d500448801 2009-10-05 1: #!/usr/bin/env python3.1
d500448801 2009-10-05 2:
ae30851739 2010-08-12 3: import postgresql.api, re, sys
d500448801 2009-10-05 4:
b93dc49210 2009-10-13 5: # wrapper around syslog, can be muted
d500448801 2009-10-05 6: class Logger:
d500448801 2009-10-05 7: __slots__ = frozenset(['_syslog'])
d500448801 2009-10-05 8:
d500448801 2009-10-05 9: def __init__(self):
d500448801 2009-10-05 10: config.section('log')
d500448801 2009-10-05 11: if config['silent'] == 'yes':
d500448801 2009-10-05 12: self._syslog = None
d500448801 2009-10-05 13: else:
d500448801 2009-10-05 14: import syslog
d500448801 2009-10-05 15: self._syslog = syslog
d500448801 2009-10-05 16: self._syslog.openlog('squidTag')
d500448801 2009-10-05 17:
d500448801 2009-10-05 18: def info(self, message):
4b22e25f24 2009-10-07 19: if self._syslog:
d500448801 2009-10-05 20: self._syslog.syslog(self._syslog.LOG_INFO, message)
d500448801 2009-10-05 21:
d500448801 2009-10-05 22: def notice(self, message):
4b22e25f24 2009-10-07 23: if self._syslog:
d500448801 2009-10-05 24: self._syslog.syslog(self._syslog.LOG_NOTICE, message)
d500448801 2009-10-05 25:
b93dc49210 2009-10-13 26: # wrapper around database
d500448801 2009-10-05 27: class tagDB:
ae30851739 2010-08-12 28: __slots__ = frozenset(('_check_stmt', '_db', '_dump_stmt'))
b93dc49210 2009-10-13 29:
b93dc49210 2009-10-13 30: def __init__(self):
9450c03d41 2010-08-07 31: config.section('database')
9450c03d41 2010-08-07 32: self._db = postgresql.open(
9450c03d41 2010-08-07 33: 'pq://{}:{}@{}/{}'.format(
9450c03d41 2010-08-07 34: config['user'],
9450c03d41 2010-08-07 35: config['password'],
9450c03d41 2010-08-07 36: config['host'],
9450c03d41 2010-08-07 37: config['database'],
9450c03d41 2010-08-07 38: ) )
ae30851739 2010-08-12 39: self._check_stmt = None
ae30851739 2010-08-12 40: self._dump_stmt = None
b93dc49210 2009-10-13 41:
b93dc49210 2009-10-13 42: def check(self, site, ip_address):
ae30851739 2010-08-12 43: if self._check_stmt == None:
ae30851739 2010-08-12 44: self._check_stmt = self._db.prepare("select redirect_url, regexp from site_rule where site <@ tripdomain($1) and netmask >> $2::text::inet order by array_length(site, 1) desc")
b93dc49210 2009-10-13 45: return(self._check_stmt(site, ip_address))
ae30851739 2010-08-12 46:
ae30851739 2010-08-12 47: def dump(self):
ae30851739 2010-08-12 48: if self._dump_stmt == None:
ae30851739 2010-08-12 49: self._dump_stmt = self._db.prepare("select untrip(site), tag, regexp from urls natural join site natural join tag order by site, tag")
ae30851739 2010-08-12 50: return(self._dump_stmt())
ae30851739 2010-08-12 51:
31e69c4237 2010-08-12 52: def load(self, csv_data):
31e69c4237 2010-08-12 53: with self._db.xact():
31e69c4237 2010-08-12 54: if config.options.flush_db:
31e69c4237 2010-08-12 55: self._db.execute('delete from urls;')
31e69c4237 2010-08-12 56: if config.options.flush_site:
31e69c4237 2010-08-12 57: self._db.execute('delete from site;');
31e69c4237 2010-08-12 58: insertreg = self._db.prepare("select set($1, $2, $3)")
31e69c4237 2010-08-12 59: insert = self._db.prepare("select set($1, $2)")
31e69c4237 2010-08-12 60: for row in csv_data:
31e69c4237 2010-08-12 61: if len(row[2]) > 0:
31e69c4237 2010-08-12 62: insertreg(row[0], row[1], row[2])
31e69c4237 2010-08-12 63: else:
31e69c4237 2010-08-12 64: insert(row[0], row[1])
31e69c4237 2010-08-12 65: self._db.execute('vacuum analyze site;')
31e69c4237 2010-08-12 66: self._db.execute('vacuum analyze urls;')
31e69c4237 2010-08-12 67:
b93dc49210 2009-10-13 68: # abstract class with basic checking functionality
b93dc49210 2009-10-13 69: class Checker:
ed7808827d 2009-10-14 70: __slots__ = frozenset(['_db', '_log'])
7e3418d94f 2009-10-12 71:
7e3418d94f 2009-10-12 72: def __init__(self):
b93dc49210 2009-10-13 73: self._db = tagDB()
b93dc49210 2009-10-13 74: self._log = Logger()
7c13294e9f 2010-08-07 75: self._log.info('started\n')
b93dc49210 2009-10-13 76:
ed7808827d 2009-10-14 77: def process(self, id, site, ip_address, url_path, line = None):
b93dc49210 2009-10-13 78: self._log.info('trying {}\n'.format(site))
b93dc49210 2009-10-13 79: result = self._db.check(site, ip_address)
b93dc49210 2009-10-13 80: reply = '-'
b93dc49210 2009-10-13 81: for row in result:
b93dc49210 2009-10-13 82: if row != None and row[0] != None:
b93dc49210 2009-10-13 83: if row[1] != None:
b93dc49210 2009-10-13 84: self._log.info('trying regexp "{}" versus "{}"\n'.format(row[1], url_path))
d2c54d0451 2010-03-01 85: try:
d2c54d0451 2010-03-01 86: if re.compile(row[1]).match(url_path):
1fa8a88371 2010-07-14 87: reply = row[0].format(url_path)
d2c54d0451 2010-03-01 88: break
d2c54d0451 2010-03-01 89: else:
d2c54d0451 2010-03-01 90: continue
d2c54d0451 2010-03-01 91: except:
d2c54d0451 2010-03-01 92: self._log.info("can't compile regexp")
b93dc49210 2009-10-13 93: else:
1fa8a88371 2010-07-14 94: reply = row[0].format(url_path)
b93dc49210 2009-10-13 95: break
b93dc49210 2009-10-13 96: self.writeline('{} {}\n'.format(id, reply))
7e3418d94f 2009-10-12 97:
7e3418d94f 2009-10-12 98: def check(self, line):
7e3418d94f 2009-10-12 99: request = re.compile('^([0-9]+)\ (http|ftp):\/\/([-\w.:]+)\/([^ ]*)\ ([0-9.]+)\/(-|[\w\.]+)\ (-|\w+)\ (-|GET|HEAD|POST).*$').match(line)
7e3418d94f 2009-10-12 100: if request:
7e3418d94f 2009-10-12 101: id = request.group(1)
7e3418d94f 2009-10-12 102: #proto = request.group(2)
7e3418d94f 2009-10-12 103: site = request.group(3)
7e3418d94f 2009-10-12 104: url_path = request.group(4)
7e3418d94f 2009-10-12 105: ip_address = request.group(5)
ed7808827d 2009-10-14 106: self.process(id, site, ip_address, url_path, line)
26fc9b34d9 2010-08-07 107: return(True)
7e3418d94f 2009-10-12 108: else:
7e3418d94f 2009-10-12 109: self._log.info('bad request\n')
b93dc49210 2009-10-13 110: self.writeline(line)
26fc9b34d9 2010-08-07 111: return(False)
b93dc49210 2009-10-13 112:
b93dc49210 2009-10-13 113: def writeline(self, string):
b93dc49210 2009-10-13 114: self._log.info('sending: ' + string)
b93dc49210 2009-10-13 115: sys.stdout.write(string)
b93dc49210 2009-10-13 116: sys.stdout.flush()
b93dc49210 2009-10-13 117:
ed7808827d 2009-10-14 118: def loop(self):
ed7808827d 2009-10-14 119: while True:
ed7808827d 2009-10-14 120: line = sys.stdin.readline()
ed7808827d 2009-10-14 121: if len(line) == 0:
ed7808827d 2009-10-14 122: break
ed7808827d 2009-10-14 123: self.check(line)
ed7808827d 2009-10-14 124:
b93dc49210 2009-10-13 125: # threaded checking facility
b93dc49210 2009-10-13 126: class CheckerThread(Checker):
ed7808827d 2009-10-14 127: __slots__ = frozenset(['_lock', '_lock_exit', '_lock_queue', '_queue'])
b93dc49210 2009-10-13 128:
b93dc49210 2009-10-13 129: def __init__(self):
ae30851739 2010-08-12 130: import _thread
ae30851739 2010-08-12 131:
ed7808827d 2009-10-14 132: # basic initialisation
b93dc49210 2009-10-13 133: Checker.__init__(self)
ed7808827d 2009-10-14 134:
b93dc49210 2009-10-13 135: # Spin lock. Loop acquires it on start then releases it when holding queue
b93dc49210 2009-10-13 136: # lock. This way the thread proceeds without stops while queue has data and
b93dc49210 2009-10-13 137: # gets stalled when no data present. The lock is released by queue writer
b93dc49210 2009-10-13 138: # after storing something into the queue
b93dc49210 2009-10-13 139: self._lock = _thread.allocate_lock()
ed7808827d 2009-10-14 140: self._lock_exit = _thread.allocate_lock()
b93dc49210 2009-10-13 141: self._lock_queue = _thread.allocate_lock()
b93dc49210 2009-10-13 142: self._lock.acquire()
b93dc49210 2009-10-13 143: self._queue = []
b93dc49210 2009-10-13 144: _thread.start_new_thread(self._start, ())
b93dc49210 2009-10-13 145:
b93dc49210 2009-10-13 146: def _start(self):
b93dc49210 2009-10-13 147: while True:
b93dc49210 2009-10-13 148: self._lock.acquire()
ed7808827d 2009-10-14 149: with self._lock_queue:
ed7808827d 2009-10-14 150: # yes this should be written this way, and yes, this is why I hate threading
ed7808827d 2009-10-14 151: if len(self._queue) > 1:
ed7808827d 2009-10-14 152: if self._lock.locked():
ed7808827d 2009-10-14 153: self._lock.release()
ed7808827d 2009-10-14 154: req = self._queue.pop(0)
ed7808827d 2009-10-14 155: Checker.process(self, req[0], req[1], req[2], req[3])
ed7808827d 2009-10-14 156: with self._lock_queue:
ed7808827d 2009-10-14 157: if len(self._queue) == 0:
ed7808827d 2009-10-14 158: if self._lock_exit.locked():
ed7808827d 2009-10-14 159: self._lock_exit.release()
ed7808827d 2009-10-14 160:
ed7808827d 2009-10-14 161: def process(self, id, site, ip_address, url_path, line):
ed7808827d 2009-10-14 162: with self._lock_queue:
ed7808827d 2009-10-14 163: self._queue.append((id, site, ip_address, url_path))
ed7808827d 2009-10-14 164: self._log.info('request {} queued ({})\n'.format(id, line))
ed7808827d 2009-10-14 165: if not self._lock_exit.locked():
ed7808827d 2009-10-14 166: self._lock_exit.acquire()
ed7808827d 2009-10-14 167: if self._lock.locked():
ed7808827d 2009-10-14 168: self._lock.release()
ed7808827d 2009-10-14 169:
ed7808827d 2009-10-14 170: def loop(self):
ed7808827d 2009-10-14 171: while True:
ed7808827d 2009-10-14 172: line = sys.stdin.readline()
ed7808827d 2009-10-14 173: if len(line) == 0:
ed7808827d 2009-10-14 174: break
ed7808827d 2009-10-14 175: self.check(line)
ed7808827d 2009-10-14 176: self._lock_exit.acquire()
ed7808827d 2009-10-14 177:
26fc9b34d9 2010-08-07 178: # kqueue enabled class for BSD's
ed7808827d 2009-10-14 179: class CheckerKqueue(Checker):
ed7808827d 2009-10-14 180: __slots__ = frozenset(['_kq', '_select', '_queue'])
ed7808827d 2009-10-14 181:
ed7808827d 2009-10-14 182: def __init__(self):
ed7808827d 2009-10-14 183: # basic initialisation
ed7808827d 2009-10-14 184: Checker.__init__(self)
ed7808827d 2009-10-14 185:
ed7808827d 2009-10-14 186: # importing select module
ed7808827d 2009-10-14 187: import select
ed7808827d 2009-10-14 188: self._select = select
ed7808827d 2009-10-14 189:
ed7808827d 2009-10-14 190: # kreating kqueue
ed7808827d 2009-10-14 191: self._kq = self._select.kqueue()
7c13294e9f 2010-08-07 192: assert self._kq.fileno() != -1, "Fatal error: can't initialise kqueue."
ed7808827d 2009-10-14 193:
ed7808827d 2009-10-14 194: # watching sys.stdin for data
ed7808827d 2009-10-14 195: self._kq.control([self._select.kevent(sys.stdin, self._select.KQ_FILTER_READ, self._select.KQ_EV_ADD)], 0)
ed7808827d 2009-10-14 196:
ed7808827d 2009-10-14 197: # creating data queue
ed7808827d 2009-10-14 198: self._queue = []
ed7808827d 2009-10-14 199:
ed7808827d 2009-10-14 200: def loop(self):
ed7808827d 2009-10-14 201: # Wait for data by default
ed7808827d 2009-10-14 202: timeout = None
26fc9b34d9 2010-08-07 203: eof = False
26fc9b34d9 2010-08-07 204: buffer = ''
ed7808827d 2009-10-14 205: while True:
26fc9b34d9 2010-08-07 206: # checking if there is any data or witing for data to arrive
ed7808827d 2009-10-14 207: kevs = self._kq.control(None, 1, timeout)
7c13294e9f 2010-08-07 208:
ae1c0114c1 2010-08-09 209: for kev in kevs:
ae1c0114c1 2010-08-09 210: if kev.filter == self._select.KQ_FILTER_READ and kev.data > 0:
ae1c0114c1 2010-08-09 211: # reading data in
ae1c0114c1 2010-08-09 212: new_buffer = sys.stdin.read(kev.data)
ae1c0114c1 2010-08-09 213: # if no data was sent - we have reached end of file
ae1c0114c1 2010-08-09 214: if len(new_buffer) == 0:
ae1c0114c1 2010-08-09 215: eof = True
ae1c0114c1 2010-08-09 216: else:
ae1c0114c1 2010-08-09 217: # adding current buffer to old buffer remains
ae1c0114c1 2010-08-09 218: buffer += new_buffer
ae1c0114c1 2010-08-09 219: # splitting to lines
ae1c0114c1 2010-08-09 220: lines = buffer.split('\n')
ae1c0114c1 2010-08-09 221: # last line that was not terminate by newline returns to buffer
ae1c0114c1 2010-08-09 222: buffer = lines[-1]
ae1c0114c1 2010-08-09 223: # an only if there was at least one newline
ae1c0114c1 2010-08-09 224: if len(lines) > 1:
ae1c0114c1 2010-08-09 225: for line in lines[:-1]:
ae1c0114c1 2010-08-09 226: # add data to the queue
ae1c0114c1 2010-08-09 227: if self.check(line + '\n'):
ae1c0114c1 2010-08-09 228: # don't wait for more data, start processing
ae1c0114c1 2010-08-09 229: timeout = 0
ae1c0114c1 2010-08-09 230:
ae1c0114c1 2010-08-09 231: # detect end of stream and exit if possible
ae1c0114c1 2010-08-09 232: if kev.flags >> 15 == 1:
ae1c0114c1 2010-08-09 233: self._kq.control([self._select.kevent(sys.stdin, self._select.KQ_FILTER_READ, self._select.KQ_EV_DELETE)], 0)
ae1c0114c1 2010-08-09 234: eof = True
ae1c0114c1 2010-08-09 235:
ae1c0114c1 2010-08-09 236: if len(kevs) == 0:
7c13294e9f 2010-08-07 237: if len(self._queue) > 0:
7c13294e9f 2010-08-07 238: # get one request and process it
26fc9b34d9 2010-08-07 239: req = self._queue.pop(0)
26fc9b34d9 2010-08-07 240: Checker.process(self, req[0], req[1], req[2], req[3])
26fc9b34d9 2010-08-07 241: if len(self._queue) == 0:
26fc9b34d9 2010-08-07 242: # wait for data - we have nothing to process
26fc9b34d9 2010-08-07 243: timeout = None
7c13294e9f 2010-08-07 244:
7c13294e9f 2010-08-07 245: # if queue is empty and we reached end of stream - we can exit
7c13294e9f 2010-08-07 246: if len(self._queue) == 0 and eof:
7c13294e9f 2010-08-07 247: break
ed7808827d 2009-10-14 248:
ed7808827d 2009-10-14 249: def process(self, id, site, ip_address, url_path, line):
26fc9b34d9 2010-08-07 250: # simply adding data to the queue
ed7808827d 2009-10-14 251: self._queue.append((id, site, ip_address, url_path))
ed7808827d 2009-10-14 252: self._log.info('request {} queued ({})\n'.format(id, line))
7e3418d94f 2009-10-12 253:
fc934cead1 2009-10-13 254: # this classes processes config file and substitutes default values
d500448801 2009-10-05 255: class Config:
ae30851739 2010-08-12 256: __slots__ = frozenset(['_config', '_default', '_section', 'options'])
b93dc49210 2009-10-13 257: _default = {
b93dc49210 2009-10-13 258: 'reactor': {
b93dc49210 2009-10-13 259: 'reactor': 'thread',
b93dc49210 2009-10-13 260: },
fc934cead1 2009-10-13 261: 'log': {
fc934cead1 2009-10-13 262: 'silent': 'no',
fc934cead1 2009-10-13 263: },
fc934cead1 2009-10-13 264: 'database': {
fc934cead1 2009-10-13 265: 'host': 'localhost',
fc934cead1 2009-10-13 266: 'database': 'squidTag',
fc934cead1 2009-10-13 267: },}
d500448801 2009-10-05 268:
fc934cead1 2009-10-13 269: # function to read in config file
d500448801 2009-10-05 270: def __init__(self):
ae30851739 2010-08-12 271: import configparser, optparse, os
ae30851739 2010-08-12 272:
d500448801 2009-10-05 273: parser = optparse.OptionParser()
d500448801 2009-10-05 274: parser.add_option('-c', '--config', dest = 'config',
d500448801 2009-10-05 275: help = 'config file location', metavar = 'FILE',
d500448801 2009-10-05 276: default = '/usr/local/etc/squid-tagger.conf')
ae30851739 2010-08-12 277: parser.add_option('-d', '--dump', dest = 'dump',
ae30851739 2010-08-12 278: help = 'dump database', action = 'store_true', metavar = 'bool',
ae30851739 2010-08-12 279: default = False)
31e69c4237 2010-08-12 280: parser.add_option('-f', '--flush-database', dest = 'flush_db',
31e69c4237 2010-08-12 281: help = 'flush previous database on load', default = False,
31e69c4237 2010-08-12 282: action = 'store_true', metavar = 'bool')
31e69c4237 2010-08-12 283: parser.add_option('-F', '--flush-site', dest = 'flush_site',
31e69c4237 2010-08-12 284: help = 'when flushing previous dtabase flush site index too',
31e69c4237 2010-08-12 285: action = 'store_true', default = False, metavar = 'bool')
31e69c4237 2010-08-12 286: parser.add_option('-l', '--load', dest = 'load',
31e69c4237 2010-08-12 287: help = 'load database', action = 'store_true', metavar = 'bool',
31e69c4237 2010-08-12 288: default = False)
d500448801 2009-10-05 289:
ae30851739 2010-08-12 290: (self.options, args) = parser.parse_args()
d500448801 2009-10-05 291:
ae30851739 2010-08-12 292: assert os.access(self.options.config, os.R_OK), "Fatal error: can't read {}".format(self.options.config)
d500448801 2009-10-05 293:
d500448801 2009-10-05 294: self._config = configparser.ConfigParser()
ae30851739 2010-08-12 295: self._config.readfp(open(self.options.config))
d500448801 2009-10-05 296:
fc934cead1 2009-10-13 297: # function to select config file section or create one
d500448801 2009-10-05 298: def section(self, section):
fc934cead1 2009-10-13 299: if not self._config.has_section(section):
fc934cead1 2009-10-13 300: self._config.add_section(section)
d500448801 2009-10-05 301: self._section = section
d500448801 2009-10-05 302:
fc934cead1 2009-10-13 303: # function to get config parameter, if parameter doesn't exists the default
fc934cead1 2009-10-13 304: # value or None is substituted
d500448801 2009-10-05 305: def __getitem__(self, name):
fc934cead1 2009-10-13 306: if not self._config.has_option(self._section, name):
b93dc49210 2009-10-13 307: if self._section in self._default:
b93dc49210 2009-10-13 308: if name in self._default[self._section]:
fc934cead1 2009-10-13 309: self._config.set(self._section, name, self._default[self._section][name])
fc934cead1 2009-10-13 310: else:
fc934cead1 2009-10-13 311: self._config.set(self._section, name, None)
fc934cead1 2009-10-13 312: else:
fc934cead1 2009-10-13 313: self._config.set(self._section, name, None)
b93dc49210 2009-10-13 314: return(self._config.get(self._section, name))
d500448801 2009-10-05 315:
fc934cead1 2009-10-13 316: # initializing and reading in config file
d500448801 2009-10-05 317: config = Config()
d500448801 2009-10-05 318:
ae30851739 2010-08-12 319: if config.options.dump:
ae30851739 2010-08-12 320: # dumping database
ae30851739 2010-08-12 321: import csv
ae30851739 2010-08-12 322:
ae30851739 2010-08-12 323: tagdb = tagDB()
ae30851739 2010-08-12 324:
ae30851739 2010-08-12 325: csv_writer = csv.writer(sys.stdout)
ae30851739 2010-08-12 326: csv_writer.writerow(['site', 'tags', 'regexp'])
ae30851739 2010-08-12 327: for row in tagdb.dump():
ae30851739 2010-08-12 328: csv_writer.writerow([row[0], '{' + ','.join(row[1]) + '}', row[2]])
31e69c4237 2010-08-12 329:
31e69c4237 2010-08-12 330: elif config.options.load:
31e69c4237 2010-08-12 331: # loading database
31e69c4237 2010-08-12 332: import csv
31e69c4237 2010-08-12 333:
31e69c4237 2010-08-12 334: tagdb = tagDB()
31e69c4237 2010-08-12 335:
31e69c4237 2010-08-12 336: csv_reader = csv.reader(sys.stdin)
31e69c4237 2010-08-12 337: first_row = next(csv_reader)
31e69c4237 2010-08-12 338:
31e69c4237 2010-08-12 339: assert first_row == ['site', 'tags', 'regexp'], 'File must contain csv data with three columns: "site", "tags" and "regexp".'
31e69c4237 2010-08-12 340:
31e69c4237 2010-08-12 341: tagdb.load(csv_reader)
ae30851739 2010-08-12 342:
ae30851739 2010-08-12 343: else:
ae30851739 2010-08-12 344: # main loop
ae30851739 2010-08-12 345: config.section('reactor')
ae30851739 2010-08-12 346: if config['reactor'] == 'thread':
ae30851739 2010-08-12 347: checker = CheckerThread()
ae30851739 2010-08-12 348: elif config['reactor'] == 'plain':
ae30851739 2010-08-12 349: checker = Checker()
ae30851739 2010-08-12 350: elif config['reactor'] == 'kqueue':
ae30851739 2010-08-12 351: checker = CheckerKqueue()
ae30851739 2010-08-12 352:
ae30851739 2010-08-12 353: checker.loop()