squidguard: new recipe

squidGuard is a combined filter, redirector and access controller plugin
for Squid.

Signed-off-by: Roman I Khimov <khimov@altell.ru>

diff --git a/recipes/squidguard/squidguard-1.4/squidGuard.conf b/recipes/squidguard/squidguard-1.4/squidGuard.conf
new file mode 100644 (file)
index 0000000..6eee790
--- /dev/null
+++ b/recipes/squidguard/squidguard-1.4/squidGuard.conf
@@ -0,0 +1,83 @@
+#
+# CONFIG FILE FOR SQUIDGUARD
+#
+
+dbhome /var/lib/squidguard/db
+logdir /var/log/squid
+
+#
+# TIME RULES:
+# abbrev for weekdays: 
+# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
+
+time workhours {
+       weekly mtwhf 08:00 - 16:30
+       date *-*-01  08:00 - 16:30
+}
+
+#
+# REWRITE RULES:
+#
+
+rew dmz {
+       s@://admin/@://admin.foo.bar.de/@i
+       s@://foo.bar.de/@://www.foo.bar.de/@i
+}
+
+#
+# SOURCE ADDRESSES:
+#
+
+src admin {
+       ip              1.2.3.4 1.2.3.5
+       user            root foo bar
+       within          workhours
+}
+
+src foo-clients {
+       ip              172.16.2.32-172.16.2.100 172.16.2.100 172.16.2.200
+}
+
+src bar-clients {
+       ip              172.16.4.0/26
+}
+
+#
+# DESTINATION CLASSES:
+#
+
+dest good {
+}
+
+dest local {
+}
+
+dest adult {
+       domainlist      dest/adult/domains
+       urllist         dest/adult/urls
+       expressionlist  dest/adult/expressions
+       redirect        http://admin.foo.bar.de/cgi/blocked?clientaddr=%a+clientname=%n+clientuser=%i+clientgroup=%s+targetgroup=%t+url=%u
+}
+
+
+acl {
+       admin {
+               pass     any
+       }
+
+       foo-clients within workhours {
+               pass     good !in-addr !adult any
+       } else {
+               pass any
+       }
+
+       bar-clients {
+               pass    local none
+       }
+
+       default {
+               pass     local none
+               rewrite  dmz
+               redirect http://admin.foo.bar.de/cgi/blocked?clientaddr=%a+clientname=%n+clientuser=%i+clientgroup=%s+targetgroup=%t+url=%u
+       }
+}

diff --git a/recipes/squidguard/squidguard-1.4/squidguard-1.4-fix-parallel-build.patch b/recipes/squidguard/squidguard-1.4/squidguard-1.4-fix-parallel-build.patch
new file mode 100644 (file)
index 0000000..3fe50ce
--- /dev/null
+++ b/recipes/squidguard/squidguard-1.4/squidguard-1.4-fix-parallel-build.patch
@@ -0,0 +1,13 @@
+Index: squidGuard-1.4/src/Makefile.in
+===================================================================
+--- squidGuard-1.4.orig/src/Makefile.in        2010-02-10 12:48:28.000000000 +0300
++++ squidGuard-1.4/src/Makefile.in     2010-02-10 12:50:43.000000000 +0300
+@@ -110,6 +110,8 @@
+       mv -f y.tab.c y.tab.c.bison
+       mv -f y.tab.h y.tab.h.bison
+ 
++sg.l: y.tab.h
++
+ #
+ # Dependencies for installing
+ #

diff --git a/recipes/squidguard/squidguard-1.4/squidguard-1.4-no_header_checks.patch b/recipes/squidguard/squidguard-1.4/squidguard-1.4-no_header_checks.patch
new file mode 100644 (file)
index 0000000..acd4959
--- /dev/null
+++ b/recipes/squidguard/squidguard-1.4/squidguard-1.4-no_header_checks.patch
@@ -0,0 +1,270 @@
+--- a/configure.in     2009-02-06 13:41:23.015147047 +0300
++++ b/configure.in     2009-02-06 13:41:42.203146296 +0300
+@@ -118,27 +118,27 @@ dnl Checks for header files.
+ dnl
+ 
+ AC_HEADER_STDC
+-AC_CHECK_HEADERS(db.h regex.h unistd.h)
+-
+-AC_CHECK_HEADER(db.h,,[
+-      echo
+-      echo "** No db.h found"
+-      echo "   The Berkley DB library is required for squidGuard"
+-      echo "   to compile. Get it from http://www.oracle.com"
+-      echo "   use --with-db=DIR or --with-db-inc=DIR to specify"
+-      echo "   its location. (default is $dbprefix/BerkeleyDB)"
+-      echo
+-      exit 1
+-       ])
+-
+-if test $HAVE_REGEX.H = no; then
+-      echo 
+-      echo "** No regex.h found"
+-      echo "   The regexp library is required for squidGuard"
+-      echo "   to compile. Get it from http://www.gnu.org"
+-      echo
+-      exit 1
+-fi
++#AC_CHECK_HEADERS(db.h regex.h unistd.h)
++#
++#AC_CHECK_HEADER(db.h,,[
++#     echo
++#     echo "** No db.h found"
++#     echo "   The Berkley DB library is required for squidGuard"
++#     echo "   to compile. Get it from http://www.oracle.com"
++#     echo "   use --with-db=DIR or --with-db-inc=DIR to specify"
++#     echo "   its location. (default is $dbprefix/BerkeleyDB)"
++#     echo
++#     exit 1
++#       ])
++#
++#if test $HAVE_REGEX.H = no; then
++#     echo 
++#     echo "** No regex.h found"
++#     echo "   The regexp library is required for squidGuard"
++#     echo "   to compile. Get it from http://www.gnu.org"
++#     echo
++#     exit 1
++#fi
+ 
+ dnl
+ dnl Checks if runtime logmessages shall be suppressed. Is --nolog given?
+@@ -294,115 +294,115 @@ AC_CHECK_LIB(pthread,pthread_create,,[
+        echo
+        ])
+ 
+-dnl Check DB
++#dnl Check DB
+ LIBS="$LIBS -ldb"
+-AC_RUN_IFELSE([
+-      #include <db.h>
+-      int main() 
+-      {
+-              int major, minor, patch;
+-              float ver;
+-#if DB_VERSION_MAJOR
+-                major = DB_VERSION_MAJOR;
+-                minor = DB_VERSION_MINOR;
+-                patch = DB_VERSION_PATCH;
+-#else
+-                db_version(&major, &minor, &patch);
+-#endif
+-              ver = major + ((float) minor / 1000);
+-                if (ver >= 2.006)
+-                      exit (0);
+-              exit (1);
+-      }       
+-      ], db_ok_version=yes, db_ok_version=no, db_ok_version=no)
+-
+-if test $db_ok_version = no; then
+-      echo
+-      echo "** The Berkley DB library version 2.6.4 or newer"
+-      echo "   is required. Get it from http://www.oracle.com"
+-      echo "   use --with-db=DIR or --with-db-inc=DIR, "
+-      echo "   --with-db-lib=DIR to specify its location"
+-      echo "   (default is $dbprefix/BerkeleyDB)"
+-      echo 
+-      exit 1;
+-fi
+-
+-AC_RUN_IFELSE([
+-      #include <db.h>
+-      int main() 
+-      {
+-              int major, minor, patch;
+-              float ver;
+-#if DB_VERSION_MAJOR
+-                major = DB_VERSION_MAJOR;
+-                minor = DB_VERSION_MINOR;
+-                patch = DB_VERSION_PATCH;
++#AC_RUN_IFELSE([
++#     #include <db.h>
++#     int main() 
++#     {
++#             int major, minor, patch;
++#             float ver;
++##if DB_VERSION_MAJOR
++#                major = DB_VERSION_MAJOR;
++#                minor = DB_VERSION_MINOR;
++#                patch = DB_VERSION_PATCH;
+ #else
+-                db_version(&major, &minor, &patch);
+-#endif
+-              ver = major + ((float) minor / 1000);
+-                if (ver > 2.007 && ver < 3.002)
+-                      exit (1);
+-              exit (0);
+-      }       
+-      ], db_ok_version=yes, db_ok_version=no, db_ok_version=no)
+-
+-if test $db_ok_version = no; then
+-      echo
+-      echo "** The Berkley DB library version 3.2.* or newer"
+-      echo "   is required, when using 3.* versions of the library"
+-      echo "   Get it from http://www.oracle.com"
+-      echo "   use --with-db=DIR or --with-db-inc=DIR, "
+-      echo "   --with-db-lib=DIR to specify its location"
+-      echo "   (default is $dbprefix/BerkeleyDB)"
+-      echo 
+-      exit 1;
+-fi
+-
+-AC_RUN_IFELSE([
+-      #include <db.h>
+-      int main() 
+-      {
+-              int major, minor, patch;
+-              float ver;
+-#if DB_VERSION_MAJOR
+-                major = DB_VERSION_MAJOR;
+-                minor = DB_VERSION_MINOR;
+-                patch = DB_VERSION_PATCH;
+-#else
+-                db_version(&major, &minor, &patch);
+-#endif
+-              ver = major + ((float) minor / 1000);
+-                if (ver >= 3.002)
+-                      exit (0);
+-              exit (1);
+-      }       
+-      ], dbg2_ok_version=yes, dbg2_ok_version=no, dbg2_ok_version=no)
+-
++#                db_version(&major, &minor, &patch);
++##endif
++#             ver = major + ((float) minor / 1000);
++#                if (ver >= 2.006)
++#                     exit (0);
++#             exit (1);
++#     }       
++#     ], db_ok_version=yes, db_ok_version=no, db_ok_version=no)
++#
++#if test $db_ok_version = no; then
++#     echo
++#     echo "** The Berkley DB library version 2.6.4 or newer"
++#     echo "   is required. Get it from http://www.oracle.com"
++#     echo "   use --with-db=DIR or --with-db-inc=DIR, "
++#     echo "   --with-db-lib=DIR to specify its location"
++#     echo "   (default is $dbprefix/BerkeleyDB)"
++#     echo 
++#     exit 1;
++#fi
++#
++#AC_RUN_IFELSE([
++#     #include <db.h>
++#     int main() 
++#     {
++#             int major, minor, patch;
++#             float ver;
++##if DB_VERSION_MAJOR
++#                major = DB_VERSION_MAJOR;
++#                minor = DB_VERSION_MINOR;
++#                patch = DB_VERSION_PATCH;
++##else
++#                db_version(&major, &minor, &patch);
++##endif
++#             ver = major + ((float) minor / 1000);
++#                if (ver > 2.007 && ver < 3.002)
++#                     exit (1);
++#             exit (0);
++#     }       
++#     ], db_ok_version=yes, db_ok_version=no, db_ok_version=no)
++#
++#if test $db_ok_version = no; then
++#     echo
++#     echo "** The Berkley DB library version 3.2.* or newer"
++#     echo "   is required, when using 3.* versions of the library"
++#     echo "   Get it from http://www.oracle.com"
++#     echo "   use --with-db=DIR or --with-db-inc=DIR, "
++#     echo "   --with-db-lib=DIR to specify its location"
++#     echo "   (default is $dbprefix/BerkeleyDB)"
++#     echo 
++#     exit 1;
++#fi
++#
++#AC_RUN_IFELSE([
++#     #include <db.h>
++#     int main() 
++#     {
++#             int major, minor, patch;
++#             float ver;
++##if DB_VERSION_MAJOR
++#                major = DB_VERSION_MAJOR;
++#                minor = DB_VERSION_MINOR;
++#                patch = DB_VERSION_PATCH;
++##else
++#                db_version(&major, &minor, &patch);
++##endif
++#             ver = major + ((float) minor / 1000);
++#                if (ver >= 3.002)
++#                     exit (0);
++#             exit (1);
++#     }       
++#     ], dbg2_ok_version=yes, dbg2_ok_version=no, dbg2_ok_version=no)
++#
+ if test $dbg2_ok_version = yes; then
+       AC_DEFINE(DB_VERSION_GT2)
+ fi
+ 
+-AC_RUN_IFELSE([
+-        #include <db.h>
+-        int main()
+-        {
+-                int major, minor, patch;
+-                float ver;
+-#if DB_VERSION_MAJOR
+-                major = DB_VERSION_MAJOR;
+-                minor = DB_VERSION_MINOR;
+-                patch = DB_VERSION_PATCH;
+-#else
+-                db_version(&major, &minor, &patch);
+-#endif
+-                ver = major + ((float) minor / 1000);
+-                if (ver >= 4.002)
+-                        exit (0);
+-                exit (1);
+-        }
+-        ], dbg3_ok_version=yes, dbg3_ok_version=no, dbg3_ok_version=no)
+-
++#AC_RUN_IFELSE([
++#        #include <db.h>
++#        int main()
++#        {
++#                int major, minor, patch;
++#                float ver;
++##if DB_VERSION_MAJOR
++#                major = DB_VERSION_MAJOR;
++#                minor = DB_VERSION_MINOR;
++#                patch = DB_VERSION_PATCH;
++##else
++#                db_version(&major, &minor, &patch);
++##endif
++#                ver = major + ((float) minor / 1000);
++#                if (ver >= 4.002)
++##                        exit (0);
++#                exit (1);
++#        }
++#        ], dbg3_ok_version=yes, dbg3_ok_version=no, dbg3_ok_version=no)
++#
+ if test $dbg3_ok_version = yes; then
+         AC_DEFINE(DB_VERSION_GT3)
+ fi

diff --git a/recipes/squidguard/squidguard-1.4/squidguard-cross-ldap.patch b/recipes/squidguard/squidguard-1.4/squidguard-cross-ldap.patch
new file mode 100644 (file)
index 0000000..6e2afb8
--- /dev/null
+++ b/recipes/squidguard/squidguard-1.4/squidguard-cross-ldap.patch
@@ -0,0 +1,13 @@
+Index: squidGuard-1.4/configure.in
+===================================================================
+--- squidGuard-1.4.orig/configure.in   2010-03-04 18:15:18.000000000 +0300
++++ squidGuard-1.4/configure.in        2010-03-04 18:15:32.000000000 +0300
+@@ -187,7 +187,7 @@
+ fi
+ if test "$with_ldap" = "yes"; then
+        AC_DEFINE(HAVE_LIBLDAP)
+-       AC_RUN_IFELSE([
++       AC_COMPILE_IFELSE([
+ 
+        #include <ldap.h>
+        int main()

diff --git a/recipes/squidguard/squidguard_1.4.bb b/recipes/squidguard/squidguard_1.4.bb
new file mode 100644 (file)
index 0000000..e77469f
--- /dev/null
+++ b/recipes/squidguard/squidguard_1.4.bb
@@ -0,0 +1,53 @@
+DESCRIPTION = "Squid URL redirector"
+HOMEPAGE = "http://www.squidguard.org/"
+SECTION = "network"
+DEPENDS = "virtual/db openldap mysql5 zlib"
+RDEPENDS += "squid"
+LICENSE = "GPL"
+PR = "r0"
+
+SRC_URI = " \
+       http://www.squidguard.org/Downloads/squidGuard-${PV}.tar.gz;name=tar \
+       file://squidguard-1.4-no_header_checks.patch;patch=1 \
+       file://squidguard-1.4-fix-parallel-build.patch;patch=1 \
+       file://squidguard-cross-ldap.patch;patch=1 \
+       file://squidGuard.conf \
+       "
+SRC_URI[tar.md5sum] = "de834150998c1386c30feae196f16b06"
+SRC_URI[tar.sha256sum] = "0711ce60b8e2bbba107b980fed446a88df35e1584b39f079c0cae54a172c5141"
+
+S = "${WORKDIR}/squidGuard-${PV}"
+
+EXTRA_OECONF += " \
+       --with-squiduser=nobody \
+       --with-db=${STAGING_INCDIR}/.. \
+       --with-sg-config=${sysconfdir}/squid/squidGuard.conf \
+       --with-sg-logdir=${localstatedir}/log/squid \
+       --with-sg-dbhome=${localstatedir}/lib/squidguard/db \
+       --with-ldap=yes \
+       --with-mysql=${STAGING_INCDIR}/.. \
+       "
+
+inherit autotools
+
+do_configure_prepend() {
+       export ac_cv_header_db_h=yes 
+       export db_ok_version=yes
+       export dbg3_ok_version=yes
+       export dbg2_ok_version=yes
+       cp src/config.h.in src/config.h.in.original
+}
+
+do_configure_append() {
+       mv src/config.h.in.original src/config.h.in
+       ./config.status
+}
+
+do_install() {
+       install -d ${D}${bindir}
+       install -d ${D}${sysconfdir}/squid
+       install -d ${D}${localstatedir}/log/squid
+       install -d ${D}${localstatedir}/lib/squidguard/db
+       install -m 0755 src/squidGuard ${D}${bindir}
+       install -m 0644 ${WORKDIR}/squidGuard.conf ${D}${sysconfdir}/squid/squidGuard.conf
+}