Summary: Filter, redirector and access controller plugin for Squid. Name: squidGuard Version: 1.2.0 Release: 10mdk License: GPL Group: System/Servers URL: http://www.squidguard.org Source0: ftp://ftp.ost.eltele.no/pub/www/proxy/squidGuard/%{name}-%{version}.tar.bz2 Source1: %{name}.conf.sample Source2: blacklists-readme Source3: %{name}.cgi Source4: nulbanner.png Source5: blacklist-update Source6: %{name}.logrotate.bz2 Patch0: squidGuard-1.2.0.default_dir.patch.bz2 Patch1: http://http.us.debian.org/debian/pool/main/s/squidguard/%{name}_%{version}-debian.patch.bz2 BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRequires: bison BuildRequires: db4-devel BuildRequires: flex Requires: squid PreReq: logrotate %define _requires_exceptions perl(LWP::Parallel::UserAgent) %description SquidGuard is a combined filter, redirector and access controller plugin for Squid. It is free, very flexible, extremely fast, easily installed, portable. SquidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users. - enforce the use of domainnames/prohibit the use of IP address in URLs. - redirect blocked URLs to an "intelligent" CGI based info page. - redirect unregistered user to a registration form. - redirect popular downloads like Netscape, MSIE etc. to local copies. - redirect banners to an empty GIF. - have different access rules based on time of day, day of the week, date etc. - have different rules for different user groups. Neither squidGuard nor Squid can be used to - filter/censor/edit text inside documents - filter/censor/edit embeded scripting languages like JavaScript or VBscript inside HTML %prep %setup -q %patch0 -p1 %patch1 -p1 %build %configure --with-sg-config=%{_sysconfdir}/squid/%{name}.conf \ --with-sg-logdir=/var/log/squidGuard \ --with-sg-dbhome=%{_datadir}/%{name}-%{version}/db %make %install rm -rf $RPM_BUILD_ROOT P=$RPM_BUILD_DIR/%{name}-%{version} Q=$RPM_BUILD_ROOT/%{_datadir}/%{name}-%{version} %makeinstall MAKEDEFS=' \ "logdir=$RPM_BUILD_ROOT/var/log/squidGuard" \ "cfgdir=$RPM_BUILD_ROOT%{_sysconfdir}/squid"' strip $RPM_BUILD_ROOT/%{_bindir}/* $RPM_BUILD_ROOT/%{_bindir}/* mkdir -p $Q/{contrib,samples,log} mkdir -p %{buildroot}/etc/logrotate.d bzcat %{SOURCE6} > %{buildroot}/etc/logrotate.d/%{name} # the mandrake default config directories mkdir -p $Q/db/{advertising,bannedsource,banneddestination} mkdir -p $Q/db/{timerestriction,lansource,privilegedsource} touch $Q/db/advertising/{domains,urls} touch $Q/db/banneddestination/{domains,urls,expressions} touch $Q/db/bannedsource/ips touch $Q/db/lansource/lan touch $Q/db/timerestriction/lan touch $Q/db/privilegedsource/ips # the blacklists default directories (Fabrice Pringent's one) mkdir -p $Q/db/{porn,adult,audio-video,forums,hacking,redirector} mkdir -p $Q/db/{warez,ads,aggressive,drugs,gambling,publicite,violence} touch $Q/db/porn/{domains,urls,expressions} touch $Q/db/adult/{domains,urls,expressions} touch $Q/db/audio-video/{domains,urls} touch $Q/db/forums/{domains,urls,expressions} touch $Q/db/hacking/{domains,urls} touch $Q/db/redirector/{domains,urls,expressions} touch $Q/db/warez/{domains,urls} touch $Q/db/ads/{domains,urls} touch $Q/db/aggressive/{domains,urls} touch $Q/db/drugs/{domains,urls} touch $Q/db/gambling/{domains,urls} touch $Q/db/publicite/{domains,urls,expressions} touch $Q/db/violence/{domains,urls,expressions} cd $P/samples/dest/ tar xzf blacklists.tar.gz cp -af blacklists/* $Q/db cd - cp -a $P/contrib/hostbyname/hostbyname $Q/contrib/ cp -a $P/contrib/sgclean/sgclean $Q/contrib/ cp -a $P/contrib/squidGuardRobot/{squidGuardRobot,RobotUserAgent.pm} $Q/contrib/ cp -a $P/samples/dest $Q/samples cp -a $P/samples/*{.conf,.cgi} $Q/samples cp -a %{SOURCE2} $P/ cp -a %{SOURCE5} $P/ rm -rf $Q/test/test*.conf.* # default config files #log & error files mkdir -p $RPM_BUILD_ROOT/var/log/%{name} touch $RPM_BUILD_ROOT/var/log/%{name}/%{name}.{log,error} touch $RPM_BUILD_ROOT/var/log/%{name}/advertising.log #conf file mkdir -p $RPM_BUILD_ROOT/etc/squid mkdir -p $RPM_BUILD_ROOT/var/www/cgi-bin install %{SOURCE1} $RPM_BUILD_ROOT/etc/squid/%{name}.conf.sample cp -af %{SOURCE3} %{SOURCE4} $RPM_BUILD_ROOT/var/www/cgi-bin rm -rf $RPM_BUILD_ROOT%{_datadir}/%{name}-%{version}/samples/dest %preun if [ $1 = 0 ] ; then rm -f /var/log/squidGuard/* fi %post rm -rf `find %{_datadir}/%{name}-%{version}/db |grep "\.db"` %{_bindir}/%{name} -c %{_sysconfdir}/squid/%{name}.conf.sample -C all for i in privilegedsource bannedsource timerestriction lansource banneddestination advertising; do rm -rf /usr/share/%{name}-%{version}/db/$i/*.db done chown -R squid.squid /usr/share/%{name}-%{version}/db echo "WARNING !!! WARNING !!! WARNING !!! WARNING !!!" echo "" echo "Modify the following line in the /etc/squid/squid.conf file:" echo "redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf" %postun rm -rf %{_datadir}/%{name}-%{version} %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) %doc README ANNOUNCE GPL COPYING CHANGELOG blacklists-readme doc/*.{html,gif,txt} %{_bindir}/* %attr(0644,root,root) %{_datadir}/%{name}-%{version}/contrib/* %attr(0644,root,root) %{_datadir}/%{name}-%{version}/samples/*.conf %attr(0644,root,root) %{_datadir}/%{name}-%{version}/samples/*.cgi %attr(0755,apache,apache) /var/www/cgi-bin/*.cgi %attr(0755,apache,apache) /var/www/cgi-bin/*.png %attr(0755,root,root) %{_datadir}/%{name}-%{version}/db/* %dir %attr(-,squid,squid)/var/log/%{name} %attr(-,squid,squid)/var/log/%{name}/* %config(noreplace) /etc/squid/* %config(noreplace) /etc/logrotate.d/%{name} %changelog * Mon Apr 19 2004 Florin <florin@mandrakesoft.com> 1.2.0-10mdk - fix the logrotate bug #9526 * Thu Apr 15 2004 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 1.2.0-9mdk - fix build * Thu Jan 22 2004 Florin <florin@mandrakesoft.com> 1.2.0-8mdk - add configure variables (thx to V. Guardiola) - add logrotate * Mon Sep 01 2003 Florin <florin@mandrakesoft.com> 1.2.0-7mdk - add the debian patch to fix the 4.1 compile - fix the dependencies * Wed Jun 04 2003 Per Øyvind Karlsen <peroyvind@sintrax.net> 1.2.0-6mdk - fix unpackaged files - minor cleanups - build against db4 in stead of db3 and also change buildrequires accordingly * Sat Jul 20 2002 Stefan van der Eijk <stefan@eijk.nu> 1.2.0-5mdk - BuildRequires * Thu Mar 14 2002 Florin <florin@mandrakesoft.com> 1.2.0-4mdk - remove florin from the cgi - do not create db files for the SNF sections * Thu Feb 14 2002 Florin <florin@mandrakesoft.com> 1.2.0-3mdk - the actual stable version (not the developpement one) - remove the BerkeleyDB patch0 * Tue Nov 13 2001 Chipaux Nicolas <chipaux@mandrakesoft.com> 1.2.0-2mdk - build requires byacc, bison, libdb3.3-devel * Fri Oct 26 2001 Florin <florin@mandrakesoft.com> 1.2.0-1mdk - 1.2.0 (works with libdb3 - don't need BerkeleyDB anymore) - this version supports Userquota (see the CHANGELOG file) - add the CHANGELOG file - modify the %post section - add the %postun section - update the %{_sysconfdir}/squid/%{name}.conf.sample file * Fri Oct 05 2001 Florin <florin@mandrakesoft.com> 1.1.4-16mdk - squid.squid is again the user.group for squid - add the preun section * Wed Oct 03 2001 Florin <florin@mandrakesoft.com> 1.1.4-15mdk - add the forgotten /var/log/squidGuard/advertising.log file * Wed Oct 03 2001 Florin <florin@mandrakesoft.com> 1.1.4-14mdk - mv the cgi and the png files to /var/www/cgi-bin and owned by apache - modify the cgi script and sample.conf file * Wed Sep 19 2001 Florin <florin@mandrakesoft.com> 1.1.4-13mdk - nobody.nobody are the right ownerships according to squid - add the blacklist-update script * Wed Jul 11 2001 Florin <florin@mandrakesoft.com> 1.1.4-12mdk - use the new sample configfile blacklist compliant, logs and data locations - patch the default logdir and confdir (default_dir.patch) - add the blacklists-readme file - add the blacklist sections and databases - remove the whole test thing from the spec file - add the nullbanner.png and the squidGuard.cgi modified * Fri Feb 16 2001 Florin <florin@mandrakesoft.com> 1.1.4-11mdk - add banneddestination/expressions * Tue Jan 30 2001 Florin <florin@mandrakesoft.com> 1.1.4-10mdk - add the timerestriction section * Tue Jan 30 2001 Florin <florin@mandrakesoft.com> 1.1.4-9mdk - the nulbanner and the cgi go now in the httpd-naat package - add /etc/squid/squidGuard.conf.sample - create the section files from the default config file * Wed Jan 24 2001 Florin <florin@mandrakesoft.com> 1.1.4-9mdk - add the nulbanner.gif in the /var/www-naat/icons * Mon Jan 08 2001 Florin <florin@mandrakesoft.com> 1.1.4-8mdk - the /var/log/%{name} dir is now owned by squid,squid * Fri Jan 06 2001 Florin <florin@mandrakesoft.com> 1.1.4-7mdk - recompile for firewall distrib - add log,error files in /var/log/%{name} - copy a sample of the config file in the /etc/squid/directory * Thu Nov 23 2000 Florin <florin@mandrakesoft.com> 1.1.4-6mdk - added urls (Lenny compliant ;) * Thu Nov 23 2000 Florin <florin@mandrakesoft.com> 1.1.4-5mdk - requires squid - buildrequires BerkeleyDB * Tue Nov 21 2000 Florin <florin@mandrakesoft.com> 1.1.4-4mdk - requires BerkeleyDB package, the new db2-2.7.7 package - comment the postun section * Mon Sep 18 2000 Florin <florin@mandrakesoft.com> 1.1.4-3mdk - set up a ready to use out of the box config * Fri Sep 15 2000 Florin <florin@mandrakesoft.com> 1.1.4-2mdk - added the test configuration and the Makefile - modifying the config files * Fri Sep 15 2000 Florin <florin@mandrakesoft.com> 1.1.4-1mdk - first attempt