/scripts/linux/squid.sh

https://github.com/Bludge0n/Honeyd · Shell · 137 lines · 111 code · 21 blank · 5 comment · 6 complexity · 6500e34d4218b3b97bd2c218243e8dd9 MD5 · raw file 

    

  1. #!/bin/bash
    2. 

  2. #
    3. 

  3. # by Fabian Bieker <fabian.bieker@web.de>
    4. 

  4. # modified by DataSoft Corporation
    5. 

  5. 

  6. . scripts/misc/base.sh
    7. 

  7. 

  8. SRCIP=$1
    9. 

  9. SRCPORT=$2
    10. 

  10. DSTIP=$3
    11. 

  11. DSTPORT=$4
    12. 

  12. 

  13. STRINGSFILE=$5
    14. 

  14. VERSION=`perl -nle '/SQUID_VERSION (.*)/ and print $1' < $STRINGSFILE`
    15. 

  15. 

  16. 

  17. SERVICE="squid/PROXY"
    18. 

  18. HOST="serv"
    19. 

  19. LOG="/var/log/honeyd/web.log"
    20. 

  20. 

  21. REQUEST=""
    22. 

  22. 

  23. my_start
    24. 

  24. 

  25. while read name; do
    26. 

  26. 	
    27. 

  27. 	# remove control-characters
    28. 

  28. 	name=`echo $name | sed s/[[:cntrl:]]//g`
    29. 

  29. 

  30. 	LINE=`echo "$name" | egrep -i "[a-z:]"`
    31. 

  31. 	if [ -z "$LINE" ]
    32. 

  32. 	then
    33. 

  33. 		break
    34. 

  34. 	fi
    35. 

  35. 	echo "$name" >> $LOG
    36. 

  36. 

  37. 	NEWREQUEST=`echo "$name" | egrep -i "(GET|POST) [a-z0-9\./:-\?]+ HTTP/1\.(0|1)"`
    38. 

  38. 	if [ ! -z "$NEWREQUEST" ] ; then
    39. 

  39. 		REQUEST="GETPOST"
    40. 

  40. 	fi
    41. 

  41. 

  42. 	NEWREQUEST=`echo "$name" | egrep -i "CONNECT [a-z0-9\./:-\?]+"`
    43. 

  43. 	if [ ! -z "$NEWREQUEST" ] ; then
    44. 

  44. 		REQUEST="CONNECT"
    45. 

  45. 	fi
    46. 

  46. done
    47. 

  47. 

  48. 

  49. if [ -z "$REQUEST" ] ; then
    50. 

  50. 	cat << _eof_
    51. 

  51. HTTP/1.0 400 Bad Request
    52. 

  52. Server: $VERSION
    53. 

  53. Mime-Version: 1.0
    54. 

  54. Date: $DATE 
    55. 

  55. Content-Type: text/html
    56. 

  56. Expires: $DATE 
    57. 

  57. X-Squid-Error: ERR_INVALID_REQ 0
    58. 

  58. X-Cache: MISS from $HOST.$DOMAIN 
    59. 

  59. X-Cache-Lookup: NONE from $HOST.$DOMAIN:$2
    60. 

  60. Proxy-Connection: close
    61. 

  61. 

  62. <HTML><HEAD>
    63. 

  63. <TITLE>ERROR: The requested URL could not be retrieved</TITLE>
    64. 

  64. </HEAD><BODY>
    65. 

  65. <H1>ERROR</H1>
    66. 

  66. <H2>The requested URL could not be retrieved</H2>
    67. 

  67. <HR>
    68. 

  68. <P>
    69. 

  69. While trying to process the request:
    70. 

  70. <PRE>
    71. 

  71. $name
    72. 

  72. </PRE>
    73. 

  73. <P>
    74. 

  74. The following error was encountered:
    75. 

  75. <UL>
    76. 

  76. <LI>
    77. 

  77. <STRONG>
    78. 

  78. Invalid Request
    79. 

  79. </STRONG>
    80. 

  80. </UL>
    81. 

  81. 

  82. <P>
    83. 

  83. Some aspect of the HTTP Request is invalid.  Possible problems:
    84. 

  84. <UL>
    85. 

  85. <LI>Missing or unknown request method
    86. 

  86. <LI>Missing URL
    87. 

  87. <LI>Missing HTTP Identifier (HTTP/1.0)
    88. 

  88. <LI>Request is too large
    89. 

  89. <LI>Content-Length missing for POST or PUT requests
    90. 

  90. <LI>Illegal character in hostname; underscores are not allowed
    91. 

  91. </UL>
    92. 

  92. <P>Your cache administrator is <A HREF="mailto:webcache@$HOST.DOMAIN">webcache@$HOST.$DOMAIN</A>.
    93. 

  93. _eof_
    94. 

  94. 	my_stop
    95. 

  95. fi
    96. 

  96. 

  97. sleep 5
    98. 

  98. cat << _eof_
    99. 

  99. HTTP/1.0 400 CONNECT_FAIL 
    100. 

  100. Server: $VERSION
    101. 

  101. Mime-Version: 1.0
    102. 

  102. Date: $DATE 
    103. 

  103. Content-Type: text/html
    104. 

  104. Expires: $DATE 
    105. 

  105. X-Squid-Error: ERR_CONNECT_FAIL 0
    106. 

  106. X-Cache: MISS from $HOST.$DOMAIN 
    107. 

  107. X-Cache-Lookup: NONE from $HOST.$DOMAIN:$2
    108. 

  108. Proxy-Connection: close
    109. 

  109. 

  110. <HTML><HEAD>
    111. 

  111. <TITLE>ERROR: The requested URL could not be retrieved</TITLE>
    112. 

  112. </HEAD><BODY>
    113. 

  113. <H1>ERROR</H1>
    114. 

  114. <H2>The requested URL could not be retrieved</H2>
    115. 

  115. <HR>
    116. 

  116. <P>
    117. 

  117. While trying to retrieve the URL:
    118. 

  118. <A HREF="$name">$name</A>
    119. 

  119. <P>
    120. 

  120. The following error was encountered:
    121. 

  121. <UL>
    122. 

  122. <LI>
    123. 

  123. <STRONG>
    124. 

  124. Connection Failed
    125. 

  125. </STRONG>
    126. 

  126. </UL>
    127. 

  127. 

  128. <P>
    129. 

  129. The system returned:
    130. 

  130. <PRE><I>CONNECTION TIMEOUT</I></PRE>
    131. 

  131. 

  132. <P>
    133. 

  133. The remote host or network may be down.  Please try the request again.
    134. 

  134. <P>Your cache administrator is <A HREF="mailto:webcache@$HOST.DOMAIN">webcache@$HOST.$DOMAIN</A>.
    135. 

  135. _eof_
    136. 

  136. 

  137. my_stop
    138.