Setting up Update Accelerator on IPCOP

First, you need to edit /usr/sbin/updxlrator:

vim /usr/sbin/updxlrator

on the command line or edit it using the WinSCP edit function or somesuch.

Look around until you find the section with this sort of code:

   # -----------------------------------------------------------
   #  Section: Linux Downloads
   # -----------------------------------------------------------

   if ($source_url =~ m@^[h|f]t?tp://[^?]+\.(deb|rpm)$@i)
   {
      $xlrator_url = &check_cache($source_url,$hostaddr,$username,"Linux",$mirror);
   }

   # -----------------------------------------------------------
   #  Section: Trend Micro Downloads
   # -----------------------------------------------------------
   ...
   ... <cut for readability of post>
   ...
   # -----------------------------------------------------------
   #  Section: Avast Downloads
   # -----------------------------------------------------------

   if ($source_url =~ m@^http://download[\d]+\.avast\.com/.*\.(exe|vpu)$@i)
   {
      $xlrator_url = &check_cache($source_url,$hostaddr,$username,"Avast",$mirror);
   }

   # -----------------------------------------------------------

   }

Now what we need to do is add a new section.It is easiest to just copy/paste one of the other sections and then change it to suite your needs. You want to be pasting it in just before that last #————-

Once you've got your “template” that we pinched from the source code we need to edit two main parts. The first is this line:

$xlrator_url = &check_cache($source_url,$hostaddr,$username,[b]"Avast"[/b],[i]$mirror[/i]);

The “vendor” which in this example is “Avast” needs to be changed to “Other” or to an intelligent name like Avg, Nod32, Bitdefender or whatever else you are trying to cache. If you do not use “Other” then later on you will need to edit some more files and also upload a file or two to keep things neat and tidy.

You might also want to change the $mirror part to $unique if there is only one source for the files. Something like AVG would only have one source and so would be unique, SpybotSD or Linux updates can come from a number of sources and so you would use mirror for that.

(On a side note, there are backup servers for AVG updates in case the main one is unavailable, depending on how you edit the next section, Update Accelerator could recognise that the files are the same as those coming from the main server. However, if you set the mirror/unique to unique, I am fairly sure that it will think that two identical files (one on main server, one on backup) are different and will cache both. I haven't tested this, it is just speculation)

The second thing that needs editing is the pattern that is used to match the correct url to each update type. It can be comprised of multiple patterns and these can have AND (&&) or OR (||) relationships with each other, or AND and OR as with the Microsoft patterns. OR means that if any of the patterns on either side of the OR match it will be assigned to the current vendor. AND means that if all the patterns on either side of the AND match it will go to the current vendor. Have a look at the code for each vendor and you will be able to see how the && and || operators are used. If you do use multiple patterns, make sure you have the right amount of brackets around them and the AND/OR operators!

Symantec pattern:
if ($source_url =~ m@^[h|f]tt?p://[^/]*\.symantec(liveupdate)?\.com/.*\.(exe|zip|vdb|xdb)$@i)

This is a regular expression. There are lots of rules to describe their behavior. I don't know them. Most of what is below is derived from observing the behaviour of Update Accelerator. In the above example there are several things to understand:

[h|f] means that either the h or the f can be used, not both, not neither. [h|f]tt?p means that the t before the ? is optional.

Can you see that this will match URL's starting with both “http” and “ftp”? It will also match “htp” and “fttp” but neither of those will ever crop up in a functional URL and so the possibility of them causing a problem is ignored.

The (liveupdate)? also indicates an optional part of the pattern so the URL could contain symantecliveudpate.com or just symantec.com.

A dot ”.” means something in a regular expression and so needs to be preceeded by a backslash “\” which tells the thing to treat the dot as a character to be matched.

So, I will now build a rule to cache AVG updates:

# -----------------------------------------------------------
#  Section: AVG Downloads
# -----------------------------------------------------------

if ($source_url =~ m@^http://.*\.avg\.com/.*\.(exe|bin|ctf)$@i)
{
        $xlrator_url = &check_cache($source_url,$hostaddr,$username,"Avg",$mirror);
}

# -----------------------------------------------------------

What the above means is that any URL that starts with “http:” and contains the characters ”.avg.com” and ends with ”.exe” ”.bin” or ”.ctf”. It could have anything between “http:” and ”.avg.com” and ”.exe/bin/ctf”. This is indicated by the ”.*” where the dot is funtioning as an operator in the regexp and the star is doing what it always does (indicating any number of characters of any type).

AVG updates are always bin files, the descriptors are ctf files and they come from a server at http://guru.avg.com, but as i mentioned earlier, there is a backup server called bguru.avg.com. I could have used “b?guru\.avg\.com” in the regexp but I would also like to cache any exe installer files that users on my network my download and so have ignored the “guru” thing entirely. I have also used “$mirror” as guru and bguru are mirrors of each other.

I have used Avg as my vendor ID. I could have used “Other” and if I had then my setup would be complete at this point. The addon is designed to take custom updates under the “Other” vendor.

I wanted to have a unique AVG vendor and have the updates show up in their own category. To do this I uploaded a gif of the AVG icon to the IPCop machine and stuck it in /home/httpd/images and called it updxl-src-avg.gif.

Then I added sections to /home/httpd/cgi-bin/updatexlrator.cgi wherever there were sections for each of the other vendors already in the addon I added a section for AVG using exactly the same syntax and form as the existing sections were using. Once I had done this, AVG updates were treated correctly and all was pretty and working well.

This last section has much less detail, I have lost motivation for making this guide as awesome as it could be and on rereading is eems that I have rambled at times, oh well… If you can follow the very long detailed first part of this guide, you should be able to follow similar procedures to add the custom AVG section wherever you need to.

howto/updateaccel.txt · Last modified: 2009/10/31 01:28 by ds531