Interfaccia gestione ACL

proxy/squid_acl/squid_acl.pl

@@ -0,0 +1,126 @@
+#!/usr/bin/perl
+$|=1;
+
+use DBI;
+use Switch;
+use FindBin qw($Bin);
+
+require "$Bin/../script/conntrack.conf";
+
+local $SIG{ALRM} = sub {
+	my $time = localtime; # scalar context
+	print LOG "$$ - $time - Exit\n";
+	exit 1;
+};
+
+srand($$);
+$timeout = 60 * (int(rand(5))+61);
+$limit = 50;
+
+my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die ($DBI::errstr);
+$sts = $dbmysql->prepare("use $DBname");
+$sts->execute ();
+
+open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
+LOG->autoflush(1);
+
+alarm $timeout;
+while($limit) {
+	my $query = "";
+	my $input = <>;
+	chop $input;
+
+	my @param = split / /, $input;
+
+	my $ritorno = cerca ($param[1],$param[2], -1);
+	$limit--;
+	if ($ritorno) {
+		print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
+		print "DENY\n";
+	} else {
+		$ritorno = cerca ($param[1],$param[2], 1);
+		if ($ritorno) {
+			print LOG "$param[0] - $param[1] - $param[2] - OK\n";
+			print "OK\n";
+		} else {
+			print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
+			print "DENY\n";
+		}
+	}
+	
+
+#	next if ($query eq "");
+
+}
+exit;
+
+sub cerca {
+	my $ip = shift;
+	my $url = shift;
+	my $stato = shift;
+
+	if ($stato == 1) {
+		$tutto = "";
+	} else {
+		$tutto = "";
+	}
+
+	$query = "	SELECT
+				1
+			FROM
+				proxy_pool
+			JOIN
+				proxy_acl_ip
+				ON
+					proxy_pool.id = proxy_acl_ip.idpool
+					AND
+					proxy_acl_ip.stato = $stato
+			JOIN
+				proxy_acl_list
+				ON
+					proxy_acl_ip.idacllist = proxy_acl_list.id
+					AND
+					proxy_acl_list.attivo = 1
+			JOIN
+				proxy_acl
+				ON
+					proxy_acl.idacllist = proxy_acl_list.id
+					AND
+					proxy_acl.attivo = 1
+					AND
+					LOCATE(proxy_acl.rif, '$url') > 0
+			WHERE
+				proxy_pool.ip = '$ip'
+			UNION DISTINCT SELECT
+					1
+				FROM
+					proxy_pool
+				JOIN
+					proxy_acl_ip
+					ON
+						proxy_pool.id = proxy_acl_ip.idpool
+						AND
+						proxy_acl_ip.stato = $stato
+				JOIN
+					proxy_acl_list
+					ON
+					proxy_acl_ip.idacllist = proxy_acl_list.id
+					AND
+					proxy_acl_list.nome = 'ALL'
+				WHERE
+					proxy_pool.ip = '$ip'
+	";
+
+#	print "$query\n";
+	$sts = $dbmysql->prepare($query);
+	$sts->execute ();
+
+	if ($ref = $sts->fetchrow_hashref ) {
+		return 1;
+	} else {
+		return 0;
+	}
+
+
+
+}

proxy/squid_acl/squid_pool.pl

@@ -9,7 +9,7 @@ require "$Bin/../script/conntrack.conf";
 
 local $SIG{ALRM} = sub {
 	my $time = localtime; # scalar context
-	print LOG "$$ - $time - Exit\n";
+	#print LOG "$$ - $time - Exit\n";
 	exit 1;
 };
 
@@ -21,8 +21,8 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
 $sts = $dbmysql->prepare("use $DBname");
 $sts->execute ();
 
-open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
-LOG->autoflush(1);
+#open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
+#LOG->autoflush(1);
 
 alarm $timeout;
 while($limit) {
@@ -38,7 +38,7 @@ while($limit) {
 					$query = "SELECT id FROM proxy_src WHERE ip = '".$param[1]."' AND attivo = 1"; 
 					@reply = ("OK\n", "ERR\n");
 					my $time = localtime; # scalar context
-					print LOG "$$ - $time - $limit - $input -\n";
+					#print LOG "$$ - $time - $limit - $input -\n";
 					$limit--;
 					alarm $timeout;
 				}
@@ -46,7 +46,7 @@ while($limit) {
 					$query = "SELECT id FROM proxy_utenti WHERE user = '".$param[1]."' AND pass = PASSWORD('".$param[2]."') AND attivo = 1"; 
 					@reply = ("OK\n", "ERR\n");
 					my $time = localtime; # scalar context
-					print LOG "$$ - $time - $limit - $input -\n";
+					#print LOG "$$ - $time - $limit - $input -\n";
 					$limit--;
 					alarm $timeout;
 				}