SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0003308: restartdansguardian.py write wrong configs - MantisBT
MantisBT - Endian Firewall
View Issue Details
0003308Endian FirewallProxy HTTPpublic2010-11-17 18:582011-09-02 00:11
leandro 
simon-endian 
normalmajorsometimes
feedbackreopened 
 
2.4.1 
0003308: restartdansguardian.py write wrong configs
When I apply some access policy in proxy with content filter, the same (proxy/dansguardian) doesn't work anymore or block everything.

After some analysis the log and config files was found a problem in python script restartdansguardian.py.

The problem is on listing the directories that is being considered as a string.

When the number of content filters exceeds 9 (nine), coming close 10 or more content filter, the list is inverted.

Listing with normal number: 1, 2, 3, 4, 5, 6, 7, 8, 9 e 10.

Listing using string: 1, 10, 2, 3, 4, 5, 6, 7, 8 e 9.

It does dansguardian manages configs with incorrect information, send value in variable "groupname" with totally wrong config of the content filter.

i.e. the config file dansguardianf10.conf responsible for Seguran├ža group, had "groupname" variable with value "Custo content2".

Solving problem took the following steps, wich gave north to debug python script:

# ls -1 /etc/dansguardian/profiles/ [ Here it shows the listing as if it was string. ]

# ls -1 /etc/dansguardian/profiles/ | sed "s/^\(.\)$/0\1/" | sort | sed "s/^0\(.\)$/\1/"

OR

# ls -1 /etc/dansguardian/profiles/ | sort -n

[ Here we saw how the list should be. ]

After checking the script was not finding anything.
When running the command below, we had the answer:

# restartdansguardian -d [ Show where the script error. ]

Now enter in file /usr/local/bin/restartdansguardian.py

# vi /usr/local/bin/restartdansguardian.py

We look for line containing ".Include" and moving to fuction "def getprofiles()" responsible for creation of content filters.

The process took to run debug line by line in the fuction getprofiles.

def getprofiles():
    if file_exists(DANSGUARDIAN_SETTINGS):
        profiles = glob(DANSGUARDIAN_SETTINGS)
    else:
        profiles = glob(DANSGUARDIAN_SETTINGS_DEFAULT)
    profiles += glob("%s/*/settings" % DANSGUARDIAN_PROFILES)
    profiles = sorted(map(lambda p: os.path.dirname(p), profiles))
    debug(profiles)
    return profiles

The process.

# python
Python 2.4.6 (0000001, Nov 10 2009, 07:02:03)
[GCC 3.4.6 20060404 (e 3.4.6-10.endian8)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> import glob
>>> profile = glob.glob ("/var/efw/dansguardian/settings")
>>> profiles = glob.glob ("/var/efw/dansguardian/settings")
>>> profiles += glob.glob ("%s/*/settings" % "/var/efw/dansguardian/profiles")
>>> profiles
['/var/efw/dansguardian/settings', '/var/efw/dansguardian/profiles/content2/settings',
'/var/efw/dansguardian/profiles/content3/settings', '/var/efw/dansguardian/profiles/content4/settings',
'/var/efw/dansguardian/profiles/content5/settings', '/var/efw/dansguardian/profiles/content6/settings',
'/var/efw/dansguardian/profiles/content7/settings', '/var/efw/dansguardian/profiles/content8/settings',
'/var/efw/dansguardian/profiles/content9/settings', '/var/efw/dansguardian/profiles/content10/settings',
'/var/efw/dansguardian/profiles/content11/settings', '/var/efw/dansguardian/profiles/content12/settings',
'/var/efw/dansguardian/profiles/content13/settings', '/var/efw/dansguardian/profiles/content14/settings',
'/var/efw/dansguardian/profiles/content15/settings', '/var/efw/dansguardian/profiles/content16/settings']
>>> profiles = sorted(map(lambda p: os.path.dirname(p), profiles))
>>> profiles
['/var/efw/dansguardian', '/var/efw/dansguardian/profiles/content10',
'/var/efw/dansguardian/profiles/content11', '/var/efw/dansguardian/profiles/content12',
'/var/efw/dansguardian/profiles/content13', '/var/efw/dansguardian/profiles/content14',
'/var/efw/dansguardian/profiles/content15', '/var/efw/dansguardian/profiles/content16',
'/var/efw/dansguardian/profiles/content2', '/var/efw/dansguardian/profiles/content3',
'/var/efw/dansguardian/profiles/content4', '/var/efw/dansguardian/profiles/content5',
'/var/efw/dansguardian/profiles/content6', '/var/efw/dansguardian/profiles/content7',
'/var/efw/dansguardian/profiles/content8', '/var/efw/dansguardian/profiles/content9']

Discovery.

>>> profile = glob.glob ("/var/efw/dansguardian/settings")
>>> profiles = glob.glob ("/var/efw/dansguardian/settings")
>>> profiles += glob.glob ("%s/*/settings" % "/var/efw/dansguardian/profiles")
>>> profiles
['/var/efw/dansguardian/settings', '/var/efw/dansguardian/profiles/content2/settings',
'/var/efw/dansguardian/profiles/content3/settings', '/var/efw/dansguardian/profiles/content4/settings',
'/var/efw/dansguardian/profiles/content5/settings', '/var/efw/dansguardian/profiles/content6/settings',
'/var/efw/dansguardian/profiles/content7/settings', '/var/efw/dansguardian/profiles/content8/settings',
'/var/efw/dansguardian/profiles/content9/settings', '/var/efw/dansguardian/profiles/content10/settings',
'/var/efw/dansguardian/profiles/content11/settings', '/var/efw/dansguardian/profiles/content12/settings',
'/var/efw/dansguardian/profiles/content13/settings', '/var/efw/dansguardian/profiles/content14/settings',
'/var/efw/dansguardian/profiles/content15/settings', '/var/efw/dansguardian/profiles/content16/settings']
>>> profiles = map(lambda p: os.path.dirname(p), profiles)
>>> profiles
['/var/efw/dansguardian', '/var/efw/dansguardian/profiles/content2',
'/var/efw/dansguardian/profiles/content3', '/var/efw/dansguardian/profiles/content4',
'/var/efw/dansguardian/profiles/content5', '/var/efw/dansguardian/profiles/content6',
'/var/efw/dansguardian/profiles/content7', '/var/efw/dansguardian/profiles/content8',
'/var/efw/dansguardian/profiles/content9', '/var/efw/dansguardian/profiles/content10',
'/var/efw/dansguardian/profiles/content11', '/var/efw/dansguardian/profiles/content12',
'/var/efw/dansguardian/profiles/content13', '/var/efw/dansguardian/profiles/content14',
'/var/efw/dansguardian/profiles/content15', '/var/efw/dansguardian/profiles/content16']
>>>

OBS.: The glob module finds all the pathnames matching a specified pattern according to the rules used by the Unix shell.

Problem was found on line 174 of script, the "sorted".

The soluction, remove sorted in line 174.

profiles = sorted(map(lambda p: os.path.dirname(p), profiles))

To

profiles = map(lambda p: os.path.dirname(p), profiles)

Restart the dansguardian and found that policies were correct.
No tags attached.
Issue History
2010-11-17 18:58leandroNew Issue
2010-11-17 21:43simon-endianNote Added: 0005156
2010-11-17 21:43simon-endianStatusnew => resolved
2010-11-17 21:43simon-endianFixed in Version => 2.4.1
2010-11-17 21:43simon-endianResolutionopen => fixed
2010-11-17 21:43simon-endianAssigned To => simon-endian
2010-11-22 11:51peter-endianStatusresolved => closed
2011-09-02 00:11rodrigodc01Note Added: 0007375
2011-09-02 00:11rodrigodc01Statusclosed => feedback
2011-09-02 00:11rodrigodc01Resolutionfixed => reopened

Notes
(0005156)
simon-endian   
2010-11-17 21:43   
applied fix
(0007375)
rodrigodc01   
2011-09-02 00:11   
Hello im running version 2.4.1 and this problem still existis and its giving me a really hard time.

Whenever i create 10 filters everything gets messed up, so anybody has a solution for this problem ?