|
#!/usr/local/bin/ksh
#################################################################################
# Modifications 01/07/03 - Adding commands to remove duplicate entries and to #
# notify the user of non-existent entries when attempting to #
# remove them. - rmorten #
# 03/22/03 - Forced upgrade (hardware problems on the old cliff) #
# caused us to re-install squid. Directory differences are only #
# the first of many changes that will most likely made. - rmorten #
# 06/24/04 - Poofed /home/bin with a renegade script with some #
# references to bad tmp files. Made a change for a second time #
# to allow 5 part site names. Other changes are lost for good #
# unless I can remember what they were... - rmorten #
#################################################################################
CONFDIR=/usr/local/squid/etc
LOGDIR=$CONFDIR/logs
ALLOWSITE=$CONFDIR/squid.allowlist.sites
ALLOWDOMAIN=$CONFDIR/squid.allowlist.domain
ALLOWIP=$CONFDIR/squid.allowlist.ip
TMP=/tmp/tmpfile.root.$$
BOOT=/home/rmorten/Bin/squidboot
SERIAL=`date '+%y%m%d%H%M%S'`
USAGE="I need at least one domain or site name or IP address to deny:\n\ndeny search.x.com\t<- site example\nx.com\t\t\t<- domain example\n1.2.3.4\t\t\t<- IP example"
if [ $# -lt 1 ]
then
echo $USAGE
exit
fi
for x in $*
do
echo $x | awk ' /^[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?$/ {print $1}' >> $TMP.ip
echo $x | awk ' /^[(\-)aA-zZ0-9]+\.[(\-)aA-zZ0-9]+$/ {print "." $1}' | sed 's/\.\./\./g' >> $TMP.domain
echo $x | awk ' /^[(\-)aA-zZ0-9]+\.[(\-)aA-zZ0-9]+\.([(\-)aA-zZ0-9]+)?\.?([(\-)aA-zZ0-9]+)?\.?([(\-)aA-zZ0-9]+)?$/ {print $1}' | awk ' $0 !~ /^[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?$/ {print $1}' >> $TMP.site
done
if [ -s $TMP.site ]
then
cat $TMP.site > $LOGDIR/deny.site.$SERIAL
DENYSITELIST=`cat $TMP.site`
for site in $DENYSITELIST
do
COUNTBEFORE=`cat $ALLOWSITE | wc -l | awk '{print $1}'`
COUNTAFTER=$COUNTBEFORE
awk '$0 !~ /^'$site'$/ {print $1}' $ALLOWSITE > $TMP.allowsite
cat $TMP.allowsite |sort | uniq > $ALLOWSITE
COUNTAFTER=`cat $ALLOWSITE | wc -l | awk '{print $1}'`
if [ $COUNTBEFORE -eq $COUNTAFTER ]
then
echo "WARNING: SITE NOT REMOVED! $site not found in $ALLOWSITE."
else
echo "$site removed"
fi
done
fi
if [ -s $TMP.domain ]
then
cat $TMP.domain > $LOGDIR/deny.domain.$SERIAL
DENYDOMAINLIST=`cat $TMP.domain`
for domain in $DENYDOMAINLIST
do
COUNTBEFORE=`cat $ALLOWDOMAIN | wc -l | awk '{print $1}'`
COUNTAFTER=$COUNTBEFORE
awk '$0 !~ /^'$domain'$/ {print $1}' $ALLOWDOMAIN > $TMP.allowdomain
cat $TMP.allowdomain |sort | uniq > $ALLOWDOMAIN
COUNTAFTER=`cat $ALLOWDOMAIN | wc -l | awk '{print $1}'`
if [ $COUNTBEFORE -eq $COUNTAFTER ]
then
echo "WARNING: DOMAIN NOT REMOVED! $domain not found in $ALLOWDOMAIN."
else
echo "$domain removed"
fi
done
fi
if [ -s $TMP.ip ]
then
cat $TMP.ip > $LOGDIR/deny.ip.$SERIAL
DENYSITEIP=`cat $TMP.ip`
for ip in $DENYSITEIP
do
COUNTBEFORE=`cat $ALLOWIP | wc -l | awk '{print $1}'`
COUNTAFTER=$COUNTBEFORE
awk '$0 !~ /^'$ip'$/ {print $1}' $ALLOWIP > $TMP.allowip
cat $TMP.allowip |sort | uniq > $ALLOWIP
COUNTAFTER=`cat $ALLOWIP | wc -l | awk '{print $1}'`
if [ $COUNTBEFORE -eq $COUNTAFTER ]
then
echo "WARNING: IP NOT REMOVED! $ip not found in $ALLOWIP."
else
echo "$ip removed"
fi
done
fi
SITECOUNT=`cat $ALLOWSITE | wc -l | awk '{print $1}'`
DOMAINCOUNT=`cat $ALLOWDOMAIN | wc -l | awk '{print $1}'`
IPCOUNT=`cat $ALLOWIP | wc -l | awk '{print $1}'`
echo "\nIP Addresses allowed: \t$IPCOUNT"
echo "Sites allowed: \t$SITECOUNT"
echo "Domains allowed: \t$DOMAINCOUNT\n"
$BOOT
# Cleanup
rm -fr $TMP$
| 
![[Under Construction]](../images/undercon.gif){kind=small}
This
website will always be under construction...