* [PATCH] squidguard 1.5-beta: Added switch for DNS Blacklist
@ 2017-01-22 13:24 Matthias Fischer
0 siblings, 0 replies; only message in thread
From: Matthias Fischer @ 2017-01-22 13:24 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 12629 bytes --]
squidguard 1.5 has this feature, so I thought I could test this:
This patch adds the option to block against dns based blacklists.
For details see:
http://www.squidguard.org/Doc/extended.html
"Attention:
This feature requires squidGuard 1.5 or later or the dnsbl
patch for squidGuard 1.4 provided by INL - http://www.inl.fr/.
If you want to use external dns based blacklists such as black.uribl.com
for blocking you can use !dnsbl to dynamically check domain names against such services."
Example (squidGuard.conf):
...
acl {
default {
pass !dnsbl:your.preferred.blacklist.domain.com all
redirect http://localhost/block.html
}
}
...
"If you use !dnsbl without specifying a domain, black.uribl.com is used as default."
This is what I did for testing.
Discussion in german IPFire-Forum:
https://forum.ipfire.org/viewtopic.php?f=17&t=18083&sid=94b26f24a3d97891af84286ed939e3bb
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
html/cgi-bin/urlfilter.cgi | 15 +++++++++++++++
langs/de/cgi-bin/de.pl | 1 +
langs/en/cgi-bin/en.pl | 5 ++++-
langs/es/cgi-bin/es.pl | 1 +
langs/fr/cgi-bin/fr.pl | 1 +
langs/it/cgi-bin/it.pl | 1 +
langs/nl/cgi-bin/nl.pl | 1 +
langs/pl/cgi-bin/pl.pl | 1 +
langs/ru/cgi-bin/ru.pl | 1 +
langs/tr/cgi-bin/tr.pl | 1 +
lfs/squidguard | 2 +-
11 files changed, 28 insertions(+), 2 deletions(-)
diff --git a/html/cgi-bin/urlfilter.cgi b/html/cgi-bin/urlfilter.cgi
index c3c327eec..ea4110916 100644
--- a/html/cgi-bin/urlfilter.cgi
+++ b/html/cgi-bin/urlfilter.cgi
@@ -136,6 +136,7 @@ $filtersettings{'MSG_TEXT_3'} = '';
$filtersettings{'ENABLE_EXPR_LISTS'} = 'off';
$filtersettings{'BLOCK_IP_ADDR'} = 'off';
$filtersettings{'BLOCK_ALL'} = 'off';
+$filtersettings{'ENABLE_DNSBL'} = 'off';
$filtersettings{'ENABLE_EMPTY_ADS'} = 'off';
$filtersettings{'ENABLE_GLOBAL_WHITELIST'} = 'off';
$filtersettings{'ENABLE_SAFESEARCH'} = 'off';
@@ -1051,6 +1052,9 @@ $checked{'BLOCK_IP_ADDR'}{$filtersettings{'BLOCK_IP_ADDR'}} = "checked='checked'
$checked{'BLOCK_ALL'}{'off'} = '';
$checked{'BLOCK_ALL'}{'on'} = '';
$checked{'BLOCK_ALL'}{$filtersettings{'BLOCK_ALL'}} = "checked='checked'";
+$checked{'ENABLE_DNSBL'}{'off'} = '';
+$checked{'ENABLE_DNSBL'}{'on'} = '';
+$checked{'ENABLE_DNSBL'}{$filtersettings{'ENABLE_DNSBL'}} = "checked='checked'";
$checked{'ENABLE_EMPTY_ADS'}{'off'} = '';
$checked{'ENABLE_EMPTY_ADS'}{'on'} = '';
$checked{'ENABLE_EMPTY_ADS'}{$filtersettings{'ENABLE_EMPTY_ADS'}} = "checked='checked'";
@@ -1479,21 +1483,26 @@ print <<END
<td class='base'>$Lang::tr{'urlfilter username log'}:</td>
<td><input type='checkbox' name='ENABLE_USERNAME_LOG' $checked{'ENABLE_USERNAME_LOG'}{'on'} /></td>
</tr>
+
<tr>
<td class='base'>$Lang::tr{'urlfilter empty ads'}:</td>
<td><input type='checkbox' name='ENABLE_EMPTY_ADS' $checked{'ENABLE_EMPTY_ADS'}{'on'} /></td>
<td class='base'>$Lang::tr{'urlfilter category log'}:</td>
<td><input type='checkbox' name='ENABLE_CATEGORY_LOG' $checked{'ENABLE_CATEGORY_LOG'}{'on'} /></td>
</tr>
+
<tr>
<td class='base'>$Lang::tr{'urlfilter block ip'}:</td>
<td><input type='checkbox' name='BLOCK_IP_ADDR' $checked{'BLOCK_IP_ADDR'}{'on'} /></td>
</tr>
+
<tr>
<td class='base'>$Lang::tr{'urlfilter block all'}:</td>
<td><input type='checkbox' name='BLOCK_ALL' $checked{'BLOCK_ALL'}{'on'} /></td>
<td class='base'>$Lang::tr{'urlfilter whitelist always allowed'}:</td>
<td><input type='checkbox' name='ENABLE_GLOBAL_WHITELIST' $checked{'ENABLE_GLOBAL_WHITELIST'}{'on'} /></td>
+ <td class='base'>$Lang::tr{'urlfilter enable dnsbl'}:</td>
+ <td><input type='checkbox' name='ENABLE_DNSBL' $checked{'ENABLE_DNSBL'}{'on'} /></td>
</tr>
</table>
<hr size='1'>
@@ -2793,6 +2802,12 @@ sub writeconfigfile
{
$defaultrule .= "!in-addr ";
}
+
+ if ($filtersettings{'ENABLE_DNSBL'} eq 'on')
+ {
+ $defaultrule .= "!dnsbl ";
+ }
+
for ($i=0; $i<=@filtergroups; $i++) {
if ($filtersettings{@filtergroups[$i]} eq 'on')
{
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 261b92fe7..be95af57d 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -2444,6 +2444,7 @@
'urlfilter enable custom blacklist' => 'Angepasste Blacklist aktivieren',
'urlfilter enable custom expression list' => 'Angepasste Ausdrucksliste aktivieren',
'urlfilter enable custom whitelist' => 'Angepasste Whitelist aktivieren',
+'urlfilter enable dnsbl' => 'Aktiviere DNS Blacklist',
'urlfilter enable expression lists' => ' Aktiviere Ausdruckslisten',
'urlfilter enable full backup' => 'Komplette Blacklist einbeziehen',
'urlfilter enable jpeg' => 'Aktiviere Hintergrundbild',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index a04d994d6..44fa77fa3 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1246,7 +1246,6 @@
'green interface' => 'Green Interface',
'grouptype' => 'Grouptype:',
'guaranteed bandwith' => 'Guaranteed bandwith',
-'guardian' => 'Guardian',
'guest ok' => 'allow guests to access',
'gui settings' => 'GUI Settings',
'gz with key' => 'Only an encrypted archive can be restored on this machine.',
@@ -1404,6 +1403,7 @@
'ip alias changed' => 'External IP alias changed',
'ip alias removed' => 'External IP alias removed',
'ip info' => 'IP Information',
+'ip reputational info' => 'IP Reputational Info:',
'ipfire has now rebooted' => 'IPFire is rebooting now.',
'ipfire has now shutdown' => 'IPFire is shutting down now.',
'ipfire side' => 'IPFire side:',
@@ -1453,6 +1453,7 @@
'local subnet' => 'Local subnet:',
'local subnet is invalid' => 'Local subnet is invalid.',
'local vpn hostname/ip' => 'Local VPN Hostname/IP',
+'localhost' => 'Localhost',
'localkey' => 'Localkey',
'localkeyfile' => 'Localkeyfile',
'log' => 'Log',
@@ -1614,6 +1615,7 @@
'mpfire songs' => 'MPFire songlist',
'mpfire webradio' => 'MPFire Webradio',
'mtu QoS' => 'This does not change the global MTU, it only sets MTU for QoS.',
+'multicast' => 'Multicast',
'my new share' => 'My new share',
'name' => 'Name',
'name is invalid' => 'Name is invalid',
@@ -2487,6 +2489,7 @@
'urlfilter enable custom blacklist' => 'Enable custom blacklist',
'urlfilter enable custom expression list' => 'Enable custom expression list',
'urlfilter enable custom whitelist' => 'Enable custom whitelist',
+'urlfilter enable dnsbl' => 'Enable DNS Blacklist',
'urlfilter enable expression lists' => 'Enable expression lists',
'urlfilter enable full backup' => 'Include complete blacklist',
'urlfilter enable jpeg' => 'Enable background image',
diff --git a/langs/es/cgi-bin/es.pl b/langs/es/cgi-bin/es.pl
index ede7b661d..027b8e953 100644
--- a/langs/es/cgi-bin/es.pl
+++ b/langs/es/cgi-bin/es.pl
@@ -1929,6 +1929,7 @@
'urlfilter enable custom blacklist' => 'Activar Lista Negra personalizada',
'urlfilter enable custom expression list' => 'Activar lista de frases personalizada',
'urlfilter enable custom whitelist' => 'Activar Lista Blanca personalizada',
+'urlfilter enable dnsbl' => 'Activar DNS Blacklist',
'urlfilter enable expression lists' => 'Activar lista de frases',
'urlfilter enable full backup' => 'Incluir Lista Negra completa',
'urlfilter enable jpeg' => 'Activar imagen de fondo',
diff --git a/langs/fr/cgi-bin/fr.pl b/langs/fr/cgi-bin/fr.pl
index e896c9b2a..a75d68e32 100644
--- a/langs/fr/cgi-bin/fr.pl
+++ b/langs/fr/cgi-bin/fr.pl
@@ -1933,6 +1933,7 @@
'urlfilter enable custom blacklist' => 'Activer Blackliste perso',
'urlfilter enable custom expression list' => 'Activer liste de expression perso',
'urlfilter enable custom whitelist' => 'Activer liste blanche perso',
+'urlfilter enable dnsbl' => 'Activer DNS Blacklist',
'urlfilter enable expression lists' => 'Activer liste de mots clés perso',
'urlfilter enable full backup' => 'Inclure Blackliste complete',
'urlfilter enable jpeg' => 'Activer image d\'arrière plan',
diff --git a/langs/it/cgi-bin/it.pl b/langs/it/cgi-bin/it.pl
index b039cdbe0..cfb4722b8 100644
--- a/langs/it/cgi-bin/it.pl
+++ b/langs/it/cgi-bin/it.pl
@@ -2400,6 +2400,7 @@
'urlfilter empty ads' => 'Blocca "ADS" con finestra vuota',
'urlfilter empty repository' => 'Local file repository is empty',
'urlfilter enable automatic blacklist update' => 'Attiva aggiornamento automatico',
+'urlfilter enable dnsbl' => 'Attiva DNS Blacklist',
'urlfilter enable custom blacklist' => 'Abilito blacklist Personalizata',
'urlfilter enable custom expression list' => 'Abilito Espressione Personalizata',
'urlfilter enable custom whitelist' => 'Abilito whitelist Personalizata',
diff --git a/langs/nl/cgi-bin/nl.pl b/langs/nl/cgi-bin/nl.pl
index 49c0cced6..4defa5f13 100644
--- a/langs/nl/cgi-bin/nl.pl
+++ b/langs/nl/cgi-bin/nl.pl
@@ -2348,6 +2348,7 @@
'urlfilter enable custom blacklist' => 'Inschakelen eigen zwarte lijst',
'urlfilter enable custom expression list' => 'Inschakelen eigen expressielijst',
'urlfilter enable custom whitelist' => 'Inschakelen eigen witte lijst',
+'urlfilter enable dnsbl' => 'Inschakelen DNS Blacklist',
'urlfilter enable expression lists' => 'Inschakelen eigen expressielijst',
'urlfilter enable full backup' => 'Inclusief complete zwarte lijst',
'urlfilter enable jpeg' => 'Inschakelen achtergrondafbeelding',
diff --git a/langs/pl/cgi-bin/pl.pl b/langs/pl/cgi-bin/pl.pl
index e2f9da5c0..d3d95fd47 100644
--- a/langs/pl/cgi-bin/pl.pl
+++ b/langs/pl/cgi-bin/pl.pl
@@ -1942,6 +1942,7 @@
'urlfilter enable custom blacklist' => 'Włącz własną czarną listę',
'urlfilter enable custom expression list' => 'Włącz własną listę wyrażeń',
'urlfilter enable custom whitelist' => 'Włącz własną białą listę',
+'urlfilter enable dnsbl' => 'Aktywuy DNS Blacklist',
'urlfilter enable expression lists' => 'Włącz listę wyrażeń',
'urlfilter enable full backup' => 'Dołącz kompletną czarną listę',
'urlfilter enable jpeg' => 'Włącz obraz tła',
diff --git a/langs/ru/cgi-bin/ru.pl b/langs/ru/cgi-bin/ru.pl
index 4b0edb582..5acddc015 100644
--- a/langs/ru/cgi-bin/ru.pl
+++ b/langs/ru/cgi-bin/ru.pl
@@ -1934,6 +1934,7 @@
'urlfilter empty ads' => 'Блокировать рекламу с пустыми окнами',
'urlfilter empty repository' => 'Локальный файловый репозиторий пуст',
'urlfilter enable automatic blacklist update' => 'Разрешить автоматическое обновление',
+'urlfilter enable dnsbl' => 'Активировать DNS черный список',
'urlfilter enable custom blacklist' => 'Разрешить пользовательский чёрный список',
'urlfilter enable custom expression list' => 'Разрешить пользовательский список выражений',
'urlfilter enable custom whitelist' => 'Разрешить пользовательский белый список',
diff --git a/langs/tr/cgi-bin/tr.pl b/langs/tr/cgi-bin/tr.pl
index 9eb300006..bbb01ce6b 100644
--- a/langs/tr/cgi-bin/tr.pl
+++ b/langs/tr/cgi-bin/tr.pl
@@ -2485,6 +2485,7 @@
'urlfilter enable custom blacklist' => 'Özel kara listeyi aktifleştir',
'urlfilter enable custom expression list' => 'Özel ifade listesini aktifleştir',
'urlfilter enable custom whitelist' => 'Özel beyaz listeyi aktifleştir',
+'urlfilter enable dnsbl' => 'DNS Blacklist etkinleştirin',
'urlfilter enable expression lists' => 'İfade listesini aktifleştir',
'urlfilter enable full backup' => 'Tamamlanan kara listeyi dahil et',
'urlfilter enable jpeg' => 'Arka plan resmini aktifleştir',
diff --git a/lfs/squidguard b/lfs/squidguard
index e3fd0c4e4..bca43ce22 100644
--- a/lfs/squidguard
+++ b/lfs/squidguard
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2016 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2017 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
--
2.11.0
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-01-22 13:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-01-22 13:24 [PATCH] squidguard 1.5-beta: Added switch for DNS Blacklist Matthias Fischer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox