#!/usr/bin/perl
#
# Squid-Plugin fuer URL-Filter
# ruft beim Erkennen von verdaechtigen Dateien, den VirenScanner auf
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program; if not, write to the Free Software
#    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
use strict;
use Config::General;
my $version    = "1.0.1";
my $lastchange = "07.10.04";

# STDIN und STDOUT ungebuffert
$| = 1;

#
# globale Variablen
#
my $configfile   = "/etc/squidvir";
my $confighandle = new Config::General(
	-ConfigFile           => "$configfile",
	-LowerCaseNames       => "true",
	-MergeDuplicateBlocks => "true"
  )
  || die("Fehler beim Öffnen der Configdatei $configfile: $!");
my %config      = $confighandle->getall();
my $redirecturl = $config{"redirecturl"};
my @filetypes   = @{ $config{"filetype"} };
my @whitelist   = @{ $config{"whitelist"} };
my $servername  = $config{"servername"};
@whitelist = ( $servername, @whitelist );

sub checkwhitelist {

	# steht die URL in der Whitelist?
	my $url = shift;

	foreach my $aktwhite (@whitelist) {
		if ( $url =~ /$aktwhite/ ) {
			return (1);
		}
	}

	return (0);
}

sub checkfiletype {

	# handelt es sich um einen angegebenen Dateityp?
	my $url = shift;

	foreach my $akttyp (@filetypes) {

		# für alle Dateitypen prüfen
		if ( $url =~ /\.$akttyp$/ ) {
			return (1);
		}
	}

	return (0);
}

# URLs kommen ueber Standard-Eingabe
MAINLOOP: while (<>) {
	my ($url) = split( /\s/, $_ );
	if ( checkfiletype($url) ) {

		# steht der Eintrag in der Whitelist?
		if ( !checkwhitelist($url) ) {

			# ist es nicht doch vielleicht ein CGI-Skript?
			if ( $url !~ /\?/ && $url !~ /\*/ ) {

				# kein CGI
				print "http://" . $servername . $redirecturl, "?url=$url\n";
				next MAINLOOP;
			}
		}
	}

	# kein verdächtiger Dateityp
	print "$url\n";
}