| 1 |
1 |
# Storyboard library file
|
| 2 |
2 |
|
| 3 |
|
# For ease of upgrade DO NOT CHANGE THIS library file
|
|
3 |
# For ease of upgrade DO NOT CHANGE THIS library file
|
| 4 |
4 |
# Make your function changes by overriding functions
|
| 5 |
5 |
# in the site.story file - for site wide changes
|
| 6 |
6 |
# and in filtergroup specific story file - see examplef1.story
|
| 7 |
7 |
#
|
| 8 |
8 |
# This library is built to largely duplicate the logic in V4
|
| 9 |
|
#
|
|
9 |
#
|
| 10 |
10 |
# Many e2guardian[f1].conf flags are replaced by overiding
|
| 11 |
11 |
# library functions - see site.story and examplef1.story
|
| 12 |
12 |
#
|
| ... | ... | |
| 38 |
38 |
if(true) setgrey
|
| 39 |
39 |
|
| 40 |
40 |
|
|
41 |
# Entry function to check if to log
|
|
42 |
# returns true if log entry is to be made
|
|
43 |
# This can be overriden in site.story (or fn.story) to log all for testing.
|
|
44 |
function(checklogging)
|
|
45 |
if(urlin,nolog) setnolog
|
|
46 |
if(returnset) return false
|
|
47 |
if(true) return true
|
|
48 |
|
|
49 |
|
| 41 |
50 |
# Entry function called by proxy module to check http response
|
| 42 |
51 |
function(checkresponse)
|
| 43 |
52 |
if(exceptionset) return false
|
| ... | ... | |
| 102 |
111 |
|
| 103 |
112 |
|
| 104 |
113 |
# Local SSL checks
|
| 105 |
|
# returns true if matches local exception
|
|
114 |
# returns true if matches local exception
|
| 106 |
115 |
function(localsslrequestcheck)
|
| 107 |
116 |
if(sitein, localexception) return setexception
|
| 108 |
117 |
if(sitein, localgreyssl) returnif sslcheckmitm
|
| ... | ... | |
| 220 |
229 |
#if(urlin,bannedbypass) return unsetbypassallow
|
| 221 |
230 |
|
| 222 |
231 |
# ICAP SSL request check
|
| 223 |
|
# returns true if exception
|
|
232 |
# returns true if exception
|
| 224 |
233 |
function(icapsslrequestcheck)
|
| 225 |
234 |
if(true) returnif icapsquidbump
|
| 226 |
235 |
if(true) returnif sslexceptioncheck
|
| ... | ... | |
| 244 |
253 |
# File type blocking
|
| 245 |
254 |
# returns true if blocking
|
| 246 |
255 |
# Default uses banned lists and allows all others
|
| 247 |
|
# Overide in site.story or fn.story if only types in exception file type lists
|
|
256 |
# Overide in site.story or fn.story if only types in exception file type lists
|
| 248 |
257 |
# are to be allowed
|
| 249 |
258 |
function(checkfiletype)
|
| 250 |
259 |
if(mimein, bannedmime) return setblock
|
| 251 |
260 |
if(extensionin, bannedextension) return setblock
|
| 252 |
261 |
|
| 253 |
|
# SNI checking - determines default action when no SNI or TSL is present on a
|
|
262 |
# SNI checking - determines default action when no SNI or TSL is present on a
|
| 254 |
263 |
# THTTPS connection
|
| 255 |
264 |
# Default blocks all requests with TLS or SNI absent that are not ip site exceptions
|
| 256 |
265 |
function(checksni)
|