version 1.00

This commit is contained in:
Olaf Rempel 2006-04-04 15:14:40 +02:00
commit fb630e16c6
5 changed files with 313 additions and 0 deletions

12
Makefile Normal file
View File

@ -0,0 +1,12 @@
all: ip_check
ip_check: ip_check.c
gcc -Wall -I/usr/include/mysql -L/usr/lib/mysql -lmysqlclient ip_check.c -o ip_check
clean:
rm ip_check
install: ip_check
rm -f /usr/lib/squid/ip_check
cp ip_check /usr/lib/squid/
chmod 755 /usr/lib/squid/ip_check

78
format.css Normal file
View File

@ -0,0 +1,78 @@
/* Allgemeines */
p,ul,ol,li,td {
font-family: Arial,sans-serif;
font-size:9pt;
color:#000000;
}
h1 {
font-family: Arial,sans-serif;
font-size:12pt;
color:#000000;
}
h2 {
font-family: Arial,sans-serif;
font-size:10pt;
color:#000000;
}
h3 {
font-family: Arial,sans-serif;
font-size:8pt;
color:#000000;
font-weight: normal;
}
p.confirm {
color:#008000;
}
p.fehler {
color:#CC0000;
}
/* Tabellen */
td.navbar {
font-family:Arial,sans-serif;
font-size:9pt;
color:#FFFFFF;
text-decoration: none;
background-color:#333366;
}
.navlink {
font-family:Arial,sans-serif;
font-size:9pt;
color:#FFFFFF;
text-decoration: none;
}
a.navlink:hover { text-decoration: underline; }
/* Tabellen mit Hintegrundfarbe */
td.dblau {
background-color: #D8E0F9;
}
td.hblau {
background-color: #EFF3F7;
}
/* Sitzplan */
td.sitzborder {
background-color:#666699;
}
td.sitzcontent {
font-family:Arial,sans-serif;
font-size:9pt;
color:#FFFFFF;
text-decoration: none;
background-color:#333366;
}
td.tiny {
font-size:8pt;
}

120
index.php Normal file
View File

@ -0,0 +1,120 @@
<?php
define ("DBHOST", "localhost");
define ("DBUSER", "squid");
define ("DBPASS", "squid");
define ("DBDATABASE", "squid");
mysql_pconnect(DBHOST, DBUSER, DBPASS) or die("");
mysql_select_db(DBDATABASE) or die("");
?>
<html><head>
<link rel="stylesheet" type="text/css" href="format.css">
</head><body bgcolor="#FFFFFF">
<h1>Squid ACLs</h1>
<?php
if (isset($_GET['del'])) {
$sql= "DELETE FROM acl WHERE id = '".$_GET['del']."'";
mysql_query($sql);
}
//
if (isset($_POST['form'])) {
$form= $_POST['form'];
// ACL targets abpruefen
if ($form['acl'] != 1 && $form['acl'] != 2)
$formerr= "Unbekanntes ACL Target.";
// IP aufspalten
$ip= explode("/", trim($form['fullip']));
$iplong= ip2long($ip[0]);
// IP gueltig?
if (trim($ip[0]) == long2ip($iplong)) {
$form['ip']= long2ip($iplong);
} else {
$form['ip']= trim($ip[0]);
$formerr= "Ung&uuml;ltige IP.";
}
// mask gueltig?
if (isset($ip[1])) {
$form['mask']= trim($ip[1]);
if ($ip[1] <= 0 || $ip[1] > 32) {
$formerr= "Ung&uuml;ltige Netmask.";
}
} else {
$form['mask']= 32;
}
// wenn kein fehler, dann in DB einfuegen
if (!isset($formerr)) {
$sql= "INSERT INTO acl SET ".
"flags = '".$form['acl']."', ".
"ip = INET_ATON('".$form['ip']."'), ".
"mask = '".$form['mask']."', ".
"url = '".$form['url']."', ".
"info = '".$form['info']."'";
mysql_query($sql);
unset($_POST);
} else {
echo '<p class="fehler">'.$formerr.'</p>';
}
}
// keine form daten vorhanden -> defaults
if (!isset($_POST['form'])) {
$form= array("acl" => 2, "ip" => "", "mask" => 32, "url" => "", "info" => "");
}
?>
<table cellspacing="0" cellpadding="0">
<tr><td class="navbar">
<table width="100%" cellspacing="1" cellpadding="3">
<tr>
<td class="navbar" align="center"><b>ACL</b></td>
<td class="navbar" align="center"><b>IP / Mask</b></td>
<td class="navbar" align="center"><b>URL</b></td>
<td class="navbar" align="center"><b>Beschreibung</b></td>
<td class="navbar" align="center"><b>X</b></td>
</tr>
<?php
$aclArr= array(1 => "ALLOW", 2 => "DENY");
$sql= "SELECT id, flags, INET_NTOA(ip) AS ip, mask, url, info FROM acl ORDER BY ip, url";
$res= mysql_query($sql);
$tdclass= "hblau";
while ($row= mysql_fetch_assoc($res)) {
echo '<tr><td class="'.$tdclass.'" align="center">'.$aclArr[$row['flags']].'</td>'."\n".
'<td class="'.$tdclass.'">'.$row['ip'].(($row['mask'] != 32) ? ' /'.$row['mask'] : '').'</td>'."\n".
'<td class="'.$tdclass.'"><a href="http://'.$row['url'].'" target="_blank">'.$row['url'].'</td>'."\n".
'<td class="'.$tdclass.'">'.$row['info'].'</td>'."\n".
'<td class="'.$tdclass.'" align="center"><a href="'.$_SERVER['PHP_SELF'].'?del='.$row['id'].'"><font color="#ff0000">DEL</font></td></tr>'."\n";
$tdclass= ($tdclass == "hblau") ? "dblau" : "hblau";
}
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" name="squid">
<tr><td class="dblau"><select name="form[acl]">
<option value="1" <?php if ($form['acl'] == 1) echo "selected"; ?>>ALLOW</option>
<option value="2" <?php if ($form['acl'] == 2) echo "selected"; ?>>DENY</option>
</select></td>
<td class="dblau"><input type="text" name="form[fullip]" value="<?php echo $form['ip'].(($form['mask'] != 32) ? ' /'.$form['mask'] : '') ?>"></td>
<td class="dblau"><input type="text" name="form[url]" value="<?php echo $form['url'] ?>"></td>
<td class="dblau"><input type="text" name="form[info]" value="<?php echo $form['info'] ?>"></td>
<td class="dblau"><input type="submit" value="ADD"></td></tr>
</form>
</table></td></tr></table>
</body></html>

92
ip_check.c Normal file
View File

@ -0,0 +1,92 @@
/*
** external Squid Auth via MySQL DB
**
** accepts/denys squid requests based on
** SRC ip and DST domain.
**
** (c) by 05/2004 Olaf 'razzor' Rempel
** razzor AT kopf MINUS tisch DOT de
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include "mysql.h"
#define DBHOST "localhost"
#define DBUSER "squid"
#define DBPASS "squid"
#define DBDATABASE "squid"
#define RET_UNDEF 0
#define RET_ALLOW 1
#define RET_DENY 2
int main (int argc, char *argv[]) {
MYSQL mysql;
MYSQL_RES *result;
MYSQL_ROW row;
char *cp, *ipstr, *urlstr;
char line[1024];
char query[1024];
int ret;
setvbuf (stdout, NULL, _IOLBF, 0);
mysql_init(&mysql);
if (!mysql_real_connect(&mysql, DBHOST, DBUSER, DBPASS, DBDATABASE, 0, NULL, 0)) {
printf("ERR\n");
exit(-1);
}
while (fgets (line, sizeof (line), stdin)) {
if ((cp= strchr (line, '\n')) != NULL) {
*cp= '\0';
}
if ((cp= strtok (line, " \t")) != NULL) {
ipstr= cp;
urlstr= strtok (NULL, " \t");
} else {
printf ("ERR\n");
continue;
}
sprintf(query, "SELECT flags FROM acl " \
"WHERE inet_aton('%s') & pow(2, 32)-pow(2, 32 - mask) = ip & pow(2, 32) - pow(2, 32 - mask) AND " \
"( url = RIGHT('%s', LENGTH(url)) OR url = '' )", ipstr, urlstr);
mysql_query(&mysql, query);
result= mysql_store_result(&mysql);
ret= RET_UNDEF;
while ((row= mysql_fetch_row(result))) {
// ALLOW
if (*row[0] == '1' && ret != RET_DENY)
ret= RET_ALLOW;
// DENY
if (*row[0] == '2')
ret= RET_DENY;
}
mysql_free_result(result);
result= NULL;
switch (ret) {
case RET_ALLOW:
printf("OK\n");
break;
case RET_UNDEF:
case RET_DENY:
printf ("ERR\n");
break;
}
}
return 0;
}

11
ip_check.sql Normal file
View File

@ -0,0 +1,11 @@
DROP TABLE IF EXISTS acl;
CREATE TABLE acl (
id int(11) NOT NULL auto_increment,
flags int(11) NOT NULL default '0',
ip int(10) unsigned NOT NULL default '0',
mask int(11) NOT NULL default '0',
url varchar(128) NOT NULL default '',
info varchar(32) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY unique01 (ip,mask,url)
) TYPE=MyISAM;