Gecko [ 37julay.space ]

Name	Size	Permission	Date
migrate_csf	[ DIR ]	drwxr-xr-x	2025-09-13 06:27
check-detached.py	1.11 KB	-rwxr-xr-x	2025-07-23 06:47
check_recurrent.py	1.85 KB	-rwxr-xr-x	2025-08-22 12:13
create_default_config	1.23 KB	-rwxr-xr-x	2025-07-23 06:47
csf_tool	2.75 KB	-rwxr--r--	2025-08-22 12:13
delay_on_cron_call.py	1.12 KB	-rwxr-xr-x	2025-08-28 14:27
disable_3rd_party_ids	1.01 KB	-rwxr--r--	2025-08-22 12:13
imunify-disable-cpu-accounting.sh	792 B	-rwxr--r--	2025-07-23 06:47
imunify-doctor.sh	17.1 KB	-rwxr--r--	2025-07-23 06:47
imunify-force-update.sh	3.16 KB	-rwxr--r--	2025-07-23 06:47
lfd_block.py	2.96 KB	-rwxr--r--	2025-08-22 12:13
mk_apache_conf_digest.pl	3.54 KB	-rwxr--r--	2025-08-22 12:13
purge-clamav	535 B	-rwxr-xr-x	2025-07-23 06:47
remove_hardened_php.py	3.92 KB	-rwxr-xr-x	2025-08-22 12:13
rules_checker.py	10.8 KB	-rw-r--r--	2025-08-22 12:13
send-notifications	7.66 KB	-rwsrwx---	2025-07-23 06:47
setup_cagefs.py	3.72 KB	-rwx------	2025-08-28 14:27
track-fpfn-submissions.sh	3.8 KB	-rwxr-xr-x	2025-07-23 06:47
update_components_versions.py	4.46 KB	-rwxr-xr-x	2025-07-23 06:47
whitelist_cache.py	1.46 KB	-rwxr-xr-x	2025-08-22 12:13

Rename

#!/usr/bin/perl

use strict;

my $config=shift;
my $httpd_root = shift;
scan_config_recursive($config, 0);

sub out_tree{
    my ($branch, $out, $level) = @_;
    if (@$branch == 2){ # no rules
        return 0;
    }
    my $rules = 0;
    my $start_pos = @$out;
    my ($start, $end) = (shift @$branch, pop @$branch);
    for my $tmp (@$branch){
        if(ref($tmp) eq 'ARRAY'){
           $rules += out_tree($tmp, $out, $level + 2);
        }else{
            $rules++;
            push @$out, (" " x ($level + 2)). $tmp;
        }
    }
    if($rules){
        splice @$out, $start_pos, 0, (" " x $level) . $start;
        push @$out, (" " x $level) . $end;
    }
    return $rules;
}

sub scan_config_recursive{
    my ($config, $level) = @_;
    print "-" x $level, "file:",$config, "\n";
    my $rule_prefix= "-" x ($level + 2) . "rule:";
    my (@stack, $tree, $current);
    my $counter = 0;
    return unless -e $config;
    open(local(*CFG), "<", $config);
    while(<CFG>){
        s/^\s*|\s*$//g;
        if (/^\s*Include(?:Optional)?\s+"?([^"]+?)"?\s*?$/mi){ # includes
            my $inc=$1;
            $inc = $httpd_root . '/' . $inc if $inc !~ m|^/|;
            my @incs = sort glob($inc);
            scan_config_recursive($_, $level + 2) for @incs;
        }elsif(/^\s*<(\/)?(?:ifdefine|if|elseif|else|ifmodule|virtualhost|location|directory)\b\s*/i){ # block directives
            unless(defined $1){ # start block directive
                my $branch = [$_];
                push @stack, $branch;
                push @$current, $branch if $current;
                $tree = $branch unless $tree;
                $current = $branch;
            }else{ # end block directive
                push @$current, $_;
                pop @stack; # remove current
                $current  = $stack[$#stack];
            }
            unless(@stack){
                my $out = [];
                if ($counter){
                    if(out_tree($tree,$out)){
                        #local $, = "\n";
                        print join ( "\n" , (map { $rule_prefix . $_}  @$out) ) , "\n";
                    }
                }
                @stack=();
                $counter = 0;
                $tree = undef;
                $current = undef;
            }
         # all important directives  to log
        }elsif(/^\s*(lsapi_uid_gid|lsapi_user_group|php_value|userdir|rdefaultuidgid|assignuserid|rminuidgid|rgroups|securelinks|assignuserid|lveid|lveuser|suphp_usergroup|secuploadkeepfiles|secuploaddir|secruleremovebytag|secruleremovebymsg|secrequestbodylimit|secchrootdir|secauditlog|secruleremovebyid|documentroot|servername|serverroot|setenv|user|group|secruleengine|secrequestbodyaccess|secresponsebodyaccess|secdebuglog|sectmpdir|secdatadir|secauditengine|suexecusergroup|ruidgid)\b\s*(.+)$/i){
            my $line = $_;
            my $path = $2;
            if($1 =~ /root|dir|path|log/i){
                $path =~ s/^["']|["']$//g;
                $path =~ s/([`\$"])/\\$1/g;
                if($path =~ m"^/"){ # todo handle relative paths
                    unless(-e $path){
                        $line .= " [not exists or access denied]";
                    }else{
                        my $path_info = `ls "$path" -ld 2>>/dev/null | cut -d" " -f1,3,4`; chomp($path_info);
                        $line .= " [$path_info]" if $path_info;
                    }
                }
            }
            if($current){
                push @$current, $line;
                $counter++;
            }else{
                print $rule_prefix ,$line, "\n";
            }
        }
    }
}