Bug #11434
closedSquidGuard over 1.16.18_11
0%
Description
Hi, first problem thatI found is when we are using ldapusersearch on groups acl.
In older version when I insert ldapusersearch it was show on filter log. But now this option is not applicable, and that is the reason that filter not happens.
Ill send pictures .
Files
Updated by Robson Ferreira almost 4 years ago
- File screen3.PNG screen3.PNG added
Updated by Eduardo Silva almost 4 years ago
Hi, i have same problem. i try change Client (source) with ip, domain, etc.. and config file is written with correct parameter, but with ldapusersearch, the parameter is not written in config file.
Updated by Eduardo Silva almost 4 years ago
I found the problem in /usr/local/pkg/squidguard_configurator.inc
Line: 903
# separate IP, domains, usernames
if (strpos(trim($src[F_SOURCE]), 'ldapusersearch') === false) {
$tsrc = explode(" ", trim($src[F_SOURCE]));
foreach($tsrc as $sr) {
$sr = trim($sr);
if (empty($sr)) {
continue;
}
if (is_ipaddr_valid($sr)) {
$sg_tag->items[] = "ip $sr";
} elseif (is_domain_valid($sr)) {
$sg_tag->items[] = "domain $sr";
} elseif (is_username($sr)) {
$sg_tag->items[] = "user " . str_replace("'", "", $sr);
} else {
$sg_tag->items[] = trim($src[F_SOURCE]);
}
}
}
i change with:
# separate IP, domains, usernames
if (strpos(trim($src[F_SOURCE]), 'ldapusersearch') === false) {
$tsrc = explode(" ", trim($src[F_SOURCE]));
foreach($tsrc as $sr) {
$sr = trim($sr);
if (empty($sr)) {
continue;
}
if (is_ipaddr_valid($sr)) {
$sg_tag->items[] = "ip $sr";
} elseif (is_domain_valid($sr)) {
$sg_tag->items[] = "domain $sr";
} elseif (is_username($sr)) {
$sg_tag->items[] = "user " . str_replace("'", "", $sr);
}
}
} else {
$sg_tag->items[] = trim($src[F_SOURCE]);
}
Updated by Renato Botelho almost 4 years ago
- Status changed from New to Feedback
- Assignee set to Renato Botelho
Fix pushed to version 1.16.18_15. Thank you!
Updated by Azamat Khakimyanov over 1 year ago
- File Log_filter_config_page.png Log_filter_config_page.png added
- Status changed from Feedback to Resolved
Tested on 23.05_1
After adding ldapusersearch option into Group ACL
ldapusersearch ldap://192.168.0.100/DC=domain,DC=com?sAMAccountName?sub?(&(sAMAccountName=%s)(memberOf=CN=it%2cCN=Users%2cDC=domain%2cDC=com))
I see it on /Services/SquidGuard Proxy Filter/Log/Filter config page ('Log_filter_config_page.png')
and in /usr/local/etc/squidGuard/squidGuard.conf file.
I marked this Bug as resolved.