-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathproxy.sh
More file actions
125 lines (94 loc) · 3.67 KB
/
proxy.sh
File metadata and controls
125 lines (94 loc) · 3.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
#!/bin/bash
sudo ./utils/update.sh
sudo apt install -y squid3 apache2-utils jq
base=/etc/squid
date_now=$(date +%F_%H-%M-%S)
squid_conf=$base/squid.conf
squid_conf_old=$base/squid.conf.$date_now
auth_users=$base/auth_users
auth_users_old=$base/auth_users.$date_now
fblocked_sites=$base/blocked_sites
fblocked_sites_old=$base/blocked_sites.$date_now
fblocked_words=$base/blocked_words
fblocked_words_old=$base/blocked_words.$date_now
if [[ -f $squid_conf ]]; then
sudo cp $squid_conf $squid_conf_old
fi
sudo cp ./utils/squid/squid.conf $squid_conf
source ./utils/polyfills/walk.conf
source ./utils/libs/bar.sh
config=$(jq '.' ./config/config.json)
json=$(jq ". | $walkconfig walkconfig($config)" ./config/proxy.json)
hostname=$(echo $json | jq -r '.hostname')
blocked_sites=$(echo $json | jq -r '.blocked_sites | @sh' | sed "s/'//g")
blocked_words=$(echo $json | jq -r '.blocked_words | @sh' | sed "s/'//g")
auth=$(echo $json | jq '.auth')
auth_enabled=$(echo $auth | jq -r '.enabled')
auth_message=$(echo $auth | jq -r '.message')
auth_credential_ttl=$(echo $auth | jq -r '.credential_ttl')
sed -i "s/<hostname>/$hostname/g" $squid_conf
if [[ $blocked_sites != null && $blocked_sites != "" ]]; then
if [[ -f $fblocked_sites ]]; then
sudo mv $fblocked_sites $fblocked_sites_old
fi
for j in $blocked_sites;
do
sudo printf "$j\n" >> $fblocked_sites
done
fi
if [[ $blocked_words != null && $blocked_words != "" ]]; then
if [[ -f $fblocked_words ]]; then
sudo mv $fblocked_words $fblocked_words_old
fi
for j in $blocked_words;
do
sudo printf "$j\n" >> $fblocked_words
done
fi
if [[ $auth_enabled == true ]]; then
sed -i "s/<intercept>//g" $squid_conf
auth_output="auth_param basic program \/usr\/lib\/squid3\/basic_ncsa_auth \/etc\/squid\/auth_users\nauth_param basic children 5 startup=5 idle=1"
[[ $auth_message != null && $auth_message != "" ]] && auth_output="$auth_output\nauth_param basic realm $auth_message"
[[ $auth_credential_ttl != null && $auth_credential_ttl != "" ]] && auth_output="$auth_output\nauth_param basic credentialsttl $auth_credential_ttl hours"
sed -i "s/<auth>/$auth_output/g" $squid_conf
sed -i "s/<auth_users>/acl auth_users proxy_auth REQUIRED/g" $squid_conf
sed -i "s/<auth_rule>/http_access allow auth_users/g" $squid_conf
usersLength=$(echo $auth | jq -r '.users | length')
if [[ $usersLength > 0 ]]; then
if [[ -f $auth_users ]]; then
sudo cp $auth_users $auth_users_old
else
sudo touch $auth_users
fi
for ((j=0; j<${usersLength}; ++j));
do
sudo htpasswd -b $auth_users $(echo $auth | jq ".users[$j].username") $(echo $auth | jq ".users[$j].password")
done
fi
else
sed -i "s/<intercept>/ intercept/g" $squid_conf
sed -i "s/<auth>//g" $squid_conf
sed -i "s/<auth_users>//g" $squid_conf
sed -i "s/<auth_rule>//g" $squid_conf
fi
subnets_acl=""
subnets_rules=""
subnetsLength=$(echo $json | jq -r '.subnets | length')
for ((j=0; j<${subnetsLength}; ++j));
do
subnet=$(echo $json | jq ".subnets[$j]")
deny=$(echo $subnet | jq -r '.deny')
network=$(echo $subnet | jq -r '.network')
netmask=$(echo $subnet | jq -r '.netmask')
name="subnet$j"
netmaskBar
[[ $deny == true ]] && deny="deny" || deny="allow"
subnets_acl="$subnets_acl\nacl $name src $network\/$bar"
subnets_rules="$subnets_rules\nhttp_access $deny $name"
done
sed -i "s/<subnets_acl>/$subnets_acl/g" $squid_conf
sed -i "s/<subnets_rules>/$subnets_rules/g" $squid_conf
sudo cp ./config/proxy.json ./config/proxy.json.$date_now
sudo squid -k reconfigure
sudo squid -z
sudo service squid restart