Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- # usage in squid.conf :
- # url_rewrite_program /usr/local/bin/squidredirect.pl
- # maybe you have to allow this in apparmour
- # choose your fighter, e.g. this one: http://www.surbl.org/lists#multi
- # define the $redir
- use strict;
- use File::Temp qw/ tempfile tempdir /;
- use Net::DNS;
- use Sys::Syslog;
- my $bl = '.multi.surbl.org'; # DNSBL to use
- my $ns = '127.0.0.1'; # NameServer to use, preferably your local caching named
- my $redir = your replacement URL ; # Block-URL to use, maybe a PNG just in case its just a pic that's blocked
- my $res = Net::DNS::Resolver->new; # resolver
- my $url; # URL to check, later stripped down to hostname
- my $rest; # not needed other infos we get from Squid
- my $question; # question to DNS
- my $query; # query-result from DNS
- my $answer; # answer to Squid
- openlog('squidredir', 'pid', 'local0'); # incude PID because Squid starts a bunch of us
- $res->nameservers($ns); # contact NameServer
- $| = 1; # line buffered
- syslog("info", "starting");
- while (<>){ # for evey request from Squid
- chomp;
- syslog("debug", $_);
- ($url, $rest) = split(/ /, $_); # first column is the requested target URL
- $url =~ s/^https?:// ; # drop scheme
- $url =~ s:^[/]{2}:: ; # drop / slashes
- $url =~ s:/.*$:: ; # drop path
- $url =~ s/:.*$// ; # drop port
- $answer = "OK"; # set default answer to Squid
- $question = $url . $bl; # define the questions to DNS
- $query = $res->search($question); # ask DNSBL
- if ($query) { # we got an answer
- foreach my $rr ($query->answer) { # go through all parts
- next unless $rr->type eq "A"; # skip all but A-entris (normal IPv4)
- $answer = "OK status=301 url=\"$redir\""; # all other answers mean 'is a bad host' -> Redirect
- }
- }
- syslog("info", "$question $answer");
- print "$answer\n"; # send answer back to Squid
- }
- syslog("info", "stopping");
Add Comment
Please, Sign In to add comment
