From 1f10d162dce4014536a16afc960650a2f728c215 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Thu, 19 Aug 2010 18:53:25 +0200 Subject: [PATCH 01/12] Updated squidclamav to current stable. --- doc/packages-list.txt | 2 +- lfs/squidclamav | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/packages-list.txt b/doc/packages-list.txt index 8f11d1219..1f60b70b6 100644 --- a/doc/packages-list.txt +++ b/doc/packages-list.txt @@ -316,7 +316,7 @@ * squashfs-lzma-cvs20100214 * squid-2.7.STABLE9 * squidGuard-1.4.1 -* squidclamav-5.3 +* squidclamav-5.4 * sshfs-fuse-2.2 * sslh-1.7a * streamripper-1.63.5 diff --git a/lfs/squidclamav b/lfs/squidclamav index e718f5d04..662594af0 100644 --- a/lfs/squidclamav +++ b/lfs/squidclamav @@ -24,7 +24,7 @@ include Config -VER = 5.3 +VER = 5.4 THISAPP = squidclamav-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = squidclamav -PAK_VER = 12 +PAK_VER = 13 DEPS = "clamav" @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 39f4b98294782039840b2052eab543e2 +$(DL_FILE)_MD5 = e2adab89b1d46ace78b4ec5200dd1285 install : $(TARGET) From c0ab03b580b939db4f7581fb00dc59f2211b6842 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 23 Aug 2010 16:13:43 +0200 Subject: [PATCH 02/12] Change default NTP servers. The IPFire project got an own pool from the ntp.org project. Do not ship with the core update. --- config/cfgroot/time-settings | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/cfgroot/time-settings b/config/cfgroot/time-settings index 577b0b345..d10a86d9f 100644 --- a/config/cfgroot/time-settings +++ b/config/cfgroot/time-settings @@ -1,7 +1,7 @@ -NTP_ADDR_2=pool.ntp.org +NTP_ADDR_2=1.ipfire.pool.ntp.org UPDATE_PERIOD=daily UPDATE_VALUE=1 UPDATE_METHOD=manually ENABLENTP=off -NTP_ADDR_1=de.pool.ntp.org +NTP_ADDR_1=0.ipfire.pool.ntp.org VALID=yes From d6d19d9280b1232629ed21643b2646e98d01fcaf Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Wed, 25 Aug 2010 20:59:45 +0200 Subject: [PATCH 03/12] Updated hardcoded ping.ipfire.org ip. --- config/rootfiles/core/40/filelists/files | 1 + src/ppp/ip-up | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/config/rootfiles/core/40/filelists/files b/config/rootfiles/core/40/filelists/files index 883eb86e2..23e221059 100644 --- a/config/rootfiles/core/40/filelists/files +++ b/config/rootfiles/core/40/filelists/files @@ -1,4 +1,5 @@ etc/system-release +etc/ppp/ip-up var/ipfire/langs/en.pl var/ipfire/langs/de.pl var/ipfire/langs/es.pl diff --git a/src/ppp/ip-up b/src/ppp/ip-up index 683b15504..fdd204b93 100644 --- a/src/ppp/ip-up +++ b/src/ppp/ip-up @@ -74,7 +74,7 @@ else echo "$FIRE gateway" >> /tmp/hosts else #DNS lookup failed use direct ip - echo "85.88.28.125 gateway" >> /tmp/hosts + echo "178.63.73.246 gateway" >> /tmp/hosts fi fi mv /tmp/hosts /etc/hosts From 7c42d6855321cb3247e476235fbc7538cb81f479 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Thu, 26 Aug 2010 18:47:39 +0200 Subject: [PATCH 04/12] Ipfireseeder: open also 35700 udp in external access. Ipfireseeder: autorestart at reconnect. --- lfs/ipfireseeder | 2 +- src/initscripts/init.d/ipfireseeder | 1 + src/paks/ipfireseeder/install.sh | 3 +++ src/paks/ipfireseeder/uninstall.sh | 8 ++++++++ src/paks/ipfireseeder/update.sh | 2 +- 5 files changed, 14 insertions(+), 2 deletions(-) diff --git a/lfs/ipfireseeder b/lfs/ipfireseeder index 3d1a32fa3..a0921c65c 100644 --- a/lfs/ipfireseeder +++ b/lfs/ipfireseeder @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = ipfireseeder -PAK_VER = 13 +PAK_VER = 14 DEPS = "rtorrent" diff --git a/src/initscripts/init.d/ipfireseeder b/src/initscripts/init.d/ipfireseeder index def329203..5ce5cdf6c 100644 --- a/src/initscripts/init.d/ipfireseeder +++ b/src/initscripts/init.d/ipfireseeder @@ -30,6 +30,7 @@ case "${1}" in evaluate_retval if ! grep -q "35700:35700" /var/ipfire/xtaccess/config ; then echo "tcp,0.0.0.0/0,35700:35700,on,0.0.0.0,IPFireSeeder" >> /var/ipfire/xtaccess/config + echo "udp,0.0.0.0/0,35700:35700,on,0.0.0.0,IPFireSeeder" >> /var/ipfire/xtaccess/config /usr/local/bin/setxtaccess fi ;; diff --git a/src/paks/ipfireseeder/install.sh b/src/paks/ipfireseeder/install.sh index 76f1efec9..81abf5aa3 100644 --- a/src/paks/ipfireseeder/install.sh +++ b/src/paks/ipfireseeder/install.sh @@ -23,4 +23,7 @@ # . /opt/pakfire/lib/functions.sh extract_files +ln -s ../../ipfireseeder /etc/rc.d/init.d/networking/red.up/90-S-ipfireseeder +ln -s ../../ipfireseeder /etc/rc.d/init.d/networking/red.down/01-K-ipfireseeder + start_service --delay 90 --background ${NAME} diff --git a/src/paks/ipfireseeder/uninstall.sh b/src/paks/ipfireseeder/uninstall.sh index 973a2f92b..888c7016f 100644 --- a/src/paks/ipfireseeder/uninstall.sh +++ b/src/paks/ipfireseeder/uninstall.sh @@ -31,4 +31,12 @@ cat /opt/pakfire/db/rootfiles/ipfireseeder | \ mv /opt/pakfire/db/rootfiles/ipfireseeder.tmp \ /opt/pakfire/db/rootfiles/ipfireseeder +grep -v "IPFireSeeder" /var/ipfire/xtaccess/config > /var/ipfire/xtaccess/config.tmp +mv /var/ipfire/xtaccess/config.tmp /var/ipfire/xtaccess/config +chown nobody:nobody /var/ipfire/xtaccess/config +chmod 644 /var/ipfire/xtaccess/config + +rm -f /etc/rc.d/rc?.d/???ipfireseeder +rm -f /etc/rc.d/init.d/networking/red.*/??-?-ipfireseeder + remove_files diff --git a/src/paks/ipfireseeder/update.sh b/src/paks/ipfireseeder/update.sh index 10b3490d6..89c40d0d7 100644 --- a/src/paks/ipfireseeder/update.sh +++ b/src/paks/ipfireseeder/update.sh @@ -22,5 +22,5 @@ ############################################################################ # . /opt/pakfire/lib/functions.sh -/etc/init.d/ipfireseeder stop +./uninstall.sh ./install.sh From 363a19ee8c387706bc6a6a7c1a9f822e68d6f7dc Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Fri, 27 Aug 2010 19:59:18 +0200 Subject: [PATCH 05/12] This fixes bug #0000711 dont know why this is back again was fixed with core28 --- config/rootfiles/core/40/filelists/files | 1 + html/cgi-bin/backup.cgi | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/config/rootfiles/core/40/filelists/files b/config/rootfiles/core/40/filelists/files index 23e221059..dcb7b797f 100644 --- a/config/rootfiles/core/40/filelists/files +++ b/config/rootfiles/core/40/filelists/files @@ -7,6 +7,7 @@ var/ipfire/langs/fr.pl var/ipfire/dhcp/dhcpd.conf.local etc/rc.d/init.d/dnsmasq etc/rc.d/init.d/functions +srv/web/ipfire/cgi-bin/backup.cgi srv/web/ipfire/cgi-bin/dhcp.cgi srv/web/ipfire/cgi-bin/time.cgi srv/web/ipfire/cgi-bin/qos.cgi diff --git a/html/cgi-bin/backup.cgi b/html/cgi-bin/backup.cgi index d160349ff..86814e971 100644 --- a/html/cgi-bin/backup.cgi +++ b/html/cgi-bin/backup.cgi @@ -252,7 +252,7 @@ print <
- +
From e050adc8c1ef7082c0d26fab4b999f83d35db303 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Fri, 27 Aug 2010 20:03:44 +0200 Subject: [PATCH 06/12] Added a new chain for guardian blocks. --- config/rootfiles/core/40/filelists/files | 1 + src/initscripts/init.d/firewall | 2 ++ 2 files changed, 3 insertions(+) diff --git a/config/rootfiles/core/40/filelists/files b/config/rootfiles/core/40/filelists/files index dcb7b797f..7375f0fc0 100644 --- a/config/rootfiles/core/40/filelists/files +++ b/config/rootfiles/core/40/filelists/files @@ -6,6 +6,7 @@ var/ipfire/langs/es.pl var/ipfire/langs/fr.pl var/ipfire/dhcp/dhcpd.conf.local etc/rc.d/init.d/dnsmasq +etc/rc.d/init.d/firewall etc/rc.d/init.d/functions srv/web/ipfire/cgi-bin/backup.cgi srv/web/ipfire/cgi-bin/dhcp.cgi diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall index a2b3fd06d..c38cce5c2 100644 --- a/src/initscripts/init.d/firewall +++ b/src/initscripts/init.d/firewall @@ -140,6 +140,8 @@ case "$1" in # CUSTOM chains, can be used by the users themselves /sbin/iptables -N CUSTOMINPUT /sbin/iptables -A INPUT -j CUSTOMINPUT + /sbin/iptables -N GUARDIANINPUT + /sbin/iptables -A INPUT -j GUARDIANINPUT /sbin/iptables -N CUSTOMFORWARD /sbin/iptables -A FORWARD -j CUSTOMFORWARD /sbin/iptables -N CUSTOMOUTPUT From bef4096f65580b95f585194c0341a08e6efcb77c Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Fri, 27 Aug 2010 20:04:09 +0200 Subject: [PATCH 07/12] This fixes bug #0000707 new extra chain for guardian. --- config/guardian/guardian_block.sh | 2 +- config/guardian/guardian_unblock.sh | 2 +- lfs/guardian | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/config/guardian/guardian_block.sh b/config/guardian/guardian_block.sh index bc344d153..0a44325f1 100644 --- a/config/guardian/guardian_block.sh +++ b/config/guardian/guardian_block.sh @@ -8,4 +8,4 @@ # done inside guardian itself. source=$1 -/sbin/iptables -I INPUT -s $source -j DROP +/sbin/iptables -I GUARDIANINPUT -s $source -j DROP diff --git a/config/guardian/guardian_unblock.sh b/config/guardian/guardian_unblock.sh index 5e0b37903..e0d3b5d48 100644 --- a/config/guardian/guardian_unblock.sh +++ b/config/guardian/guardian_unblock.sh @@ -6,4 +6,4 @@ # and the script will issue a command to remove the block that was created with # block.sh address. source=$1 -/sbin/iptables -D INPUT -s $source -j DROP +/sbin/iptables -D GUARDIANINPUT -s $source -j DROP diff --git a/lfs/guardian b/lfs/guardian index e08a469de..65f14cbd4 100644 --- a/lfs/guardian +++ b/lfs/guardian @@ -30,7 +30,7 @@ THISAPP = guardian-$(VER) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = guardian -PAK_VER = 4 +PAK_VER = 5 DEPS = "" From aac0f7118f0630a1987324c4d29c642be06a9f94 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sat, 28 Aug 2010 08:38:10 +0200 Subject: [PATCH 08/12] First integration of imspector, some more work to do. --- config/backup/includes/imspector | 3 + config/imspector/imspector.conf | 24 ++ config/menu/EX-imspector.menu | 5 + config/rootfiles/common/initscripts | 1 + config/rootfiles/packages/imspector | 27 ++ doc/packages-list.txt | 1 + html/cgi-bin/imspector.cgi | 607 ++++++++++++++++++++++++++++ lfs/imspector | 87 ++++ lfs/initscripts | 3 + make.sh | 1 + src/initscripts/init.d/imspector | 54 +++ 11 files changed, 813 insertions(+) create mode 100644 config/backup/includes/imspector create mode 100644 config/imspector/imspector.conf create mode 100644 config/menu/EX-imspector.menu create mode 100644 config/rootfiles/packages/imspector create mode 100644 html/cgi-bin/imspector.cgi create mode 100644 lfs/imspector create mode 100644 src/initscripts/init.d/imspector diff --git a/config/backup/includes/imspector b/config/backup/includes/imspector new file mode 100644 index 000000000..cc7ef16bf --- /dev/null +++ b/config/backup/includes/imspector @@ -0,0 +1,3 @@ +/etc/imspector/acl.txt +/etc/imspector/badwords.txt +/etc/imspector/imspector.conf \ No newline at end of file diff --git a/config/imspector/imspector.conf b/config/imspector/imspector.conf new file mode 100644 index 000000000..a37241df6 --- /dev/null +++ b/config/imspector/imspector.conf @@ -0,0 +1,24 @@ +# The listening port for redirected connections +port=16667 + +# For dropping privs - you probably want to do this. +user=nobody +group=nobody + +# Prefix and postfix to all responses using all responder plugins +response_prefix=Message from IMSpector: -= +response_postfix==- + +# Will load enabled plugins in plugin_dir +icq_protocol=on +irc_protocol=on +msn_protocol=on +yahoo_protocol=on +gg_protocol=on +jabber_protocol=on + +# Location where the file logging plugin will start from. +file_logging_dir=/var/log/imspector/ +log_typing_events=on + +plugin_dir=/usr/lib/imspector diff --git a/config/menu/EX-imspector.menu b/config/menu/EX-imspector.menu new file mode 100644 index 000000000..c88866f5f --- /dev/null +++ b/config/menu/EX-imspector.menu @@ -0,0 +1,5 @@ + $subipfire->{'30.imspector'} = {'caption' => 'Imspector', + 'uri' => '/cgi-bin/imspector.cgi', + 'title' => 'Imspector', + 'enabled' => 1, + }; diff --git a/config/rootfiles/common/initscripts b/config/rootfiles/common/initscripts index 180666fe7..87f4318d5 100644 --- a/config/rootfiles/common/initscripts +++ b/config/rootfiles/common/initscripts @@ -33,6 +33,7 @@ etc/rc.d/init.d/functions etc/rc.d/init.d/halt #etc/rc.d/init.d/hostapd #etc/rc.d/init.d/icecream +#etc/rc.d/init.d/imspector #etc/rc.d/init.d/ipfireseeder etc/rc.d/init.d/ipsec #etc/rc.d/init.d/lcd4linux diff --git a/config/rootfiles/packages/imspector b/config/rootfiles/packages/imspector new file mode 100644 index 000000000..0cd6ee8bc --- /dev/null +++ b/config/rootfiles/packages/imspector @@ -0,0 +1,27 @@ +etc/imspector +#etc/imspector/acl.txt +#etc/imspector/badwords.txt +#etc/imspector/imspector.conf +usr/lib/imspector +usr/lib/imspector/aclfilterplugin.so +usr/lib/imspector/badwordsfilterplugin.so +usr/lib/imspector/catsloggingplugin.so +usr/lib/imspector/censordfilterplugin.so +usr/lib/imspector/debugloggingplugin.so +usr/lib/imspector/fileloggingplugin.so +usr/lib/imspector/ggprotocolplugin.so +usr/lib/imspector/httpsprotocolplugin.so +usr/lib/imspector/icqprotocolplugin.so +usr/lib/imspector/ircprotocolplugin.so +usr/lib/imspector/jabberprotocolplugin.so +usr/lib/imspector/miscfilterplugin.so +usr/lib/imspector/msnprotocolplugin.so +usr/lib/imspector/yahooprotocolplugin.so +usr/lib/libimspector.so +usr/sbin/imspector +var/ipfire/backup/addons/includes/imspector +var/lib/imspector +var/log/imspector +etc/rc.d/init.d/imspector +srv/web/ipfire/cgi-bin/imspector.cgi +var/ipfire/menu.d/EX-imspector.menu diff --git a/doc/packages-list.txt b/doc/packages-list.txt index 1f60b70b6..c8dbc2e5e 100644 --- a/doc/packages-list.txt +++ b/doc/packages-list.txt @@ -149,6 +149,7 @@ * icegenerator-0.5.5-pre2 * iftop-0.17 * igmpproxy-0.1 +* imspector-0.9 * inetutils-1.4.2 * ipaddr-1.2 * iperf-2.0.4 diff --git a/html/cgi-bin/imspector.cgi b/html/cgi-bin/imspector.cgi new file mode 100644 index 000000000..7cc2e64a5 --- /dev/null +++ b/html/cgi-bin/imspector.cgi @@ -0,0 +1,607 @@ +#!/usr/bin/perl +# +# IMSpector real-time log viewer +# (c) SmoothWall Ltd 2008 +# +# Released under the GPL v2. + +use POSIX qw(strftime); + +# Common configuration parameters. + +my $logbase = "/var/log/imspector/"; +my $oururl = '/cgi-bin/imspector.cgi'; + +# Colours + +my $protocol_colour = '#06264d'; +my $local_colour = '#1d398b'; +my $remote_colour = '#2149c1'; +my $conversation_colour = '#335ebe'; + +my $local_user_colour = 'blue'; +my $remote_user_colour = 'green'; + +# No need to change anything from this point + +# Page declaration, The following code should parse the CGI headers, and render the page +# accordingly... How you do this depends what environment you're in. + +my %cgiparams; + +print "Content-type: text/html\n"; +print "\n"; + +if ($ENV{'QUERY_STRING'}) +{ + my @vars = split('\&', $ENV{'QUERY_STRING'}); + foreach $_ (@vars) + { + my ($var, $val) = split(/\=/); + $cgiparams{$var} = $val; + } +} + +# Act in Tail mode (as in just generate the raw logs and pass back to the other CGI + +if ( defined $cgiparams{'mode'} and $cgiparams{'mode'} eq "render" ){ + &parser( $cgiparams{'section'}, $cgiparams{'offset'}, $cgiparams{'conversation'}, $cgiparams{'skimhtml'} ); + exit; +} + +# Start rendering the Page using Express' rendering functions + +my $script = &scriptheader(); + +# Print Some header information + +print qq| + + + + IMSpector real-time log viewer + $script + + +|; + +print &pagebody(); + +# and now finish off the HTML page. + +print qq| + + +|; + +exit; + +# ----------------------------------------------------------------------------- +# ---------------------- IMSPector Log Viewer Code ---------------------------- +# ----------------------------------------------------------------------------- +# ^"^ ^"^ + +# Scriptheader +# ------------ +# Return the bulk of the page, which should reside in the pages field + +sub scriptheader +{ + my ( $sec, $min, $hour, $mday, $mon, $year, $wday, $yday ) = localtime( time() ); + $year += 1900; $mon++; + my $conversation = sprintf( "%.4d-%.2d-%.2d", $year, $mon, $mday ); + + my $script = qq { + + }; + + return $script; +} + +# pagebody function +# ----------------- +# Return the HTML fragment which includes the page body. + +sub pagebody +{ + my $body = qq { +
 
+ + + + + + +
+
+
+
+
+ For conversations on:  + +
+
+ [HTML] + [SCROLL LOCK] +
+
+
+ + }; + return $body; +} + +# Parser function ... +# --------------- +# Retrieves the IMspector logs from their nestling place and displays them accordingly. + +sub parser +{ + my ( $section, $offset, $conversationdate, $skimhtml ) = @_; + # render the user list ... + + chomp $offset; + + unless ( $offset =~ /^([\d]*)$/ ){ + print STDERR "Illegal offset ($offset $1) resetting...\n"; + $offset = 0; + } + + # browse for the available protocols + unless ( opendir DIR, $logbase ){ + exit; + } + + my %conversationaldates; + my @protocols = grep {!/^\./} readdir(DIR); + + foreach my $protocol ( @protocols ){ + unless ( opendir LUSER, "$logbase$protocol" ){ + next; + } + + my @localusers = grep {!/^\./} readdir(LUSER); + foreach my $localuser ( @localusers ){ + unless ( opendir RUSER, "$logbase$protocol/$localuser/" ){ + next; + } + my @remoteusers = grep {!/^\./} readdir( RUSER ); + foreach my $remoteuser ( @remoteusers ){ + unless ( opendir CONVERSATIONS, "$logbase$protocol/$localuser/$remoteuser/" ){ + next; + } + my @conversations = grep {!/^\./} readdir( CONVERSATIONS ); + foreach my $conversation ( @conversations ){ + $conversationaldates{ $conversation } = $localuser; + } + + closedir CONVERSATIONS; + + my ( $sec, $min, $hour, $mday, $mon, $year, $wday, $yday ) = localtime( time() ); + $year += 1900; $mon++; + my $conversation = sprintf( "%.4d-%.2d-%.2d", $year, $mon, $mday ); + + $conversation = $conversationdate if ( defined $conversationdate and $conversationdate ne "" ); + + if ( -e "$logbase$protocol/$localuser/$remoteuser/$conversation" ){ + my $modi = -M "$logbase$protocol/$localuser/$remoteuser/$conversation"; + print "|$protocol|$localuser|$remoteuser|$conversation|$modi\n"; + } + } + closedir RUSER; + } + closedir LUSER; + } + closedir DIR; + + print "--END--\n"; + + # display a list of conversational dates .. i.e. the dates which we have conversations on. + foreach my $key ( sort keys %conversationaldates ){ + print "$key\n"; + } + + print "--END--\n"; + + + # now check the log file ... + + if ( $section ne "none" ){ + my ( $protocol, $localuser, $remoteuser, $conversation ) = split /\|/, $section; + + print "$protocol, $localuser, $remoteuser, $conversation\n"; + print "--END--\n"; + + my $filename = "$logbase$protocol/$localuser/$remoteuser/$conversation"; + + unless ( open(FD, "$filename" ) ){ + exit; + }; + + # perform some *reasonably* complicated file hopping and stuff of that ilk. + # it's not beyond reason that logs *could* be extremely large, so what we + # should do to speed up their processing is to jump to the end of the file, + # then backtrack a little (say a meg, which is a reasonably amount of logs) + # and parse from that point onwards. This, *post* filtering might of course + # not leave us with the desired resolution for the tail. If this is the case, + # we keep that array and jump back another meg and have another go, concatinating + # the logs as we go.... + + my $jumpback = 100000; # not quite a meg, but hey ho + my $goneback = 0; + my $gonebacklimit = 1000000000; # don't go back more than 100MB + + # firstly jump to the end of the file. + seek( FD, 0, 2 ); + + my $log_position = tell( FD ); + my $end = $log_position; + my $end_position = $log_position; + + my $lines; + my @content; + + my $TAILSIZE = 100; + + do { + $end_position = $log_position; + + if ( $offset != 0 ){ + # we were given a hint as to where we should have been anyhow .. + # so we might as well use that to go back to. + $log_position = $offset; + $goneback = $end_position - $log_position; + } else { + $log_position -= $jumpback; + $goneback += $jumpback; + } + + last if ( $goneback > $gonebacklimit ); + + if ( $log_position > 0 ){ + seek( FD, $log_position, 0 ); + } else { + seek( FD, 0, 0 ); + } + + my @newcontent; + + while ( my $line = and ( tell( FD ) <= $end_position ) ){ + chomp $line; + push @content, $line; + } + shift @content if $#content >= $TAILSIZE; + } while ( $#content < $TAILSIZE and $log_position > 0 and $offset == 0 ); + + # trim the content down as we may have more entries than we should. + + while ( $#content > $TAILSIZE ){ shift @content; }; + close FD; + + print "$end_position\n--END--\n"; + + foreach my $line ( @content ){ + my ( $address, $timestamp, $direction, $type, $filtered, $cat, $data ); + + ( $address, $timestamp, $direction, $type, $filtered, $cat, $data ) = ( $line =~ /([^,]*),(\d+),(\d+),(\d+),(\d+),([^,]*),(.*)/ ); + + # are we using the oldstyle or new style logs ? + if ( not defined $address and not defined $timestamp ){ + ( $address, $timestamp, $type, $data ) = ( $line =~ /([^,]*),([^,]*),([^,]*),(.*)/ ); + if ( $type eq "1" ){ + $direction = 0; + $type = 1; + } elsif ( $type eq "2" ){ + $direction = 1; + $type = 1; + } elsif ( $type eq "3" ){ + $direction = 0; + $type = 2; + } elsif ( $type eq "4" ){ + $direction = 1; + $type = 4; + } + } + + my ( $severity, $classification ) = '0', 'None'; + if ($cat) { + ( $severity, $classification) = split(/ /, $cat, 2); } + else { + $cat = 'N/A'; } + + my $red = 255; + my $green = 255; + my $blue = 255; + + if ($severity < 0 && $severity >= -5) { + $red = 0; $green = abs($severity) * (255 / 5); $blue = 0; } + elsif ($severity > 0 && $severity <= 5) { + $red = $severity * (255 / 5); $green = 0; $blue = 0; } + else { + $red = 0; $green = 0; $blue = 0; } + + my $severitycolour = ''; + if ($cat ne 'N/A') { + $severitycolour = sprintf("background-color: #%02x%02x%02x;", $red, $green, $blue); } + + # some protocols (ICQ, I'm looking in your direction) have a habit of starting + # and ending each sentence with HTML (evil program) + + if ( defined $skimhtml and $skimhtml eq "1" ){ + $data =~ s/^]*>]*>//ig; + $data =~ s/<\/FONT><\/BODY><\/HTML>//ig; + } + + $data = &htmlescape($data); + $data =~ s/\r\\n/
\n/g; + my $user = ""; + + my $bstyle = ""; + $bstyle = "style='background-color: #FFE4E1;'" if ( $filtered eq "1" ); + + if ( $type eq "1" ){ + # a message message (from remote user) + if ( $direction eq "0" ){ + # incoming + my $u = $remoteuser; + $u =~ s/\@.*//g; + $user = "<$u>"; + } else { + # outgoing message + my $u = $localuser; + $u =~ s/\@.*//g; + $user = "<$u>"; + } + } elsif ($type eq "2") { + if ( $direction eq "0" ){ + # incoming file + my $u = $remoteuser; + $u =~ s/\@.*//g; + $user = "<$u>"; + } else { + # outgoing file + my $u = $localuser; + $u =~ s/\@.*//g; + $user = "<$u>"; + } + } + + my $t = strftime "%H:%M:%S", localtime($timestamp); + if ($type eq "3" or $type eq "4") { + $data = "$data"; + } + print "[$t]$user$data"; + } + } + return; +} + +sub htmlescape +{ + my ($value) = @_; + $value =~ s/&/\&/g; + $value =~ s//\>/g; + $value =~ s/"/\"/g; + $value =~ s/'/\'/g; + return $value; +} diff --git a/lfs/imspector b/lfs/imspector new file mode 100644 index 000000000..31e358dcb --- /dev/null +++ b/lfs/imspector @@ -0,0 +1,87 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2010 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.9 + +THISAPP = imspector-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = imspector +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 626abf7c2b8f15d56df679ad66624575 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && make install + -mv /usr/etc/imspector /etc/imspector + install -v -m 755 $(DIR_CONF)/imspector/imspector.conf /etc/imspector.conf + install -v -m 644 $(DIR_SRC)/config/backup/includes/imspector /var/ipfire/backup/addons/includes/imspector + chmod 755 /srv/web/ipfire/cgi-bin/imspector.cgi + chown nobody:nobody -R /var/log/imspector + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/initscripts b/lfs/initscripts index a9fadf4de..ffb18c942 100644 --- a/lfs/initscripts +++ b/lfs/initscripts @@ -146,6 +146,9 @@ $(TARGET) : ln -sf ../init.d/motion /etc/rc.d/rc3.d/S99motion ln -sf ../init.d/motion /etc/rc.d/rc0.d/K01motion ln -sf ../init.d/motion /etc/rc.d/rc6.d/K01motion + ln -sf ../init.d/imspetor /etc/rc.d/rc3.d/S99imspetor + ln -sf ../init.d/imspetor /etc/rc.d/rc0.d/K01imspetor + ln -sf ../init.d/imspetor /etc/rc.d/rc6.d/K01imspetor ln -sf ../init.d/cyrus-sasl /etc/rc.d/rc0.d/K49cyrus-sasl ln -sf ../init.d/cyrus-sasl /etc/rc.d/rc3.d/S24cyrus-sasl ln -sf ../init.d/cyrus-sasl /etc/rc.d/rc6.d/K49cyrus-sasl diff --git a/make.sh b/make.sh index a7cda0919..4e72c0083 100755 --- a/make.sh +++ b/make.sh @@ -643,6 +643,7 @@ buildipfire() { ipfiremake pound ipfiremake minicom ipfiremake ddrescue + ipfiremake imspector echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild echo >> $BASEDIR/build/var/ipfire/firebuild diff --git a/src/initscripts/init.d/imspector b/src/initscripts/init.d/imspector new file mode 100644 index 000000000..7a5a98653 --- /dev/null +++ b/src/initscripts/init.d/imspector @@ -0,0 +1,54 @@ +#!/bin/sh +# Begin $rc_base/init.d/imspector + +. /etc/sysconfig/rc +. $rc_functions + +case "$1" in + start) + boot_mesg "Inserting imspector redirects..." + iptables -t nat -A CUSTOMPREROUTING -p tcp --destination-port 1863 -j REDIRECT --to-ports 16667 + iptables -t nat -A CUSTOMPREROUTING -p tcp --destination-port 5222 -j REDIRECT --to-ports 16667 + iptables -t nat -A CUSTOMPREROUTING -p tcp --destination-port 5223 -j REDIRECT --to-ports 16667 + iptables -t nat -A CUSTOMPREROUTING -p tcp --destination-port 5190 -j REDIRECT --to-ports 16667 + iptables -t nat -A CUSTOMPREROUTING -p tcp --destination-port 5050 -j REDIRECT --to-ports 16667 + iptables -t nat -A CUSTOMPREROUTING -p tcp --destination-port 6667 -j REDIRECT --to-ports 16667 + iptables -t nat -A CUSTOMPREROUTING -p tcp --destination-port 8074 -j REDIRECT --to-ports 16667 + + boot_mesg "Starting imspector Deamon..." + loadproc imspector -c /etc/imspector/imspector.conf + evaluate_retval + ;; + + stop) + boot_mesg "Stopping imspector Deamon..." + killproc /usr/sbin/imspector + evaluate_retval + + boot_mesg "Remove imspector redirects..." + iptables -t nat -D CUSTOMPREROUTING -p tcp --destination-port 1863 -j REDIRECT --to-ports 16667 + iptables -t nat -D CUSTOMPREROUTING -p tcp --destination-port 5222 -j REDIRECT --to-ports 16667 + iptables -t nat -D CUSTOMPREROUTING -p tcp --destination-port 5223 -j REDIRECT --to-ports 16667 + iptables -t nat -D CUSTOMPREROUTING -p tcp --destination-port 5190 -j REDIRECT --to-ports 16667 + iptables -t nat -D CUSTOMPREROUTING -p tcp --destination-port 5050 -j REDIRECT --to-ports 16667 + iptables -t nat -D CUSTOMPREROUTING -p tcp --destination-port 6667 -j REDIRECT --to-ports 16667 + iptables -t nat -D CUSTOMPREROUTING -p tcp --destination-port 8074 -j REDIRECT --to-ports 16667 + ;; + + restart) + $0 stop + sleep 1 + $0 start + ;; + + status) + statusproc /usr/sbin/imspector + ;; + + *) + echo "Usage: $0 {start|stop|restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/imspector From ae23a606c8e22c64d18484e39f2ce61f23e2f1c1 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sun, 29 Aug 2010 08:19:59 +0200 Subject: [PATCH 09/12] This should fix the error when trying to upload sources. --- make.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/make.sh b/make.sh index 4e72c0083..41ede31f4 100755 --- a/make.sh +++ b/make.sh @@ -1018,11 +1018,12 @@ uploadsrc) beautify message FAIL exit 1 fi + URL_SOURCE=$(grep URL_SOURCE lfs/Config | awk '{ print $3 }') - REMOTE_FILES=$(echo "ls -1" | sftp -C ${IPFIRE_USER}@${URL_SOURCE}) + REMOTE_FILES=$(echo "ls -1 --ignore=toolchains" | sftp -C ${IPFIRE_USER}@${URL_SOURCE}) cd $BASEDIR/cache/ - for file in $(ls -1); do + for file in $(ls -1 --ignore=toolchains); do grep -q "$file" <<<$REMOTE_FILES && continue NEW_FILES="$NEW_FILES $file" done From e30c283719b9aa4e8623cb79688bc32dfb81cc8a Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sun, 29 Aug 2010 08:21:13 +0200 Subject: [PATCH 10/12] Added the menu extension for imspector to configroot. --- config/rootfiles/common/configroot | 1 + 1 file changed, 1 insertion(+) diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot index d0471048b..abc1ee372 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -79,6 +79,7 @@ var/ipfire/menu.d/70-log.menu #var/ipfire/menu.d/EX-apcupsd.menu #var/ipfire/menu.d/EX-asterisk.menu #var/ipfire/menu.d/EX-bluetooth.menu +#var/ipfire/menu.d/EX-imspector.menu #var/ipfire/menu.d/EX-mpfire.menu #var/ipfire/menu.d/EX-samba.menu #var/ipfire/menu.d/EX-tripwire.menu From 6e346fe0651118e27d01c895e0b82dea8cf9aa3c Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sun, 29 Aug 2010 08:26:57 +0200 Subject: [PATCH 11/12] Added a better 802.11n support, wmm and htcaps are not available. This fixes bug #0000710. --- html/cgi-bin/wlanap.cgi | 6 +++++- lfs/hostapd | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 2e12a6512..03018952e 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2009 Michael Tremer & Christian Schmidt # +# Copyright (C) 2005-2010 IPTifre Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -69,6 +69,7 @@ $wlanapsettings{'PWD'} = 'IPFire-2.x'; $wlanapsettings{'SYSLOGLEVEL'} = '0'; $wlanapsettings{'DEBUG'} = '4'; $wlanapsettings{'DRIVER'} = 'MADWIFI'; +$wlanapsettings{'HTCAPS'} = ''; &General::readhash("/var/ipfire/wlanap/settings", \%wlanapsettings); &Header::getcgihash(\%wlanapsettings); @@ -379,6 +380,7 @@ foreach $txpower (@txpower){ print < Passphrase:  +HT Caps:  Loglevel (hostapd):