+				print FILE "    logfile       ".$ident." banned.log\n";
+			} else {
+				print FILE "    logfile       ".$ident." urlfilter.log\n";
+			}
+		}
+		print FILE "}\n\n";
+	}
+
 	if (-e $uqfile)
 	{
 		open(UQ, $uqfile);
@@ -2733,7 +2955,30 @@ sub writeconfigfile
 			{
 				$idx++;
 				print FILE "src network-$idx {\n";
-				print FILE "    ip $tc[12]\n";
+				@clients = split(/ /,$tc[12]);
+				@temp = split(/-/,$clients[0]);
+				if ( (&General::validipormask($temp[0])) || (&General::validipandmask($temp[0])))
+				{
+					print FILE "    ip $tc[12]\n";
+				} else {
+					print FILE "    user";
+					@clients = split(/ /,$tc[12]);
+					foreach $line (@clients)
+					{
+						$line =~ s/(^\w+)\\(\w+$)/$1%5c$2/;
+						print FILE " $line";
+					}
+					print FILE "\n";
+				}
+				if (($filtersettings{'ENABLE_LOG'} eq 'on') && ($tc[14] eq 'block') && ($tc[13] eq 'any'))
+				{
+					if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
+					{
+						print FILE "    logfile       ".$ident." timeconst.log\n";
+					} else {
+						print FILE "    logfile       ".$ident." urlfilter.log\n";
+					}
+				}
 				print FILE "}\n\n";
 			}
 		}
@@ -2753,31 +2998,22 @@ sub writeconfigfile
 		}
 	}

-	if (!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) {
-		print FILE "src unfiltered {\n";
-		print FILE "    ip $filtersettings{'UNFILTERED_CLIENTS'}\n";
-		print FILE "}\n\n";
-	}
-	if (!($filtersettings{'BANNED_CLIENTS'} eq '')) {
-		print FILE "src banned {\n";
-		print FILE "    ip $filtersettings{'BANNED_CLIENTS'}\n";
-		print FILE "}\n\n";
-	}
-
 	foreach $category (@categories) {
+		$blacklist = $category;
+		$category =~ s/\//_/g;
 		print FILE "dest $category {\n";
-		if (-e "$dbdir/$category/domains") {
-			print FILE "    domainlist     $category\/domains\n";
+		if (-e "$dbdir/$blacklist/domains") {
+			print FILE "    domainlist     $blacklist\/domains\n";
 		}
-		if (-e "$dbdir/$category/urls") {
-			print FILE "    urllist        $category\/urls\n";
+		if (-e "$dbdir/$blacklist/urls") {
+			print FILE "    urllist        $blacklist\/urls\n";
 		}
-		if ((-e "$dbdir/$category/expressions") && ($filtersettings{'ENABLE_EXPR_LISTS'} eq 'on')) {
-			print FILE "    expressionlist $category\/expressions\n";
+		if ((-e "$dbdir/$blacklist/expressions") && ($filtersettings{'ENABLE_EXPR_LISTS'} eq 'on')) {
+			print FILE "    expressionlist $blacklist\/expressions\n";
 		}
-		if (($category eq 'ads') && ($filtersettings{'ENABLE_EMPTY_ADS'} eq 'on'))
+		if ((($category eq 'ads') || ($category eq 'adv')) && ($filtersettings{'ENABLE_EMPTY_ADS'} eq 'on'))
 		{
-			print FILE "    redirect       http:\/\/$netsettings{'GREEN_ADDRESS'}:81\/images/urlfilter/1x1.gif\n";
+			print FILE "    redirect       http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/images/urlfilter/1x1.gif\n";
 		}
 		if ($filtersettings{'ENABLE_LOG'} eq 'on')
 		{
@@ -2789,6 +3025,7 @@ sub writeconfigfile
 			}
 		}
 		print FILE "}\n\n";
+		$category = $blacklist;
 	}
 	
 	print FILE "dest files {\n";
@@ -2842,7 +3079,7 @@ sub writeconfigfile
 		print FILE "        pass all\n";
 		if ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on')
 		{
-			print FILE "        rewrite rew-rule-1\n";
+			print FILE "        rewrite rew-rule-2\n";
 		}
 		print FILE "    }\n\n";
 	}
@@ -2894,6 +3131,7 @@ sub writeconfigfile
 			chomp;
 			@tc = split(/\,/);
 			@ec = split(/\|/,$tc[13]);
+			foreach (@ec) { s/\//_/g; }
 			if ($tc[15] eq 'on')
 			{
 				$idx++;
@@ -2939,12 +3177,17 @@ sub writeconfigfile
 						print FILE $tcrule unless ((@ec == 1) && ($ec[0] eq 'any'));
 					} else {
 						$tcrule = $defaultrule;
-						foreach (@ec)
+						if ((@ec == 1) && ($ec[0] eq 'any'))
 						{
-							$tcrule =~ s/!$_ //;
-							print FILE "$_ " if ($_ eq 'any');
+							print FILE "any";
+						} else {
+							foreach (@ec)
+							{
+								$tcrule = "$_ ".$tcrule unless (index($defaultrule,"!".$_." ") ge 0);
+								$tcrule =~ s/!$_ //;
+							}
+							print FILE $tcrule;
 						}
-						print FILE $tcrule unless ((@ec == 1) && ($ec[0] eq 'any'));
 					}
 				}

@@ -2968,7 +3211,7 @@ sub writeconfigfile
 	}
 	if ((($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles)) || ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on'))
 	{
-		print FILE "        rewrite rew-rule-0\n";
+		print FILE "        rewrite rew-rule-1\n";
 	}
 	print FILE "        redirect $redirect\n";
 	print FILE "    }\n";
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1400,8 +1400,6 @@
 'updxlrtr source checkup schedule' => 'Zeitplanung der Quellenprüfung',
 'updxlrtr unknown' => 'Unbekannt',
 'updxlrtr update accelerator' => 'Update-Accelerator',
-'updxlrtr update information' => 'Eine aktualisierte Version steht zum Download bereit. Besuchen Sie <a href="http://www.advproxy.net/update-accelerator" target="_blank">http://www.advproxy.net/update-accelerator</a> für weitere Informationen.',
-'updxlrtr update notification' => 'Update-Benachrichtigung!',
 'updxlrtr web proxy service required' => 'Der Web-Proxy muss aktiviert sein um den Update-Accelerator zu verwenden',
 'updxlrtr week' => 'einer Woche',
 'updxlrtr weekly' => 'wöchentlich',
@@ -1472,6 +1470,7 @@
 'urlfilter constraint definition' => 'Definition',
 'urlfilter constraint outside' => 'ausserhalb',
 'urlfilter constraint within' => 'innerhalb',
+'urlfilter copy rule' => 'Kopieren',
 'urlfilter current files' => 'Aktuelle Dateien in der lokalen Dateiablage',
 'urlfilter custom blacklist' => 'Angepasste Blacklist',
 'urlfilter custom expression list' => 'Angepasste Ausdrucksliste',
@@ -1516,6 +1515,7 @@
 'urlfilter install information' => 'Die neue Blacklist wird automatisch in vorgefertigte Datenbanken übersetzt. Abhängig von der Größe der Blacklist kann dies einige Minuten dauern.',
 'urlfilter invalid content' => 'Datei ist keine squidGuard-kompatible Blacklist',
 'urlfilter invalid import file' => 'Datei ist keine gültige URL-Filter Blacklist-Editor Datei',
+'urlfilter invalid ip or mask error' => 'Ungültige IP-Adresse oder Subnetzmaske',
 'urlfilter invalid num of children' => 'Ungültige Anzahl Filterprozesse',
 'urlfilter invalid restore file' => 'Datei ist keine gültige URL-Filter Sicherungsdatei',
 'urlfilter invalid user error' => 'Ungültiger Benutzername',
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1420,8 +1420,6 @@
 'updxlrtr source checkup schedule' => 'Source checkup schedule',
 'updxlrtr unknown' => 'Unknown',
 'updxlrtr update accelerator' => 'Update Accelerator',
-'updxlrtr update information' => 'There is an updated version available for download. Visit <a href="http://www.advproxy.net" target="_blank">http://www.advproxy.net</a> for more information.',
-'updxlrtr update notification' => 'Update notification!',
 'updxlrtr web proxy service required' => 'Web proxy service must be enabled to use Update Accelerator',
 'updxlrtr week' => 'one week',
 'updxlrtr weekly' => 'weekly',
@@ -1493,6 +1491,7 @@
 'urlfilter constraint definition' => 'Definition',
 'urlfilter constraint outside' => 'outside',
 'urlfilter constraint within' => 'within',
+'urlfilter copy rule' => 'Copy',
 'urlfilter current files' => 'Current files in local repository',
 'urlfilter custom blacklist' => 'Custom blacklist',
 'urlfilter custom expression list' => 'Custom expression list',
@@ -1537,6 +1536,7 @@
 'urlfilter install information' => 'The new blacklist will be automatically compiled to prebuilt databases. Depending on the size of the blacklist, this may take several minutes.',
 'urlfilter invalid content' => 'File is not a squidGuard compatible blacklist',
 'urlfilter invalid import file' => 'File is not a valid URL filter blacklist editor file',
+'urlfilter invalid ip or mask error' => 'Invalid IP address or network mask',
 'urlfilter invalid num of children' => 'Invalid number of filter processes',
 'urlfilter invalid restore file' => 'File is not a valid URL filter backup file',
 'urlfilter invalid user error' => 'Invalid username',
--- a/src/misc-progs/tripwirectrl.c
+++ b/src/misc-progs/tripwirectrl.c
@@ -32,55 +32,62 @@ int main(int argc, char *argv[])

        if (strcmp(argv[1], "generatereport")==0)
        {
-            safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol");
+            safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol  >/dev/null 2>&1");
+            return 0;
+        }
+
+        if (strcmp(argv[1], "deletereport")==0)
+        {
+        		sprintf(command, "rm -f /var/ipfire/tripwire/report/%s", argv[2]);
+            safe_system(command);
            return 0;
        }

        if (strcmp(argv[1], "updatedatabase")==0)
        {
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s", argv[2], argv[3]);
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s  >/dev/null 2>&1", argv[2], argv[3]);
            safe_system(command);
            return 0;
        }

        if (strcmp(argv[1], "keys")==0)
        {
-            printf("\nGenerating Site-Key");
-            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key", argv[2]);
+            printf("Generating Site Key<br />");
+            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key  >/dev/null 2>&1", argv[2]);
            safe_system(command);
-            printf("\nGenerating Local-Key");
-            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/local.key", argv[3]);
+            printf("Generating Local Key<br />");
+            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/local.key  >/dev/null 2>&1", argv[3]);
            safe_system(command);
-            printf("\nGenerating Config File");
-            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]);
+            printf("Generating Config File<br />");
+            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg  >/dev/null 2>&1", argv[2]);
            safe_system(command);
-            printf("\nGenerating Policy File");
-            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]);
+            printf("Generating Policy File<br />");
+            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol  >/dev/null 2>&1", argv[2]);
            safe_system(command);
-            printf("\nInitialising - This may take a while depending on your Policy");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]);
+            printf("Initialising - This may take a while depending on your Policy<br />");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s  >/dev/null 2>&1", argv[3]);
            safe_system(command);
            return 0;
        }

        if (strcmp(argv[1], "generatepolicy")==0)
        {
-            printf("\nGenerating Policy File");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt", argv[2]);
+            printf("Generating Policy File<br />");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt  >/dev/null 2>&1", argv[2]);
            safe_system(command);
-            printf("\nInitialising - This may take a while depending on your Policy");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --local-passphrase %s", argv[3]);
+            printf("Initialising - This may take a while depending on your Policy<br />");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s  >/dev/null 2>&1", argv[3]);
            safe_system(command);
            return 0;
        }

        if (strcmp(argv[1], "resetpolicy")==0)
        {
-            printf("\nGenerating Policy File");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default", argv[2]);
+            printf("Generating Policy File<br />");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default  >/dev/null 2>&1", argv[2]);
            safe_system(command);
-            printf("\nInitialising - This may take a while depending on your Policy");
-            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --local-passphrase %s", argv[3]);
+            printf("Initialising - This may take a while depending on your Policy");
+            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s  >/dev/null 2>&1", argv[3]);
            safe_system(command);
            return 0;
        }
@@ -97,4 +104,4 @@ int main(int argc, char *argv[])
            return 0;
        }
 return 0;
-}
+}
--- a/src/scripts/scanhd
+++ b/src/scripts/scanhd
@@ -2,7 +2,7 @@

 case "$1" in
 	ide)
-		/sbin/kudzu -qps -c HD | egrep "desc|device" | awk -F': ' '{print $2}' | sed -e '/"$/a\\' -e "s/$/\;/g" | tr "\n" "XX" | sed -e "s/XX/\n/g" -e "s/\;X/\;/g" > /var/ipfire/extrahd/scan
+		/sbin/kudzu -qps -c HD | egrep "desc|device:" | awk -F': ' '{print $2}' | sed -e '/"$/a\\' -e "s/$/\;/g" | tr "\n" "XX" | sed -e "s/XX/\n/g" -e "s/\;X/\;/g" > /var/ipfire/extrahd/scan
 		;;
 	partitions)
 		cat /proc/partitions | awk '{print $4 ";"  $3 ";"}' | grep -v name | grep -v "^;;$" > /var/ipfire/extrahd/partitions