e2guardian: bump to 3.1.2

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>

net/e2guardian/Makefile

@@ -8,18 +8,16 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=e2guardian
-PKG_VERSION:=3.0.4
+PKG_VERSION:=3.1.2
 PKG_RELEASE:=1
 
 PKG_LICENSE:=GPL-2.0
 PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_URL:=https://github.com/e2guardian/e2guardian.git
-PKG_SOURCE_VERSION:=v$(PKG_VERSION)
-
+PKG_SOURCE:=v$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/e2guardian/e2guardian/archive/
+PKG_MD5SUM:=85cfa16074737dbc3935f93dfcded285
+PKG_FIXUP:=autoreconf
 PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
 
@@ -47,9 +45,12 @@ CONFIGURE_VARS += \
 
 CONFIGURE_ARGS += \
 		--with-sysconfsubdir=e2guardian \
-		--with-proxyuser=root \
-		--with-proxygroup=root \
-		--enable-pcre=yes
+		--with-proxyuser=nobody \
+		--with-proxygroup=nogroup \
+		--enable-pcre=yes \
+		--with-piddir=/tmp/e2guardian/ \
+		--enable-sslextralists=no \
+		--enable-sslmitm=no
 
 define Build/Configure
 	$(call Build/Configure/Default,$CONFIGURE_ARGS)

net/e2guardian/files/e2guardian.config

@@ -1,13 +1,11 @@
 config e2guardian 'e2guardian'
-	option config_file '/etc/e2guardian/e2guardianf1.conf'
 	option languagedir '/usr/share/e2guardian/languages'
 	option language 'ukenglish'
 	option loglevel '2'
 	option logexceptionhits '2'
 	option logfileformat '1'
-	option loglocation '/dev/null'
+	option loglocation '/var/log/e2guardian/access.log'
 	option maxuploadsize '-1'
-	option filterip ''
 	option filterports '8080'
 	option proxyip '127.0.0.1'
 	option proxyport '3128'
@@ -45,6 +43,7 @@ config e2guardian 'e2guardian'
 	option deletedownloadedtempfiles 'on'
 	option initialtrickledelay '20'
 	option trickledelay '10'
+	option downloadmanager '/etc/e2guardian/downloadmanagers/fancy.conf'
 	option downloadmanager '/etc/e2guardian/downloadmanagers/default.conf'
 	option contentscannertimeout '60'
 	option contentscanexceptions 'off'

net/e2guardian/files/e2guardian.init

@@ -7,13 +7,15 @@ STOP=10
 USE_PROCD=1
 PROG=/usr/sbin/e2guardian
 CONFIGFILE="/tmp/e2guardian/e2guardian.conf"
+LOGFILE="/tmp/e2guardian/access.log"
+GROUPCONFIG="/tmp/e2guardian/e2guardianf1.conf"
 
 validate_e2guardian_section() {
 	uci_validate_section e2guardian e2guardian "${1}" \
-		'config_file:string' \
 		'accessdeniedaddress:string' \
 		'bannediplist:string' \
 		'contentscanexceptions:string' \
+		'contentscanner:string'
 		'contentscannertimeout:uinteger' \
 		'createlistcachefiles:string' \
 		'custombannedflashfile:string' \
@@ -83,7 +85,7 @@ validate_e2guardian_section() {
 
 start_service() {
 
-	local config_file accessdeniedaddress bannediplist contentscanexceptions contentscannertimeout \
+	local accessdeniedaddress bannediplist contentscanexceptions contentscanner contentscannertimeout \
 		createlistcachefiles custombannedflashfile custombannedimagefile deletedownloadedtempfiles \
 		downloadmanager exceptioniplist filecachedir loglocation \
 		filtergroups filtergroupslist filterip filterports forcequicksearch forwardedfor hexdecodecontent \
@@ -102,10 +104,26 @@ start_service() {
 	}
 
 	mkdir -p $(dirname $CONFIGFILE)
-	ln -sf $config_file $(dirname $CONFIGFILE)
+	chown -R nobody:nogroup $(dirname $CONFIGFILE)
+
+	mkdir -p $(dirname $loglocation)
+	chown -R nobody:nogroup $(dirname $loglocation)
+
+	touch $loglocation
+	chown nobody:nogroup $loglocation
+
+	ln -sf $loglocation $(dirname $LOGFILE)
+	ln -sf /etc/e2guardian/e2guardian.conf $CONFIGFILE
+	ln -sf /etc/e2guardian/e2guardianf1.conf $GROUPCONFIG
 
 	echo "accessdeniedaddress = " $accessdeniedaddress > $CONFIGFILE
 	echo "bannediplist = " $bannediplist >> $CONFIGFILE
+
+	if [  "$contentscanner" != ""  ]
+	then
+		echo "contentscanner = " $contentscanner >> $CONFIGFILE
+	fi
+
 	echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE
 	echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE
 	echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE
@@ -174,15 +192,17 @@ start_service() {
 	echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE
 
 	procd_open_instance
-	procd_set_param command $PROG -N -c "$CONFIGFILE"
+	procd_set_param command $PROG -c $CONFIGFILE
 	procd_set_param file $CONFIGFILE
-	procd_set_param respawn
 	procd_close_instance
+
 }
 
 stop_service()
 {
-	e2guardian -s | awk -F':' '{ print $2}' | xargs kill -9
+	PID=`cat /tmp/e2guardian/e2guardian.pid`
+	kill $PID
+	rm -f /tmp/e2guardian/e2guardian.pid
 }
 
 service_triggers()

net/e2guardian/files/e2guardianf1.conf

@@ -1,4 +1,4 @@
-# e2guardian filter group config file for version 3.0.4
+# e2guardian filter group config file for version 3.1.2
 
 
 # Filter group mode
@@ -25,41 +25,41 @@ groupmode = 1
 groupname = ''
 
 # Content filtering files location
-bannedphraselist = 'etc/e2guardian/lists/bannedphraselist'
-weightedphraselist = 'etc/e2guardian/lists/weightedphraselist'
-exceptionphraselist = 'etc/e2guardian/lists/exceptionphraselist'
-bannedsitelist = 'etc/e2guardian/lists/bannedsitelist'
-greysitelist = 'etc/e2guardian/lists/greysitelist'
-bannedsslsitelist = 'etc/e2guardian/lists/bannedsslsitelist'
-greysslsitelist = 'etc/e2guardian/lists/greysslsitelist'
-exceptionsitelist = 'etc/e2guardian/lists/exceptionsitelist'
-bannedurllist = 'etc/e2guardian/lists/bannedurllist'
-greyurllist = 'etc/e2guardian/lists/greyurllist'
-exceptionurllist = 'etc/e2guardian/lists/exceptionurllist'
-exceptionregexpurllist = 'etc/e2guardian/lists/exceptionregexpurllist'
-bannedregexpurllist = 'etc/e2guardian/lists/bannedregexpurllist'
-picsfile = 'etc/e2guardian/lists/pics'
-contentregexplist = 'etc/e2guardian/lists/contentregexplist'
-urlregexplist = 'etc/e2guardian/lists/urlregexplist'
-refererexceptionsitelist = 'etc/e2guardian/lists/refererexceptionsitelist'
-refererexceptionurllist = 'etc/e2guardian/lists/refererexceptionurllist'
-embededreferersitelist = 'etc/e2guardian/lists/embededreferersitelist'
-embededrefererurllist = 'etc/e2guardian/lists/embededrefererurllist'
-urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
+bannedphraselist = '/etc/e2guardian/lists/bannedphraselist'
+weightedphraselist = '/etc/e2guardian/lists/weightedphraselist'
+exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist'
+bannedsitelist = '/etc/e2guardian/lists/bannedsitelist'
+greysitelist = '/etc/e2guardian/lists/greysitelist'
+bannedsslsitelist = '/etc/e2guardian/lists/bannedsslsitelist'
+greysslsitelist = '/etc/e2guardian/lists/greysslsitelist'
+exceptionsitelist = '/etc/e2guardian/lists/exceptionsitelist'
+bannedurllist = '/etc/e2guardian/lists/bannedurllist'
+greyurllist = '/etc/e2guardian/lists/greyurllist'
+exceptionurllist = '/etc/e2guardian/lists/exceptionurllist'
+exceptionregexpurllist = '/etc/e2guardian/lists/exceptionregexpurllist'
+bannedregexpurllist = '/etc/e2guardian/lists/bannedregexpurllist'
+picsfile = '/etc/e2guardian/lists/pics'
+contentregexplist = '/etc/e2guardian/lists/contentregexplist'
+urlregexplist = '/etc/e2guardian/lists/urlregexplist'
+refererexceptionsitelist = '/etc/e2guardian/lists/refererexceptionsitelist'
+refererexceptionurllist = '/etc/e2guardian/lists/refererexceptionurllist'
+embededreferersitelist = '/etc/e2guardian/lists/embededreferersitelist'
+embededrefererurllist = '/etc/e2guardian/lists/embededrefererurllist'
+urlredirectregexplist = '/etc/e2guardian/lists/urlredirectregexplist'
 
 # local versions of lists (where LOCAL_LISTS enabled)
-#localbannedsitelist = 'etc/e2guardian/lists/localbannedsitelist'
-#localgreysitelist = 'etc/e2guardian/lists/localgreysitelist'
-#localexceptionsitelist = 'etc/e2guardian/lists/localexceptionsitelist'
-#localbannedurllist = 'etc/e2guardian/lists/localbannedurllist'
-#localgreyurllist = 'etc/e2guardian/lists/localgreyurllist'
-#localexceptionurllist = 'etc/e2guardian/lists/localexceptionurllist'
-#localbannedsslsitelist = 'etc/e2guardian/lists/localbannedsslsitelist'
-#localgreysslsitelist = 'etc/e2guardian/lists/localgreysslsitelist'
-#localbannedsearchlist = 'etc/e2guardian/lists/localbannedsearchlist'
-
-!! Not compiled !! authexceptionsitelist = 'etc/e2guardian/lists/authexceptionsitelist'
-!! Not compiled !! authexceptionurllist = 'etc/e2guardian/lists/authexceptionurllist'
+#localbannedsitelist = '/etc/e2guardian/lists/localbannedsitelist'
+#localgreysitelist = '/etc/e2guardian/lists/localgreysitelist'
+#localexceptionsitelist = '/etc/e2guardian/lists/localexceptionsitelist'
+#localbannedurllist = '/etc/e2guardian/lists/localbannedurllist'
+#localgreyurllist = '/etc/e2guardian/lists/localgreyurllist'
+#localexceptionurllist = '/etc/e2guardian/lists/localexceptionurllist'
+#localbannedsslsitelist = '/etc/e2guardian/lists/localbannedsslsitelist'
+#localgreysslsitelist = '/etc/e2guardian/lists/localgreysslsitelist'
+#localbannedsearchlist = '/etc/e2guardian/lists/localbannedsearchlist'
+
+!! Not compiled !! authexceptionsitelist = '/etc/e2guardian/lists/authexceptionsitelist'
+!! Not compiled !! authexceptionurllist = '/etc/e2guardian/lists/authexceptionurllist'
 
 # Filetype filtering
 #
@@ -78,20 +78,20 @@ urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
 # (on | off)
 #
 blockdownloads = off
-exceptionextensionlist = 'etc/e2guardian/lists/exceptionextensionlist'
-exceptionmimetypelist = 'etc/e2guardian/lists/exceptionmimetypelist'
+exceptionextensionlist = '/etc/e2guardian/lists/exceptionextensionlist'
+exceptionmimetypelist = '/etc/e2guardian/lists/exceptionmimetypelist'
 #
 # Use the following lists to block specific kinds of file downloads.
 # The two exception lists above can be used to override these.
 #
-bannedextensionlist = 'etc/e2guardian/lists/bannedextensionlist'
-bannedmimetypelist = 'etc/e2guardian/lists/bannedmimetypelist'
+bannedextensionlist = '/etc/e2guardian/lists/bannedextensionlist'
+bannedmimetypelist = '/etc/e2guardian/lists/bannedmimetypelist'
 #
 # In either file filtering mode, the following list can be used to override
 # MIME type & extension blocks for particular domains & URLs (trusted download sites).
 #
-exceptionfilesitelist = 'etc/e2guardian/lists/exceptionfilesitelist'
-exceptionfileurllist = 'etc/e2guardian/lists/exceptionfileurllist'
+exceptionfilesitelist = '/etc/e2guardian/lists/exceptionfilesitelist'
+exceptionfileurllist = '/etc/e2guardian/lists/exceptionfileurllist'
 
 # POST protection (web upload and forms)
 # does not block forms without any file upload, i.e. this is just for
@@ -108,9 +108,9 @@ maxuploadsize = -1
 # Supply categorised lists here and the category string shall be logged against
 # matching requests, but matching these lists does not perform any filtering
 # action.
-#logsitelist = 'etc/e2guardian/lists/logsitelist'
-#logurllist = 'etc/e2guardian/lists/logurllist'
-#logregexpurllist = 'etc/e2guardian/lists/logregexpurllist'
+#logsitelist = '/etc/e2guardian/lists/logsitelist'
+#logurllist = '/etc/e2guardian/lists/logurllist'
+#logregexpurllist = '/etc/e2guardian/lists/logregexpurllist'
 
 # Outgoing HTTP header rules:
 # Optional lists for blocking based on, and modification of, outgoing HTTP
@@ -121,9 +121,9 @@ maxuploadsize = -1
 # Headers are matched/replaced on a line-by-line basis, not as a contiguous
 # block.
 # Use for example, to remove cookies or prevent certain user-agents.
-headerregexplist = 'etc/e2guardian/lists/headerregexplist'
-bannedregexpheaderlist = 'etc/e2guardian/lists/bannedregexpheaderlist'
-addheaderregexplist = 'etc/e2guardian/lists/addheaderregexplist'
+headerregexplist = '/etc/e2guardian/lists/headerregexplist'
+bannedregexpheaderlist = '/etc/e2guardian/lists/bannedregexpheaderlist'
+addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist'
 
 # Weighted phrase mode
 # Optional; overrides the weightedphrasemode option in e2guardian.conf
@@ -166,11 +166,11 @@ naughtynesslimit = 50
 # List of regular expressions for matching search engine URLs.  It is assumed
 # that the search terms themselves will be contained in the
 # of output of each expression.
-#searchregexplist = 'etc/e2guardian/lists/searchregexplist'
+#searchregexplist = '/etc/e2guardian/lists/searchregexplist'
 #
 # Banned Search Term list(s) for option 1
-#bannedsearchlist = 'etc/e2guardian/lists/bannedsearchlist'
-#bannedsearchoveridelist = 'etc/e2guardian/lists/bannedsearchoveridelist'
+#bannedsearchlist = '/etc/e2guardian/lists/bannedsearchlist'
+#bannedsearchoveridelist = '/etc/e2guardian/lists/bannedsearchoveridelist'
 
 
 # Search term limit (for Option 2)
@@ -192,9 +192,9 @@ naughtynesslimit = 50
 # of text.
 # Please note that all or none of the below should be uncommented, not a
 # mixture.
-#bannedsearchtermlist = 'etc/e2guardian/lists/bannedsearchtermlist'
-#weightedsearchtermlist = 'etc/e2guardian/lists/weightedsearchtermlist'
-#exceptionsearchtermlist = 'etc/e2guardian/lists/exceptionsearchtermlist'
+#bannedsearchtermlist = '/etc/e2guardian/lists/bannedsearchtermlist'
+#weightedsearchtermlist = '/etc/e2guardian/lists/weightedsearchtermlist'
+#exceptionsearchtermlist = '/etc/e2guardian/lists/exceptionsearchtermlist'
 
 # Category display threshold
 # This option only applies to pages blocked by weighted phrase filtering.
@@ -330,12 +330,12 @@ reportinglevel = 3
 # only used in reporting level 3.
 #
 # The default template file path is <languagedir>/<language>/template.h
-# e.g. share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
+# e.g. /share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
 # language.
 #
 # This option generates a file path of the form:
 # <languagedir>/<language>/<htmltemplate>
-# e.g. share/e2guardian/languages/ukenglish/custom.html
+# e.g. /share/e2guardian/languages/ukenglish/custom.html
 #
 #htmltemplate = 'custom.html'
 
@@ -420,7 +420,11 @@ reportinglevel = 3
 sslcertcheck = off
 
 #SSL man in the middle
-# Forge ssl certificates for all sites, decrypt the data then re encrypt it
+# Forge ssl certificates for all non-exception sites, decrypt the data then re encrypt it
 # using a different private key. Used to filter ssl sites
 sslmitm = off
 
+#Limit SSL MITM to sites in greysslsitelist(s)
+# ignored if  sslmitm is off
+# SSL sites not matching greysslsitelist will be treat as if sslmitm is off.
+onlymitmsslgrey = off