/* * ufdbGuard is copyrighted (C) 2005-2020 by URLfilterDB B.V. with all rights reserved. * * Parts of the ufdbGuard daemon are based on squidGuard 1.2.0. * squidGuard is copyrighted (C) 1998 by * ElTele Øst AS, Oslo, Norway, with all rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License (version 2) as * published by the Free Software Foundation. It is distributed in the * hope that it will be useful, but WITHOUT ANY WARRANTY; without even the * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR * PURPOSE. See the GNU General Public License (GPL) for more details. * * You should have received a copy of the GNU General Public License * (GPL) along with this program. * * $Id: sg.h.in,v 1.91 2020/11/02 13:33:54 root Exp root $ */ #ifndef _REENTRANT #define _REENTRANT #endif #ifdef __cplusplus extern "C" { #endif #ifndef _XOPEN_SOURCE___ #ifdef __sun #define _XOPEN_SOURCE___ 600 #else #define _XOPEN_SOURCE___ 600 #endif #endif #if __sun && !defined(__EXTENSIONS__) #define __EXTENSIONS__ 1 #endif #if 0 #ifndef _XOPEN_SOURCE____EXTENDED #define _XOPEN_SOURCE____EXTENDED 1 #endif #endif #if 0 #ifndef _POSIX_C_SOURCE #define _POSIX_C_SOURCE 200112L #endif #endif #ifndef _BSD_SOURCE #define _BSD_SOURCE 1 #endif #define YY_NEVER_INTERACTIVE 1 #include #include #include #include #include #include #include #include #include #include "config.h" #include "version.h" #include "ufdb.h" #include "ufdblib.h" #if __STDC__ # ifndef __P # define __P(x) x # endif #else # ifndef __P # define __P(x) () # endif # ifndef const # define const # endif int tolower(); #endif #ifndef ulong # define ulong unsigned long #endif #define T_WEEKLY 1 #define T_WEEKDAY 2 #define T_TVAL 3 #define T_DVAL 4 #define T_DVALCRON 5 #define ACL_TYPE_DEFAULT 1 #define ACL_TYPE_TERMINATOR 2 #define ACL_TYPE_INADDR 3 #define MAX_BUF 8192 #define INVALID_IP_ADDR 1 #define SG_IPTYPE_HOST 1 #define SG_IPTYPE_RANGE 2 #define SG_IPTYPE_CIDR 3 #define SG_IPTYPE_CLASS 4 #define SG_IPV6TYPE_HOST 5 #define SG_IPV6TYPE_CIDR 6 #define SG_BLOCK_DESTINATION 1 #define SG_BLOCK_SOURCE 2 #define SG_BLOCK_REWRITE 3 #define SG_BLOCK_ACL 4 #define REDIRECT_PERMANENT "301:" #define REDIRECT_TEMPORARILY "302:" struct SquidInfo { char channelid[16]; char protocol[16]; char method[16]; int worker; int url_has_ipv4; int url_has_ipv6; int source_isipv4; int source_isipv6; unsigned int source_ipv4; struct in6_addr source_ipv6; int islocalnet; int port; int blockReason; int matchedAny; int matchedNone; int bumping; int BlockedBumpedConnectAllowed; UFDBrevURL * revUrl; struct AclCategory * aclpass; char bump_mode[32]; UFDB_GCC_ALIGN_CL char referer[128]; char srcIP[128]; char srcDomain[256]; char sni[256]; char cert_issuer[256]; char cert_subject[256]; char matchedBy[256]; char ident[256]; char urlgroup[256]; char domain[512]; char orig_domain[512]; char url2display[2048]; char url2log[2048]; char orig[16*1024]; char url[16*1024]; char surl[16*1024]; }; struct sgRewrite { const char * name; int active; struct ufdbRegExp * rewrite; struct ufdbTime * time; int within; struct sgRewrite * next; }; #define SGDBTYPE_DOMAINLIST 1 #define SGDBTYPE_URLLIST 2 #define SGDBTYPE_USERLIST 3 #define SGDBTYPE_EXECUSERLIST 4 struct sgDb { const char * dbhome; void * dbcp; int entries; int type; }; struct Ipv4 { int type; int net_is_set; unsigned int net; unsigned int mask; struct Ipv4 * next; }; struct Ipv6 { int type; unsigned int cidr; struct Ipv6 * next; struct in6_addr ipv6; }; struct Setting { const char * name; const char * value; struct Setting * next; }; struct TimeElement { int wday; int from; int to; int y; int m; int d; time_t fromdate; time_t todate; struct TimeElement * next; }; struct ufdbTime { const char * name; int active; struct TimeElement * element; struct ufdbTime * next; }; /* values for cateogry->activeBumping: */ #define UFDB_ACTIVE_BUMPING_NOTSET 0 #define UFDB_ACTIVE_BUMPING_ON 1 #define UFDB_ACTIVE_BUMPING_OFF -1 struct Category { char active; char within; signed char activeBumping; char blockBumpedConnect; unsigned int options; volatile unsigned long nmatches; /* hot variable */ const char * name; char * domainlist; struct sgDb * domainlistDb; const char * execdomainlist; char * expressionlist; struct ufdbRegExp * regExp; char * redirect; struct ufdbTime * time; struct sgRewrite * rewrite; volatile unsigned long nblocks; /* hot variable */ struct Category * next; }; struct Source { short active; short within; short evaluationMethod; short cont_search; volatile unsigned long nmatches; /* hot variable */ const char * name; const char * execiplistCommand; struct UFDBmemDB * ipv4hosts; // ipv4 hosts (hash) struct Ipv4 * ipv4; // ipv4 range class net (list) struct UFDBmemDB * ipv6hosts; // ipv6 hosts (hash) struct Ipv6 * ipv6; // ipv6 net (list) struct sgDb * domainDb; struct sgDb * userDb; struct Source * next; struct ufdbTime * time; const char * sarg0; volatile unsigned long nblocks; /* hot variable */ char dummy[16]; /* filler for 64 bytes */ }; struct Acl { short active; short within; short hasTerminatorNone; short rewriteDefault; const char * name; struct Source * source; struct AclCategory * pass; struct AclCategory * implicitPass; /* has all defined categories which are not in 'pass' */ const char * redirect; struct ufdbTime * time; struct Acl * next; struct sgRewrite * rewrite; }; struct AclCategory { volatile unsigned long nmatches; /* hot variable */ const char * name; struct Category * cat; int access; int type; struct AclCategory * next; char dummy[24]; volatile unsigned long nblocks; /* hot variable */ }; extern int lineno; char * sgParseRedirect( const char *, struct SquidInfo *, struct Acl *, struct AclCategory *, char * ); int parseLine __P(( UFDBthreadAdmin *, char *, struct SquidInfo * )); unsigned int * sgConvDot __P(( const char *, unsigned int * )); int sgValidateIPv6 ( const char * str, struct in6_addr * ipv6addr ); int ufdbIPv6hostInNet( struct in6_addr * host, struct in6_addr * net, int cidr ); #define UFDB_MAX_USERLISTS 300 struct sgDb * UFDBretrieveExecUserlist( struct ufdbGV * gv, char * command ); void UFDBrefreshExecUserlist( struct ufdbGV * gv, char * command ); void UFDBdeleteUserlistCache( void ); #define UFDB_MAX_IPLISTS 300 void UFDBretrieveExecIPlist( struct ufdbGV * gv, char * command, struct UFDBmemDB ** i4h, struct Ipv4 ** i4, struct UFDBmemDB ** i6h, struct Ipv6 ** i6 ); void UFDBrefreshExecIPlist( struct ufdbGV * gv, const char * command, struct UFDBmemDB ** i4h, struct Ipv4 ** i4, struct UFDBmemDB ** i6h, struct Ipv6 ** i6 ); void ufdbFreeIpv4List( struct Ipv4 * ipv4 ); void ufdbFreeIpv6List( struct Ipv6 * ipv6 ); void UFDBaclEngineInit( void ); struct Source * UFDBfindSource( struct Source *, struct SquidInfo * ); struct Acl * UFDBfindACLbySource __P(( struct Source *, struct SquidInfo * )); int UFDBCheckACLaccess __P(( int, struct Acl *, struct SquidInfo *, char * )); int UFDBdecideAccessBasedOnURL __P(( int reconfiguring, struct Acl * acl, struct SquidInfo * si, char * redirectURL )); int UFDBdecideImplicitAccessBasedOnURL __P(( int reconfiguring, struct Acl * acl, struct SquidInfo * si, char * redirectURL )); int UFDBdecideAccessByPeekStatus( int status, struct Acl * acl, struct SquidInfo * si, char * redirectURL ); int UFDBdecideAccessBasedOnHostname __P(( int reconfiguring, struct Acl * acl, struct SquidInfo * si, UFDBthreadAdmin * admin, char * hostname, char * redirectURL )); int UFDBdecideAccessBasedOnCategory __P(( struct Acl * acl, struct SquidInfo * si, char * category, char * redirectURL )); int UFDBurlIsSafeCategory __P(( struct SquidInfo * si )); void BuildImplicitPassLists __P(( struct ufdbGV * gv )); void ufdbCategory __P((char *)); void ufdbCategoryEnd __P((void)); void ufdbCategoryDomainList __P((char *)); struct sgDb * UFDBretrieveExecDomainlist __P(( struct Category * cat )); void ufdbCategoryExpressionList __P((char *, const char *)); struct Category * ufdbCategoryFindByName( struct ufdbGV * gv, const char * name ); void sgSetting __P((char *, char *)); struct Setting *sgSettingFindName __P((char *)); char * sgSettingGetValue __P((char *)); char * sgRewriteExpression( struct sgRewrite *, char *, char * ); struct Acl * ufdbAclFindByName( struct ufdbGV * gv, const char * name ); char * ufdbRegExpSubst __P(( struct ufdbRegExp *, char *, char * )); void sgDbInit __P((struct sgDb * Db, char * file)); void sgDbLoadTextFile __P((struct sgDb *, char *, int)); void sgDbUpdate __P((struct sgDb *, char *, char *, size_t)); void ufdbFreeDomainDb __P(( struct sgDb * dbp )); time_t date2sec( const char * date ); time_t iso2sec( const char * date ); void niso( time_t t, char * buf ); int sgDbLookup( struct sgDb *, char *, char ** ); void UFDBlogIPv4( struct Ipv4 * ipv4 ); void UFDBlogIPv6( struct Ipv6 * ipv6 ); void yyerror( const char * s ); int yyparse( void ); int yylex( void ); #ifdef __cplusplus } #endif