sarg  2.4.0
About: SARG ia a Squid Analysis Report Generator.
  Fossies Dox: sarg-2.4.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  
denied.c
Go to the documentation of this file.
1 /*
2  * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
3  * 1998, 2015
4  *
5  * SARG donations:
6  * please look at http://sarg.sourceforge.net/donations.php
7  * Support:
8  * http://sourceforge.net/projects/sarg/forums/forum/363374
9  * ---------------------------------------------------------------------
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License
22  * along with this program; if not, write to the Free Software
23  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
24  *
25  */
26 
27 #include "include/conf.h"
28 #include "include/defs.h"
29 #include "include/readlog.h"
30 
32 static char denied_unsort[MAXLEN]="";
34 static FILE *fp_denied=NULL;
36 static bool denied_exists=false;
37 
43 void denied_open(void)
44 {
45  if ((ReportType & REPORT_TYPE_DENIED) == 0) {
46  if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Denied report not produced as it is not requested\n"));
47  return;
48  }
49  if (Privacy) {
50  if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Denied report not produced because privacy option is active\n"));
51  return;
52  }
53 
54  format_path(__FILE__, __LINE__, denied_unsort, sizeof(denied_unsort), "%s/denied.int_unsort", tmp);
55  if ((fp_denied=MY_FOPEN(denied_unsort,"w"))==NULL) {
56  debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),denied_unsort,strerror(errno));
57  exit(EXIT_FAILURE);
58  }
59  return;
60 }
61 
67 void denied_write(const struct ReadLogStruct *log_entry)
68 {
69  char date[80];
70 
71  if (fp_denied && strstr(log_entry->HttpCode,"DENIED/403") != 0) {
72  strftime(date,sizeof(date),"%d/%m/%Y\t%H:%M:%S",&log_entry->EntryTime);
73  fprintf(fp_denied, "%s\t%s\t%s\t%s\n",date,log_entry->User,log_entry->Ip,log_entry->Url);
74  denied_exists=true;
75  }
76 }
77 
81 void denied_close(void)
82 {
83  if (fp_denied) {
84  if (fclose(fp_denied)==EOF) {
85  debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),denied_unsort,strerror(errno));
86  exit(EXIT_FAILURE);
87  }
88  fp_denied=NULL;
89  }
90 }
91 
98 bool is_denied(void)
99 {
100  return(denied_exists);
101 }
102 
103 static void show_ignored_denied(FILE *fp_ou,int count)
104 {
105  char ignored[80];
106 
107  snprintf(ignored,sizeof(ignored),ngettext("%d more denied access not shown here…","%d more denied accesses not shown here…",count),count);
108  fprintf(fp_ou,"<tr><td class=\"data\"></td><td class=\"data\"></td><td class=\"data\"></td><td class=\"data2 more\">%s</td></tr>\n",ignored);
109 }
110 
114 void gen_denied_report(void)
115 {
116  FileObject *fp_in = NULL;
117  FILE *fp_ou = NULL;
118 
119  char *buf;
120  char *url;
121  char denied_sort[MAXLEN];
122  char report[MAXLEN];
123  char ip[MAXLEN];
124  char oip[MAXLEN];
125  char user[MAXLEN];
126  char ouser[MAXLEN]="";
127  char ouser2[MAXLEN]="";
128  char data[15];
129  char hora[15];
130  char csort[4098];
131  bool z=false;
132  int count=0;
133  int day,month,year;
134  int cstatus;
135  bool new_user;
136  struct getwordstruct gwarea;
137  longline line;
138  struct userinfostruct *uinfo;
139  struct tm t;
140 
141  if (!denied_exists) {
142  if (!KeepTempLog && denied_unsort[0]!='\0' && unlink(denied_unsort))
143  debuga(__FILE__,__LINE__,_("Cannot delete \"%s\": %s\n"),denied_unsort,strerror(errno));
144  denied_unsort[0]='\0';
145  if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Denied report not produced because it is empty\n"));
146  return;
147  }
148  if (debugz>=LogLevel_Process)
149  debuga(__FILE__,__LINE__,_("Creating denied accesses report...\n"));
150 
151  if (snprintf(denied_sort,sizeof(denied_sort),"%s/denied.int_log",tmp)>=sizeof(denied_sort)) {
152  debuga(__FILE__,__LINE__,_("Temporary directory path too long to sort the denied accesses\n"));
153  exit(EXIT_FAILURE);
154  }
155  if (snprintf(csort,sizeof(csort),"sort -T \"%s\" -t \"\t\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"",tmp,denied_sort,denied_unsort)>=sizeof(csort)) {
156  debuga(__FILE__,__LINE__,_("Sort command too long when sorting file \"%s\" to \"%s\"\n"),denied_unsort,denied_sort);
157  exit(EXIT_FAILURE);
158  }
159  cstatus=system(csort);
160  if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
161  debuga(__FILE__,__LINE__,_("sort command return status %d\n"),WEXITSTATUS(cstatus));
162  debuga(__FILE__,__LINE__,_("sort command: %s\n"),csort);
163  exit(EXIT_FAILURE);
164  }
165  if (unlink(denied_unsort)) {
166  debuga(__FILE__,__LINE__,_("Cannot delete \"%s\": %s\n"),denied_unsort,strerror(errno));
167  exit(EXIT_FAILURE);
168  }
169  denied_unsort[0]='\0';
170 
171  format_path(__FILE__, __LINE__, report, sizeof(report), "%s/denied.html", outdirname);
172 
173  if ((fp_in=FileObject_Open(denied_sort))==NULL) {
174  debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),denied_sort,FileObject_GetLastOpenError());
175  exit(EXIT_FAILURE);
176  }
177 
178  if ((fp_ou=MY_FOPEN(report,"w"))==NULL) {
179  debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),report,strerror(errno));
180  exit(EXIT_FAILURE);
181  }
182 
183  write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Denied"),HTML_JS_NONE);
184  fputs("<tr><td class=\"header_c\">",fp_ou);
185  fprintf(fp_ou,_("Period: %s"),period.html);
186  fputs("</td></tr>\n",fp_ou);
187  fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Denied"));
188  close_html_header(fp_ou);
189 
190  fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
191  fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));
192 
193  if ((line=longline_create())==NULL) {
194  debuga(__FILE__,__LINE__,_("Not enough memory to read file \"%s\"\n"),denied_sort);
195  exit(EXIT_FAILURE);
196  }
197 
198  while((buf=longline_read(fp_in,line))!=NULL) {
199  getword_start(&gwarea,buf);
200  if (getword(data,sizeof(data),&gwarea,'\t')<0 || getword(hora,sizeof(hora),&gwarea,'\t')<0 ||
201  getword(user,sizeof(user),&gwarea,'\t')<0 || getword(ip,sizeof(ip),&gwarea,'\t')<0) {
202  debuga(__FILE__,__LINE__,_("Invalid record in file \"%s\"\n"),denied_sort);
203  exit(EXIT_FAILURE);
204  }
205  if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
206  debuga(__FILE__,__LINE__,_("Invalid url in file \"%s\"\n"),denied_sort);
207  exit(EXIT_FAILURE);
208  }
209  if (sscanf(data,"%d/%d/%d",&day,&month,&year)!=3) continue;
210  computedate(year,month,day,&t);
211  strftime(data,sizeof(data),"%x",&t);
212 
213  uinfo=userinfo_find_from_id(user);
214  if (!uinfo) {
215  debuga(__FILE__,__LINE__,_("Unknown user ID %s in file \"%s\"\n"),user,denied_sort);
216  exit(EXIT_FAILURE);
217  }
218 
219  new_user=false;
220  if (!z) {
221  strcpy(ouser,user);
222  strcpy(oip,ip);
223  z=true;
224  new_user=true;
225  } else {
226  if (strcmp(ouser,user) != 0) {
227  strcpy(ouser,user);
228  new_user=true;
229  }
230  if (strcmp(oip,ip) != 0) {
231  strcpy(oip,ip);
232  new_user=true;
233  }
234  }
235 
236  if (DeniedReportLimit) {
237  if (strcmp(ouser2,uinfo->label) == 0) {
238  count++;
239  } else {
240  if (count>DeniedReportLimit && DeniedReportLimit>0)
241  show_ignored_denied(fp_ou,count-DeniedReportLimit);
242  count=1;
243  strcpy(ouser2,uinfo->label);
244  }
245  if (count > DeniedReportLimit)
246  continue;
247  }
248 
249  fputs("<tr>",fp_ou);
250  if (new_user) {
251  if (uinfo->topuser)
252  fprintf(fp_ou,"<td class=\"data\"><a href=\"%s/%s.html\">%s</a></td><td class=\"data\">%s</td>",uinfo->filename,uinfo->filename,uinfo->label,ip);
253  else
254  fprintf(fp_ou,"<td class=\"data\">%s</td><td class=\"data\">%s</td>",uinfo->label,ip);
255  } else
256  fputs("<td class=\"data\"></td><td class=\"data\"></td>",fp_ou);
257  fprintf(fp_ou,"<td class=\"data\">%s-%s</td><td class=\"data2\">",data,hora);
258  if (BlockIt[0] != '\0' && url[0]!=ALIAS_PREFIX) {
259  fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
260  output_html_url(fp_ou,url);
261  fprintf(fp_ou,"\"><img src=\"%s/sarg-squidguard-block.png\"></a>&nbsp;",ImageFile);
262  }
263  output_html_link(fp_ou,url,100);
264  fputs("</td></tr>\n",fp_ou);
265  }
266  if (FileObject_Close(fp_in)) {
267  debuga(__FILE__,__LINE__,_("Read error in \"%s\": %s\n"),denied_sort,FileObject_GetLastCloseError());
268  exit(EXIT_FAILURE);
269  }
270  longline_destroy(&line);
271 
272  if (count>DeniedReportLimit && DeniedReportLimit>0)
273  show_ignored_denied(fp_ou,count-DeniedReportLimit);
274 
275  fputs("</table></div>\n",fp_ou);
276  write_html_trailer(fp_ou);
277  if (fclose(fp_ou)==EOF) {
278  debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),report,strerror(errno));
279  exit(EXIT_FAILURE);
280  }
281 
282  if (!KeepTempLog && unlink(denied_sort)==-1)
283  debuga(__FILE__,__LINE__,_("Cannot delete \"%s\": %s\n"),denied_sort,strerror(errno));
284 
285  return;
286 }
287 
291 void denied_cleanup(void)
292 {
293  if (fp_denied){
294  if (fclose(fp_denied)==EOF) {
295  debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),denied_unsort,strerror(errno));
296  exit(EXIT_FAILURE);
297  }
298  fp_denied=NULL;
299  }
300  if (!KeepTempLog && denied_unsort[0]) {
301  if (unlink(denied_unsort)==-1)
302  debuga(__FILE__,__LINE__,_("Failed to delete \"%s\": %s\n"),denied_unsort,strerror(errno));
303  }
304 }
ReadLogStruct::EntryTime
struct tm EntryTime
The time corresponding to the entry.
Definition: readlog.h:27
userinfostruct::topuser
int topuser
True if this user is in the topuser list.
Definition: defs.h:93
getword_start
void getword_start(struct getwordstruct *gwarea, const char *line)
Definition: util.c:74
write_html_header
void write_html_header(FILE *fp_ou, int depth, const char *title, int javascript)
Definition: util.c:2144
debuga
void debuga(const char *File, int Line, const char *msg,...)
Definition: util.c:601
output_html_url
void output_html_url(FILE *fp_ou, const char *url)
Definition: util.c:2194
denied_open
void denied_open(void)
Definition: denied.c:43
ReadLogStruct::HttpCode
char * HttpCode
HTTP code returned to the user for the entry.
Definition: readlog.h:43
userinfostruct
What is known about a user.
Definition: defs.h:78
longline_read
char * longline_read(FileObject *fp_in, longline line)
Definition: longline.c:97
format_path
int format_path(const char *file, int line, char *output_buffer, int buffer_size, const char *format,...)
Definition: util.c:2665
FileObject_GetLastCloseError
const char * FileObject_GetLastCloseError(void)
Definition: fileobject.c:263
longlinestruct
Definition: longline.c:56
DeniedReportLimit
int DeniedReportLimit
Definition: conf.h:492
KeepTempLog
bool KeepTempLog
True to keep the temporary files for inspection.
Definition: conf.h:505
FileObject_GetLastOpenError
const char * FileObject_GetLastOpenError(void)
Definition: fileobject.c:236
MY_FOPEN
#define MY_FOPEN
Definition: conf.h:129
_
#define _(String)
Definition: conf.h:155
MAXLEN
#define MAXLEN
Definition: conf.h:176
INDEX_TREE_DATE
#define INDEX_TREE_DATE
Definition: conf.h:240
denied_cleanup
void denied_cleanup(void)
Definition: denied.c:291
HTML_JS_NONE
#define HTML_JS_NONE
Value to exclude all the javascripts from the html page.
Definition: conf.h:285
userinfo_find_from_id
struct userinfostruct * userinfo_find_from_id(const char *id)
Definition: userinfo.c:218
ReadLogStruct::Ip
const char * Ip
The IP address connecting to internet.
Definition: readlog.h:29
userinfostruct::label
const char * label
The name of the user to display in the report.
Definition: defs.h:89
wwwDocumentRoot
char wwwDocumentRoot[20000]
Definition: conf.h:411
ReportType
unsigned long int ReportType
Definition: conf.h:332
close_html_header
void close_html_header(FILE *fp_ou)
Definition: util.c:2152
getword_ptr
int getword_ptr(char *orig_line, char **word, struct getwordstruct *gwarea, char stop)
Definition: util.c:343
computedate
void computedate(int year, int month, int day, struct tm *t)
Definition: util.c:892
IndexTree
unsigned long int IndexTree
How to display the index of the reports.
Definition: conf.h:416
ImageFile
char ImageFile[255]
Definition: conf.h:443
ReadLogStruct
Data read from an input log file.
Definition: readlog.h:24
periodstruct::html
char html[90]
The HTML representation of the date.
Definition: conf.h:307
denied_unsort
static char denied_unsort[20000]
Name of the file containing the unsorted denied entries.
Definition: denied.c:32
ReadLogStruct::User
const char * User
The user's name.
Definition: readlog.h:31
getword
int getword(char *word, int limit, struct getwordstruct *gwarea, char stop)
Definition: util.c:90
denied_close
void denied_close(void)
Definition: denied.c:81
FileObject_Open
FileObject * FileObject_Open(const char *FileName)
Definition: fileobject.c:104
conf.h
Include headers and define global variables. */.
ALIAS_PREFIX
#define ALIAS_PREFIX
The character prefixed in front of the host names that are aliased.
Definition: conf.h:290
fp_denied
static FILE * fp_denied
The file handle to write the entries.
Definition: denied.c:34
longline_create
longline longline_create(void)
Definition: longline.c:70
REPORT_TYPE_DENIED
#define REPORT_TYPE_DENIED
Definition: conf.h:197
userinfostruct::filename
const char * filename
The mangled name to use in file names of that user.
Definition: defs.h:91
readlog.h
Privacy
bool Privacy
Definition: conf.h:372
getwordstruct
Definition: defs.h:26
longline_destroy
void longline_destroy(longline *line_ptr)
Definition: longline.c:168
denied_exists
static bool denied_exists
True if at least one denied entry exists.
Definition: denied.c:36
debugaz
void debugaz(const char *File, int Line, const char *msg,...)
Definition: util.c:646
write_html_trailer
void write_html_trailer(FILE *fp_ou)
Definition: util.c:2157
tmp
char tmp[20000]
Definition: conf.h:315
defs.h
Declaration of the structures and functions.
ngettext
#define ngettext(Msgid1, Msgid2, N)
Definition: gettext.h:75
outdirname
char outdirname[20000]
Definition: conf.h:311
gen_denied_report
void gen_denied_report(void)
Definition: denied.c:114
BlockIt
char BlockIt[255]
Definition: conf.h:413
debugz
int debugz
Definition: conf.h:490
period
struct periodstruct period
Definition: conf.h:312
is_denied
bool is_denied(void)
Definition: denied.c:98
denied_write
void denied_write(const struct ReadLogStruct *log_entry)
Definition: denied.c:67
FileObject_Close
int FileObject_Close(FileObject *File)
Definition: fileobject.c:206
show_ignored_denied
static void show_ignored_denied(FILE *fp_ou, int count)
Definition: denied.c:103
FileObjectStruct
Definition: fileobject.h:4
ReadLogStruct::Url
char * Url
Definition: readlog.h:37
output_html_link
void output_html_link(FILE *fp_ou, const char *url, int maxlen)
Definition: util.c:2214
LogLevel_Process
@ LogLevel_Process
Process informational messages.
Definition: defs.h:15