#!/usr/local/bin/perl # acl.cgi # Display a form for editing or creating a new ACL require './squid-lib.pl'; $access{'actrl'} || &error($text{'eacl_ecannot'}); &ReadParse(); $conf = &get_config(); if ($in{'type'}) { &ui_print_header(undef, $text{'acl_header1'}, "", undef, 0, 0, 0, &restart_button()); $type = $in{'type'}; } else { &ui_print_header(undef, $text{'acl_header2'}, "", undef, 0, 0, 0, &restart_button()); @acl = @{$conf->[$in{'index'}]->{'values'}}; $type = $acl[1]; if (($type eq "external" || &indexof($type, @caseless_acl_types) >= 0) && $acl[3] =~ /^"(.*)"$/) { # Extra parameters come from file @vals = ( $acl[2] ); $file = $1; } elsif ($acl[2] =~ /^"(.*)"$/) { # All values come from a file $file = $1; } else { # All values come from acl parameters @vals = @acl[2..$#acl]; } if ($file) { open(FILE, $file); chop(@newvals = ); close(FILE); push(@vals, @newvals); } if ($type =~ /^(src|dst|srcdomain|dstdomain|user|myip)$/) { @vals = sort { $a cmp $b } @vals; } elsif ($type eq "port") { @vals = sort { $a <=> $b } @vals; } @deny = grep { $_->{'values'}->[1] eq $acl[0] } &find_config("deny_info", $conf); } print "
\n"; if (@acl) { print "\n"; } if (@deny) { print "{'index'}>\n"; } print "\n"; print "\n"; print "\n"; print "
$acl_types{$type} ACL
\n"; print "\n"; print "\n"; if ($type eq "src" || $type eq "dst") { print "\n"; } elsif ($type eq "myip") { print "\n"; } elsif ($type eq "srcdomain") { print "\n"; print "\n"; } elsif ($type eq "dstdomain") { print "\n"; print "\n"; } elsif ($type eq "time") { local $vals = join(' ', @vals); if ($vals =~ /[A-Z]+/) { foreach $d (split(//, $vals)) { $day{$d}++; } } if ($vals =~ /(\d+):(\d+)-(\d+):(\d+)/) { $h1 = $1; $m1 = $2; $h2 = $3; $m2 = $4; $hour++; } print "\n"; print "\n"; } elsif ($type eq "url_regex") { print "\n"; local $caseless; if ($vals[0] eq '-i') { $caseless++; shift(@vals); } printf "\n"; } elsif ($type eq "urlpath_regex") { print "\n"; local $caseless; if ($vals[0] eq '-i') { $caseless++; shift(@vals); } printf "\n"; } elsif ($type eq "port") { print "\n"; printf "\n", join(" ", @vals); } elsif ($type eq "proto") { print "\n"; } elsif ($type eq "method") { print "\n"; } elsif ($type eq "browser") { print "\n"; printf "\n", join(' ', @vals); } elsif ($type eq "user") { print "\n"; print "\n"; } elsif ($type eq "src_as" || $type eq "dst_as") { print "\n"; printf "\n", join(' ', @vals); } elsif ($type eq "proxy_auth" && $squid_version < 2.3) { print "\n"; print "\n"; } elsif ($type eq "proxy_auth" && $squid_version >= 2.3) { print "\n"; printf "\n"; } elsif ($type eq "proxy_auth_regex") { print "\n"; local $caseless; if ($vals[0] eq '-i') { $caseless++; shift(@vals); } printf "\n"; } elsif ($type eq "srcdom_regex" || $type eq "dstdom_regex") { print "\n"; local $caseless; if ($vals[0] eq '-i') { $caseless++; shift(@vals); } printf "\n"; } elsif ($type eq "ident") { print "\n"; print "\n"; } elsif ($type eq "ident_regex") { print "\n"; local $caseless; if ($vals[0] eq '-i') { $caseless++; shift(@vals); } printf "\n"; } elsif ($type eq "maxconn") { print "\n"; print "\n"; } elsif ($type eq "max_user_ip") { local $mipstrict; if ($vals[0] eq '-s') { $mipstrict++; shift(@vals); } print "\n"; # print "\n"; print ""; printf "\n", $mipstrict ? 'checked' : ''; print ""; # printf "\n", # join(" ", @vals[0]); } elsif ($type eq "myport") { print "\n"; print "\n"; } elsif ($type eq "snmp_community") { print "\n"; print "\n"; } elsif ($type eq "req_mime_type") { print "\n"; print "\n"; } elsif ($type eq "rep_mime_type") { print "\n"; print "\n"; } elsif ($type eq "arp") { print "\n"; print "\n"; } elsif ($type eq "external") { print "\n"; print "\n"; print "\n"; printf "\n", join(" ", @vals[1..$#vals]); } # Show URL to redirect on failure print "\n"; printf "\n", @deny ? $deny[0]->{'values'}->[0] : ""; # Show file in which ACL is stored print "\n"; print "\n"; if ($in{'type'}) { print "\n"; print "\n"; } print "
$text{'acl_name'}
\n"; print " ", "\n"; print " \n"; for($i=0; $i<=@vals; $i++) { if ($vals[$i] =~ /^([a-z0-9\.\:]+)-([a-z0-9\.\:]+)\/([\d\.]+)$/) { $from = $1; $to = $2; $mask = $3; } elsif ($vals[$i] =~ /^([a-z0-9\.\:]+)-([a-z0-9\.\:]+)$/) { $from = $1; $to = $2; $mask = ""; } elsif ($vals[$i] =~ /^([a-z0-9\.\:]+)\/([\d\.]+)$/) { $from = $1; $to = ""; $mask = $2; } elsif ($vals[$i] =~ /^([a-z0-9\.\:]+)$/) { $from = $1; $to = ""; $mask = ""; } else { $from = $to = $mask = ""; } print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; } print "
$text{'acl_fromip'}$text{'acl_toip'}$text{'acl_nmask'}
\n"; print " ", "\n"; for($i=0; $i<=@vals; $i++) { if ($vals[$i] =~ /^([a-z0-9\.\:]+)\/([\d\.]+)$/) { $ip = $1; $mask = $2; } else { $ip = $mask = ""; } print "\n"; print "\n"; print "\n"; print "\n"; } print "
$text{'acl_ipaddr'}$text{'acl_nmask'}
$text{'acl_domains'}
$text{'acl_domains'}
$text{'acl_dofw'} \n"; printf " $text{'acl_all'}\n", %day ? "" : "checked"; printf " $text{'acl_sel'}
\n", %day ? "checked" : ""; %day_name = ( 'S', $text{'acl_dsun'}, 'M', $text{'acl_dmon'}, 'T', $text{'acl_dtue'}, 'W', $text{'acl_dwed'}, 'H', $text{'acl_dthu'}, 'F', $text{'acl_dfri'}, 'A', $text{'acl_dsat'} ); print "
$text{'acl_hofd'} \n"; printf " $text{'acl_all'}\n", $hour ? "" : "checked"; printf " \n", $hour ? "checked" : ""; print ":"; print " $text{'acl_to'} "; print ":"; print "
$text{'acl_regexp'} %s
\n", $caseless ? 'checked' : '', $text{'acl_case'}; print "
$text{'acl_regexp'} %s
\n", $caseless ? 'checked' : '', $text{'acl_case'}; print "
$text{'acl_tcpports'}
$text{'acl_urlproto'} \n"; foreach $p (@vals) { $proto{$p}++; } foreach $p ('http', 'ftp', 'gopher', 'wais', 'cache_object') { printf " $p\n", $proto{$p} ? "checked" : ""; } print "
$text{'acl_reqmethods'} \n"; foreach $m (@vals) { $meth{$m}++; } foreach $m ('GET', 'POST', 'HEAD', 'CONNECT', 'PUT', 'DELETE') { printf " $m\n", $meth{$m} ? "checked" : ""; } print "
$text{'acl_bregexp'}
$text{'acl_pusers'}
$text{'acl_asnum'}
$text{'acl_rtime'}
$text{'acl_eusers'} %s\n", $vals[0] eq 'REQUIRED' || $in{'type'} ? "checked" : "", $text{'acl_eusersall'}; printf " %s
\n", $vals[0] eq 'REQUIRED' || $in{'type'} ? "" : "checked", $text{'acl_euserssel'}; print "
$text{'acl_eusers'} %s
\n", $caseless ? 'checked' : '', $text{'acl_case'}; print "
$text{'acl_regexp'} %s
\n", $caseless ? 'checked' : '', $text{'acl_case'}; print "
$text{'acl_rfcusers'}
$text{'acl_rfcusersr'} %s
\n", $caseless ? 'checked' : '', $text{'acl_case'}; print "
$text{'acl_mcr'}
$text{'acl_mai'}
$text{'acl_extargs'}
$text{'acl_maistrict'}
$text{'acl_mairemind'}
$text{'acl_psp'}
$text{'acl_scs'}
$text{'acl_rmt'}
$text{'acl_rpmt'}
$text{'acl_arp'}
$text{'acl_extclass'}
$text{'acl_extargs'}
$text{'acl_failurl'}
$text{'acl_file'}",&ui_opt_textbox("file", $file, 40, $text{'acl_nofile'}, $text{'acl_infile'})," ", &file_chooser_button("file"),"
",&ui_checkbox("keep", 1, $text{'acl_keep'}, 0),"
\n"; print "\n"; if (!$in{'type'}) { print "\n"; } print "
\n"; &ui_print_footer("edit_acl.cgi?mode=acls", $text{'acl_return'}, "", $text{'index_return'});