1 |
%define rname squidGuard |
2 |
|
3 |
%define _requires_exceptions perl( |
4 |
%define _provides_exceptions perl( |
5 |
|
6 |
Summary: Filter, redirector and access controller plugin for Squid |
7 |
Name: squidguard |
8 |
Version: 1.4 |
9 |
Release: %mkrel 14 |
10 |
License: GPL |
11 |
Group: System/Servers |
12 |
URL: http://www.squidguard.org |
13 |
Source0: http://www.squidguard.org/Downloads/%{rname}-%{version}.tar.gz |
14 |
Source1: %{rname}.conf.sample |
15 |
Source2: blacklists-readme |
16 |
Source3: %{rname}.cgi |
17 |
Source4: nulbanner.png |
18 |
Source5: blacklist-update |
19 |
Source6: %{rname}.logrotate |
20 |
Patch0: squidGuard-1.2.0.default_dir.patch |
21 |
Patch1: squidGuard-DESTDIR.diff |
22 |
Patch2: squidGuard-1.4-make_default_config_work.diff |
23 |
Patch3: squidGuard-1.4-dnsbl.patch |
24 |
Patch4: squidGuard-1.4-CVE-2009-3700.diff |
25 |
Patch5: squidGuard-1.4-CVE-2009-3826.diff |
26 |
Patch6: squidGuard-1.4-quoted_string_support.diff |
27 |
Patch7: squidGuard-1.4-specialchars.diff |
28 |
|
29 |
BuildRequires: bison |
30 |
BuildRequires: db4-devel |
31 |
BuildRequires: flex |
32 |
BuildRequires: openldap-devel |
33 |
Requires: squid |
34 |
Provides: squidGuard = %{version} |
35 |
Obsoletes: squidGuard |
36 |
Buildroot: %{_tmppath}/%{rname}-%{version}-%{release}-buildroot |
37 |
|
38 |
%description |
39 |
SquidGuard is a combined filter, redirector and access controller plugin for |
40 |
Squid. It is free, very flexible, extremely fast, easily installed, portable. |
41 |
SquidGuard can be used to |
42 |
- limit the web access for some users to a list of accepted/well known web |
43 |
servers and/or URLs only. |
44 |
- block access to some listed or blacklisted web servers and/or URLs for |
45 |
some users. |
46 |
- block access to URLs matching a list of regular expressions or words for |
47 |
some users. |
48 |
- enforce the use of domainnames/prohibit the use of IP address in URLs. |
49 |
- redirect blocked URLs to an "intelligent" CGI based info page. |
50 |
- redirect unregistered user to a registration form. |
51 |
- redirect popular downloads like Netscape, MSIE etc. to local copies. |
52 |
- redirect banners to an empty GIF. |
53 |
- have different access rules based on time of day, day of the week, date |
54 |
etc. |
55 |
- have different rules for different user groups. |
56 |
|
57 |
Neither squidGuard nor Squid can be used to |
58 |
|
59 |
- filter/censor/edit text inside documents |
60 |
- filter/censor/edit embeded scripting languages |
61 |
like JavaScript or VBscript inside HTML |
62 |
|
63 |
|
64 |
%prep |
65 |
|
66 |
%setup -q -n %{rname}-%{version} |
67 |
|
68 |
# fix attribs |
69 |
find . -type d -perm 0750 -exec chmod 755 {} \; |
70 |
find . -type f -perm 0640 -exec chmod 644 {} \; |
71 |
|
72 |
%patch0 -p1 |
73 |
%patch1 -p0 |
74 |
%patch2 -p0 |
75 |
%patch3 -p1 |
76 |
%patch4 -p0 -b .CVE-2009-3700 |
77 |
%patch5 -p1 -b .CVE-2009-3826 |
78 |
%patch6 -p2 -b .quotes |
79 |
%patch7 -p1 -b .special_chars |
80 |
|
81 |
cp %{SOURCE6} %{rname}.logrotate |
82 |
|
83 |
%build |
84 |
%serverbuild |
85 |
|
86 |
%configure2_5x \ |
87 |
--with-ldap \ |
88 |
--with-sg-config=%{_sysconfdir}/squid/%{rname}.conf \ |
89 |
--with-sg-logdir=/var/log/squidGuard \ |
90 |
--with-sg-dbhome=%{_datadir}/%{rname}-%{version}/db |
91 |
|
92 |
%make |
93 |
|
94 |
%install |
95 |
rm -rf %{buildroot} |
96 |
|
97 |
Q=%{buildroot}%{_datadir}/%{rname}-%{version} |
98 |
|
99 |
install -d %{buildroot}%{_sysconfdir}/squid |
100 |
install -d %{buildroot}%{_sysconfdir}/logrotate.d |
101 |
install -d %{buildroot}/var/log/squidGuard |
102 |
install -d %{buildroot}/var/www/cgi-bin |
103 |
install -d %{buildroot}%{_bindir} |
104 |
install -d %{buildroot}%{_datadir}/%{rname}-%{version}/contrib |
105 |
install -d %{buildroot}%{_datadir}/%{rname}-%{version}/db/{advertising,bannedsource,banneddestination} |
106 |
install -d %{buildroot}%{_datadir}/%{rname}-%{version}/db/{timerestriction,lansource,privilegedsource} |
107 |
install -d %{buildroot}%{_datadir}/%{rname}-%{version}/db/{porn,adult,audio-video,forums,hacking,redirector} |
108 |
install -d %{buildroot}%{_datadir}/%{rname}-%{version}/db/{warez,ads,aggressive,drugs,gambling,publicite,violence} |
109 |
|
110 |
%makeinstall_std SQUIDUSER="`id -nu`" |
111 |
|
112 |
install -m0644 %{rname}.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{rname} |
113 |
|
114 |
touch $Q/db/advertising/{domains,urls} |
115 |
touch $Q/db/banneddestination/{domains,urls,expressions} |
116 |
touch $Q/db/bannedsource/ips |
117 |
touch $Q/db/lansource/lan |
118 |
touch $Q/db/timerestriction/lan |
119 |
touch $Q/db/privilegedsource/ips |
120 |
|
121 |
# the blacklists default directories (Fabrice Pringent's one) |
122 |
touch $Q/db/porn/{domains,urls,expressions} |
123 |
touch $Q/db/adult/{domains,urls,expressions} |
124 |
touch $Q/db/audio-video/{domains,urls} |
125 |
touch $Q/db/forums/{domains,urls,expressions} |
126 |
touch $Q/db/hacking/{domains,urls} |
127 |
touch $Q/db/redirector/{domains,urls,expressions} |
128 |
touch $Q/db/warez/{domains,urls} |
129 |
touch $Q/db/ads/{domains,urls} |
130 |
touch $Q/db/aggressive/{domains,urls} |
131 |
touch $Q/db/drugs/{domains,urls} |
132 |
touch $Q/db/gambling/{domains,urls} |
133 |
touch $Q/db/publicite/{domains,urls,expressions} |
134 |
touch $Q/db/violence/{domains,urls,expressions} |
135 |
|
136 |
cd samples/dest/ |
137 |
tar xzf blacklists.tar.gz |
138 |
cp -af blacklists/* $Q/db |
139 |
cd - |
140 |
|
141 |
cp -a contrib/hostbyname/hostbyname $Q/contrib/ |
142 |
cp -a contrib/sgclean/sgclean $Q/contrib/ |
143 |
cp -a contrib/squidGuardRobot/{squidGuardRobot,RobotUserAgent.pm} $Q/contrib/ |
144 |
|
145 |
cp -a samples/dest $Q/samples |
146 |
cp -a samples/*{.conf,.cgi} $Q/samples |
147 |
|
148 |
cp -a %{SOURCE2} . |
149 |
cp -a %{SOURCE5} . |
150 |
|
151 |
rm -rf $Q/test/test*.conf.* |
152 |
|
153 |
# default config files |
154 |
# log & error files |
155 |
touch %{buildroot}/var/log/%{rname}/%{rname}.{log,error} |
156 |
touch %{buildroot}/var/log/%{rname}/advertising.log |
157 |
|
158 |
# conf file |
159 |
install %{SOURCE1} %{buildroot}/etc/squid/%{rname}.conf.sample |
160 |
cp -af %{SOURCE3} %{SOURCE4} %{buildroot}/var/www/cgi-bin |
161 |
rm -rf %{buildroot}%{_datadir}/%{rname}-%{version}/samples/dest |
162 |
|
163 |
# cleanup |
164 |
rm -rf %{buildroot}%{_prefix}/squidGuard |
165 |
|
166 |
# fix attribs |
167 |
find %{buildroot} -type d -perm 0750 -exec chmod 755 {} \; |
168 |
find %{buildroot} -type f -perm 0640 -exec chmod 644 {} \; |
169 |
|
170 |
%preun |
171 |
if [ $1 = 0 ] ; then |
172 |
rm -f /var/log/squidGuard/* |
173 |
fi |
174 |
|
175 |
%post |
176 |
rm -rf `find %{_datadir}/%{rname}-%{version}/db |grep "\.db"` |
177 |
%{_bindir}/%{rname} -c %{_sysconfdir}/squid/%{rname}.conf.sample -C all |
178 |
for i in privilegedsource bannedsource timerestriction lansource banneddestination advertising; do |
179 |
rm -rf /usr/share/%{rname}-%{version}/db/$i/*.db |
180 |
done |
181 |
chown -R squid:squid /usr/share/%{rname}-%{version}/db |
182 |
|
183 |
echo "WARNING !!! WARNING !!! WARNING !!! WARNING !!!" |
184 |
echo "" |
185 |
echo "Modify the following line in the /etc/squid/squid.conf file:" |
186 |
echo "url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf" |
187 |
|
188 |
%postun |
189 |
if [ "$1" = "0" ]; then |
190 |
rm -rf %{_datadir}/%{rname}-%{version} |
191 |
fi |
192 |
|
193 |
%triggerun -- squidGuard <= 1.2.0-13mdv2007.1 |
194 |
mv %{_datadir}/%{rname}-%{version} %{_datadir}/%{rname}-%{version}.bk |
195 |
|
196 |
%triggerpostun -- squidGuard <= 1.2.0-13mdv2007.1 |
197 |
mv %{_datadir}/%{rname}-%{version}.bk %{_datadir}/%{rname}-%{version} |
198 |
|
199 |
%clean |
200 |
rm -rf %{buildroot} |
201 |
|
202 |
%files |
203 |
%defattr(-,root,root) |
204 |
%doc COPYING GPL README README.LDAP ANNOUNCE CHANGELOG blacklists-readme doc/*.{html,gif,txt} |
205 |
%config(noreplace) %{_sysconfdir}/squid/* |
206 |
%config(noreplace) %{_sysconfdir}/logrotate.d/%{rname} |
207 |
%{_bindir}/* |
208 |
%attr(0755,apache,apache) /var/www/cgi-bin/*.cgi |
209 |
%attr(0755,apache,apache) /var/www/cgi-bin/*.png |
210 |
%{_datadir}/%{rname}-%{version}/contrib |
211 |
%{_datadir}/%{rname}-%{version}/samples |
212 |
%{_datadir}/%{rname}-%{version}/db |
213 |
%dir %attr(-,squid,squid)/var/log/%{rname} |
214 |
%attr(-,squid,squid)/var/log/%{rname}/* |
215 |
|
216 |
|