View previous topic :: View next topic |
Author |
Message |
jaypeche Apprentice
Joined: 13 Jun 2007 Posts: 173 Location: France
|
Posted: Sun May 20, 2012 11:04 am Post subject: [SquidGuard] Script de mise à jour automatique pour Cron |
|
|
Un script simple que j'ai écrit pour la mise à jour de squidGuard, le principe est de lire le fichier de configuration de squidGuard et de télécharger via ftp://ftp.univ-tlse1.fr/blacklist, les bases dont j'ai besoin. Je décide de le partager sous GPLv2 , libre à vous de l'utiliser, le modifier, l'améliorer...
Fichier /etc/cron.weekly/squidGuard_AU.sh :
Code: | #!/bin/bash
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
DESCRIPTION="This script is used to update your SquidGuard database"
HOMEPAGE="http://www.squidguard.org"
SRC_URI="ftp://ftp.univ-tlse1.fr/blacklist"
DATABASE="/etc/squidGuard/db/blacklists"
CONFIGFILE="/etc/squidGuard/squidGuard.conf"
LOGFILE="/var/log/squidGuard"
BASES_TMP=`cat ${CONFIGFILE} | grep ^dest | awk '{print $2}' | sort -d`
BASES=( ${BASES_TMP} )
if [ "$EUID" != 0 ]; then
echo "This script must be run as root..."
exit 1
fi
for base in "${BASES[@]}"
do
echo "Downloading base ${base}..."
cd /tmp
wget --continue --quiet --timeout=30 ${SRC_URI}/${base}.tar.gz
tar -xvzf ${base}.tar.gz -C ${DATABASE}
rm /tmp/${base}.tar.gz
done
echo "Generating database.. This could take a while, please wait..."
/usr/bin/squidGuard -C all || exit 1
echo "Checking permissions..."
chown -R squid:squid ${DATABASE} ${LOGFILE}
/etc/init.d/squid reload
exit 0
|
Içi un extrait de mon /etc/squidGuard/squidGuard.conf sur lequel le script se base pour télécharger et générer les bases qui vont bien.
Code: | ##########################################
# Définition des blacklists #
##########################################
dest adult {
domainlist blacklists/adult/domains
urllist blacklists/adult/urls
log adult.log
}
dest phishing {
domainlist blacklists/phishing/domains
urllist blacklists/phishing/urls
log phishing.log
}
dest malware {
domainlist blacklists/malware/domains
urllist blacklists/malware/urls
log malware.log
}
dest publicite {
domainlist blacklists/publicite/domains
urllist blacklists/publicite/urls
log publicite.log
}
dest warez {
domainlist blacklists/warez/domains
urllist blacklists/warez/urls
log warez.log
}
|
Enjoy _________________ Gentoo Linux Rullez !
Last edited by jaypeche on Wed May 30, 2012 9:21 am; edited 3 times in total |
|
Back to top |
|
|
Poussin l33t
Joined: 08 Jun 2007 Posts: 659 Location: Liège
|
Posted: Sun May 20, 2012 1:19 pm Post subject: |
|
|
Je vois que tu en attribues la paternité à la Gentoo Foundation, c'est sympa ça... |
|
Back to top |
|
|
jaypeche Apprentice
Joined: 13 Jun 2007 Posts: 173 Location: France
|
Posted: Sun May 20, 2012 1:35 pm Post subject: |
|
|
Merçi _________________ Gentoo Linux Rullez ! |
|
Back to top |
|
|
404_crazy Tux's lil' helper
Joined: 22 Jan 2008 Posts: 145
|
Posted: Thu May 31, 2012 12:31 pm Post subject: |
|
|
Impec ! je l'ai adapté sur mon squid à moi ça tourne bien ! (peut être juste le mettre dans la section "Documentations, Astuces et Scripts") |
|
Back to top |
|
|
jaypeche Apprentice
Joined: 13 Jun 2007 Posts: 173 Location: France
|
Posted: Thu May 31, 2012 3:32 pm Post subject: |
|
|
Merçi pour le retour 404_crazy,
Quote: | peut être juste le mettre dans la section "Documentations, Astuces et Scripts" |
Je n'y avais pas pensé, ça peut être une bonne idée
On peut aussi supprimer le tri automatique sur le fichier de configuration, et setter la variable BASES à la main. Ce qui donne par exemple :
Code: | #BASES_TMP=`cat ${CONFIGFILE} | grep ^dest | awk '{print $2}' | sort -d`
#BASES=( ${BASES_TMP} )
BASES=(adult phishing malware) |
A adapter suivant la définition de vos ACLs dans /etc/squidGuard/squidGuard.conf _________________ Gentoo Linux Rullez ! |
|
Back to top |
|
|
jaypeche Apprentice
Joined: 13 Jun 2007 Posts: 173 Location: France
|
Posted: Fri Jun 15, 2012 3:10 pm Post subject: |
|
|
Version 0.0.2 :
* Preprocessing tests
* Reading the configuration automatically
* Error handling
* Color highlight
Code: | #!/bin/bash
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: https://raw.github.com/jaypeche/SquidGuarg_AU/master/SquidGuard_AU, v0.0.2 2012/06/24 16:53.23 jaypeche Exp $
DESCRIPTION="This script is used to update your SquidGuard database"
HOMEPAGE="http://www.squidguard.org"
SRC_URI="ftp://ftp.univ-tlse1.fr/blacklist"
DATABASE="/etc/squidGuard/db/blacklists"
CONFIGFILE="/etc/squidGuard/squidGuard.conf"
SQUIDPID="/var/run/squid.pid"
LOGFILE="/var/log/squidGuard"
echo
echo -e "\\033[1;32m * \\033[0;39m${DESCRIPTION}"
echo -e "\\033[1;32m * \\033[0;39mLook at \\033[1;34m${HOMEPAGE} \\033[0;39mfor more information"
echo -e "\\033[0;39m"
# Pre-processing tests
[[ $EUID != 0 ]] && echo -e "\a\\033[1;31m * \\033[1;39mWARNING: \\033[0;39mThis script must be run as root, exiting !" && exit 1
[[ ! -f ${CONFIGFILE} ]] && echo -e "\a\\033[1;31m * \\033[1;39mWARNING: \\033[0;39mThe configuration file ${CONFIGFILE} does not exist !" && exit 1
[[ ! -e ${SQUIDPID} ]] && echo -e "\a\\033[1;31m * \\033[1;39mWARNING: \\033[0;39mSquid is not running !" && exit 1
for base in $(cat ${CONFIGFILE} | grep ^dest | awk '{print $2}' | sort -d) # Parse squidGuard config file
do
echo -e "\\033[1;32m * \\033[0;39mDownloading base ${base} ..."
cd /tmp
wget --continue --quiet --timeout=30 ${SRC_URI}/${base}.tar.gz
if [ ! -e ${base}.tar.gz ]; then
echo
echo -e "\a\\033[1;31m * \\033[1;39mWARNING: \\033[0;39mThe base \"${base}\" was not found on this server ..."
echo " Please make your checks !"
exit 1
fi
tar -xvzf ${base}.tar.gz -C ${DATABASE}
rm /tmp/${base}.tar.gz
echo
done
echo -e "\\033[1;32m * \\033[0;39mGenerating database ... This could take a while, please wait ..."
/usr/bin/squidGuard -C all || exit 1
echo -e "\\033[1;32m * \\033[0;39mChecking permissions ..."
chown -R squid:squid ${DATABASE}
chown -R squid:squid ${LOGFILE}
/etc/init.d/squid reload
exit 0
|
_________________ Gentoo Linux Rullez ! |
|
Back to top |
|
|
truc Advocate
Joined: 25 Jul 2005 Posts: 3199
|
Posted: Mon Jul 02, 2012 6:59 am Post subject: |
|
|
Code: | for base in $(cat ${CONFIGFILE} | grep ^dest | awk '{print $2}' | sort -d) # Parse squidGuard config file
|
taratata....
UUOC comme on dit! Et c'est pas tout! Exercice du soir, réécrire cette ligne au moins sans le 'cat' et sans le 'grep'
Sinon, les couleurs, c'est cool, mais ça rend ton script un peu plus difficile à lire. Tu devrais peut-être te faire deux fonctions, style msg() et warn(), histoire d'aérer le tout? _________________ The End of the Internet! |
|
Back to top |
|
|
jaypeche Apprentice
Joined: 13 Jun 2007 Posts: 173 Location: France
|
Posted: Sat Jul 07, 2012 5:00 pm Post subject: |
|
|
En plus léger : Awk
Code: | for base in $(awk '$1 == "dest" { print $2 }' ${CONFIGFILE} | sort) # Parse squidGuard config file
do |
_________________ Gentoo Linux Rullez ! |
|
Back to top |
|
|
jaypeche Apprentice
Joined: 13 Jun 2007 Posts: 173 Location: France
|
Posted: Sun Jul 08, 2012 4:37 pm Post subject: |
|
|
Comme tu me le suggérais 'Truc' j'ai modifié le script pour aérer un peu le code ...
Code: | #!/bin/bash
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: https://raw.github.com/jaypeche/SquidGuarg_AU/master/SquidGuard_AU, v0.0.2 2012/07/12 14:02:38 jaypeche Exp $
DESCRIPTION="This script is used to update your SquidGuard database"
HOMEPAGE="http://www.squidguard.org"
SRC_URI="ftp://ftp.univ-tlse1.fr/blacklist"
DATABASE="/etc/squidGuard/db/blacklists"
CONFIGFILE="/etc/squidGuard/squidGuard.conf"
SQUIDPID="/var/run/squid.pid"
LOGFILE="/var/log/squidGuard"
# Highlight colors
MESG="\e[1;32m *\e[0;39m"
WARN="\a\e[1;31m *\e[0;39m"
echo
echo -e "$MESG ${DESCRIPTION}"
echo -e "$MESG Look at \e[1;34m${HOMEPAGE} \e[0;39mfor more information"
echo
# Pre-processing tests
[[ $EUID != 0 ]] && echo -e "$WARN WARNING: This script must be run as root, exiting !" && exit 1
[[ ! -f ${CONFIGFILE} ]] && echo -e "$WARN WARNING: The configuration file ${CONFIGFILE} does not exist !" && exit 1
[[ ! -e ${SQUIDPID} ]] && echo -e "$WARN WARNING: Squid is not running !" && exit 1
for base in $(awk '$1 == "dest" { print $2 }' ${CONFIGFILE} | sort) # Parse squidGuard config file
do
echo -e "$MESG Downloading base ${base} ..."
cd /tmp
wget --continue --quiet --timeout=30 ${SRC_URI}/${base}.tar.gz
if [ ! -e ${base}.tar.gz ]; then
echo
echo -e "$WARN WARNING: The base \"${base}\" was not found on this server ..."
echo " Please make your checks !"
exit 1
fi
tar -xvzf ${base}.tar.gz -C ${DATABASE}
rm /tmp/${base}.tar.gz
echo
done
echo -e "$MESG Generating database ... This could take a while, please wait ..."
/usr/bin/squidGuard -C all || exit 1
echo -e "$MESG Checking permissions ..."
chown -R squid:squid ${DATABASE} ${LOGFILE}
/etc/init.d/squid reload
exit 0
|
_________________ Gentoo Linux Rullez ! |
|
Back to top |
|
|
Possum Tux's lil' helper
Joined: 19 Jul 2003 Posts: 134 Location: Toulouse, France
|
Posted: Wed Oct 31, 2012 6:52 pm Post subject: |
|
|
Merci !
Essayé et adopté ! _________________ Marsupial Power Inside
Sauvez les arbres, mangez un castor ! |
|
Back to top |
|
|
|