squidclamav: Remove package from IPFire as agreed in dev video call 3rd Jul 2023
Commit Message
- Removal of lfs file
- Removal of rootfile
- Removal of backup includes file
- Removal of three patches
- Removal of paks files
- Adjustment of make.sh to remove squidclamav
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/backup/includes/squidclamav | 1 -
config/rootfiles/packages/squidclamav | 14 --
config/squidclamav/squidclamav.conf | 39 ----
lfs/squidclamav | 95 ---------
make.sh | 1 -
src/paks/squidclamav/install.sh | 27 ---
src/paks/squidclamav/uninstall.sh | 28 ---
src/paks/squidclamav/update.sh | 53 -----
.../squidclamav-5.11-dont_use_ipv6.patch | 13 --
...av-5.11-source-address-parsing-issue.patch | 13 --
...uidclamav-5.11-squid-helper-protocol.patch | 185 ------------------
11 files changed, 469 deletions(-)
delete mode 100644 config/backup/includes/squidclamav
delete mode 100644 config/rootfiles/packages/squidclamav
delete mode 100644 config/squidclamav/squidclamav.conf
delete mode 100644 lfs/squidclamav
delete mode 100644 src/paks/squidclamav/install.sh
delete mode 100644 src/paks/squidclamav/uninstall.sh
delete mode 100644 src/paks/squidclamav/update.sh
delete mode 100644 src/patches/squidclamav-5.11-dont_use_ipv6.patch
delete mode 100644 src/patches/squidclamav-5.11-source-address-parsing-issue.patch
delete mode 100644 src/patches/squidclamav-5.11-squid-helper-protocol.patch
Comments
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
> - Removal of lfs file
> - Removal of rootfile
> - Removal of backup includes file
> - Removal of three patches
> - Removal of paks files
> - Adjustment of make.sh to remove squidclamav
>
> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
> ---
> config/backup/includes/squidclamav | 1 -
> config/rootfiles/packages/squidclamav | 14 --
> config/squidclamav/squidclamav.conf | 39 ----
> lfs/squidclamav | 95 ---------
> make.sh | 1 -
> src/paks/squidclamav/install.sh | 27 ---
> src/paks/squidclamav/uninstall.sh | 28 ---
> src/paks/squidclamav/update.sh | 53 -----
> .../squidclamav-5.11-dont_use_ipv6.patch | 13 --
> ...av-5.11-source-address-parsing-issue.patch | 13 --
> ...uidclamav-5.11-squid-helper-protocol.patch | 185 ------------------
> 11 files changed, 469 deletions(-)
> delete mode 100644 config/backup/includes/squidclamav
> delete mode 100644 config/rootfiles/packages/squidclamav
> delete mode 100644 config/squidclamav/squidclamav.conf
> delete mode 100644 lfs/squidclamav
> delete mode 100644 src/paks/squidclamav/install.sh
> delete mode 100644 src/paks/squidclamav/uninstall.sh
> delete mode 100644 src/paks/squidclamav/update.sh
> delete mode 100644 src/patches/squidclamav-5.11-dont_use_ipv6.patch
> delete mode 100644 src/patches/squidclamav-5.11-source-address-parsing-issue.patch
> delete mode 100644 src/patches/squidclamav-5.11-squid-helper-protocol.patch
>
> diff --git a/config/backup/includes/squidclamav b/config/backup/includes/squidclamav
> deleted file mode 100644
> index bacc23b67..000000000
> --- a/config/backup/includes/squidclamav
> +++ /dev/null
> @@ -1 +0,0 @@
> -/etc/squidclamav.conf
> diff --git a/config/rootfiles/packages/squidclamav b/config/rootfiles/packages/squidclamav
> deleted file mode 100644
> index 5976a0c47..000000000
> --- a/config/rootfiles/packages/squidclamav
> +++ /dev/null
> @@ -1,14 +0,0 @@
> -etc/squidclamav.conf
> -usr/bin/squidclamav
> -#usr/libexec/squidclamav
> -#usr/libexec/squidclamav/clwarn.cgi
> -#usr/libexec/squidclamav/clwarn.cgi.de_DE
> -#usr/libexec/squidclamav/clwarn.cgi.en_EN
> -#usr/libexec/squidclamav/clwarn.cgi.fr_FR
> -#usr/libexec/squidclamav/clwarn.cgi.pt_BR
> -#usr/libexec/squidclamav/clwarn.cgi.ru_RU
> -#usr/share/man/man1/squidclamav.1
> -#usr/share/squidclamav
> -#usr/share/squidclamav/README
> -var/ipfire/backup/addons/includes/squidclamav
> -srv/web/ipfire/html/clwarn.cgi
> diff --git a/config/squidclamav/squidclamav.conf b/config/squidclamav/squidclamav.conf
> deleted file mode 100644
> index 2b8f5dc02..000000000
> --- a/config/squidclamav/squidclamav.conf
> +++ /dev/null
> @@ -1,39 +0,0 @@
> -squid_ip 127.0.0.1
> -squid_port 800
> -#
> -logfile /var/log/squid/squidclamav.log
> -redirect http://127.0.0.1:81/clwarn.cgi
> -#
> -debug 0
> -stat 0
> -#
> -clamd_local /var/run/clamav/clamd
> -#clamd_ip 192.168.1.5
> -#clamd_port 3310
> -#
> -maxsize 5000000
> -maxredir 30
> -timeout 60
> -trust_cache 1
> -#
> -# Do not scan standard HTTP images
> -abort ^.*\.(ico|gif|png|jpg)$
> -abortcontent ^image\/.*$
> -#
> -# Do not scan text and javascript files
> -abort ^.*\.(css|xml|xsl|js|html|jsp)$
> -abortcontent ^text\/.*$
> -abortcontent ^application\/x-javascript$
> -#
> -# Do not scan streaming videos
> -abortcontent ^video\/mp4$
> -abortcontent ^video\/x-flv$
> -#
> -# Do not scan pdf and flash
> -#abort ^.*\.(pdf|swf)$
> -#
> -# Do not scan sequence of framed Microsoft Media Server (MMS) data packets
> -abortcontent ^.*application\/x-mms-framed.*$
> -#
> -# White list some sites
> -whitelist .*\.clamav.net
> diff --git a/lfs/squidclamav b/lfs/squidclamav
> deleted file mode 100644
> index 06133c5de..000000000
> --- a/lfs/squidclamav
> +++ /dev/null
> @@ -1,95 +0,0 @@
> -###############################################################################
> -# #
> -# IPFire.org - A linux based firewall #
> -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
> -# #
> -# This program is free software: you can redistribute it and/or modify #
> -# it under the terms of the GNU General Public License as published by #
> -# the Free Software Foundation, either version 3 of the License, or #
> -# (at your option) any later version. #
> -# #
> -# This program is distributed in the hope that it will be useful, #
> -# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> -# GNU General Public License for more details. #
> -# #
> -# You should have received a copy of the GNU General Public License #
> -# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> -# #
> -###############################################################################
> -
> -###############################################################################
> -# Definitions
> -###############################################################################
> -
> -include Config
> -
> -SUMMARY = Antivirus redirector for Squid based on ClamAv
> -
> -VER = 5.11
> -
> -THISAPP = squidclamav-$(VER)
> -DL_FILE = $(THISAPP).tar.gz
> -DL_FROM = $(URL_IPFIRE)
> -DIR_APP = $(DIR_SRC)/$(THISAPP)
> -TARGET = $(DIR_INFO)/$(THISAPP)
> -PROG = squidclamav
> -PAK_VER = 22
> -
> -DEPS = clamav
> -
> -SERVICES =
> -
> -###############################################################################
> -# Top-level Rules
> -###############################################################################
> -
> -objects = $(DL_FILE)
> -
> -$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> -
> -$(DL_FILE)_BLAKE2 = 5f180f49685df355c1f142beac6f10161830b6e274cc9efac81564010f751edead9afce6118ddb5308297b6d3eb621f97a567b4f9cf096e08df833f70e03d24f
> -
> -install : $(TARGET)
> -
> -check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> -
> -download :$(patsubst %,$(DIR_DL)/%,$(objects))
> -
> -b2 : $(subst %,%_BLAKE2,$(objects))
> -
> -dist:
> - @$(PAK)
> -
> -###############################################################################
> -# Downloading, checking, b2sum
> -###############################################################################
> -
> -$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> - @$(CHECK)
> -
> -$(patsubst %,$(DIR_DL)/%,$(objects)) :
> - @$(LOAD)
> -
> -$(subst %,%_BLAKE2,$(objects)) :
> - @$(B2SUM)
> -
> -###############################################################################
> -# Installation Details
> -###############################################################################
> -
> -$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> - @$(PREBUILD)
> - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> - $(UPDATE_AUTOMAKE)
> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/squidclamav-5.11-dont_use_ipv6.patch
> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/squidclamav-5.11-squid-helper-protocol.patch
> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/squidclamav-5.11-source-address-parsing-issue.patch
> - cd $(DIR_APP) && ./configure --prefix=/usr
> - cd $(DIR_APP) && make install
> - install -v -m 664 $(DIR_CONF)/squidclamav/squidclamav.conf /etc/squidclamav.conf
> - chown -v root:nobody /etc/squidclamav.conf
> - install -v -m 644 $(DIR_SRC)/config/backup/includes/squidclamav /var/ipfire/backup/addons/includes/squidclamav
> - chmod 755 /srv/web/ipfire/html/clwarn.cgi
> - @rm -rf $(DIR_APP)
> - @$(POSTBUILD)
> diff --git a/make.sh b/make.sh
> index db9ee9a97..57b6c6f15 100755
> --- a/make.sh
> +++ b/make.sh
> @@ -1532,7 +1532,6 @@ buildipfire() {
> lfsmake2 perl-Authen-SASL
> lfsmake2 perl-MIME-Lite
> lfsmake2 perl-Email-Date-Format
> - lfsmake2 squidclamav
> lfsmake2 vnstat
> lfsmake2 iw
> lfsmake2 wpa_supplicant
> diff --git a/src/paks/squidclamav/install.sh b/src/paks/squidclamav/install.sh
> deleted file mode 100644
> index 42bd5ba36..000000000
> --- a/src/paks/squidclamav/install.sh
> +++ /dev/null
> @@ -1,27 +0,0 @@
> -#!/bin/bash
> -############################################################################
> -# #
> -# This file is part of the IPFire Firewall. #
> -# #
> -# IPFire is free software; you can redistribute it and/or modify #
> -# it under the terms of the GNU General Public License as published by #
> -# the Free Software Foundation; either version 2 of the License, or #
> -# (at your option) any later version. #
> -# #
> -# IPFire is distributed in the hope that it will be useful, #
> -# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> -# GNU General Public License for more details. #
> -# #
> -# You should have received a copy of the GNU General Public License #
> -# along with IPFire; if not, write to the Free Software #
> -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> -# #
> -# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
> -# #
> -############################################################################
> -#
> -. /opt/pakfire/lib/functions.sh
> -extract_files
> -restore_backup ${NAME}
> -/etc/init.d/squid restart
> diff --git a/src/paks/squidclamav/uninstall.sh b/src/paks/squidclamav/uninstall.sh
> deleted file mode 100644
> index d2aa435e3..000000000
> --- a/src/paks/squidclamav/uninstall.sh
> +++ /dev/null
> @@ -1,28 +0,0 @@
> -#!/bin/bash
> -############################################################################
> -# #
> -# This file is part of the IPFire Firewall. #
> -# #
> -# IPFire is free software; you can redistribute it and/or modify #
> -# it under the terms of the GNU General Public License as published by #
> -# the Free Software Foundation; either version 2 of the License, or #
> -# (at your option) any later version. #
> -# #
> -# IPFire is distributed in the hope that it will be useful, #
> -# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> -# GNU General Public License for more details. #
> -# #
> -# You should have received a copy of the GNU General Public License #
> -# along with IPFire; if not, write to the Free Software #
> -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> -# #
> -# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
> -# #
> -############################################################################
> -#
> -. /opt/pakfire/lib/functions.sh
> -/etc/init.d/squid stop
> -make_backup ${NAME}
> -remove_files
> -/etc/init.d/squid start
> diff --git a/src/paks/squidclamav/update.sh b/src/paks/squidclamav/update.sh
> deleted file mode 100644
> index 43760856c..000000000
> --- a/src/paks/squidclamav/update.sh
> +++ /dev/null
> @@ -1,53 +0,0 @@
> -#!/bin/bash
> -############################################################################
> -# #
> -# This file is part of the IPFire Firewall. #
> -# #
> -# IPFire is free software; you can redistribute it and/or modify #
> -# it under the terms of the GNU General Public License as published by #
> -# the Free Software Foundation; either version 2 of the License, or #
> -# (at your option) any later version. #
> -# #
> -# IPFire is distributed in the hope that it will be useful, #
> -# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> -# GNU General Public License for more details. #
> -# #
> -# You should have received a copy of the GNU General Public License #
> -# along with IPFire; if not, write to the Free Software #
> -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> -# #
> -# Copyright (C) 2010 IPFire-Team <info@ipfire.org>. #
> -# #
> -############################################################################
> -#
> -. /opt/pakfire/lib/functions.sh
> -./uninstall.sh
> -extract_files
> -
> -VERSION=$(cat /opt/pakfire/db/installed/meta-squidclamav | grep Release | cut -d" " -f2)
> -
> -if [ "$VERSION" -gt "10" ]; then
> - restore_backup ${NAME}
> -fi
> -
> -if [ "$VERSION" -lt "11" ]; then
> - sed -e "s|logfile.*|logfile /var/log/squid/squidclamav.log|g" /etc/squidclamav.conf
> -fi
> -
> -if [ "$VERSION" -lt "16" ]; then
> - sed -i /etc/squidclamav.conf \
> - -e "s/proxy none//g" \
> - -e "s/^#squid_ip 127\.0\.0\.1/squid_ip 127\.0\.0\.1/g" \
> - -e "s/^#squid_port 3128/squid_port 800/g" \
> - -e "s/^#trust_cache 1/trust_cache 1/g"
> -
> - # Fix permissions.
> - chmod 664 /etc/squidclamav.conf
> - chown root.nobody /etc/squidclamav.conf
> -
> - # Regenerate configuration files.
> - perl /srv/web/ipfire/cgi-bin/proxy.cgi
> -fi
> -
> -/etc/init.d/squid restart
> diff --git a/src/patches/squidclamav-5.11-dont_use_ipv6.patch b/src/patches/squidclamav-5.11-dont_use_ipv6.patch
> deleted file mode 100644
> index 45889625f..000000000
> --- a/src/patches/squidclamav-5.11-dont_use_ipv6.patch
> +++ /dev/null
> @@ -1,13 +0,0 @@
> -diff -Nur a/src/squidclamav.c b/src/squidclamav.c
> ---- a/src/squidclamav.c 2012-10-29 09:46:06.000000000 +0100
> -+++ b/src/squidclamav.c 2013-07-06 19:10:56.375292374 +0200
> -@@ -413,6 +413,9 @@
> - /* Suppress error: SSL certificate problem, verify that the CA cert is OK */
> - curl_easy_setopt (eh, CURLOPT_SSL_VERIFYHOST, 0);
> - curl_easy_setopt (eh, CURLOPT_SSL_VERIFYPEER, 0);
> -+
> -+ /* Prevent squidclamav from using IPv6 - fix by Nico Prenzel */
> -+ curl_easy_setopt (eh, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
> - }
> - }
> - /* create a squidguard child process and setup pipes */
> diff --git a/src/patches/squidclamav-5.11-source-address-parsing-issue.patch b/src/patches/squidclamav-5.11-source-address-parsing-issue.patch
> deleted file mode 100644
> index 4031c733d..000000000
> --- a/src/patches/squidclamav-5.11-source-address-parsing-issue.patch
> +++ /dev/null
> @@ -1,13 +0,0 @@
> ---- squidclamav-5.11/src/pattern.c~ 2014-10-29 13:08:05.658143495 +0000
> -+++ squidclamav-5.11/src/pattern.c 2014-10-29 13:08:20.964642365 +0000
> -@@ -151,10 +151,6 @@
> - return 1;
> - }
> -
> -- /* extract source ipaddress and source fqdn */
> -- if (parseSourceAddress(in_buff.src_address, "/") != 0) {
> -- }
> --
> - if (debug != 0)
> - logit(log_file, "DEBUG Parsed request: %s %s/%s %s %s\n", in_buff.url, in_buff.ipaddress, in_buff.fqdn, in_buff.ident, in_buff.method);
> -
> diff --git a/src/patches/squidclamav-5.11-squid-helper-protocol.patch b/src/patches/squidclamav-5.11-squid-helper-protocol.patch
> deleted file mode 100644
> index e64bcafef..000000000
> --- a/src/patches/squidclamav-5.11-squid-helper-protocol.patch
> +++ /dev/null
> @@ -1,185 +0,0 @@
> -diff -Naur squidclamav-5.11.org/src/squidclamav.c squidclamav-5.11/src/squidclamav.c
> ---- squidclamav-5.11.org/src/squidclamav.c 2012-10-29 09:46:06.000000000 +0100
> -+++ squidclamav-5.11/src/squidclamav.c 2014-06-03 12:26:36.215696508 +0200
> -@@ -483,7 +483,7 @@
> - aren't appropriate, then just echo back the line from stdin */
> - if (buff_status == 1) {
> - logit(log_file, "DEBUG Invalid input buffer, aborting: %s\n", sbuff);
> -- puts("");
> -+ puts("BH message=\"Invalid input buffer\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -496,7 +496,7 @@
> - logit(log_file, "DEBUG No squidguard and no antivir check (TRUSTUSER match) for user: %s\n", in_buff.ident);
> - if (statit == 1)
> - timeit(g_start, "Total");
> -- puts("");
> -+ puts("ERR message=\"TRUSTUSER match\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -508,7 +508,7 @@
> - logit(log_file, "DEBUG No squidguard and no antivir check (TRUSTCLIENT match) for address: %s/%s\n",in_buff.ipaddress, in_buff.fqdn);
> - if (statit == 1)
> - timeit(g_start, "Total");
> -- puts("");
> -+ puts("ERR message=\"TRUSTCLIENT match\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -520,7 +520,7 @@
> - logit(log_file, "DEBUG No squidguard and no antivir check (WHITELIST match) for url: %s\n", in_buff.url);
> - if (statit == 1)
> - timeit(g_start, "Total");
> -- puts("");
> -+ puts("ERR message=\"WHITLIST match\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -536,7 +536,7 @@
> - if ((sockd = dconnect ()) < 0)
> - {
> - logit(log_file, "ERROR Can't connect to Clamd daemon, fallback to Squid.\n");
> -- puts("");
> -+ puts("BH message=\"Cannot connect to clamd\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -546,7 +546,7 @@
> - if (write (sockd, "zINSTREAM", 10) <= 0)
> - {
> - logit(log_file, "ERROR Can't write to Clamd socket.\n");
> -- puts("");
> -+ puts("BG message=\"Cannot write to clamd socket\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -614,8 +614,7 @@
> - logit(log_file, "Squid Cache purged of url %s.\n", in_buff.url);
> - }
> - }
> -- fprintf (stdout, "%s %s %s %s\n", urlredir,
> -- in_buff.src_address, in_buff.ident, in_buff.method);
> -+ fprintf (stdout, "OK rewrite-url=\"%s\"\n", urlredir);
> - fflush(stdout);
> - xfree(urlredir);
> - if (debug != 0)
> -@@ -675,7 +674,7 @@
> - continue operation (so that Squid still works!),
> - we simply echo stdin to stdout - i.e. "bridge mode" :-) */
> - if (bridge_mode == 1) {
> -- puts("");
> -+ puts("ERR message=\"brigde mode\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -685,7 +684,7 @@
> - if (buff_status == -1) {
> - if (debug > 2)
> - logit(log_file, "DEBUG method is not GET skipping virus scan.\n");
> -- puts("");
> -+ puts("ERR message=\"method is not GET skipping virus scan\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -699,7 +698,7 @@
> - timeit(g_start, "Total");
> -
> - /* no replacement for the URL was found */
> -- puts("");
> -+ puts("ERR message=\"ABORT match\"");
> - fflush(stdout);
> - continue;
> -
> -@@ -750,7 +749,7 @@
> - logit(log_file, "DEBUG HIT Cache found, trust cache enabled, skipping...\n");
> - if (statit == 1)
> - timeit(g_start, "Total");
> -- puts("");
> -+ puts("ERR message=\"cache hit found\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -762,7 +761,7 @@
> - logit(log_file, "ERROR No content length from url %s\n", in_buff.url);
> - if (statit == 1)
> - timeit(g_start, "Total");
> -- puts("");
> -+ puts("ERR message=\"no content length from URL\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -775,7 +774,7 @@
> - logit(log_file, "DEBUG No antivir check (Content length is upper than maxsize): %'.2f > %'.2f\n", usize, maxsize);
> - if (statit == 1)
> - timeit(g_start, "Total");
> -- puts("");
> -+ puts("ERR message=\"content length is upper than maxsize\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -787,7 +786,7 @@
> - in_buff.url);
> - if (statit == 1)
> - timeit(g_start, "Total");
> -- puts("");
> -+ puts("ERR message=\"no content type from URL\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -799,7 +798,7 @@
> - logit(log_file, "DEBUG No antivir check (ABORTCONTENT match) for content-type: %s\n", content_type);
> - if (statit == 1)
> - timeit(g_start, "Total");
> -- puts("");
> -+ puts("ERR message=\"ABORTCONTENT match\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -814,7 +813,7 @@
> - if ((sockd = dconnect ()) < 0)
> - {
> - logit(log_file, "ERROR Can't connect to Clamd daemon, fallback to Squid.\n");
> -- puts("");
> -+ puts("BH message=\"cannot connect clamd daemon\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -824,7 +823,7 @@
> - if (write (sockd, "zINSTREAM", 10) <= 0)
> - {
> - logit(log_file, "ERROR Can't write to Clamd socket.\n");
> -- puts("");
> -+ puts("BH message=\"cannot write to clamd socket\"");
> - fflush(stdout);
> - continue;
> - }
> -@@ -844,7 +843,7 @@
> - close (sockd);
> - if (debug > 1)
> - logit(log_file, "DEBUG Connection to clamd closed.\n");
> -- puts("");
> -+ puts("ERR message=\"connection to clamd closed\"");
> - fflush(stdout);
> - if (statit == 1)
> - timeit(g_start, "Total");
> -@@ -892,8 +891,7 @@
> - logit(log_file, "Squid Cache purged of url %s.\n", in_buff.url);
> - }
> - }
> -- fprintf (stdout, "%s %s %s %s\n", urlredir,
> -- in_buff.src_address, in_buff.ident, in_buff.method);
> -+ fprintf (stdout, "OK rewrite-url=\"%s\"\n", urlredir);
> - fflush(stdout);
> - xfree(urlredir);
> - if (debug != 0)
> -@@ -911,7 +909,7 @@
> - if (virusfound == 0) {
> - if (debug != 0)
> - logit(log_file, "DEBUG No virus detected.\n");
> -- puts("");
> -+ puts("ERR message=\"no virus detected\"");
> - fflush(stdout);
> - }
> - }
deleted file mode 100644
@@ -1 +0,0 @@
-/etc/squidclamav.conf
deleted file mode 100644
@@ -1,14 +0,0 @@
-etc/squidclamav.conf
-usr/bin/squidclamav
-#usr/libexec/squidclamav
-#usr/libexec/squidclamav/clwarn.cgi
-#usr/libexec/squidclamav/clwarn.cgi.de_DE
-#usr/libexec/squidclamav/clwarn.cgi.en_EN
-#usr/libexec/squidclamav/clwarn.cgi.fr_FR
-#usr/libexec/squidclamav/clwarn.cgi.pt_BR
-#usr/libexec/squidclamav/clwarn.cgi.ru_RU
-#usr/share/man/man1/squidclamav.1
-#usr/share/squidclamav
-#usr/share/squidclamav/README
-var/ipfire/backup/addons/includes/squidclamav
-srv/web/ipfire/html/clwarn.cgi
deleted file mode 100644
@@ -1,39 +0,0 @@
-squid_ip 127.0.0.1
-squid_port 800
-#
-logfile /var/log/squid/squidclamav.log
-redirect http://127.0.0.1:81/clwarn.cgi
-#
-debug 0
-stat 0
-#
-clamd_local /var/run/clamav/clamd
-#clamd_ip 192.168.1.5
-#clamd_port 3310
-#
-maxsize 5000000
-maxredir 30
-timeout 60
-trust_cache 1
-#
-# Do not scan standard HTTP images
-abort ^.*\.(ico|gif|png|jpg)$
-abortcontent ^image\/.*$
-#
-# Do not scan text and javascript files
-abort ^.*\.(css|xml|xsl|js|html|jsp)$
-abortcontent ^text\/.*$
-abortcontent ^application\/x-javascript$
-#
-# Do not scan streaming videos
-abortcontent ^video\/mp4$
-abortcontent ^video\/x-flv$
-#
-# Do not scan pdf and flash
-#abort ^.*\.(pdf|swf)$
-#
-# Do not scan sequence of framed Microsoft Media Server (MMS) data packets
-abortcontent ^.*application\/x-mms-framed.*$
-#
-# White list some sites
-whitelist .*\.clamav.net
deleted file mode 100644
@@ -1,95 +0,0 @@
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# Definitions
-###############################################################################
-
-include Config
-
-SUMMARY = Antivirus redirector for Squid based on ClamAv
-
-VER = 5.11
-
-THISAPP = squidclamav-$(VER)
-DL_FILE = $(THISAPP).tar.gz
-DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
-TARGET = $(DIR_INFO)/$(THISAPP)
-PROG = squidclamav
-PAK_VER = 22
-
-DEPS = clamav
-
-SERVICES =
-
-###############################################################################
-# Top-level Rules
-###############################################################################
-
-objects = $(DL_FILE)
-
-$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-
-$(DL_FILE)_BLAKE2 = 5f180f49685df355c1f142beac6f10161830b6e274cc9efac81564010f751edead9afce6118ddb5308297b6d3eb621f97a567b4f9cf096e08df833f70e03d24f
-
-install : $(TARGET)
-
-check : $(patsubst %,$(DIR_CHK)/%,$(objects))
-
-download :$(patsubst %,$(DIR_DL)/%,$(objects))
-
-b2 : $(subst %,%_BLAKE2,$(objects))
-
-dist:
- @$(PAK)
-
-###############################################################################
-# Downloading, checking, b2sum
-###############################################################################
-
-$(patsubst %,$(DIR_CHK)/%,$(objects)) :
- @$(CHECK)
-
-$(patsubst %,$(DIR_DL)/%,$(objects)) :
- @$(LOAD)
-
-$(subst %,%_BLAKE2,$(objects)) :
- @$(B2SUM)
-
-###############################################################################
-# Installation Details
-###############################################################################
-
-$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
- @$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- $(UPDATE_AUTOMAKE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/squidclamav-5.11-dont_use_ipv6.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/squidclamav-5.11-squid-helper-protocol.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/squidclamav-5.11-source-address-parsing-issue.patch
- cd $(DIR_APP) && ./configure --prefix=/usr
- cd $(DIR_APP) && make install
- install -v -m 664 $(DIR_CONF)/squidclamav/squidclamav.conf /etc/squidclamav.conf
- chown -v root:nobody /etc/squidclamav.conf
- install -v -m 644 $(DIR_SRC)/config/backup/includes/squidclamav /var/ipfire/backup/addons/includes/squidclamav
- chmod 755 /srv/web/ipfire/html/clwarn.cgi
- @rm -rf $(DIR_APP)
- @$(POSTBUILD)
@@ -1532,7 +1532,6 @@ buildipfire() {
lfsmake2 perl-Authen-SASL
lfsmake2 perl-MIME-Lite
lfsmake2 perl-Email-Date-Format
- lfsmake2 squidclamav
lfsmake2 vnstat
lfsmake2 iw
lfsmake2 wpa_supplicant
deleted file mode 100644
@@ -1,27 +0,0 @@
-#!/bin/bash
-############################################################################
-# #
-# This file is part of the IPFire Firewall. #
-# #
-# IPFire is free software; you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation; either version 2 of the License, or #
-# (at your option) any later version. #
-# #
-# IPFire is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with IPFire; if not, write to the Free Software #
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
-# #
-# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
-# #
-############################################################################
-#
-. /opt/pakfire/lib/functions.sh
-extract_files
-restore_backup ${NAME}
-/etc/init.d/squid restart
deleted file mode 100644
@@ -1,28 +0,0 @@
-#!/bin/bash
-############################################################################
-# #
-# This file is part of the IPFire Firewall. #
-# #
-# IPFire is free software; you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation; either version 2 of the License, or #
-# (at your option) any later version. #
-# #
-# IPFire is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with IPFire; if not, write to the Free Software #
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
-# #
-# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
-# #
-############################################################################
-#
-. /opt/pakfire/lib/functions.sh
-/etc/init.d/squid stop
-make_backup ${NAME}
-remove_files
-/etc/init.d/squid start
deleted file mode 100644
@@ -1,53 +0,0 @@
-#!/bin/bash
-############################################################################
-# #
-# This file is part of the IPFire Firewall. #
-# #
-# IPFire is free software; you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation; either version 2 of the License, or #
-# (at your option) any later version. #
-# #
-# IPFire is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with IPFire; if not, write to the Free Software #
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
-# #
-# Copyright (C) 2010 IPFire-Team <info@ipfire.org>. #
-# #
-############################################################################
-#
-. /opt/pakfire/lib/functions.sh
-./uninstall.sh
-extract_files
-
-VERSION=$(cat /opt/pakfire/db/installed/meta-squidclamav | grep Release | cut -d" " -f2)
-
-if [ "$VERSION" -gt "10" ]; then
- restore_backup ${NAME}
-fi
-
-if [ "$VERSION" -lt "11" ]; then
- sed -e "s|logfile.*|logfile /var/log/squid/squidclamav.log|g" /etc/squidclamav.conf
-fi
-
-if [ "$VERSION" -lt "16" ]; then
- sed -i /etc/squidclamav.conf \
- -e "s/proxy none//g" \
- -e "s/^#squid_ip 127\.0\.0\.1/squid_ip 127\.0\.0\.1/g" \
- -e "s/^#squid_port 3128/squid_port 800/g" \
- -e "s/^#trust_cache 1/trust_cache 1/g"
-
- # Fix permissions.
- chmod 664 /etc/squidclamav.conf
- chown root.nobody /etc/squidclamav.conf
-
- # Regenerate configuration files.
- perl /srv/web/ipfire/cgi-bin/proxy.cgi
-fi
-
-/etc/init.d/squid restart
deleted file mode 100644
@@ -1,13 +0,0 @@
-diff -Nur a/src/squidclamav.c b/src/squidclamav.c
---- a/src/squidclamav.c 2012-10-29 09:46:06.000000000 +0100
-+++ b/src/squidclamav.c 2013-07-06 19:10:56.375292374 +0200
-@@ -413,6 +413,9 @@
- /* Suppress error: SSL certificate problem, verify that the CA cert is OK */
- curl_easy_setopt (eh, CURLOPT_SSL_VERIFYHOST, 0);
- curl_easy_setopt (eh, CURLOPT_SSL_VERIFYPEER, 0);
-+
-+ /* Prevent squidclamav from using IPv6 - fix by Nico Prenzel */
-+ curl_easy_setopt (eh, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
- }
- }
- /* create a squidguard child process and setup pipes */
deleted file mode 100644
@@ -1,13 +0,0 @@
---- squidclamav-5.11/src/pattern.c~ 2014-10-29 13:08:05.658143495 +0000
-+++ squidclamav-5.11/src/pattern.c 2014-10-29 13:08:20.964642365 +0000
-@@ -151,10 +151,6 @@
- return 1;
- }
-
-- /* extract source ipaddress and source fqdn */
-- if (parseSourceAddress(in_buff.src_address, "/") != 0) {
-- }
--
- if (debug != 0)
- logit(log_file, "DEBUG Parsed request: %s %s/%s %s %s\n", in_buff.url, in_buff.ipaddress, in_buff.fqdn, in_buff.ident, in_buff.method);
-
deleted file mode 100644
@@ -1,185 +0,0 @@
-diff -Naur squidclamav-5.11.org/src/squidclamav.c squidclamav-5.11/src/squidclamav.c
---- squidclamav-5.11.org/src/squidclamav.c 2012-10-29 09:46:06.000000000 +0100
-+++ squidclamav-5.11/src/squidclamav.c 2014-06-03 12:26:36.215696508 +0200
-@@ -483,7 +483,7 @@
- aren't appropriate, then just echo back the line from stdin */
- if (buff_status == 1) {
- logit(log_file, "DEBUG Invalid input buffer, aborting: %s\n", sbuff);
-- puts("");
-+ puts("BH message=\"Invalid input buffer\"");
- fflush(stdout);
- continue;
- }
-@@ -496,7 +496,7 @@
- logit(log_file, "DEBUG No squidguard and no antivir check (TRUSTUSER match) for user: %s\n", in_buff.ident);
- if (statit == 1)
- timeit(g_start, "Total");
-- puts("");
-+ puts("ERR message=\"TRUSTUSER match\"");
- fflush(stdout);
- continue;
- }
-@@ -508,7 +508,7 @@
- logit(log_file, "DEBUG No squidguard and no antivir check (TRUSTCLIENT match) for address: %s/%s\n",in_buff.ipaddress, in_buff.fqdn);
- if (statit == 1)
- timeit(g_start, "Total");
-- puts("");
-+ puts("ERR message=\"TRUSTCLIENT match\"");
- fflush(stdout);
- continue;
- }
-@@ -520,7 +520,7 @@
- logit(log_file, "DEBUG No squidguard and no antivir check (WHITELIST match) for url: %s\n", in_buff.url);
- if (statit == 1)
- timeit(g_start, "Total");
-- puts("");
-+ puts("ERR message=\"WHITLIST match\"");
- fflush(stdout);
- continue;
- }
-@@ -536,7 +536,7 @@
- if ((sockd = dconnect ()) < 0)
- {
- logit(log_file, "ERROR Can't connect to Clamd daemon, fallback to Squid.\n");
-- puts("");
-+ puts("BH message=\"Cannot connect to clamd\"");
- fflush(stdout);
- continue;
- }
-@@ -546,7 +546,7 @@
- if (write (sockd, "zINSTREAM", 10) <= 0)
- {
- logit(log_file, "ERROR Can't write to Clamd socket.\n");
-- puts("");
-+ puts("BG message=\"Cannot write to clamd socket\"");
- fflush(stdout);
- continue;
- }
-@@ -614,8 +614,7 @@
- logit(log_file, "Squid Cache purged of url %s.\n", in_buff.url);
- }
- }
-- fprintf (stdout, "%s %s %s %s\n", urlredir,
-- in_buff.src_address, in_buff.ident, in_buff.method);
-+ fprintf (stdout, "OK rewrite-url=\"%s\"\n", urlredir);
- fflush(stdout);
- xfree(urlredir);
- if (debug != 0)
-@@ -675,7 +674,7 @@
- continue operation (so that Squid still works!),
- we simply echo stdin to stdout - i.e. "bridge mode" :-) */
- if (bridge_mode == 1) {
-- puts("");
-+ puts("ERR message=\"brigde mode\"");
- fflush(stdout);
- continue;
- }
-@@ -685,7 +684,7 @@
- if (buff_status == -1) {
- if (debug > 2)
- logit(log_file, "DEBUG method is not GET skipping virus scan.\n");
-- puts("");
-+ puts("ERR message=\"method is not GET skipping virus scan\"");
- fflush(stdout);
- continue;
- }
-@@ -699,7 +698,7 @@
- timeit(g_start, "Total");
-
- /* no replacement for the URL was found */
-- puts("");
-+ puts("ERR message=\"ABORT match\"");
- fflush(stdout);
- continue;
-
-@@ -750,7 +749,7 @@
- logit(log_file, "DEBUG HIT Cache found, trust cache enabled, skipping...\n");
- if (statit == 1)
- timeit(g_start, "Total");
-- puts("");
-+ puts("ERR message=\"cache hit found\"");
- fflush(stdout);
- continue;
- }
-@@ -762,7 +761,7 @@
- logit(log_file, "ERROR No content length from url %s\n", in_buff.url);
- if (statit == 1)
- timeit(g_start, "Total");
-- puts("");
-+ puts("ERR message=\"no content length from URL\"");
- fflush(stdout);
- continue;
- }
-@@ -775,7 +774,7 @@
- logit(log_file, "DEBUG No antivir check (Content length is upper than maxsize): %'.2f > %'.2f\n", usize, maxsize);
- if (statit == 1)
- timeit(g_start, "Total");
-- puts("");
-+ puts("ERR message=\"content length is upper than maxsize\"");
- fflush(stdout);
- continue;
- }
-@@ -787,7 +786,7 @@
- in_buff.url);
- if (statit == 1)
- timeit(g_start, "Total");
-- puts("");
-+ puts("ERR message=\"no content type from URL\"");
- fflush(stdout);
- continue;
- }
-@@ -799,7 +798,7 @@
- logit(log_file, "DEBUG No antivir check (ABORTCONTENT match) for content-type: %s\n", content_type);
- if (statit == 1)
- timeit(g_start, "Total");
-- puts("");
-+ puts("ERR message=\"ABORTCONTENT match\"");
- fflush(stdout);
- continue;
- }
-@@ -814,7 +813,7 @@
- if ((sockd = dconnect ()) < 0)
- {
- logit(log_file, "ERROR Can't connect to Clamd daemon, fallback to Squid.\n");
-- puts("");
-+ puts("BH message=\"cannot connect clamd daemon\"");
- fflush(stdout);
- continue;
- }
-@@ -824,7 +823,7 @@
- if (write (sockd, "zINSTREAM", 10) <= 0)
- {
- logit(log_file, "ERROR Can't write to Clamd socket.\n");
-- puts("");
-+ puts("BH message=\"cannot write to clamd socket\"");
- fflush(stdout);
- continue;
- }
-@@ -844,7 +843,7 @@
- close (sockd);
- if (debug > 1)
- logit(log_file, "DEBUG Connection to clamd closed.\n");
-- puts("");
-+ puts("ERR message=\"connection to clamd closed\"");
- fflush(stdout);
- if (statit == 1)
- timeit(g_start, "Total");
-@@ -892,8 +891,7 @@
- logit(log_file, "Squid Cache purged of url %s.\n", in_buff.url);
- }
- }
-- fprintf (stdout, "%s %s %s %s\n", urlredir,
-- in_buff.src_address, in_buff.ident, in_buff.method);
-+ fprintf (stdout, "OK rewrite-url=\"%s\"\n", urlredir);
- fflush(stdout);
- xfree(urlredir);
- if (debug != 0)
-@@ -911,7 +909,7 @@
- if (virusfound == 0) {
- if (debug != 0)
- logit(log_file, "DEBUG No virus detected.\n");
-- puts("");
-+ puts("ERR message=\"no virus detected\"");
- fflush(stdout);
- }
- }