initial commit of file from CVS for smeserver-sarg on Sat Sep 7 21:03:26 AEST 2024

root/etc/e-smith/db/configuration/defaults/sarg/logfile

@@ -0,0 +1 @@
+squid

root/etc/e-smith/db/configuration/defaults/sarg/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/db/configuration/defaults/sarg/values

@@ -0,0 +1 @@
+bytes

root/etc/e-smith/templates.metadata/etc/cron.daily/sarg

@@ -0,0 +1,4 @@
+UID="root"
+GID="root"
+PERMS=0750
+

root/etc/e-smith/templates.metadata/etc/cron.monthly/sarg

@@ -0,0 +1,4 @@
+UID="root"
+GID="root"
+PERMS=0750
+

root/etc/e-smith/templates.metadata/etc/cron.weekly/sarg

@@ -0,0 +1,4 @@
+UID="root"
+GID="root"
+PERMS=0750
+

root/etc/e-smith/templates/etc/cron.daily/sarg

@@ -0,0 +1,19 @@
+{
+     my $logfile =  $sarg{'logfile'} || 'squid';
+
+     $OUT .= "#!/bin/bash\n";
+     $OUT .= "\n";
+     $OUT .= "LOG_FILES=\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log.1.gz ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log.1.gz\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "\n";
+     $OUT .= "YESTERDAY=\"\$(date --date \'1 days ago\' +%d/%m/%Y)\"\n";
+     $OUT .= "\n";
+     $OUT .= "/usr/bin/sarg \$LOG_FILES -o /var/www/sarg/daily -d \$YESTERDAY > /dev/null 2>&1 \n";
+     $OUT .= "\n";
+     $OUT .= "exit 0\n";
+}

root/etc/e-smith/templates/etc/cron.monthly/sarg

@@ -0,0 +1,31 @@
+{
+     my $logfile =  $sarg{'logfile'} || 'squid';
+
+     $OUT .= "#!/bin/bash\n";
+     $OUT .= "\n";
+     $OUT .= "LOG_FILES=\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log.4.gz ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log.4.gz\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log.3.gz ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log.3.gz\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log.2.gz ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log.2.gz\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log.1.gz ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log.1.gz\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "\n";
+     $OUT .= "YESTERDAY=\"\$(date --date \'1 days ago\' +%d/%m/%Y)\"\n";
+     $OUT .= "\n";
+     $OUT .= "MONTHAGO=\"\$(date --date \'1 month ago\' +%d/%m/%Y)\"\n";
+     $OUT .= "\n";
+     $OUT .= "/usr/bin/sarg \$LOG_FILES  -o /var/www/sarg/monthly -d \$MONTHAGO-\$YESTERDAY > /dev/null 2>&1 \n";
+     $OUT .= "\n";
+     $OUT .= "exit 0\n";
+}
+

root/etc/e-smith/templates/etc/cron.weekly/sarg

@@ -0,0 +1,21 @@
+{
+     my $logfile =  $sarg{'logfile'} || 'squid';
+
+     $OUT .= "#!/bin/bash\n";
+     $OUT .= "\n";
+     $OUT .= "LOG_FILES=\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log.1.gz ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log.1.gz\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "if [ -s /var/log/$logfile/access.log ]; then\n";
+     $OUT .= "	LOG_FILES=\"\$LOG_FILES -l /var/log/$logfile/access.log\"\n";
+     $OUT .= "fi\n";
+     $OUT .= "\n";
+     $OUT .= "YESTERDAY=\"\$(date --date \'1 days ago\' +%d/%m/%Y)\"\n";
+     $OUT .= "\n";
+     $OUT .= "WEEKAGO=\"\$(date --date \'7 days ago\' +%d/%m/%Y)\"\n";
+     $OUT .= "\n";
+     $OUT .= "/usr/bin/sarg \$LOG_FILES  -o /var/www/sarg/weekly  -d \$WEEKAGO-\$YESTERDAY > /dev/null 2>&1 \n";
+     $OUT .= "\n";
+     $OUT .= "exit 0\n";
+}

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess20sarg

@@ -0,0 +1,54 @@
+{
+ my $externalSSLAccess = '';
+ my $validFrom = db_get_prop($confref, "httpd-admin", "ValidFrom") || 'none';
+
+ $validFrom =~ s/,/ /g;
+ $validFrom =~ s:/255.255.255.255::g;
+
+ unless ($validFrom eq 'none')
+ {
+  $externalSSLAccess = $validFrom;
+ }
+
+ use esmith::AccountsDB;
+ my $adb = esmith::AccountsDB->open_ro();
+ my $sargusers = "";
+
+ foreach my $user ($adb->users)
+ {
+   my %properties = $user->props;
+   my $key = $user->key;
+	
+   if ($properties{'AdminPanels'})
+   {
+      if ($properties{'AdminPanels'} =~ /sarg/)
+      { 
+	 $sargusers = "$sargusers $key";
+     }
+   }
+ }
+
+$OUT .= <<HERE;
+    #-----------------------------------------------------------------------------
+    # SARG generated squid access log reports web repository
+    #-----------------------------------------------------------------------------
+    
+    Alias /squid /var/www/sarg
+    <Directory /var/www/sarg>
+    AllowOverride None
+    Options +Indexes
+    order deny,allow
+    deny from all
+    allow from $localAccess $externalSSLAccess
+    AuthName "SME Server Manager"
+    AuthBasicProvider external
+    AuthType Basic
+    AuthExternal pwauth
+    require user admin $sargusers
+    </Directory>
+
+    #-----------------------------------------------------------------------------
+    # End of SARG generated squid access log reports web repository
+    #-----------------------------------------------------------------------------
+HERE
+}

root/etc/e-smith/templates/etc/sarg/sarg.conf

@@ -0,0 +1,719 @@
+# sarg.conf
+#
+{
+ #my $language = $sarg{'language'} || 'English';
+ my $logfile  = $sarg{'logfile'}  || 'squid';
+ my $values   = $sarg{'values'}   || 'bytes';
+ my $lastlog  = $sarg{'lastlog'}  || '0';
+
+ #$OUT .= "language $language\n";
+ $OUT .= "access_log /var/log/$logfile/access.log\n";
+ $OUT .= "title \"$logfile user access reports\"\n";
+ $OUT .= "displayed_values $values\n";
+ $OUT .= "lastlog $lastlog\n";
+
+ if ($logfile eq 'dansguardian')
+ { $OUT .= "dansguardian_conf /etc/dansguardian/dansguardian.conf\n"; }
+
+}
+# TAG:  access_log file
+#       Where is the access.log file
+#       sarg -l file
+#
+#access_log /usr/local/squid/var/logs/access.log
+#access_log /var/log/squid/access.log
+
+# TAG: graphs yes|no
+#	Use graphics where is possible.
+#           graph_days_bytes_bar_color blue|green|yellow|orange|brown|red
+#
+#graphs yes
+#graph_days_bytes_bar_color orange
+
+# TAG:  graph_font
+#       The full path to the TTF font file to use to create the graphs. It is required
+#       if graphs is set to yes.
+#
+#graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
+
+# TAG:	title
+# 	Especify the title for html page.
+#
+#title "Squid User Access Reports"
+
+# TAG:	font_face
+# 	Especify the font for html page.
+#
+#font_face Tahoma,Verdana,Arial
+
+# TAG:	header_color
+# 	Especify the header color
+#
+#header_color darkblue
+
+# TAG:	header_bgcolor
+# 	Especify the header bgcolor
+#
+#header_bgcolor blanchedalmond
+
+# TAG:	font_size
+# 	Especify the text font size
+#
+#font_size 9px
+
+# TAG:	header_font_size
+# 	Especify the header font size
+#
+#header_font_size 9px
+
+# TAG:	title_font_size
+# 	Especify the title font size
+#
+#title_font_size 11px
+
+# TAG:	background_color
+# TAG:	background_color
+#	Html page background color
+#
+# background_color white
+
+# TAG:	text_color
+#	Html page text color
+#
+#text_color #000000
+
+# TAG:	text_bgcolor
+#	Html page text background color
+#
+#text_bgcolor lavender
+
+# TAG:	title_color
+#	Html page title color
+#
+#title_color green
+
+# TAG:	logo_image
+#	Html page logo.
+#
+#logo_image none
+
+# TAG:	logo_text
+#	Html page logo text.
+#
+#logo_text ""
+
+# TAG:	logo_text_color
+#	Html page logo texti color.
+#
+#logo_text_color #000000
+
+# TAG:	logo_image_size
+#	Html page logo image size. 
+#       width height
+#
+#image_size 80 45
+
+# TAG:	background_image
+#	Html page background image
+#
+#background_image none
+
+# TAG:  password
+#       User password file used by Squid authentication scheme
+#       If used, generate reports just for that users.
+#
+#password none
+
+# TAG:  temporary_dir
+#       Temporary directory name for work files
+#       sarg -w dir
+#
+#temporary_dir /tmp
+
+# TAG:  output_dir
+#       The reports will be saved in that directory
+#       sarg -o dir
+#
+#output_dir /var/www/html/squid-reports
+output_dir /var/www/sarg/ONE-SHOT
+
+# TAG:  output_email
+#       Email address to send the reports. If you use this tag, no html reports will be generated.
+#       sarg -e email
+#
+#output_email none
+
+# TAG:  resolve_ip yes/no
+#       Convert ip address to dns name
+#       sarg -n
+#resolve_ip no
+resolve_ip yes
+
+# TAG:  user_ip yes/no
+#       Use Ip Address instead userid in reports.
+#       sarg -p
+#user_ip no
+
+# TAG:  topuser_sort_field field normal/reverse
+#       Sort field for the Topuser Report.
+#       Allowed fields: USER CONNECT BYTES TIME
+#
+#topuser_sort_field BYTES reverse
+
+# TAG:  user_sort_field field normal/reverse
+#       Sort field for the User Report.
+#       Allowed fields: SITE CONNECT BYTES TIME
+#
+#user_sort_field BYTES reverse
+
+# TAG:  exclude_users file
+#       users within the file will be excluded from reports.
+#       you can use indexonly to have only index.html file.
+#
+#exclude_users none
+
+# TAG:  exclude_hosts file
+#       Hosts, domains or subnets will be excluded from reports.
+#
+#       Eg.: 192.168.10.10   - exclude ip address only
+#            192.168.10.0/24 - exclude full C class
+#            s1.acme.foo     - exclude hostname only
+#            *.acme.foo      - exclude full domain name
+#
+#exclude_hosts none
+
+# TAG:  useragent_log file
+#       useragent.log file patch to generate useragent report.
+#
+#useragent_log none
+
+# TAG:  date_format
+#       Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww)
+#       
+#date_format u
+
+# TAG:  per_user_limit file MB
+#       Saves userid on file if download exceed n MB.
+#       This option allow you to disable user access if user exceed a download limit.
+#       
+#per_user_limit none
+
+# TAG: lastlog n
+#      How many reports files must be keept in reports directory.
+#      The oldest report file will be automatically removed.
+#      0 - no limit.
+#
+#lastlog 0
+
+# TAG: remove_temp_files yes
+#      Remove temporary files: geral, usuarios, top, periodo from root report directory.
+#
+#remove_temp_files yes
+
+# TAG: index yes|no|only
+#      Generate the main index.html.
+#      only - generate only the main index.html
+#
+#index yes
+
+# TAG: index_tree date|file
+#      How to generate the index.
+#
+#index_tree file
+
+# TAG: overwrite_report yes|no
+#      yes - if report date already exist then will be overwrited.
+#       no - if report date already exist then will be renamed to filename.n, filename.n+1
+#
+#overwrite_report no
+
+# TAG: records_without_userid ignore|ip|everybody
+#      What can I do with records without user id (no authentication) in access.log file ?
+#
+#      ignore - This record will be ignored.
+#          ip - Use ip address instead. (default)
+#   everybody - Use "everybody" instead.
+#
+#records_without_userid ip
+
+# TAG: use_comma no|yes
+#      Use comma instead point in reports.
+#      Eg.: use_comma yes => 23,450,110
+#           use_comma no  => 23.450.110
+#
+#use_comma no
+
+# TAG: mail_utility
+#      Mail command to use to send reports via SMTP. Sarg calls it like this:
+#         mail_utility -s "SARG report, date" "output_email" <"mail_content"
+#
+#      Therefore, it is possible to add more arguments to the command by specifying them
+#      here.
+#
+#      If you need too, you can use a shell script to process the content of /dev/stdin
+#      (/dev/stdin is the mail_content passed by sarg to the script) and call whatever
+#      command you like. It is not limited to mailing the report via SMTP.
+#
+#      Don't forget to quote the command if necessary (i.e. if the path contains
+#      characters that must be quoted).
+#
+#mail_utility mailx
+mail_utility mail
+
+# TAG: topsites_num n
+#      How many sites in topsites report.
+#
+#topsites_num 100
+
+# TAG: topsites_sort_order CONNECT|BYTES A|D
+#      Sort for topsites report, where A=Ascendent, D=Descendent
+#
+#topsites_sort_order CONNECT D
+
+# TAG: index_sort_order A/D
+#      Sort for index.html, where A=Ascendent, D=Descendent
+#
+#index_sort_order D
+
+# TAG: exclude_codes file
+#      Ignore records with these codes. Eg.: NONE/400
+#      Write one code per line. Lines starting with a # are ignored.
+#      Only codes matching exactly one of the line is rejected. The
+#      comparison is not case sensitive.
+#
+#exclude_codes /usr/local/sarg/exclude_codes
+
+# TAG: replace_index string
+#      Replace "index.html" in the main index file with this string
+#      If null "index.html" is used 
+#
+#replace_index <?php echo str_replace(".", "_", $REMOTE_ADDR); echo ".html"; ?>
+
+# TAG: max_elapsed milliseconds
+#      If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time.
+#      Use 0 for no checking 
+#
+#max_elapsed 28800000
+# 8 Hours
+
+# TAG: report_type type
+#      What kind of reports to generate.
+#      topusers            - users, sites, times, bytes, connects, links to accessed sites, etc
+#      topsites		   - site, connect and bytes report
+#      sites_users	   - users and sites report
+#      users_sites	   - accessed sites by the user report
+#      date_time	   - bytes used per day and hour report
+#      denied		   - denied sites with full URL report
+#      auth_failures       - autentication failures report
+#      site_user_time_date - sites, dates, times and bytes report
+#      downloads           - downloads per user report
+#
+#      Eg.: report_type topsites denied 
+#
+#report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
+
+# TAG: usertab filename
+#      You can change the "userid" or the "ip address" to be a real user name on the reports.
+#      If resolve_ip is active, the ip address is resolved before being looked up into this
+#      file. That is, if you want to map the ip address, be sure to set resolv_ip to no or
+#      the resolved name will be looked into the file instead of the ip address. Note that
+#      it can be used to resolve any ip address known to the dns and then map the unresolved
+#      ip addresses to a name found in the usertab file.
+#      Table syntax:
+# 		userid name   or   ip address name
+#      Eg:
+#		SirIsaac Isaac Newton
+#		vinci Leonardo da Vinci
+#		192.168.10.1 Karol Wojtyla
+#
+#      Each line must be terminated with '\n'
+#      If usertab have value "ldap" (case ignoring), user names
+#      will be taken from LDAP server. This method as approaches for reception
+#      of usernames from Active Didectory
+#
+#usertab none
+
+# TAG: LDAPHost hostname
+#	FQDN or IP address of host with LDAP service or AD DC
+#	default is '127.0.0.1'
+#LDAPHost 127.0.0.1
+
+# TAG: LDAPPort port
+#       LDAP service port number
+#	default is '389'
+#LDAPPort 389
+
+# TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
+#	DN of LDAP user, who is authorized to read user's names from LDAP base
+#	default is empty line
+#LDAPBindDN cn=proxy,dc=mydomain,dc=local
+
+# TAG: LDAPBindPW secret
+#	Password of DN, who is authorized to read user's names from LDAP base
+#	default is empty line
+#LDAPBindPW secret
+
+# TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
+#	LDAP search base
+#	default is empty line
+#LDAPBaseSearch ou=users,dc=mydomain,dc=local
+
+# TAG: LDAPFilterSearch (uid=%s)
+#	User search filter by user's logins in LDAP
+#	First founded record will be used
+#	%s - will be changed to userlogins from access.log file
+#       filter string can have up to 5 '%s' tags
+#	default value is '(uid=%s)'
+#LDAPFilterSearch (uid=%s)
+
+# TAG: LDAPTargetAttr attributename
+#	Name of the attribute containing a name of the user
+#	default value is 'cn'
+#LDAPTargetAttr cn
+
+# TAG: long_url yes|no
+#      If yes, the full url is showed in report.
+#      If no, only the site will be showed
+#
+#      YES option generate very big sort files and reports.
+#
+#long_url no
+
+# TAG: date_time_by bytes|elap
+#      Date/Time reports show the downloaded volume or the elapsed time or both.
+#
+#date_time_by bytes
+
+# TAG: charset name
+#      ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
+#      graphic character sets for writing in alphabetic languages
+#      You can use the following charsets:
+#		Latin1 		- West European
+#		Latin2 		- East European 
+#		Latin3 		- South European 
+#		Latin4 		- North European 
+#		Cyrillic 
+#		Arabic 
+#		Greek 
+#		Hebrew 
+#		Latin5 		- Turkish 
+#		Latin6
+#		Windows-1251
+#		Japan
+#		Koi8-r
+#		UTF-8
+#
+charset utf-8
+
+# TAG: user_invalid_char "&/"
+#      Records that contain invalid characters in userid will be ignored by Sarg.
+#
+#user_invalid_char "&/"
+
+# TAG: privacy yes|no
+#      privacy_string "***.***.***.***"
+#      privacy_string_color blue
+#      In some countries the sysadm cannot see the visited sites by a restrictive law.
+#      Using privacy yes the visited url will be changes by privacy_string and the link
+#      will be removed from reports.
+#
+#privacy no
+#privacy_string "***.***.***.***"
+#privacy_string_color blue
+
+# TAG: include_users "user1:user2:...:usern"
+#      Reports will be generated only for listed users.
+#
+#include_users none
+
+# TAG: exclude_string "string1:string2:...:stringn"
+#      Records from access.log file that contain one of listed strings will be ignored.
+#
+#exclude_string none
+
+# TAG: show_successful_message yes|no
+#      Shows "Successful report generated on dir" at end of process.
+#
+#show_successful_message yes
+show_successful_message no
+
+# TAG: show_read_statistics yes|no
+#      Shows some reading statistics.
+#
+#show_read_statistics yes
+
+# TAG: topuser_fields
+#      Which fields must be in Topuser report.
+#
+#topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
+
+# TAG: user_report_fields
+#      Which fields must be in User report.
+#
+#user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
+
+# TAG: bytes_in_sites_users_report yes|no
+#      Bytes field must be in Site & Users Report ?
+#
+#bytes_in_sites_users_report no
+
+# TAG: topuser_num n
+#      How many users in topsites report. 0 = no limit
+#
+#topuser_num 0
+
+# TAG: datafile file
+#      Save the report results in a file to populate some database
+#
+#datafile none
+
+# TAG: datafile_delimiter ";"
+#      ascii character to use as a field separator in datafile
+#
+#datafile_delimiter ";"
+
+# TAG: datafile_fields all
+#      Which data fields must be in datafile
+#      user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
+#
+#datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
+
+# TAG: datafile_url ip|name
+#      Saves the URL as ip or name in datafile
+#
+#datafile_url ip
+
+# TAG: weekdays
+#      The weekdays to take into account ( Sunday->0, Saturday->6 )
+# Example:
+#weekdays 1-3,5
+# Default:
+#weekdays 0-6
+
+# TAG: hours
+#      The hours to take into account
+# Example:
+#hours 7-12,14,16,18-20
+# Default:
+#hours 0-23
+
+# TAG: dansguardian_conf file
+#      DansGuardian.conf file path
+#      Generate reports from DansGuardian logs.
+#      Use 'none' to disable it.
+#      dansguardian_conf /usr/dansguardian/dansguardian.conf
+#
+#dansguardian_conf none
+
+# TAG: dansguardian_filter_out_date on|off
+#      This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action.
+#      Note the change of parameter value compared with the old option.
+#      'off' use the record even if its date is outside of the range found in the input log file.
+#      'on'  use the record only if its date is in the range found in the input log file.
+#
+#dansguardian_filter_out_date on
+
+# TAG: squidguard_conf file
+#      path to squidGuard.conf file
+#      Generate reports from SquidGuard logs.
+#      Use 'none' to disable.
+#      You can use sarg -L filename to use an alternate squidGuard log.
+#      squidguard_conf /usr/local/squidGuard/squidGuard.conf
+#
+#squidguard_conf none
+
+# TAG: redirector_log file
+#      the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option
+#      may be repeated up to 64 times to read multiple files.
+#      If this option is specified, it takes precedence over squidguard_conf.
+#      The command line option -L override this option.
+#
+#redirector_log /usr/local/squidGuard/var/logs/urls.log
+
+# TAG: redirector_filter_out_date on|off
+#      This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not
+#      appropriate with respect to their action.
+#      Note the change of parameter value compared with the old options.
+#      'off' use the record even if its date is outside of the range found in the input log file.
+#      'on'  use the record only if its date is in the range found in the input log file.
+#
+#redirector_filter_out_date on
+
+# TAG: redirector_log_format
+#      Format string for web proxy redirector logs.
+#      This option was named squidguard_log_format before sarg 2.3.
+#      REJIK       #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
+#      SQUIDGUARD  #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
+#redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
+
+# TAG: show_sarg_info yes|no
+#      shows sarg information and site path on each report bottom
+#
+#show_sarg_info yes
+
+# TAG: show_sarg_logo yes|no
+#      shows sarg logo
+#
+#show_sarg_logo yes
+
+# TAG: parsed_output_log directory
+#      Saves the processed log in a sarg format after parsing the squid log file.
+#      This is a way to dump all of the data structures out, after parsing from 
+#      the logs (presumably this data will be much smaller than the log files themselves),
+#      and pull them back in for later processing and merging with data from previous logs.
+#
+#parsed_output_log none
+
+# TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
+#      Command to run to compress sarg parsed output log. It may contain
+#      options (such as -f to overwrite existing target file). The name of
+#      the file to compresse is provided at the end of this
+#      command line. Don't forget to quote things appropriately.
+#
+#parsed_output_log_compress /bin/gzip
+
+# TAG: displayed_values bytes|abbreviation
+#      how the values will be displayed in reports.
+#      eg. bytes  	-  209.526
+#          abbreviation -  210K
+#
+#displayed_values bytes
+
+# Report limits
+# TAG: authfail_report_limit n
+# TAG: denied_report_limit n
+# TAG: siteusers_report_limit n
+# TAG: squidguard_report_limit n
+# TAG: user_report_limit n
+# TAG: dansguardian_report_limit n
+# TAG: download_report_limit n
+#      report limits (lines).
+#      '0' no limit
+#
+#authfail_report_limit 10
+#denied_report_limit 10
+#siteusers_report_limit 0
+#squidguard_report_limit 10
+#dansguardian_report_limit 10
+#user_report_limit 10
+#user_report_limit 50
+
+# TAG: www_document_root dir
+#     Where is your Web DocumentRoot
+#     Sarg will create sarg-php directory with some PHP modules:
+#     - sarg-squidguard-block.php - add urls from user reports to squidGuard DB
+#
+#www_document_root /var/www/html
+
+# TAG: block_it module_url
+#     This tag allow you to pass urls from user reports to a cgi or php module,
+#     to be blocked by some Squid acl
+#
+#     Eg.: block_it /sarg-php/sarg-block-it.php
+#     sarg-block-it is a php that will append a url to a flat file.
+#     You must change /var/www/html/sarg-php/sarg-block-it to point to your file
+#     in $filename variable, and chown to a httpd owner.
+#
+#     sarg will pass http://module_url?url=url
+#
+#block_it none
+
+# TAG: external_css_file path
+#     Provide the path to an external css file to link into the HTML reports instead of
+#     the inline css written by sarg when this option is not set.
+#
+#     In versions prior to 2.3, this used to be an absolute file name to
+#     a file to include verbatim in each HTML page but, as it takes a lot of
+#     space, version 2.3 switched to a link to an external css file.
+#     Therefore, this option must contain the HTTP server path on which a client
+#     browser may find the css file.
+#
+#     Sarg use theses style classes:
+#	.logo		logo class
+#	.info		sarg information class, align=center
+#	.title_c	title class, align=center
+#	.header_c	header class, align:center
+#	.header_l	header class, align:left
+#	.header_r	header class, align:right
+#	.text		text class, align:right
+#	.data		table text class, align:right
+#	.data2		table text class, align:left
+#	.data3		table text class, align:center
+#	.link  		link class
+#
+#     Sarg can be instructed to output the internal css it inline
+#     into the reports with this command:
+#
+#        sarg --css
+#
+#     You can redirect the output to a file of your choice and edit
+#     it to your liking.
+#
+#external_css_file none
+#external_css_file /var/www/sarg/sarg.css
+external_css_file /squid/sarg.css
+# TAG: user_authentication yes|no
+#     Allow user authentication in User Reports using .htaccess
+#     Parameters:  
+#	AuthUserTemplateFile - The template to use to create the
+#     .htaccess file. In the template, %u is replaced by the
+#     user's ID for which the report is generated. The path of the
+#     template is relative to the directory containing sarg
+#     configuration file.
+#
+# user_authentication no
+# AuthUserTemplateFile sarg_htaccess
+
+# TAG: download_suffix "suffix,suffix,...,suffix"
+#    file suffix to be considered as "download" in Download report.
+#    Use 'none' to disable.    
+#
+#download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
+
+# TAG: ulimit n
+#    The maximum number of open file descriptors to avoid "Too many open files" error message.
+#    You need to run sarg as root to use ulimit tag.
+#    If you run sarg with a low privilege user, set to 'none' to disable ulimit
+#
+#ulimit 20000
+
+# TAG: ntlm_user_format username|domainname+username
+#      NTLM users format.
+#
+#ntlm_user_format domainname+username
+
+# TAG: realtime_refresh_time num sec
+#      How many time to auto refresh the realtime report
+#      0 = disable
+#
+# realtime_refresh_time 3
+
+# TAG: realtime_access_log_lines num
+#      How many last lines to get from access.log file 
+#
+# realtime_access_log_lines 1000
+
+# TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST
+#      Which records must be in realtime report.
+#
+# realtime_types GET,PUT,CONNECT  
+
+# TAG: realtime_unauthenticated_records: ignore|show
+#      What to do with unauthenticated records in realtime report.
+#
+# realtime_unauthenticated_records: show
+
+# TAG: byte_cost value no_cost_limit
+#      Cost per byte.
+#      Eg. byte_cost 0.01 100000000
+#           per byte cost      = 0.01
+#           bytes with no cost = 100 Mb
+#      0 = disable
+#
+# byte_cost 0.01 50000000
+
+# TAG: squid24 on|off
+#      Compatilibity with squid version <= 2.4 when using emulate_http_log on
+#
+# squid24 off
+

root/etc/e-smith/web/functions/sarg

@@ -0,0 +1,74 @@
+#!/usr/bin/perl -wT
+
+#----------------------------------------------------------------------
+# heading : Administration
+# description : SARG reports
+# navigation : 4000 4390
+#
+#----------------------------------------------------------------------
+
+package esmith;
+
+use strict;
+use CGI ':all';
+use CGI::Carp qw(fatalsToBrowser);
+
+use esmith::cgi;
+use esmith::config;
+use esmith::util;
+
+sub showInitial ($);
+
+BEGIN
+{
+# Clear PATH and related environment variables so that calls to
+# external programs do not cause results to be tainted. See
+# "perlsec" manual page for details.
+
+$ENV {'PATH'} = '/bin:/usr/bin';
+$ENV {'SHELL'} = '/bin/bash';
+delete $ENV {'ENV'};
+}
+
+esmith::util::setRealToEffective ();
+
+$CGI::POST_MAX=1024 * 100; # max 100K posts
+$CGI::DISABLE_UPLOADS = 1; # no uploads
+
+my %conf;
+tie %conf, 'esmith::config';
+
+#------------------------------------------------------------
+# examine state parameter and display the appropriate form
+#------------------------------------------------------------
+
+my $q = new CGI;
+
+if (! grep (/^state$/, $q->param))
+{
+showInitial ($q);
+}
+else
+{
+esmith::cgi::genStateError ($q, \%conf);
+}
+
+exit (0);
+
+#------------------------------------------------------------
+# subroutine to display initial form
+#------------------------------------------------------------
+
+sub showInitial ($)
+{
+my ($q) = @_;
+
+my $url = "/squid";
+print $q->redirect(-location => $url);
+
+## these lines aren't that important, they just prevent a
+## premature end of script headers error
+esmith::cgi::genHeaderNonCacheable ($q, \%conf, 'SARG reports');
+esmith::cgi::genFooter ($q);
+}
+