#!/usr/bin/perl
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
# Based on Steffen Schoch (sschoch@users.sourceforge.net)                     #
#                                                                             #
###############################################################################

use strict;
use IPC::Open2;
use IO::Handle;

# define here your redirectors (use a comma sperated list)
my $redirectors;

require '/var/ipfire/general-functions.pl';

my %proxysettings=();
$proxysettings{'ENABLE_FILTER'} = 'off';
$proxysettings{'ENABLE_CLAMAV'} = 'off';
$proxysettings{'ENABLE_UPDXLRATOR'} = 'off';
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);

# define here your redirectors (use a comma sperated list)
if ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/bin/squidclamav', '/usr/sbin/updxlrator' ];}
elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/bin/squidclamav' ];}
elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];}
elsif ( $proxysettings{'ENABLE_FILTER'} eq 'on' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidGuard' ];}
elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/bin/squidclamav', '/usr/sbin/updxlrator' ];}
elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'on' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'off' ){$redirectors = [ '/usr/bin/squidclamav' ];}
elsif ( $proxysettings{'ENABLE_FILTER'} eq 'off' && $proxysettings{'ENABLE_CLAMAV'} eq 'off' && $proxysettings{'ENABLE_UPDXLRATOR'} eq 'on' ){$redirectors = [ '/usr/sbin/updxlrator' ];}
else  { $redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];}

# Attention: keep in mind that the order of your redirectors is important.
# It doesn't make sense to scan for viruses on pages you restrict access to...
# So place first your tools which restrict access, then the tools which do the
# content filtering!

##### no need to change anything below this line #####

# init
$| = 1;
STDOUT->autoflush(1);
my $line;
my $return;
my $i;
my $debug=0; # enable only for debugging

if ($debug){
	writetolog("Urlfilter = ".$proxysettings{'ENABLE_FILTER'});
	writetolog("Clamav = ".$proxysettings{'ENABLE_CLAMAV'});
	writetolog("Updxlrator = ".$proxysettings{'ENABLE_UPDXLRATOR'});
	 }

# open progamms
my $pidlist = [];
my $rlist = [];
my $wlist = [];
for($i = 0; $i < @$redirectors; $i++) {
			 if ($debug){writetolog("Current redirector is ".$redirectors->[$i]);}
			 $pidlist->[$i] = open2($rlist->[$i], $wlist->[$i], $redirectors->[$i]);
}

# wait for data...
while($line = <>) {
        for($i = 0; $i < @$redirectors; $i++) {
                $wlist->[$i]->print($line);
                $return = $rlist->[$i]->getline;
                last if($return ne "\n" and $return ne $line);
		# break if redirector changes data
		if ( $return eq "Processing file and database" ){
			writetolog("Emergency - squidGuard not initialised please run squidGuard -C all");
			last;
		}
        }
        print $return;

		if ($debug){
			 chomp $line;
			 chomp $return;
			 if ( $line ne $return ){
				 writetolog("Requested ".$line."\nAnswer    ".$return);
			 }
		}
}
exit 0;

sub writetolog {
	my $log = shift;
	open(DATEI, ">>/var/log/squid/redirector_debug") || die "Unable to acces file /var/log/redirector_debug";
	print DATEI $log."\n";
	close(DATEI);
}
