function run_func()
{
$unix = new unix();
$sock = new sockets();
$SquidNetworkSwitch = $sock->GET_INFO("SquidNetworkSwitch");
if ($SquidNetworkSwitch == null) {
run_remove();
return;
}
$unix = new unix();
if (!$unix->NETWORK_INTERFACE_OK($SquidNetworkSwitch)) {
echo "{$SquidNetworkSwitch} unavailable\n";
build_progress("{$SquidNetworkSwitch} {failed}", 110);
return;
}
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$ipaddr = $NETWORK_ALL_INTERFACES[$SquidNetworkSwitch]["IPADDR"];
if (!$unix->NETWORK_IS_LISTEN_ADDR_EXISTS($ipaddr)) {
echo "{$SquidNetworkSwitch} / {$ipaddr} unavailable\n";
build_progress("{$SquidNetworkSwitch} / {$ipaddr} {failed}", 110);
return;
}
build_progress("{reconfiguring_proxy_service}", 80);
$f = explode("\n", @file_get_contents("/etc/squid3/squid.conf"));
while (list($num, $ligne) = each($f)) {
if (preg_match("#tcp_outgoing_address#", $ligne)) {
echo "Remove line {$ligne}\n";
continue;
}
$newF[] = $ligne;
}
echo "{$SquidNetworkSwitch} -> {$ipaddr}\n";
$newF[] = "# Quick Network switch Interface: [{$SquidNetworkSwitch}] [" . date("Y-m-d H:i:s") . "]";
$newF[] = "tcp_outgoing_address {$ipaddr} all";
$newF[] = "";
@file_put_contents("/etc/squid3/squid.conf", @implode("\n", $newF));
build_progress("{reloading_proxy_service}", 90);
system("/etc/init.d/squid reload --force --script=" . basename(__FILE__));
build_progress("{done}", 100);
}
function build()
{
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, building configuration.\n";
}
@mkdir("/var/lib/shorewall", 0755, true);
$unix = new unix();
if (!isset($GLOBALS["INTERFACES"])) {
$GLOBALS["INTERFACES"] = $unix->NETWORK_ALL_INTERFACES();
}
shorewall_conf();
build_providers();
build_zones();
build_interfaces();
build_policies();
build_rules();
build_rtrules();
build_masq();
CheckConf();
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, BUILD DONE.\n";
}
}
function wccp_port($ligne)
{
$unix = new unix();
$ip = $unix->find_program("ip");
$sysctl = $unix->find_program("sysctl");
$eth = $ligne["nic"];
$ID = $ligne["ID"];
$port = $ligne["port"];
$SquidWCCPL3Addr = $ligne["SquidWCCPL3Addr"];
$SquidWCCPL3Route = $ligne["SquidWCCPL3Route"];
$echobin = $unix->find_program("echo");
$iptables = $unix->find_program("iptables");
$route = $unix->find_program("route");
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$UseSSL = intval($ligne["UseSSL"]);
build_progress("{building} eth:{$eth} port:{$port} id:{$ID}", 30);
if (!isset($NETWORK_ALL_INTERFACES[$eth])) {
if ($GLOBALS["PROGRESS"]) {
echo "Fatal {$eth} -> no ip addr !!!!\n";
}
$GLOBALS["SCRIPT_CONTENT"][] = "# Fatal {$eth} -> no ip addr";
return;
}
if ($NETWORK_ALL_INTERFACES[$eth]["IPADDR"] == '0.0.0.0') {
if ($GLOBALS["PROGRESS"]) {
echo "Fatal {$eth} -> no ip addr !!!!\n";
}
$GLOBALS["SCRIPT_CONTENT"][] = "# Fatal {$eth} -> no ip addr";
return;
}
$local_tcp = $NETWORK_ALL_INTERFACES[$eth]["IPADDR"];
$GLOBALS["WCCP_ROUTER"][$SquidWCCPL3Addr] = true;
$destport = "80";
if ($UseSSL == 1) {
$destport = 443;
}
$GLOBALS["COUNTOF"] = $GLOBALS["COUNTOF"] + 1;
$GLOBALS["SCRIPT_START"][] = "{$ip} link set {$eth} mtu 1476 || true";
if ($GLOBALS["PROGRESS"]) {
echo "{$ip} tunnel add wccp{$ID} mode gre remote {$SquidWCCPL3Addr} local {$local_tcp} dev {$eth}\n";
}
$GLOBALS["SCRIPT_START"][] = "{$ip} tunnel add wccp{$ID} mode gre remote {$SquidWCCPL3Addr} local {$local_tcp} dev {$eth} || true";
$GLOBALS["SCRIPT_START"][] = "{$ip} addr add {$local_tcp} dev wccp{$ID} || true";
$GLOBALS["SCRIPT_START"][] = "{$ip} link set wccp{$ID} up || true";
$GLOBALS["SCRIPT_START"][] = "{$sysctl} -w net.ipv4.conf.wccp{$ID}.rp_filter=0 || true";
$GLOBALS["SCRIPT_START"][] = "{$sysctl} -w net.ipv4.conf.{$eth}.rp_filter=0 || true";
$GLOBALS["SCRIPT_START"][] = "{$iptables} -t nat -A PREROUTING -i wccp{$ID} -p tcp --dport {$destport} -j REDIRECT --to-port {$port} -m comment --comment \"ArticaWCCP3\" || true";
$GLOBALS["SCRIPT_STOP"][] = "{$ip} link set wccp{$ID} down";
$GLOBALS["SCRIPT_STOP"][] = "{$ip} tunnel del wccp{$ID}";
if ($SquidWCCPL3Route != null) {
$GLOBALS["SCRIPTS"][] = "{$ip} route add {$SquidWCCPL3Route} dev wccp{$ID}";
$GLOBALS["SCRIPT_STOP"][] = "{$ip} route del {$SquidWCCPL3Route} dev wccp{$ID}";
}
$GLOBALS["SCRIPT_STOP"][] = "# # END ID {$ID}";
}
function islighttpd_error_500()
{
$sock = new sockets();
$unix = new unix();
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
$curl = $unix->find_program("curl");
if (!is_file($curl)) {
return;
}
$LighttpdArticaListenIP = $sock->GET_INFO('LighttpdArticaListenIP');
$ArticaHttpsPort = 9000;
$ArticaHttpUseSSL = 1;
$ArticaHttpsPort = $sock->GET_INFO("ArticaHttpsPort");
$ArticaHttpUseSSL = $sock->GET_INFO("ArticaHttpUseSSL");
if (!is_numeric($ArticaHttpUseSSL)) {
$ArticaHttpUseSSL = 1;
}
if (!is_numeric($ArticaHttpsPort)) {
$ArticaHttpsPort = "9000";
}
$EnableArticaFrontEndToNGninx = $sock->GET_INFO("EnableArticaFrontEndToNGninx");
if (!is_numeric($EnableArticaFrontEndToNGninx)) {
$EnableArticaFrontEndToNGninx = 0;
}
$proto = "http";
if ($ArticaHttpUseSSL == 1) {
$proto = "https";
}
if ($LighttpdArticaListenIP != null) {
$IPS = $unix->NETWORK_ALL_INTERFACES(true);
if (!isset($IPS[$LighttpdArticaListenIP])) {
$LighttpdArticaListenIP = null;
}
}
if (strlen($LighttpdArticaListenIP) > 3) {
$ips[$LighttpdArticaListenIP] = true;
$uri = "{$proto}://{$LighttpdArticaListenIP}:{$ArticaHttpsPort}/logon.php";
} else {
$ips = $unix->NETWORK_ALL_INTERFACES(true);
unset($ips["127.0.0.1"]);
}
while (list($ipaddr, $line) = each($ips)) {
$f = array();
$results = array();
$uri = "{$proto}://{$ipaddr}:{$ArticaHttpsPort}/logon.php";
$f[] = "{$curl} -I --connect-timeout 5";
$f[] = "--insecure";
$f[] = "--interface {$ipaddr}";
$f[] = "--url {$uri} 2>&1";
$cmdline = @implode(" ", $f);
if ($GLOBALS['VERBOSE']) {
echo "{$cmdline}\n";
}
exec(@implode(" ", $f), $results);
if ($GLOBALS['VERBOSE']) {
echo count($results) . " rows\n";
}
if (DetectError($results, "Artica Web Interface")) {
if ($EnableArticaFrontEndToNGninx == 1) {
shell_exec("/etc/init.d/nginx restart");
} else {
restart(true);
}
}
}
$results = array();
if ($GLOBALS['VERBOSE']) {
echo "done\n";
}
}
function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$Masterbin = $unix->find_program("bwm-ng");
$q = new mysql();
if (!is_file($Masterbin)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
}
return;
}
$EnableBwmNG = intval($sock->GET_INFO("EnableBwmNG"));
$SquidPerformance = intval($sock->GET_INFO("SquidPerformance"));
if ($SquidPerformance > 2) {
$EnableBwmNG = 0;
}
if ($EnableBwmNG == 0) {
if (is_dir("/home/artica/bwm-ng")) {
$rm = $unix->find_program("rm");
shell_exec("{$rm} -rf /home/artica/bwm-ng");
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableKerbAuth,EnableCNTLM)\n";
}
return;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
$ETHZ = array();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
unset($NETWORK_ALL_INTERFACES["lo"]);
while (list($eth, $xmain) = each($NETWORK_ALL_INTERFACES)) {
if ($GLOBALS["VERBOSE"]) {
echo "Report {$eth} {$xmain["IPADDR"]} state:{$xmain["STATE"]}\n";
}
if ($xmain["STATE"] == "UNKNOWN") {
$xmain["STATE"] = "UP";
}
$eth = trim($eth);
if ($eth == null) {
continue;
}
if ($xmain["IPADDR"] == "0.0.0.0") {
continue;
}
if ($xmain["STATE"] != "UP") {
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "Added {$eth} {$xmain["IPADDR"]}\n";
}
$ETHZ[] = $eth;
}
if (count($ETHZ) == 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} no interface found\n";
}
return;
}
$interfaces_txt = @implode(",", $ETHZ);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listens on {$interfaces_txt}\n";
}
@mkdir("/home/artica/bwm-ng", 0755, true);
if (is_file("/home/artica/bwm-ng/interfaces.csv")) {
@copy("/home/artica/bwm-ng/interfaces.csv", "/home/artica/bwm-ng/interfaces.csv." . time());
}
$cmd = "{$nohup} {$Masterbin} -D -t 5000 -o csv -u bits -T rate -c 0 -a 0 --interfaces {$interfaces_txt} > /home/artica/bwm-ng/interfaces.csv 2>&1 &";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
}
shell_exec($cmd);
sleep(1);
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
}
}
}
function ucarp_down()
{
$unix = new unix();
$interface = $_GET["ucarp-down"];
$master = $_GET["master"];
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES(true);
if (!isset($NETWORK_ALL_INTERFACES[$interface])) {
writelogs_framework("Interface {$interface} not up [OK]", __FUNCTION__, __FILE__, __LINE__);
return;
}
$nohup = $unix->find_program("nohup");
$MN = unserialize(@file_get_contents("/usr/share/ucarp/ETH_LIST"));
while (list($eth, $line) = each($MN)) {
writelogs_framework("Interface {$eth} down [OK]", __FUNCTION__, __FILE__, __LINE__);
$cmd = "{$nohup} /usr/share/ucarp/vip-eth0-down.sh >/dev/null 2>&1";
writelogs_framework($cmd, __FUNCTION__, __FILE__, __LINE__);
shell_exec($cmd);
squid_admin_mysql(0, "Master [{$master}]: Ordered to shutdown {$interface} [OK]", null, __FILE__, __LINE__);
echo "<articadatascgi>DOWN_OK</articadatascgi>";
}
}
function PING_GATEWAY()
{
$sock = new sockets();
$unix = new unix();
$MonitConfig = unserialize(base64_decode($sock->GET_INFO("SquidWatchdogMonitConfig")));
$MonitConfig = PING_GATEWAY_DEFAULT_PARAMS($MonitConfig);
if ($MonitConfig["ENABLE_PING_GATEWAY"] == 0) {
return;
}
if (!isset($MonitConfig["PING_GATEWAY"])) {
$MonitConfig["PING_GATEWAY"] = null;
}
$PING_GATEWAY = $MonitConfig["PING_GATEWAY"];
if ($PING_GATEWAY == null) {
$TCP_NICS_STATUS_ARRAY = $unix->NETWORK_ALL_INTERFACES();
if (isset($TCP_NICS_STATUS_ARRAY["eth0"])) {
$PING_GATEWAY = $TCP_NICS_STATUS_ARRAY["eth0"]["GATEWAY"];
}
if ($PING_GATEWAY == null) {
if (isset($TCP_NICS_STATUS_ARRAY["eth1"])) {
$PING_GATEWAY = $TCP_NICS_STATUS_ARRAY["eth1"]["GATEWAY"];
}
}
}
if ($PING_GATEWAY == null) {
Events("No IP address defined in the configuration, aborting test...");
return;
}
if (!$unix->isIPAddress($PING_GATEWAY)) {
Events("\"{$PING_GATEWAY}\" not a valid ip address");
return;
}
$STAMP_MAX_PING = intval(trim(@file_get_contents($GLOBALS["STAMP_MAX_PING"])));
if (!is_numeric($STAMP_MAX_PING)) {
$STAMP_MAX_PING = 1;
}
if ($STAMP_MAX_PING < 1) {
$STAMP_MAX_PING = 1;
}
if ($GLOBALS["VERBOSE"]) {
echo "PING {$PING_GATEWAY} STAMP_MAX_PING={$STAMP_MAX_PING}\n";
}
if ($unix->PingHost($PING_GATEWAY, true)) {
if ($STAMP_MAX_PING > 1) {
@file_put_contents($GLOBALS["STAMP_MAX_PING"], 1);
}
return;
}
if ($MonitConfig["PING_FAILED_RELOAD_NET"] == 0) {
$report = $unix->NETWORK_REPORT();
ToSyslog("kernel: [ Artica-Net] Start Network [artica-ifup] (" . basename(__FILE__) . "/" . __LINE__ . ")");
shell_exec("/etc/init.d/artica-ifup start");
if ($unix->PingHost($PING_GATEWAY, true)) {
squid_admin_mysql(2, "Relink network success", "Relink network success after ping failed on {$PING_GATEWAY}:\nThe {$PING_GATEWAY} ping failed, Artica as restarted network and ping is now success.\nHere it is the network report when Ping failed\n{$report}");
squid_admin_notifs("Relink network success after ping failed on {$PING_GATEWAY}:\nThe {$PING_GATEWAY} ping failed, Artica as restarted network and ping is now success.\nHere it is the network report when Ping failed\n{$report}", __FUNCTION__, __FILE__, __LINE__, "proxy");
return;
}
}
$MAX_PING_GATEWAY = $MonitConfig["MAX_PING_GATEWAY"];
$STAMP_MAX_PING = $STAMP_MAX_PING + 1;
Events("{$PING_GATEWAY} not available - {$STAMP_MAX_PING} time(s) / {$MAX_PING_GATEWAY} Max");
@file_put_contents($GLOBALS["STAMP_MAX_PING"], $STAMP_MAX_PING);
if ($STAMP_MAX_PING < $MAX_PING_GATEWAY) {
return;
}
$UfdbguardSMTPNotifs = unserialize(base64_decode($sock->GET_INFO("UfdbguardSMTPNotifs")));
if (!isset($UfdbguardSMTPNotifs["ENABLED_SQUID_WATCHDOG"])) {
$UfdbguardSMTPNotifs["ENABLED_SQUID_WATCHDOG"] = 0;
}
if (!is_numeric($UfdbguardSMTPNotifs["ENABLED_SQUID_WATCHDOG"])) {
$UfdbguardSMTPNotifs["ENABLED_SQUID_WATCHDOG"] = 0;
}
@file_put_contents($GLOBALS["STAMP_MAX_PING"], 1);
if ($MonitConfig["PING_FAILED_REPORT"] == 1) {
$report = $unix->NETWORK_REPORT();
squid_admin_mysql(1, "Unable to ping {$PING_GATEWAY}", "{$report}");
squid_admin_notifs("Unable to ping {$PING_GATEWAY}:\n{$report}", __FUNCTION__, __FILE__, __LINE__, "proxy");
}
if ($MonitConfig["PING_FAILED_FAILOVER"] == 1) {
$GLOBALS["ALL_SCORES_WHY"][] = "function " . __FUNCTION__ . " return failed";
$GLOBALS["ALL_SCORES"]++;
}
if ($MonitConfig["PING_FAILED_REBOOT"] == 1) {
REBOOTING_SYSTEM();
}
}
function ArticaHotSpotInterface()
{
$ArticaHotSpotInterface = @file_get_contents("/etc/artica-postfix/settings/Daemons/ArticaHotSpotInterface");
$ArticaSplashHotSpotPort = @file_get_contents("/etc/artica-postfix/settings/Daemons/ArticaSplashHotSpotPort");
$ArticaSplashHotSpotPortSSL = @file_get_contents("/etc/artica-postfix/settings/Daemons/ArticaSplashHotSpotPortSSL");
if (!is_numeric($ArticaSplashHotSpotPort)) {
$ArticaSplashHotSpotPort = 16080;
}
if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
$ArticaSplashHotSpotPortSSL = 16443;
}
$unix = new unix();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
while (list($interface, $line) = each($NETWORK_ALL_INTERFACES)) {
$IP2 = $line["IPADDR"];
if ($interface == "lo") {
continue;
}
if ($IP2 == null) {
continue;
}
if ($IP2 == "0.0.0.0") {
continue;
}
$AVAIINT[] = $interface;
}
if ($ArticaHotSpotInterface == null) {
$ArticaHotSpotInterface = $AVAIINT[0];
}
$ipaddr = trim($NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"]);
writelogs_framework("ArticaHotSpotInterface = {$ArticaHotSpotInterface} IPADDR:{$ipaddr}", __FUNCTION__, __FILE__, __LINE__);
if ($ipaddr == "0.0.0.0" or $ipaddr == null) {
$ArticaHotSpotInterface = $AVAIINT[0];
writelogs_framework("NEw ArticaHotSpotInterface = {$AVAIINT[0]}", __FUNCTION__, __FILE__, __LINE__);
$ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
}
writelogs_framework("http://{$ipaddr}:{$ArticaSplashHotSpotPort}/hotspot.php", __FUNCTION__, __FILE__, __LINE__);
echo "<articadatascgi>http://{$ipaddr}:{$ArticaSplashHotSpotPort}/hotspot.php</articadatascgi>";
}
function ProtectArtica()
{
$sock = new sockets();
$unix = new unix();
$q = new mysql();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES(true);
$LighttpdArticaListenIP = $sock->GET_INFO("LighttpdArticaListenIP");
$ArticaHttpsPort = intval($sock->GET_INFO("ArticaHttpsPort"));
$iptables = $unix->find_program("iptables");
if (!isset($NETWORK_ALL_INTERFACES[$LighttpdArticaListenIP])) {
$LighttpdArticaListenIP = null;
}
if ($ArticaHttpsPort == 0) {
$ArticaHttpsPort = 9000;
}
$MARKLOG = "-m comment --comment \"ArticaFireWall\"";
$SCRIPT_FINAL[] = "";
$SCRIPT_FINAL[] = "#Artica Web interface listens on `{$LighttpdArticaListenIP}` port:{$ArticaHttpsPort}";
if ($LighttpdArticaListenIP != null) {
$LighttpdArticaListenIP = " -d {$LighttpdArticaListenIP}";
}
$CountOfRules = $q->COUNT_ROWS("iptables_webint", "artica_backup");
if ($CountOfRules == 0) {
$sql = "SELECT `Interface`,`isFWAcceptArtica` FROM `nics` WHERE `isFW`=1 AND `isFWAcceptArtica`=1";
$results = $q->QUERY_SQL($sql, "artica_backup");
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$SCRIPT_FINAL[] = "#This rule allow connections to the Web interface from {$ligne["Interface"]} in order to allow access to Artica Web interface";
$SCRIPT_FINAL[] = "{$iptables} -I INPUT -i {$ligne["Interface"]} {$LighttpdArticaListenIP} -p tcp --dport {$ArticaHttpsPort} {$MARKLOG} -j ACCEPT || true";
$SCRIPT_FINAL[] = "";
}
return @implode("\n", $SCRIPT_FINAL);
}
$SCRIPT_FINAL[] = "#This rule allow connection to the Web interface for only {$CountOfRules} items";
$SCRIPT_FINAL[] = "{$iptables} -I INPUT{$LighttpdArticaListenIP} -p tcp --dport {$ArticaHttpsPort} {$MARKLOG} -j DROP || true";
$SCRIPT_FINAL[] = "{$iptables} -I INPUT{$LighttpdArticaListenIP} -p tcp --dport {$ArticaHttpsPort} {$MARKLOG} --j LOG --log-level debug --log-prefix \"AID=0/INPUT/REJECT\" || true";
$results = $q->QUERY_SQL("SELECT * FROM iptables_webint", "artica_backup");
if (!$q->ok) {
$q->mysql_error = str_replace("\n", "", $q->mysql_error);
$SCRIPT_FINAL[] = "# {$q->mysql_error}";
$SCRIPT_FINAL[] = "#This rule allow connections to the Web interface in order to allow access to Artica Web interface";
$SCRIPT_FINAL[] = "{$iptables} -I INPUT{$LighttpdArticaListenIP} -p tcp --dport {$ArticaHttpsPort} {$MARKLOG} -j ACCEPT || true";
$SCRIPT_FINAL[] = "";
return @implode("\n", $SCRIPT_FINAL);
}
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$SCRIPT_FINAL[] = "{$iptables} -I INPUT -s {$ligne["pattern"]} {$LighttpdArticaListenIP} -p tcp --dport {$ArticaHttpsPort} {$MARKLOG} -j ACCEPT || true";
}
$SCRIPT_FINAL[] = "";
return @implode("\n", $SCRIPT_FINAL);
}
function ebtables_rules()
{
$unix = new unix();
$ebtables = $unix->find_program("ebtables");
$aptget = $unix->find_program("apt-get");
if ($GLOBALS["VERBOSE"]) {
echo "EBTABLES: [" . __LINE__ . "] ebtables = {$ebtables}\n";
}
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$squid = new squidbee();
$SSL_BUMP = $squid->SSL_BUMP;
if ($GLOBALS["VERBOSE"]) {
echo "EBTABLES: [" . __LINE__ . "] SSL_BUMP = {$SSL_BUMP}\n";
}
if (!is_file($ebtables)) {
if ($GLOBALS["VERBOSE"]) {
echo "EBTABLES: [" . __LINE__ . "] NO BINARY apt-get = \"{$aptget}\"\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " ebtables no such binary...\n";
}
$unix->DEBIAN_INSTALL_PACKAGE("ebtables");
}
$ebtables = $unix->find_program("ebtables");
if (!is_file($ebtables)) {
return "# ebtables, no such binary";
}
$q = new mysql();
$sql = "SELECT `Interface` FROM `nics` WHERE `Bridged`=1";
if ($GLOBALS["VERBOSE"]) {
echo "[" . __LINE__ . "] {$sql}\n";
}
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo "{$q->mysql_error}\n";
}
$count = mysql_num_rows($results);
if ($count == 0) {
return "# ebtables, no bridge defined...";
}
$GLOBALS["EBTABLES"] = true;
if ($GLOBALS["VERBOSE"]) {
echo "[" . __LINE__ . "] EBTABLES = TRUE\n";
}
//iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT --to-port 3128
$f[] = "# ebtables, {$count} Interfaces SSL_BUMP = {$SSL_BUMP}";
$f[] = "{$ebtables} -t broute -X";
$f[] = "{$ebtables} -t broute -F";
$f[] = "{$ebtables} -t broute -A BROUTING -p IPv4 --ip-protocol 6 --ip-destination-port 80 -j redirect --redirect-target ACCEPT";
if ($SSL_BUMP == 1) {
$f[] = "{$ebtables} -t broute -A BROUTING -p IPv4 --ip-protocol 6 --ip-destination-port 443 -j redirect --redirect-target ACCEPT";
}
return @implode("\n", $f);
}
function NETWORK_ALL_INTERFACES()
{
if (isset($GLOBALS["NETWORK_ALL_INTERFACES"])) {
return $GLOBALS["NETWORK_ALL_INTERFACES"];
}
$unix = new unix();
$GLOBALS["NETWORK_ALL_INTERFACES"] = $unix->NETWORK_ALL_INTERFACES(true);
unset($GLOBALS["NETWORK_ALL_INTERFACES"]["127.0.0.1"]);
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
if (preg_match("#APACHE_RUN_GROUP#", $APACHE_SRC_GROUP)) {
$APACHE_SRC_GROUP = "www-data";
}
$LogFilePath = "/var/log/artica-wifidog/access.log";
$directories[] = "/var/run/apache2";
$directories[] = "/var/run/artica-apache";
$directories[] = "/var/log/artica-wifidog";
$directories[] = "/home/artica/hotspot/sessions";
$directories[] = "/home/artica/hotspot/caches";
while (list($index, $maindir) = each($directories)) {
@mkdir($maindir, 0755, true);
@chown($maindir, $APACHE_SRC_ACCOUNT);
@chgrp($maindir, $APACHE_SRC_GROUP);
}
$ErrorLog = dirname($LogFilePath) . "/error.log";
if (!is_file($LogFilePath)) {
@touch($LogFilePath);
}
@chown($LogFilePath, $APACHE_SRC_ACCOUNT);
@chgrp($LogFilePath, $APACHE_SRC_GROUP);
if (!is_file($ErrorLog)) {
@touch($ErrorLog);
}
@chown($ErrorLog, $APACHE_SRC_ACCOUNT);
@chgrp($ErrorLog, $APACHE_SRC_GROUP);
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$HotSpotMaxClients = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotMaxClients"));
$HotSpotStartServers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotStartServers"));
$HotSpotForceDDOSDisable = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotForceDDOSDisable"));
if ($HotSpotMaxClients == 0) {
$HotSpotMaxClients = 20;
}
if ($HotSpotStartServers == 0) {
$HotSpotStartServers = 5;
}
$EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
$SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
$ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
$ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
$ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
$ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
if (!is_numeric($ArticaHotSpotPort)) {
$ArticaHotSpotPort = 0;
}
if (!is_numeric($ArticaSplashHotSpotPort)) {
$ArticaSplashHotSpotPort = 16080;
}
if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
$ArticaSplashHotSpotPortSSL = 16443;
}
$ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
$HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
$HotSpotErrorRedirect = $sock->GET_INFO("HotSpotErrorRedirect");
if ($HotSpotErrorRedirect == null) {
$HotSpotErrorRedirect = "http://www.msftncsi.com";
}
$Params = unserialize($sock->GET_INFO("HotSpotEvasive"));
$ApacheEvasiveInstalled = intval($sock->GET_INFO("ApacheEvasiveInstalled"));
if (!is_numeric($Params["DOSEnable"])) {
$Params["DOSEnable"] = 1;
}
if (!is_numeric($Params["DOSHashTableSize"])) {
$Params["DOSHashTableSize"] = 1024;
}
if (!is_numeric($Params["DOSPageCount"])) {
$Params["DOSPageCount"] = 3;
}
if (!is_numeric($Params["DOSSiteCount"])) {
$Params["DOSSiteCount"] = 20;
}
if (!is_numeric($Params["DOSPageInterval"])) {
$Params["DOSPageInterval"] = 1;
}
if (!is_numeric($Params["DOSSiteInterval"])) {
$Params["DOSSiteInterval"] = 10;
}
if (!is_numeric($Params["DOSBlockingPeriod"])) {
$Params["DOSBlockingPeriod"] = 5;
}
$unix = new unix();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HotSpot run as {$ArticaHotSpotInterface} ( {$ipaddr} )\n";
}
if ($ipaddr == "0.0.0.0") {
$ipaddr = "*";
}
if ($ipaddr == null) {
$ipaddr = "*";
}
$GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as....: {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port.: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM...: {$EnablePHPFPM}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MaxClients: {$HotSpotMaxClients}\n";
}
$f[] = "Group {$APACHE_SRC_GROUP}";
$f[] = "User {$APACHE_SRC_ACCOUNT}";
$f[] = "LockFile /var/run/apache2/hotspot-artica-accept.lock";
$f[] = "PidFile /var/run/artica-apache/hotspot-apache.pid";
$f[] = "AcceptMutex flock";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect builtin";
$f[] = "SSLSessionCache shmcb:/var/run/apache2/ssl_scache-hotspot(512000)";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "DocumentRoot /usr/share/artica-postfix";
$f[] = "DirectoryIndex hotspot.html";
$f[] = "ErrorDocument 400 /hotspot.html";
$f[] = "ErrorDocument 401 /hotspot.html";
$f[] = "ErrorDocument 403 /hotspot.html";
$f[] = "ErrorDocument 404 /hotspot.html";
$f[] = "ErrorDocument 500 /hotspot.html";
$NameVirtualHost = $ipaddr;
if ($HospotHTTPServerName != null) {
$NameVirtualHost = $HospotHTTPServerName;
}
$f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
$f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
$f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
$f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
$ddos_config = null;
if ($HotSpotForceDDOSDisable == 1) {
$Params["DOSEnable"] = 0;
}
if ($Params["DOSEnable"] == 1) {
//$ddos[]="<IfModule mod_evasive20.c>";
$ddos[] = "\tDOSHashTableSize {$Params["DOSHashTableSize"]}";
$ddos[] = "\tDOSPageCount {$Params["DOSPageCount"]}";
$ddos[] = "\tDOSSiteCount {$Params["DOSSiteCount"]}";
$ddos[] = "\tDOSPageInterval {$Params["DOSPageInterval"]}";
$ddos[] = "\tDOSSiteInterval {$Params["DOSSiteInterval"]}";
$ddos[] = "\tDOSBlockingPeriod {$Params["DOSBlockingPeriod"]}";
$ddos[] = "\tDOSLogDir \"/var/log/artica-wifidog\"";
$ddos[] = "\tDOSSystemCommand \"/bin/echo `date '+%F %T'` HOTSPOT %s >> /var/log/artica-wifidog/dos_evasive_attacks.log\"";
$ddos_config = @implode("\n", $ddos);
//$ddos[]="</IfModule>";
}
$f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}>";
$f[] = "\tServerName {$NameVirtualHost}";
$f[] = "\tDocumentRoot /usr/share/artica-postfix";
$f[] = "{$ddos_config}";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "</VirtualHost>";
$f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}>";
$f[] = "\tServerName {$NameVirtualHost}";
$f[] = "\tDocumentRoot /usr/share/artica-postfix";
$f[] = "\tSSLEngine on";
$squid = new squidbee();
$ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate");
$data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false);
if ($ArticaSplashHotSpotCertificate != null) {
$apache = new apache_certificate($ArticaSplashHotSpotCertificate);
$f[] = $apache->build();
} else {
if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) {
$cert = $re[1];
$key = $re[2];
$f[] = "\tSSLCertificateFile \"{$cert}\"";
$f[] = "\tSSLCertificateKeyFile \"{$key}\"";
}
}
$f[] = "\tSSLVerifyClient none";
$f[] = "\tServerSignature Off";
$f[] = "{$ddos_config}";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "</VirtualHost>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
$f[] = "\tOrder allow,deny";
$f[] = "\tDeny from all";
$f[] = "\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 3";
if ($HotSpotStartServers >= $HotSpotMaxClients) {
$HotSpotMaxClients = $HotSpotMaxClients + $HotSpotStartServers;
}
if ($HotSpotMaxClients > 1024) {
$HotSpotMaxClients = 1024;
}
$ServerLimit = $HotSpotMaxClients + 100;
if ($ServerLimit > 2000) {
$ServerLimit = 2000;
}
$f[] = "StartServers {$HotSpotStartServers}";
$f[] = "MaxClients {$HotSpotMaxClients}";
$f[] = "ServerLimit\t\t {$ServerLimit}";
$MinSpareServers = $HotSpotStartServers + 5;
$MaxSpareServers = $MinSpareServers + 1;
$f[] = "MinSpareServers {$MinSpareServers}";
$f[] = "MaxSpareServers {$MaxSpareServers}";
$f[] = "MaxRequestsPerChild 800";
$f[] = "MaxKeepAliveRequests 100";
$f[] = "ServerName " . $unix->hostname_g();
$f[] = "<IfModule mod_ssl.c>";
$f[] = "\tSSLRandomSeed connect builtin";
$f[] = "\tSSLRandomSeed connect file:/dev/urandom 512";
$f[] = "\tAddType application/x-x509-ca-cert .crt";
$f[] = "\tAddType application/x-pkcs7-crl .crl";
$f[] = "\tSSLPassPhraseDialog builtin";
$f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-articahtp(512000)";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLMutex sem";
$f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
$f[] = "\tSSLProtocol all -SSLv2";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "AddType application/x-httpd-php .php";
$f[] = "php_value error_log \"/var/log/artica-wifidog/access.log\"";
$f[] = "php_value session.save_path \"/home/artica/hotspot/sessions\"";
$f[] = "<IfModule mod_fcgid.c>";
$f[] = "\tPHP_Fix_Pathinfo_Enable 1";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
$f[] = "Alias /index.php /hotspot.html";
$f[] = "Alias /index.html /hotspot.html";
$f[] = "Alias /Microsoft-Server-ActiveSync /hotspot-none.html";
$f[] = "<Directory \"/usr/share/artica-postfix\">";
$f[] = "\tDirectorySlash On";
$f[] = "\tDirectoryIndex hostpot.php";
$f[] = "\t\t<Files \"hostpot.php\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\t\t<Files \"hostpot.html\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\t\t<FilesMatch \"!(hostpot)\\.(html|php)\$\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tdeny from all";
$f[] = "\t\t</FilesMatch>";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "\tOptions -Indexes";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tAllowOverride All";
$f[] = "\tOrder allow,deny";
$f[] = "\tAllow from all";
$f[] = "</Directory>";
if ($EnableArticaApachePHPFPM == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
$f[] = "\t\tOrder deny,allow";
$f[] = "\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "Loglevel debug";
$f[] = "ErrorLog {$ErrorLog}";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog {$LogFilePath} common";
if ($EnableArticaApachePHPFPM == 0) {
$array["php5_module"] = "libphp5.so";
}
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authz_host_module"] = "mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["ssl_module"] = "mod_ssl.so";
$array["headers_module"] = "mod_headers.so";
$array["ldap_module"] = "mod_ldap.so";
if ($Params["DOSEnable"] == 1) {
$array["evasive20_module"] = "mod_evasive20.so";
}
if ($EnableArticaApachePHPFPM == 1) {
$array["fastcgi_module"] = "mod_fastcgi.so";
}
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
build_error_page();
@file_put_contents("/etc/artica-postfix/hotspot-httpd.conf", @implode("\n", $f) . "\n");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/hotspot-httpd.conf done\n";
}
}
function getFirstToken($httpaccess, $httpaccess_data, $ID)
{
$IpClass = new IP();
$unix = new unix();
$valueToAdd = null;
if ($httpaccess == "deny_access_except") {
$reverse = true;
$firstToken = "http_access deny";
}
if ($httpaccess == "access_allow") {
$firstToken = "http_access allow";
}
if ($httpaccess == "access_deny") {
$firstToken = "http_access deny";
}
if ($httpaccess == "cache_deny") {
$firstToken = "cache deny";
}
if ($httpaccess == "http_reply_access_deny") {
$firstToken = "http_reply_access deny";
}
if ($httpaccess == "http_reply_access_allow") {
$firstToken = "http_reply_access allow";
}
if ($httpaccess == "url_rewrite_access_deny") {
$firstToken = "url_rewrite_access deny";
}
if ($httpaccess == "url_rewrite_access_allow") {
$firstToken = "url_rewrite_access allow";
}
if ($httpaccess == "tcp_outgoing_address") {
$firstToken = "tcp_outgoing_address";
}
if ($httpaccess == "request_header_add") {
$firstToken = "request_header_add";
}
if ($httpaccess == "log_access") {
$firstToken = "access_log";
}
if ($httpaccess == "deny_log") {
$firstToken = "access_log none";
}
if ($httpaccess == "tcp_outgoing_tos") {
$valueToAdd = $httpaccess_data;
if ($valueToAdd == null) {
continue;
}
$valueToAdd = $valueToAdd . " ";
}
if ($httpaccess == "reply_body_max_size") {
$valueToAdd = intval($httpaccess_data);
if ($valueToAdd == 0) {
continue;
}
$valueToAdd = $valueToAdd . " MB ";
}
if ($httpaccess == "tcp_outgoing_address") {
$valueToAdd = $httpaccess_data;
if ($valueToAdd == null) {
continue;
}
if ($IpClass->isValid($valueToAdd)) {
continue;
}
$LOCALSIPS = $unix->NETWORK_ALL_INTERFACES(true);
if (preg_match("#[0-9\\.]+#", $valueToAdd)) {
$valueToAdd = trim($valueToAdd);
if (!isset($LOCALSIPS[$valueToAdd])) {
$GLOBALS["tcp_outgoing_address_errors"][] = "Error tcp_outgoing_address {$valueToAdd} NO SUCH ADDRESS";
if ($GLOBALS["VERBOSE"]) {
echo "tcp_outgoing_address \"{$valueToAdd}\" PORT:{$aclport} NO SUCH ADDRESS !!!\n";
}
continue;
}
}
$valueToAdd = $valueToAdd . " ";
}
if ($httpaccess == "request_header_add") {
$httpaccess_data = unserialize(base64_decode($httpaccess_data));
$request_header_add_name = $httpaccess_data["header_name"];
$request_header_add_value = $httpaccess_data["header_value"];
if (trim($request_header_add_name) == null) {
continue;
}
if (trim($request_header_add_value) == null) {
continue;
}
$valueToAdd = "{$request_header_add_name} \"{$request_header_add_value}\" ";
}
if ($httpaccess == "log_access") {
$valueToAdd = "stdio:/var/log/squid/access_acl_{$ID}.csv csv_acls ";
}
return "{$firstToken} {$valueToAdd}";
}
function vde_status($aspid = false)
{
$unix = new unix();
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$ips = $unix->NETWORK_ALL_INTERFACES();
$ifconfig = $unix->find_program("ifconfig");
$ip = $unix->find_program("ip");
while (list($eth, $ligne) = each($ips)) {
if (!preg_match("#^virt([0-9]+)#", $eth, $re)) {
if ($GLOBALS["VERBOSE"]) {
echo "{$eth} SKIP...\n";
}
continue;
}
$ID = $re[1];
$ligne = unserialize(@file_get_contents("/etc/vde_switch_config/{$ID}.conf"));
$eth = $ligne["nic"];
$virtname = "virt{$ID}";
$pid = vde_switch_pid($eth);
if ($unix->process_exists($pid)) {
$ARRAY[$virtname]["VDE"] = $pid;
$ARRAY[$virtname]["VDE_RUN"] = $unix->PROCCESS_TIME_MIN($pid);
}
$pid = vde_plug2tap_pid($virtname);
if ($unix->process_exists($pid)) {
$ARRAY[$virtname]["PCAP"] = $pid;
$ARRAY[$virtname]["PCAP_RUN"] = $unix->PROCCESS_TIME_MIN($pid);
}
}
if ($GLOBALS["VERBOSE"]) {
print_r($ARRAY);
}
@mkdir("/usr/share/artica-postfix/ressources/logs/web", 0777, true);
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/vde_status", serialize($ARRAY));
@chmod("/usr/share/artica-postfix/ressources/logs/web/vde_status", 0755);
}
function NETWORK_INTERFACES_RXTX()
{
$unix = new unix();
$influx = new influx();
$NETS = $unix->NETWORK_ALL_INTERFACES();
$hostname = $unix->hostname_g();
$now = date("Y-m-d H:i:s", strtotime("-24 hour"));
$q = new postgres_sql();
// -----------------------------------------------------------------------------------------------------
while (list($Interface, $array) = each($NETS)) {
$sql = "SELECT SUM(RX) as size FROM ethrxtx,date_trunc('hour', zdate) as zdate \n\t\tWHERE zdate > '{$now}'\n\t\tAND eth='{$Interface}' AND proxyname='{$hostname}' GROUP BY zdate ORDER BY zdate ASC";
if ($GLOBALS["VERBOSE"]) {
echo "\n*****\n{$sql}\n******\n";
}
$MAIN = array();
$xdata = array();
$ydata = array();
$results = $q->QUERY_SQL($sql);
while ($ligne = @pg_fetch_assoc($results)) {
$min = $ligne["zdate"];
$size = intval($ligne["size"]) / 1024;
if ($GLOBALS["VERBOSE"]) {
echo "({$min}): ethrxtx {$Interface}:RX: {$min} -> {$size}\n";
}
$size = $size / 1024;
if (round($size) == 0) {
continue;
}
$xdata[] = $min;
$ydata[] = round($size);
}
$MAIN["xdata"] = $xdata;
$MAIN["ydata"] = $ydata;
@file_put_contents("{$GLOBALS["BASEDIR"]}/FLUX_{$Interface}_RX", serialize($MAIN));
if (count($xdata) < 2) {
@unlink("{$GLOBALS["BASEDIR"]}/FLUX_{$Interface}_RX");
}
$sql = "SELECT SUM(TX) as size,date_trunc('hour', zdate) as zdate FROM ethrxtx \n\t\tWHERE zdate > '{$now}' AND eth='{$Interface}' \n\t\tAND proxyname='{$hostname}' GROUP BY zdate ORDER BY zdate ASC";
$MAIN = array();
$xdata = array();
$ydata = array();
build_progress("{refresh_dashboard_values}", 15);
$results = $q->QUERY_SQL($sql);
while ($ligne = @pg_fetch_assoc($results)) {
$min = $ligne["zdate"];
$size = intval($ligne["size"]) / 1024;
if ($GLOBALS["VERBOSE"]) {
echo "({$min}): ethrxtx {$Interface}:RX: {$min} -> {$size}\n";
}
$size = $size / 1024;
if (round($size) == 0) {
continue;
}
$xdata[] = $min;
$ydata[] = round($size);
}
$MAIN["xdata"] = $xdata;
$MAIN["ydata"] = $ydata;
@file_put_contents("{$GLOBALS["BASEDIR"]}/FLUX_{$Interface}_TX", serialize($MAIN));
if (count($xdata) < 2) {
@unlink("{$GLOBALS["BASEDIR"]}/FLUX_{$Interface}_TX");
}
}
}
function TCP_NIC_STATUS()
{
$unix = new unix();
$ALLARRAY = $unix->NETWORK_ALL_INTERFACES();
if (isset($ALLARRAY[$_GET["nicstatus"]])) {
writelogs_framework(" {$_GET["nicstatus"]} ->{$ALLARRAY[$_GET["nicstatus"]]["IPADDR"]}", __FUNCTION__, __FILE__, __LINE__);
$outputz[] = $ALLARRAY[$_GET["nicstatus"]]["IPADDR"];
$outputz[] = $ALLARRAY[$_GET["nicstatus"]]["MAC"];
$outputz[] = $ALLARRAY[$_GET["nicstatus"]]["NETMASK"];
$outputz[] = $ALLARRAY[$_GET["nicstatus"]]["SCOPE"];
$outputz[] = $ALLARRAY[$_GET["nicstatus"]]["GATEWAY"];
$outputz[] = "no";
$outputz[] = $ALLARRAY[$_GET["nicstatus"]]["STATE"];
$sortie = @implode(";", $outputz);
echo "<articadatascgi>{$sortie}</articadatascgi>";
return;
}
exec("/usr/share/artica-postfix/bin/artica-install --nicstatus {$_GET["nicstatus"]}", $results);
$datas = trim(@implode(" ", $results));
writelogs_framework("artica-install --nicstatus {$_GET["nicstatus"]} ->{$datas}", __FUNCTION__, __FILE__, __LINE__);
echo "<articadatascgi>{$datas}</articadatascgi>";
}
function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$Masterbin = $unix->find_program("snmpd");
if (!is_file($Masterbin)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
}
return;
}
$EnableSNMPD = $sock->GET_INFO("EnableSNMPD");
if (!is_numeric($EnableSNMPD)) {
$EnableSNMPD = 0;
}
if ($EnableSNMPD == 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableSNMPD)\n";
}
return;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
$IPZ[] = "127.0.0.1";
$ips = $unix->NETWORK_ALL_INTERFACES(true);
while (list($ip, $line) = each($ips)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} listen {$ip}\n";
}
$IPZ[] = $ip;
}
$cmd = "{$Masterbin} -c /etc/snmp/snmpd.conf -Lsd -Lf /dev/null -u root -g root -I -smux -p /var/run/snmpd.pid";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
}
build();
shell_exec($cmd);
for ($i = 1; $i < 5; $i++) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
}
sleep(1);
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
break;
}
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
}
}
}
function parse_rules()
{
$unix = new unix();
$sock = new sockets();
$q = new mysql_squid_builder();
$InfluxAdminPort = intval($sock->GET_INFO("InfluxAdminPort"));
if ($InfluxAdminPort == 0) {
$InfluxAdminPort = 8083;
}
$iptables = $unix->find_program("iptables");
$c = 0;
$sql = "SELECT * FROM influxIPClients";
$results = $q->QUERY_SQL($sql);
if (mysql_num_rows($results) == 0) {
return null;
}
$f[] = "\t{$iptables} -I INPUT -p tcp --destination-port 8086 -j REJECT --reject-with tcp-reset -m comment --comment \"ArticaStatsAppliance\" || true";
$f[] = "\t{$iptables} -I INPUT -p tcp --destination-port {$InfluxAdminPort} -j REJECT --reject-with tcp-reset -m comment --comment \"ArticaStatsAppliance\" || true";
$f[] = "\t{$iptables} -I INPUT -s 127.0.0.1 -p tcp --destination-port 8086 -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
$f[] = "\t{$iptables} -I INPUT -s 127.0.0.1 -p tcp --destination-port {$InfluxAdminPort} -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
while (list($interface, $ligne) = each($NETWORK_ALL_INTERFACES)) {
$IPADDR = $ligne["IPADDR"];
if ($interface == "lo") {
continue;
}
$f[] = "\t{$iptables} -I INPUT -s {$IPADDR} -p tcp --destination-port 8086 -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
$f[] = "\t{$iptables} -I INPUT -s {$IPADDR} -p tcp --destination-port {$InfluxAdminPort} -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
}
$Ipclass = new IP();
while ($ligne = mysql_fetch_assoc($results)) {
$ipaddr = $ligne["ipaddr"];
$isServ = intval($ligne["isServ"]);
if (!$Ipclass->isIPAddressOrRange($ipaddr)) {
continue;
}
if ($isServ == 1) {
$f[] = "\t{$iptables} -I INPUT -s {$ipaddr} -p tcp --destination-port 8086 -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
} else {
$f[] = "\t{$iptables} -I INPUT -s {$ipaddr} -p tcp --destination-port {$InfluxAdminPort} -j ACCEPT -m comment --comment \"ArticaStatsAppliance\" || true";
}
}
return @implode("\n", $f);
}
function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$Masterbin = $unix->find_program("ss5");
if (!is_file($Masterbin)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, arpd not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
}
return;
}
$EnableSS5 = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableSS5"));
if ($EnableSS5 == 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableSS5)\n";
}
return;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
$SS5_SOCKS_IPADDR = "0.0.0.0";
$SS5_SOCKS_PORT = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/SS5_SOCKS_PORT"));
$SS5_SOCKS_INTERFACE = @file_get_contents("/etc/artica-postfix/settings/Daemons/SS5_SOCKS_INTERFACE");
if ($SS5_SOCKS_INTERFACE != null) {
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$SS5_SOCKS_IPADDR = $NETWORK_ALL_INTERFACES[$SS5_SOCKS_INTERFACE]["IPADDR"];
}
if ($SS5_SOCKS_IPADDR == null) {
$SS5_SOCKS_IPADDR = "0.0.0.0";
}
$f[] = "/var/run/ss5";
$f[] = "/var/log/ss5";
while (list($index, $directory) = each($f)) {
@mkdir($directory, 0755, true);
@chown($directory, "squid");
@chgrp($directory, "squid");
}
@mkdir("/usr/lib/ss5", 0755, true);
@mkdir("/var/lib/ss5", 0755, true);
$LIBS[] = "mod_authentication.so";
$LIBS[] = "mod_authorization.so";
$LIBS[] = "mod_balance.so";
$LIBS[] = "mod_bandwidth.so";
$LIBS[] = "mod_dump.so";
$LIBS[] = "mod_filter.so";
$LIBS[] = "mod_log.so";
$LIBS[] = "mod_proxy.so";
$LIBS[] = "mod_socks4.so";
$LIBS[] = "mod_socks5.so";
$LIBS[] = "mod_statistics.so";
$ln = $unix->find_program("ln");
while (list($index, $file) = each($LIBS)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} checking /var/lib/ss5/{$file}\n";
}
if (!is_file("/usr/lib/ss5/{$file}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$file} (not installed)\n";
}
if (!is_file("/var/lib/ss5/ss5/{$file}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /var/lib/ss5/ss5/{$file} (not installed) - FAILED\n";
}
return false;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$ln} -sf /var/lib/ss5/ss5/{$file} /var/lib/ss5/{$file}\n";
}
shell_exec("{$ln} -sf /var/lib/ss5/ss5/{$file} /usr/lib/ss5/{$file}");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$file} ( install success)\n";
}
}
}
if (!is_file("/var/run/ss5/ss5.pid")) {
@touch("/var/run/ss5/ss5.pid");
@chmod("/var/run/ss5/ss5.pid", 0755);
@chown("/var/run/ss5/ss5.pid", "squid");
}
build_progress("{starting_service}", 60);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen {$SS5_SOCKS_IPADDR}:{$SS5_SOCKS_PORT}\n";
}
$cmd = "{$Masterbin} -b {$SS5_SOCKS_IPADDR}:{$SS5_SOCKS_PORT} -t -u squid -p /var/run/ss5/ss5.pid >/dev/null 2>&1 &";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
}
system("SS5_SOCKS_USER=squid SS5_CONFIG_FILE=/etc/ss5.conf SS5_LOG_FILE=/var/log/ss5/ss5.log {$cmd}");
for ($i = 1; $i < 5; $i++) {
build_progress("{waiting} {$i}/5", 65);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
}
sleep(1);
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
break;
}
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
}
build_progress("{success}", 70);
return true;
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
}
}
}
function all_interfaces()
{
$unix = new unix();
$masterbin = $unix->find_program("ntopng");
exec("{$masterbin} -h 2>&1", $results);
while (list($index, $ligne) = each($results)) {
if (preg_match("#\\s+([0-9])\\.\\s+(.+)#", $ligne, $re)) {
$arrayINT[trim($re[2])] = $re[1];
}
}
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
while (list($Interface, $ligne) = each($NETWORK_ALL_INTERFACES)) {
if ($Interface == "lo") {
continue;
}
if ($ligne["IPADDR"] == "0.0.0.0") {
continue;
}
if (preg_match("#(.*?):#", $Interface)) {
continue;
}
$TRA[$Interface] = $Interface;
}
while (list($Interface, $ligne) = each($TRA)) {
$num = $arrayINT[$Interface];
if (!is_numeric($num)) {
continue;
}
$b[] = "-i {$num}";
}
return @implode(" ", $b);
}
function TCP_NIC_INFOS()
{
$unix = new unix();
$Interface = trim($_GET["nic-infos"]);
$MAIN = $unix->NETWORK_ALL_INTERFACES();
$f[] = "BOOTPROTO=";
$f[] = "METHOD=debian";
$f[] = "DEVICE={$Interface}";
$f[] = "MAC={$MAIN[$Interface]["MAC"]}";
$datas = trim(@implode("\n", $f));
echo "<articadatascgi>{$datas}</articadatascgi>";
}
function BuildReverse($ligne, $backupBefore = false)
{
$T1 = time();
$q = new mysql_squid_builder();
$unix = new unix();
$ligne["servername"] = trim($ligne["servername"]);
$GLOBALS["IPADDRS"] = $unix->NETWORK_ALL_INTERFACES(true);
$IPADDRS = $GLOBALS["IPADDRS"];
$DenyConf = $ligne["DenyConf"];
$ligne["servername"] = trim($ligne["servername"]);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: [" . __LINE__ . "] ************* {$ligne["servername"]}:{$ligne["port"]} / {$DenyConf} ************* \n";
}
if ($ligne["port"] == 82) {
echo "Starting......: " . date("H:i:s") . " [INIT]: [" . __LINE__ . "] 82 port is an apache port, SKIP\n";
build_progress("Bad port {$ligne["servername"]}:82", 110);
return;
}
if ($GLOBALS["REMOVE_LOCAL_ADDR"]) {
if (isset($IPADDRS[$ligne["servername"]])) {
build_progress("{$IPADDRS[$ligne["servername"]]} *** SKIPPED ***", 110);
echo "Starting......: " . date("H:i:s") . " [INIT]: [" . __LINE__ . "] {$ligne["servername"]} *** SKIPPED ***\n";
return;
}
}
if ($DenyConf == 1) {
build_progress("Denied config *** SKIPPED ***", 110);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: [" . __LINE__ . "] Local web site `{$ligne["servername"]}`, DenyConf = 1,skipped\n";
}
return;
}
if (isset($ALREADYSET[$ligne["servername"]])) {
build_progress("Already setup", 110);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: [" . __LINE__ . "] `{$ligne["servername"]}` Already defined, abort\n";
}
return;
}
$ListenPort = $ligne["port"];
$SSL = $ligne["ssl"];
$certificate = $ligne["certificate"];
echo "Starting......: " . date("H:i:s") . " [INIT]: ListenPort..............:{$ListenPort}\n";
echo "Starting......: " . date("H:i:s") . " [INIT]: SSL.....................:{$SSL}\n";
echo "Starting......: " . date("H:i:s") . " [INIT]: Certificate.............:{$certificate}\n";
echo "Starting......: " . date("H:i:s") . " [INIT]: OWA.....................:{$ligne["owa"]}\n";
if ($ligne["owa"] == 1) {
$GLOBALS["OUTPUT"] = true;
$nginx_exchange = new nginx_exchange($ligne["servername"]);
build_progress("{$ligne["servername"]}: {building} Microsoft Exchange Configuration", 50);
$nginx_exchange->buildConfig();
build_progress("{$ligne["servername"]}: {building} Microsoft Exchange Configuration {done}", 70);
$Took = distanceOfTimeInWords($T1, time(), true);
nginx_admin_mysql(2, "Success build Microsoft Exchange Configuration configuration for {$ligne["servername"]} took: {$Took}", "Took: {$Took}", __FILE__, __LINE__);
build_progress("{$ligne["servername"]}: Microsoft Exchange Configuration {done}", 80);
return true;
}
build_progress("{$ligne["servername"]}:{$ListenPort} [SSL:{$SSL}]", 20);
echo "Starting......: " . date("H:i:s") . " [INIT]: Protect remote web site `{$ligne["servername"]}:{$ListenPort} [SSL:{$SSL}]`\n";
if ($ligne["servername"] == null) {
echo "Starting......: " . date("H:i:s") . " [INIT]: skip it...\n";
return;
}
$cache_peer_id = $ligne["cache_peer_id"];
if ($cache_peer_id > 0) {
$ligne2 = mysql_fetch_array($q->QUERY_SQL("SELECT * FROM `reverse_sources` WHERE `ID`='{$cache_peer_id}'"));
}
$host = new nginx($ligne["servername"]);
if ($ListenPort == 80 && $SSL == 1) {
build_progress("{$ligne["servername"]}: Building HTTP", 40);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: HTTP/HTTPS Enabled [" . __LINE__ . "]...\n";
}
$host->set_RedirectQueries($ligne["RedirectQueries"]);
$host->set_forceddomain($ligne2["forceddomain"]);
$host->set_ssl(0);
$host->set_mixed_ssl(1);
$host->set_proxy_port($ligne2["port"]);
$host->set_listen_port(80);
$host->set_poolid($ligne["poolid"]);
$host->set_owa($ligne["owa"]);
$host->set_storeid($ligne["cacheid"]);
$host->set_cache_peer_id($cache_peer_id);
$host->BackupBefore = $backupBefore;
build_progress("{$ligne["servername"]}: HTTP/HTTPS Enabled", 50);
$GLOBALS["NGINX_FATAL_ERRORS"] = array();
if (!$host->build_proxy()) {
if ($GLOBALS["NGINX_FATAL_ERROR"] != null) {
nginx_admin_mysql(0, "Fatal error on {$ligne["servername"]} <{$GLOBALS["NGINX_FATAL_ERROR"]}>", "{$GLOBALS["NGINX_FATAL_ERROR"]}\n" . @implode("\n", $GLOBALS["NGINX_FATAL_ERRORS"]));
echo "*** ***\n";
echo "*** Fatal error {$GLOBALS["NGINX_FATAL_ERROR"]} ***\n";
echo "*** ***\n";
build_progress("{$ligne["servername"]}: {failed} {$GLOBALS["NGINX_FATAL_ERROR"]}", 110);
return;
}
build_progress("{$ligne["servername"]}: {failed}", 110);
return;
}
if (!$GLOBALS["NO_RELOAD"]) {
build_progress("{$ligne["servername"]}: {done}", 80);
return true;
}
}
if ($ligne["ssl"] == 1) {
echo "Starting......: " . date("H:i:s") . " [INIT]: SSL Enabled...\n";
$ligne2["ssl"] = 1;
}
if ($ligne["port"] == 443) {
$ligne2["ssl"] = 1;
}
build_progress("{$ligne["servername"]}", 50);
$host->BackupBefore = $backupBefore;
$host->set_owa($ligne["owa"]);
$host->set_RedirectQueries($ligne["RedirectQueries"]);
$host->set_ssl_certificate($certificate);
$host->set_ssl_certificate($ligne2["ssl_commname"]);
$host->set_forceddomain($ligne2["forceddomain"]);
$host->set_ssl($ligne2["ssl"]);
$host->set_proxy_port($ligne2["port"]);
$host->set_listen_port($ligne["port"]);
$host->set_poolid($ligne["poolid"]);
$host->set_owa($ligne["owa"]);
$host->set_storeid($ligne["cacheid"]);
$host->set_cache_peer_id($cache_peer_id);
$host->build_proxy();
if ($GLOBALS["NGINX_FATAL_ERROR"] != null) {
nginx_admin_mysql(0, "Fatal error on {$ligne["servername"]} <{$GLOBALS["NGINX_FATAL_ERROR"]}>", "{$GLOBALS["NGINX_FATAL_ERROR"]}\n" . @implode("\n", $GLOBALS["NGINX_FATAL_ERRORS"]), __FILE__, __LINE__);
echo "*** Fatal error {$GLOBALS["NGINX_FATAL_ERROR"]} ***\n";
build_progress("{$ligne["servername"]}: {failed}", 110);
return;
}
$Took = distanceOfTimeInWords($T1, time(), true);
nginx_admin_mysql(2, "Success build configuration for {$ligne["servername"]} took: {$Took}", "Took: {$Took}", __FILE__, __LINE__);
build_progress("{$ligne["servername"]}: {done}", 80);
return true;
}
function build_services()
{
$q = new mysql_squid_builder();
$unix = new unix();
if (!isset($GLOBALS["NETWORK_ALL_INTERFACES"])) {
$unix = new unix();
$GLOBALS["NETWORK_ALL_INTERFACES"] = $unix->NETWORK_ALL_INTERFACES();
}
if (!isset($GLOBALS["NETWORK_ALL_NICS"])) {
$unix = new unix();
$GLOBALS["NETWORK_ALL_NICS"] = $unix->NETWORK_ALL_INTERFACES();
}
@mkdir("/home/squid/dante", 0755, true);
@mkdir("/var/run/dante", 0755, true);
@chown("/home/squid/dante", "squid");
@chgrp("/home/squid/dante", "squid");
@chgrp("/var/run/dante", "squid");
@chgrp("/var/run/dante", "squid");
$sql = "SELECT * FROM proxy_ports WHERE SOCKS=1 AND enabled=1";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
return;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Starting " . mysql_num_rows($results) . " service(s)\n";
}
if (mysql_num_rows($results) == 0) {
remove_init_parent();
return;
}
while ($ligne = mysql_fetch_assoc($results)) {
$BindToDevice = null;
$ID = $ligne["ID"];
$port = intval($ligne["port"]);
$eth = $ligne["nic"];
$WANPROXY_PORT = $ligne["WANPROXY_PORT"];
$outgoing_addr = $ligne["outgoing_addr"];
if ($eth != null) {
$BindToDevice = $eth;
$ipaddr = $GLOBALS["NETWORK_ALL_NICS"][$eth]["IPADDR"];
}
if ($ipaddr == null) {
$ipaddr = "0.0.0.0";
}
if ($BindToDevice == null) {
$BindToDevice = "0.0.0.0";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Starting Listen {$ipaddr} port = {$port} and forward to {$outgoing_addr}\n";
}
$f[] = "logoutput: /var/log/squid/sockd.log";
$f[] = "internal: {$ipaddr} port = {$port}";
$f[] = "external: {$outgoing_addr}";
$f[] = "user.notprivileged: squid";
$f[] = "debug: 1";
$f[] = "clientmethod: none";
$f[] = "socksmethod: none";
$f[] = "client pass {\n\t\t\tfrom: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0\n\t\t\t\n\t\t}";
$f[] = "socks pass {";
$f[] = "from: 0.0.0.0/0 to: 0.0.0.0/0";
$f[] = " protocol: tcp udp";
$f[] = "}";
$f[] = "";
@mkdir("/etc/dante/conf.d", 0755, true);
@file_put_contents("/etc/dante/conf.d/config.{$ligne["ID"]}", @implode("\n", $f));
$f = array();
create_init($ID);
}
}
function build()
{
$sock = new sockets();
$unix = new unix();
$EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
$SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
$ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
$ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
$ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
$ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
$ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
$EnableArticaHotSpotCAS = $sock->GET_INFO("EnableArticaHotSpotCAS");
if (!is_numeric($EnableArticaHotSpotCAS)) {
$EnableArticaHotSpotCAS = 0;
}
$HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
if ($ArticaHotSpotPort == 0) {
$ArticaHotSpotPort = rand(38000, 64000);
$sock->SET_INFO("ArticaHotSpotPort", $ArticaHotSpotPort);
}
if ($ArticaSSLHotSpotPort == 0) {
$ArticaSSLHotSpotPort = rand(38500, 64000);
$sock->SET_INFO("ArticaSSLHotSpotPort", $ArticaSSLHotSpotPort);
}
if ($ArticaHotSpotInterface == null) {
$ArticaHotSpotInterface = "eth0";
}
if (!is_numeric($ArticaSplashHotSpotPort)) {
$ArticaSplashHotSpotPort = 16080;
}
if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
$ArticaSplashHotSpotPortSSL = 16443;
}
$unix = new unix();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
$GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
$time = time();
$suffixTables = "-m comment --comment \"ArticaHotSpot-{$time}\"";
$q = new mysql_squid_builder();
$ipClass = new IP();
$iptables = $unix->find_program("iptables");
defaults_ports();
$f[] = ebtables_rules();
if ($GLOBALS["EBTABLES"]) {
$GLOBALS["MARKHTTP"] = null;
$GLOBALS["MARKHTTPS"] = null;
}
if (!$GLOBALS["EBTABLES"]) {
$f[] = "{$iptables} -t mangle -N internet -m comment --comment ArticaHotSpot-{$time}";
$f[] = "{$iptables} -t mangle -N internssl -m comment --comment ArticaHotSpot-{$time}";
$f[] = "{$iptables} -t mangle -A internet -j MARK --set-mark 99 -m comment --comment ArticaHotSpot-{$time}";
$f[] = "{$iptables} -t mangle -A internssl -j MARK --set-mark 98 -m comment --comment ArticaHotSpot-{$time}";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} C.A.S : {$EnableArticaHotSpotCAS}\n";
}
$Squid_http_address = "127.0.0.1:{$ArticaHotSpotPort}";
$webserver_http_address = "{$ipaddr}:{$ArticaSplashHotSpotPort}";
$c = 0;
if ($EnableArticaHotSpotCAS == 1) {
$ArticaHotSpotCASHost = $sock->GET_INFO("ArticaHotSpotCASHost");
$ArticaHotSpotCASPort = $sock->GET_INFO("ArticaHotSpotCASPort");
$f[] = whitelist_destination($ArticaHotSpotCASHost);
}
$sql = "SELECT * FROM `hotspot_whitelist`";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$q->mysql_error}\n";
}
return;
}
$Total = mysql_num_rows($results);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$Total} whitelisted websites\n";
}
while ($ligne = mysql_fetch_assoc($results)) {
$f[] = whitelist_webserver($ligne["ipaddr"], $ligne["port"], $ligne["ssl"]);
}
$sql = "SELECT * FROM `hotspot_networks` WHERE hotspoted=0";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$q->mysql_error}\n";
}
return;
}
$Total = mysql_num_rows($results);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$Total} whitelisted\n";
}
while ($ligne = mysql_fetch_assoc($results)) {
$pattern = $ligne["pattern"];
if ($ipClass->IsvalidMAC($pattern)) {
$c++;
$f[] = redirect_mac_to_proxy($pattern);
continue;
}
if ($ipClass->isIPAddressOrRange($pattern)) {
$c++;
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Whitelist IP: {$pattern} {$ArticaHotSpotPort}/{$ArticaSSLHotSpotPort}\n";
}
$f[] = redirect_ip_to_proxy($pattern);
continue;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Unkown `{$pattern}`\n";
}
}
$sql = "SELECT * FROM `hotspot_networks` WHERE hotspoted=1";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$q->mysql_error}\n";
}
return;
}
$Total = mysql_num_rows($results);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$Total} hotspoted\n";
}
while ($ligne = mysql_fetch_assoc($results)) {
$pattern = $ligne["pattern"];
$restrict_web = $ligne["restrict_web"];
if ($ipClass->IsvalidMAC($pattern)) {
$c++;
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} hostpot MAC: {$pattern} {$ipaddr}:{$ArticaSplashHotSpotPort}/{$ipaddr}:{$ArticaSplashHotSpotPortSSL}\n";
}
$f[] = redirect_mac_to_splash($pattern, $restrict_web);
continue;
}
if ($ipClass->isIPAddressOrRange($pattern)) {
$c++;
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} hostpot IP: {$pattern} {$ipaddr}:{$ArticaSplashHotSpotPort} - {$ipaddr}:{$ArticaSplashHotSpotPortSSL}\n";
}
$f[] = redirect_ip_to_splash($pattern, $restrict_web);
continue;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Unkown `{$pattern}`\n";
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$c} rule(s)\n";
}
if ($c == 0) {
$f[] = redirect_ip_to_splash("0.0.0.0/0");
}
$f[] = "{$iptables} -t nat -A POSTROUTING -j MASQUERADE {$suffixTables}";
@file_put_contents("/etc/artica-postfix/hotspot.conf", @implode("\n", $f));
}
function interface_menu($eth)
{
$ARTICAVERSION = @file_get_contents("/usr/share/artica-postfix/VERSION");
$unix = new unix();
$HOSTNAME = $unix->hostname_g();
$DIALOG = $unix->find_program("dialog");
$php = $unix->LOCATE_PHP5_BIN();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$DEFAULT = $NETWORK_ALL_INTERFACES[$eth]["IPADDR"];
$NETMASK = $NETWORK_ALL_INTERFACES[$eth]["NETMASK"];
$GATEWAY = $NETWORK_ALL_INTERFACES[$eth]["GATEWAY"];
$f[] = "#!/bin/bash";
$f[] = "INPUT=/tmp/menu.sh.\$\$";
$f[] = "OUTPUT=/tmp/output.sh.\$\$";
$f[] = "trap \"rm \$OUTPUT; rm \$INPUT; exit\" SIGHUP SIGINT SIGTERM";
$f[] = "DIALOG=\${DIALOG=dialog}";
@unlink("/etc/artica-postfix/WIZARDIP_{$eth}");
@unlink("/etc/artica-postfix/WIZARDMASK_{$eth}");
$f[] = "{$DIALOG} --clear --title \"ENTER IP ADDRESS FOR '{$eth}'\" --inputbox \"Enter your IP address for the {$eth} Interface.\\nExample: 111.112.113.114\" 10 68 {$DEFAULT} 2> /etc/artica-postfix/WIZARDIP_{$eth}";
$f[] = "if [ \$? = 1 -o \$? = 255 ]; then";
$f[] = "rm -f /etc/artica-postfix/WIZARDIP_{$eth}";
$f[] = "\treturn";
$f[] = "fi";
$f[] = "{$DIALOG} --clear --title \"ENTER IP ADDRESS FOR '{$eth}'\" --inputbox \"Enter your netmask for the {$eth} Interface.\\nExample: 255.255.255.0\" 10 68 {$NETMASK} 2> /etc/artica-postfix/WIZARDMASK_{$eth}";
$f[] = "if [ \$? = 1 -o \$? = 255 ]; then";
$f[] = "rm -f /etc/artica-postfix/WIZARDMASK_{$eth}";
$f[] = "\treturn";
$f[] = "fi";
$f[] = "{$DIALOG} --clear --title \"ENTER IP ADDRESS FOR '{$eth}'\" --inputbox \"Enter your gateway for the {$eth} Interface.\\nExample: 111.112.113.114\\nIf this interface is the main gateway of your network, set 0.0.0.0 here\" 10 68 {$GATEWAY} 2> /etc/artica-postfix/WIZARDGATEWAY_{$eth}";
$f[] = "if [ \$? = 1 -o \$? = 255 ]; then";
$f[] = "rm -f /etc/artica-postfix/WIZARDGATEWAY_{$eth}";
$f[] = "\treturn";
$f[] = "fi";
$f[] = "WIZARDIP=`cat /etc/artica-postfix/WIZARDIP_{$eth}`";
$f[] = "WIZARDMASK=`cat /etc/artica-postfix/WIZARDMASK_{$eth}`";
$f[] = "WIZARDGATEWAY=`cat /etc/artica-postfix/WIZARDGATEWAY_{$eth}`";
$f[] = "{$DIALOG} --title \"NETWORK SETUP COMPLETE\" --yesno \"Your networking system is now configured to use:\\n\$WIZARDIP/\$WIZARDMASK Gateway \$WIZARDGATEWAY\\nIs this correct? Press 'Yes' to continue, or 'No' to exit\" 0 0";
$f[] = "case \$? in";
$f[] = "0)";
$f[] = "\techo \"{$php} " . __FILE__ . " --savenic {$eth}\"";
$f[] = "\t{$php} " . __FILE__ . " --savenic {$eth} >/tmp/{$eth}.log &";
$f[] = "\t{$DIALOG} --tailbox /tmp/{$eth}.log 25 150";
$f[] = "\tWIZARDRESULTS=`cat /etc/artica-postfix/WIZARDRESULT_{$eth}`";
$f[] = "\tif [ \"\$WIZARDRESULTS\" eq 0 ]; then";
$f[] = "\t{$DIALOG} --title \"{$eth} failed\" --msgbox \"Sorry, An error has occured\" 9 70";
$f[] = "\tfi";
$f[] = "\treturn;;";
$f[] = "1)";
$f[] = "\treturn;;";
$f[] = "255)";
$f[] = "\treturn;;";
$f[] = "esac";
$f[] = "\n";
@file_put_contents("/tmp/bash_network_menu_interface.sh", @implode("\n", $f));
@chmod("/tmp/bash_network_menu_interface.sh", 0755);
}
function build()
{
$unix = new unix();
$users = new usersMenus();
$q = new mysql();
$nohup = $unix->find_program("nohup");
$hostname_bin = $unix->find_program("hostname");
$php5 = $unix->LOCATE_PHP5_BIN();
$sock = new sockets();
$Myhostname = $sock->GET_INFO("myhostname");
$oom_kill_allocating_task = $sock->GET_INFO("oom_kill_allocating_task");
if (!is_numeric($oom_kill_allocating_task)) {
$oom_kill_allocating_task = 1;
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
$pid = @file_get_contents($pidfile);
$sysctl = $unix->find_program("sysctl");
$ifconfig = $unix->find_program("ifconfig");
$GLOBALS["ipbin"] = $unix->find_program("ip");
$GLOBALS["SCRIPTS_DOWN"] = array();
if ($unix->process_exists($pid, basename(__FILE__))) {
event("Building networks already executed PID: {$pid}", __FUNCTION__, __LINE__);
echo "Starting......: " . date("H:i:s") . " Building networks already executed PID: {$pid}\n";
die;
}
$fqdn = @file_get_contents("/etc/artica-postfix/FULL_HOSTNAME");
if (is_file("/etc/init.d/hostname.sh")) {
if (is_file("/usr/sbin/update-rc.d")) {
shell_exec("/usr/sbin/update-rc.d -f hostname remove >/dev/null 2>&1");
@unlink("/etc/init.d/hostname.sh");
}
}
if ($oom_kill_allocating_task == 1) {
echo "Starting......: " . date("H:i:s") . " Kernel oom_kill_allocating_task is enabled\n";
shell_exec("{$sysctl} -w \"vm.oom_dump_tasks=1\" >/dev/null 2>&1");
shell_exec("{$sysctl} -w \"vm.oom_kill_allocating_task=1\" >/dev/null 2>&1");
} else {
echo "Starting......: " . date("H:i:s") . " Kernel oom_kill_allocating_task is disabled\n";
shell_exec("{$sysctl} -w \"vm.oom_dump_tasks=0\" >/dev/null 2>&1");
shell_exec("{$sysctl} -w \"vm.oom_kill_allocating_task=0\" >/dev/null 2>&1");
}
if ($GLOBALS["VERBOSE"]) {
echo "Line:" . __LINE__ . " persistent_net_rules()\n";
}
persistent_net_rules();
if ($GLOBALS["VERBOSE"]) {
echo "Line:" . __LINE__ . " dev_shm()\n";
}
dev_shm();
$ip = $unix->find_program("ip");
$echobin = $unix->find_program("echo");
$logger = $unix->find_program("logger");
$IPROUTEFOUND = false;
exec("{$ip} route", $results);
events("IP route -> " . count($results) . " lines", __FUNCTION__, __LINE__);
while (list($index, $line) = each($results)) {
events("IP route -> {$line}", __FUNCTION__, __LINE__);
if (preg_match("#default via#", $line)) {
events("IP route found default via -> {$line}", __FUNCTION__, __LINE__);
$IPROUTEFOUND = true;
}
}
if (!$IPROUTEFOUND) {
@unlink("/etc/artica-postfix/MEM_INTERFACES");
}
if (is_file("/etc/artica-postfix/MEM_INTERFACES")) {
$MEM_INTERFACES = unserialize(@file_get_contents("/etc/artica-postfix/MEM_INTERFACES"));
}
if ($GLOBALS["VERBOSE"]) {
echo "Line:" . __LINE__ . " MEM_INTERFACES()\n";
}
$EXECUTE_CMDS = true;
if (is_array($MEM_INTERFACES)) {
$EXECUTE_CMDS = false;
if ($GLOBALS["VERBOSE"]) {
echo "Line:" . __LINE__ . " NETWORK_ALL_INTERFACES()\n";
}
$array = $unix->NETWORK_ALL_INTERFACES();
while (list($Interface, $ipaddr) = each($MEM_INTERFACES)) {
if ($ipaddr == null) {
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "Line:" . __LINE__ . " {$Interface} Must be {$ipaddr} -> {$array[$Interface]["IPADDR"]}\n";
}
events("{$Interface} Must be {$ipaddr} -> {$array[$Interface]["IPADDR"]}", __FUNCTION__, __LINE__);
if ($ipaddr != $array[$Interface]["IPADDR"]) {
events("Must rebuilded....", __FUNCTION__, __LINE__);
$EXECUTE_CMDS = true;
break;
}
}
}
if ($q->mysql_server == "127.0.0.1") {
if (!$unix->is_socket("/var/run/mysqld/mysqld.sock")) {
event("/var/run/mysqld/mysqld.sock no such socket", __FUNCTION__, __LINE__);
echo "Starting......: " . date("H:i:s") . " Building networks MySQL database not available starting MySQL service...\n";
shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.initd-mysql.php >/dev/null 2>&1 &");
shell_exec("{$nohup} /etc/init.d/mysql start >/dev/null 2>&1 &");
sleep(1);
for ($i = 0; $i < 5; $i++) {
$q = new mysql();
if (!is_file("/var/run/mysqld/mysqld.sock")) {
echo "Starting......: " . date("H:i:s") . " Building networks waiting MySQL database to start...{$i}/4\n";
sleep(1);
} else {
break;
}
}
if (!$unix->is_socket("/var/run/mysqld/mysqld.sock")) {
event("/var/run/mysqld/mysqld.sock no such socket", __FUNCTION__, __LINE__);
echo "Starting......: " . date("H:i:s") . " Building networks MySQL database not available...\n";
die;
}
}
}
shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.initd-mysql.php >/dev/null 2>&1 &");
if (!$q->BD_CONNECT()) {
sleep(1);
event("Building networks MySQL database not available starting MySQL service", __FUNCTION__, __LINE__);
echo "Starting......: " . date("H:i:s") . " Building networks MySQL database not available starting MySQL service...\n";
shell_exec("{$nohup} /etc/init.d/mysql start >/dev/null 2>&1 &");
for ($i = 0; $i < 5; $i++) {
$q = new mysql();
if (!$q->BD_CONNECT()) {
echo "Starting......: " . date("H:i:s") . " Building networks waiting MySQL database to start...{$i}/4\n";
sleep(1);
} else {
break;
}
}
$q = new mysql();
if (!$q->BD_CONNECT()) {
event("Building networks MySQL database not available...", __FUNCTION__, __LINE__);
echo "Starting......: " . date("H:i:s") . " Building networks MySQL database not available...\n";
die;
}
}
if (!$q->TABLE_EXISTS("nics", "artica_backup", true)) {
echo "Starting......: " . date("H:i:s") . " Building networks MySQL table is not yet builded..\n";
die;
}
$GLOBALS["SAVED_INTERFACES"] = array();
Checkipv6();
@file_put_contents($pidfile, getmypid());
echo "Starting......: " . date("H:i:s") . " Building networks checking bridge\n";
bridges_build();
echo "Starting......: " . date("H:i:s") . " Building networks checking IPV6\n";
Checkipv6();
$nic = new system_nic();
$datas = $nic->root_build_debian_config();
echo "Starting......: " . date("H:i:s") . " Building networks Reloading " . count($GLOBALS["SAVED_INTERFACES"]) . " interface(s)\n";
if (count($GLOBALS["SAVED_INTERFACES"]) == 0) {
echo "Starting......: " . date("H:i:s") . " Building networks Building Ipv6 virtuals IP...\n";
Checkipv6Virts();
}
$EXECUTE_CMDS = false;
if (is_file("/etc/init.d/hostname.sh")) {
if (is_file("/usr/sbin/update-rc.d")) {
shell_exec("/usr/sbin/update-rc.d -f hostname remove >/dev/null 2>&1");
@unlink("/etc/init.d/hostname.sh");
}
}
LoadProcNetDev();
$GLOBALS["SCRIPTS_TOP"][] = "# [" . __LINE__ . "]";
$GLOBALS["SCRIPTS_TOP"][] = "# [" . __LINE__ . "] *******************************";
$GLOBALS["SCRIPTS_TOP"][] = "# [" . __LINE__ . "] **** SETTINGS for LOOP BACK ***";
$GLOBALS["SCRIPTS_TOP"][] = "# [" . __LINE__ . "] *******************************";
$GLOBALS["SCRIPTS_TOP"][] = "# [" . __LINE__ . "]";
$ModeProbeAlx = intval($sock->GET_INFO("ModeProbeAlx"));
$GLOBALS["SCRIPTS_TOP"][] = "# [" . __LINE__ . "] ALX driver: {$ModeProbeAlx}";
if ($ModeProbeAlx == 1) {
$modprobe = $unix->find_program("modprobe");
$GLOBALS["SCRIPTS_TOP"][] = "{$modprobe} alx";
}
$GLOBALS["SCRIPTS_TOP"][] = "{$ifconfig} lo 127.0.0.1 up";
if ($Myhostname != null) {
$GLOBALS["SCRIPTS_TOP"][] = "{$hostname_bin} \"{$Myhostname}\"";
}
$GLOBALS["SCRIPTS_TOP"][] = "# [" . __LINE__ . "]";
$datas = $nic->networks_disabled();
$sh = array();
$sh[] = "#!/bin/sh -e";
$sh[] = "### BEGIN INIT INFO";
$sh[] = "# Builded on " . date("Y-m-d H:i:s");
$sh[] = "# Provides: artica-ifup";
$sh[] = "# Required-Start: mountkernfs \$local_fs";
$sh[] = "# Required-Stop: \$local_fs";
$sh[] = "# Should-Start:\t\tifupdown";
$sh[] = "# Should-Stop:\t\tifupdown";
$sh[] = "# Default-Start: S";
$sh[] = "# Default-Stop: 0 6";
$sh[] = "# Short-Description: start and stop the network";
$sh[] = "# Description: Artica ifup service Raise network interfaces";
$sh[] = "### END INIT INFO";
$sh[] = "case \"\$1\" in";
$sh[] = "start)";
$sh[] = "{$logger} \"kernel: [ Artica-Net] Artica network Script executed (start)\" || true";
$mkdir = $unix->find_program("mkdir");
$sh[] = "mkdir -p /run/network >/dev/null 2>&1";
$sh[] = "{$php5} /usr/share/artica-postfix/exec.virtuals-ip-notify.php --start \$2 \$3 || true";
etc_hosts();
routes_main();
ucarp_build(true);
bridges_build();
IPTABLES_NETWORK_BRIDGES();
$sh[] = "{$echobin} \"\" > /var/log/net-start.log";
$sh[] = "{$echobin} \" **** Apply Network configuration, please wait... ****\"";
while (list($index, $line) = each($GLOBALS["SCRIPTS_TOP"])) {
$line = trim($line);
if ($line == null) {
continue;
}
if (substr($line, 0, 1) == "#") {
$sh[] = ScriptInfo($line);
continue;
}
$md = md5($line);
if (isset($AL[$md])) {
echo "Starting......: " . date("H:i:s") . " SKIPING `{$line}`\n";
continue;
}
$AL[$md] = true;
echo "Starting......: " . date("H:i:s") . " `{$line}`\n";
if (strpos($line, "/etc/hosts") > 0) {
$sh[] = "{$line}";
continue;
}
if (preg_match("#ifconfig\\s+(.+?)\\s+(.+?)netmask(.+?)\\s+#", $line, $re)) {
$sh[] = "{$echobin} \"adding {$re[2]}/{$re[3]} in {$re[1]} interface\"";
}
$sh[] = "{$echobin} \"{$line}\" >>/var/log/net-start.log 2>&1";
$sh[] = "{$line} >>/var/log/net-start.log 2>&1 || true";
}
while (list($index, $line) = each($GLOBALS["SCRIPTS"])) {
$line = trim($line);
if ($line == null) {
continue;
}
if (substr($line, 0, 1) == "#") {
$sh[] = ScriptInfo($line);
continue;
}
if (preg_match("#^OUTPUT\\s+(.+)#", $line, $re)) {
$line = str_replace('"', "'", $line);
$sh[] = "{$echobin} \"{$re[1]}\"";
continue;
}
$md = md5($line);
if (isset($AL[$md])) {
echo "Starting......: " . date("H:i:s") . " SKIPING `{$line}`\n";
continue;
}
$AL[$md] = true;
echo "Starting......: " . date("H:i:s") . " `{$line}`\n";
if (strpos($line, "/etc/hosts") > 0) {
$sh[] = "{$line}";
continue;
}
if (preg_match("#ifconfig\\s+(.+?)\\s+(.+?)netmask(.+?)\\s+#", $line, $re)) {
$sh[] = "{$echobin} \"adding {$re[2]}/{$re[3]} in {$re[1]} interface\"";
}
if (strpos('echo "', $line) == 0) {
$sh[] = "{$echobin} \"{$line}\" >>/var/log/net-start.log 2>&1";
}
$sh[] = "{$line} >>/var/log/net-start.log 2>&1 || true";
}
if (count($GLOBALS["SCRIPTS_ROUTES"]) > 0) {
$GLOBALS["START_ROUTES"][] = "{$echobin} \"Apply network routes, please wait...\"";
$sh[] = "";
$sh[] = "# [" . __LINE__ . "]";
$sh[] = "# [" . __LINE__ . "] *******************************";
$sh[] = "# [" . __LINE__ . "] **** NETWORK ROUTES ****";
$sh[] = "# [" . __LINE__ . "] *******************************";
$sh[] = "# [" . __LINE__ . "]";
while (list($index, $line) = each($GLOBALS["SCRIPTS_ROUTES"])) {
$line = trim($line);
if ($line == null) {
continue;
}
if (substr($line, 0, 1) == "#") {
$ScriptInfo = ScriptInfo($line);
$sh[] = $ScriptInfo;
$GLOBALS["START_ROUTES"][] = $ScriptInfo;
continue;
}
$md = md5($line);
if (isset($AL[$md])) {
if (!preg_match("#^force#", $line)) {
echo "Starting......: " . date("H:i:s") . " SKIPING `{$line}`\n";
continue;
}
}
if (preg_match("#^force:(.+)#", $line, $re)) {
$line = $re[1];
$md = md5($line);
}
$AL[$md] = true;
if (preg_match("#ip route add (.+?)\\s+.*?src\\s+(.+)#", $line, $re)) {
$GLOBALS["START_ROUTES"][] = "{$echobin} \"Create route for network {$re[1]} for local address {$re[2]}\"";
$sh[] = "{$echobin} \"Create route for network {$re[1]} for local address {$re[2]}\"";
}
if (preg_match("#ip route add (.+?)\\s+via(.+?)\\s+src\\s+([0-9\\.]+)#", $line, $re)) {
$GLOBALS["START_ROUTES"][] = "{$echobin} \"Create route for network {$re[1]} using gateway {$re[2]} for local address {$re[3]}\"";
$sh[] = "{$echobin} \"Create route for network {$re[1]} using gateway {$re[2]} for local address {$re[3]}\"";
}
$GLOBALS["START_ROUTES"][] = "{$echobin} \"{$line}\" >>/var/log/net-start.log 2>&1";
$sh[] = "{$echobin} \"{$line}\" >>/var/log/net-start.log 2>&1";
if (preg_match("#\\/echo\\s+#", $line)) {
$sh[] = $line;
continue;
}
$sh[] = "{$line} >>/var/log/net-start.log 2>&1 || true";
$GLOBALS["START_ROUTES"][] = "{$line} >>/var/log/net-start.log 2>&1 || true";
}
}
$sh[] = "if [ -x /etc/init.d/artica-ifup-content.sh ] ; then";
$sh[] = "\t/etc/init.d/artica-ifup-content.sh || true";
$sh[] = "fi";
$sh[] = nics_vde_build();
$EnablePDNS = $sock->GET_INFO("EnablePDNS");
if (!is_numeric($EnablePDNS)) {
$EnablePDNS = 0;
}
$unix = new unix();
$squid = $unix->LOCATE_SQUID_BIN();
$ip = $unix->find_program("ip");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
$monit = $unix->find_program("monit");
$ifconfig = $unix->find_program("ifconfig");
$php = $unix->LOCATE_PHP5_BIN();
if (is_file($squid)) {
$sh[] = "# [" . __LINE__ . "] Reloading squid";
$sh[] = "{$echo} \"Reloading squid ( if exists )\"";
$sh[] = "{$nohup} {$php} /usr/share/artica-postfix/exec.squid.php --kreconfigure 2>&1 >>/var/log/net-start.log 2>&1 &";
}
$sh[] = "# [" . __LINE__ . "] Flushing ARP cache";
$sh[] = "{$echo} \"Flushing ARP cache...\"";
$sh[] = "ip -s -s neigh flush all >>/var/log/net-start.log 2>&1 || true";
$sh[] = "# [" . __LINE__ . "] Tune the kernel";
$sh[] = "{$echo} \"Tuning the kernel...\"";
$sh[] = "{$php5} /usr/share/artica-postfix/exec.sysctl.php --build >>/var/log/net-start.log 2>&1 || true";
$sh[] = "if [ -x /bin/artica-firewall.sh ] ; then";
$sh[] = "\t/bin/artica-firewall.sh || true";
$sh[] = "fi";
if (is_file("/etc/init.d/ssh")) {
$sh[] = "# [" . __LINE__ . "] Starting sshd";
$sh[] = "{$echo} \"Starting sshd\"";
$sh[] = "/etc/init.d/ssh start 2>&1 || true";
}
$sh[] = "# [" . __LINE__ . "] Starting FrameWork";
$sh[] = "{$echo} \"Starting FrameWork\"";
$sh[] = "{$nohup} {$php5} /usr/share/artica-postfix/exec.framework.php --start >/dev/null 2>&1 &";
$sh[] = "# [" . __LINE__ . "] Starting Meta Server Client";
$sh[] = "{$echo} \"Starting FrameWork\"";
$sh[] = "{$nohup} {$php5} /usr/share/artica-postfix/exec.artica-meta-client.php --ping --force >/dev/null 2>&1 &";
if ($EnablePDNS == 1) {
$sh[] = "# [" . __LINE__ . "] Reloading PowerDNS...";
$sh[] = "{$echo} \"Reloading PowerDNS\"";
$sh[] = "{$php5} /usr/share/artica-postfix/exec.pdns.php --reload 2>&1 || true";
}
if (is_file($monit)) {
$sh[] = "# [" . __LINE__ . "] Starting Monit in background";
$sh[] = "{$echo} \"Starting Monit in background\"";
$sh[] = "{$nohup} {$monit} -c /etc/monit/monitrc -p /var/run/monit/monit.pid -s /var/run/monit/monit.state >/dev/null 2>&1 &";
}
$mount = $unix->find_program("mount");
if (is_file($mount)) {
$sh[] = "# [" . __LINE__ . "] Mount all system after network set";
$sh[] = "{$echo} \"Starting mount in background\"";
$sh[] = "{$nohup} {$mount} -a >/dev/null 2>&1 &";
}
$sh[] = "# [" . __LINE__ . "] Reloading DHCPD (if exists)";
$sh[] = "{$echo} \"Reloading DHCP server ( if exists )\"";
$sh[] = "{$php5} /usr/share/artica-postfix/exec.dhcpd.compile.php --reload-if-run 2>&1 || true";
$sh[] = "{$echo} \" **** Apply Network configuration, done ****\"";
$sh[] = ";;";
$sh[] = " stop)";
$sh[] = "{$logger} \"* * * * * * * * * * * * * * SUSPECTED STOPPED SERVER !!! * * * * * * * * * * * * * *\" || true";
$sh[] = "{$logger} \"kernel: [ Artica-Net] Artica network Script executed (stop)\" || true";
if (is_array($GLOBALS["SCRIPTS_DOWN"])) {
while (list($index, $line) = each($GLOBALS["SCRIPTS_DOWN"])) {
if (substr($line, 0, 1) == "#") {
$sh[] = ScriptInfo($line);
continue;
}
$sh[] = "{$line} >>/var/log/net-stop.log 2>&1 || true";
}
}
$php = $unix->LOCATE_PHP5_BIN();
$sh[] = ";;";
$sh[] = "reconfigure)";
$sh[] = "{$logger} \"kernel: [ Artica-Net] Artica network Script Executed (reconfigure)\" || true";
$sh[] = "{$php} " . __FILE__ . " --build --force \$2 \$3";
$sh[] = "/etc/init.d/artica-ifup start";
$sh[] = ";;";
$sh[] = "routes)";
$sh[] = "{$logger} \"kernel: [ Artica-Net] Artica network Script Executed (routes)\" || true";
$sh[] = "# Array of " . count($GLOBALS["START_ROUTES"]);
$sh[] = "{$echobin} \"Flushing routes tables...\"";
$sh[] = "{$GLOBALS["ipbin"]} route flush table all";
$sh[] = "{$echobin} \"{$ifconfig} lo 127.0.0.1 down\"";
$sh[] = "{$ifconfig} lo 127.0.0.1 down || true";
$sh[] = "{$echobin} \"{$ifconfig} lo 127.0.0.1 up\"";
$sh[] = "{$ifconfig} lo 127.0.0.1 up || true";
$sh[] = "{$echobin} \"Apply routes to the system\"";
$sh[] = "{$echobin} \"Running routes\" > /var/log/net-start.log 2>&1";
$sh[] = @implode("\n", $GLOBALS["START_ROUTES"]);
$sh[] = "{$echobin} \"Routes applied to the system\"";
$sh[] = ";;";
$sh[] = "*)";
$sh[] = "{$logger} \"kernel: [ Artica-Net] Artica network Script executed (unknown)\" || true";
$sh[] = " echo \"Usage: \$0 {start or reconfigure only}\"";
$sh[] = "exit 1";
$sh[] = ";;";
$sh[] = "esac";
$sh[] = "exit 0\n";
@file_put_contents("/etc/init.d/artica-ifup", @implode("\n", $sh));
@chmod("/etc/init.d/artica-ifup", 0755);
if (is_file('/usr/sbin/update-rc.d')) {
shell_exec("/usr/sbin/update-rc.d -f artica-ifup defaults >/dev/null 2>&1");
if (is_file('/etc/init.d/networking')) {
shell_exec("/usr/sbin/update-rc.d -f networking disable >/dev/null 2>&1");
@copy("/etc/init.d/networking", "/etc/init.d/networking.back");
@unlink("/etc/init.d/networking");
}
}
if (is_file('/sbin/chkconfig')) {
shell_exec("/sbin/chkconfig --add artica-ifup >/dev/null 2>&1");
shell_exec("/sbin/chkconfig --level 1234 artica-ifup on >/dev/null 2>&1");
}
$inter[] = "# This file describes the network interfaces available on your system";
$inter[] = "## and how to activate them. For more information, see interfaces(5).";
$inter[] = "";
$inter[] = "## The loopback network interface";
$inter[] = "auto lo";
$inter[] = "iface lo inet loopback";
$inter[] = "";
$inter[] = "";
if (is_file("/etc/network/interfaces")) {
@file_put_contents("/etc/network/interfaces", @implode("\n", $inter));
}
squid_admin_mysql(1, "Network script was rebuilded", null, __FILE__, __LINE__);
echo "Starting......: " . date("H:i:s") . " Building FireWall rules.\n";
system("{$php5} /usr/share/artica-postfix/exec.firehol.php --build");
echo "Starting......: " . date("H:i:s") . " done...\n";
}
function BuildFullPage($content, $error = null, $headerAdd = null)
{
$prefix = null;
$tpl = new templates();
$users = new usersMenus();
$hostname = $users->hostname;
$sock = new sockets();
$ArticaSplashHotSpotTitle = $sock->GET_INFO("ArticaSplashHotSpotTitle");
if ($ArticaSplashHotSpotTitle == null) {
$ArticaSplashHotSpotTitle = "HotSpot system";
}
if ($GLOBALS["AS_ROOT"]) {
$unix = new unix();
$ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
$ArticaSplashHotSpotPortSSL = intval($sock->GET_INFO("ArticaSplashHotSpotPortSSL"));
if ($ArticaHotSpotInterface == null) {
$ArticaHotSpotInterface = "eth0";
}
if ($ArticaSplashHotSpotPortSSL == 0) {
$ArticaSplashHotSpotPortSSL = 16443;
}
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$IPADDR = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
$prefix = "https://{$IPADDR}:{$ArticaSplashHotSpotPortSSL}";
$ArticaSplashHotSpotTitle = $ArticaSplashHotSpotTitle . " \$title";
}
$ASIE = false;
if ($users->CORP_LICENSE) {
$logo = $sock->GET_INFO("ArticaSplashHotSpotLogo");
}
$ArticaHotSpotSMTP = SMTP_SETTINGS();
$btsize = $ArticaHotSpotSMTP["SKIN_BUTTON_SIZE"];
$fontsize = $ArticaHotSpotSMTP["SKIN_FONT_SIZE"];
$textcolor = "#" . $ArticaHotSpotSMTP["SKIN_FONT_COLOR"];
$ArticaSplashHotSpotFontFamily = $ArticaHotSpotSMTP["SKIN_FONT_FAMILY"];
$logo = $ArticaHotSpotSMTP["SKIN_COMPANY_LOGO"];
if ($error != null) {
$error = $tpl->_ENGINE_parse_body($error);
$error = "<center style='background-color:white;padding:5px;margin:5px;min-height:75px;\n\t\t' class=form>\n\t\t<table style='width:100%'>\n\t\t<tr>\n\t\t<td valign='top' style='width:100px;text-align:center'><span style='font-size:120px;margin:5px;font-weight:bolder;color:#CB0000' nowrap>:(</span></td>\n\t\t<td valign='middle' style='font-size:{$fontsize} !important;color:#CB0000'>{$error}</td>\n\t\t</tr>\n\t\t</table>\n\t\t</center>";
}
if (preg_match("#; MSIE#", $_SERVER["HTTP_USER_AGENT"])) {
$ASIE = true;
}
$css[] = ".blockUI h1 {";
$css[] = " background:none;";
$css[] = " background-image: none;";
$css[] = "\t}";
$css[] = "\t";
$css[] = ".blockUI.blockMsg.blockPage > h1 {";
$css[] = "\tpadding-top:1px;";
$css[] = " margin-left: 100px;";
$css[] = " text-align: center;";
$contentBorders = null;
$backPattern = " url('{$prefix}/ressources/templates/Squid/i/pattern.png')";
$contentBack = " url('{$prefix}/ressources/templates/Squid/i/form.png') no-repeat";
if ($ArticaHotSpotSMTP["SKIN_CONTENT_BG_COLOR"] != null) {
$contentBack = "#{$ArticaHotSpotSMTP["SKIN_CONTENT_BG_COLOR"]}";
$contentBorders = "border-radius: 6px 6px 6px 6px;\n\t-moz-border-radius: 6px 6px 6px 6px;\n\t-khtml-border-radius: 6px 6px 6px 6px;\n\t-webkit-border-radius: 6px 6px 6px 6px;";
}
if ($ArticaHotSpotSMTP["SKIN_BACKGROUND_COLOR"] != "263849") {
$backPattern = "//{$ArticaHotSpotSMTP["SKIN_BACKGROUND_COLOR"]} is not 263849";
}
$sum_margin_neg = null;
$sum_margin = intval(-100 + intval($ArticaHotSpotSMTP["SKIN_COMPANY_LOGO_TOP"]));
if (intval($ArticaHotSpotSMTP["SKIN_COMPANY_LOGO_TOP"]) < 50) {
$sum_margin = 100 - intval($ArticaHotSpotSMTP["SKIN_COMPANY_LOGO_TOP"]);
$sum_margin_neg = "-";
} else {
$sum_margin = $ArticaHotSpotSMTP["SKIN_COMPANY_LOGO_TOP"];
}
$SKIN_COMPANY_LOGO_HEIGHT = 127 + intval($ArticaHotSpotSMTP["SKIN_COMPANY_LOGO_HEIGHT"]);
$SKIN_COMPANY_LOGO_WIDTH = intval($ArticaHotSpotSMTP["SKIN_COMPANY_LOGO_WIDTH"]);
$css[] = "}\n\t\t\n\t\nbody{\n\tfont: 10pt {$ArticaSplashHotSpotFontFamily};\n\tbackground: #{$ArticaHotSpotSMTP["SKIN_BACKGROUND_COLOR"]}{$backPattern};\n}\n#sum{\n\twidth: {$ArticaHotSpotSMTP["SKIN_CONTENT_WIDTH"]};\n\theight: {$ArticaHotSpotSMTP["SKIN_CONTENT_HEIGHT"]};\n\tmargin: {$sum_margin_neg}{$sum_margin}px auto;\n}\nh1{\n\twidth: {$SKIN_COMPANY_LOGO_WIDTH}px;\n\theight: {$SKIN_COMPANY_LOGO_HEIGHT}px;\n\tbackground: transparent url('{$prefix}/img/{$logo}') no-repeat;\n\tmargin: 0 27px 21px;\n\t}\n\t\na{\n\tcolor:#{$ArticaHotSpotSMTP["SKIN_LINK_COLOR"]};\n\ttext-decoration:underline;\n}\n\t\na:visited{\n\tcolor:#{$ArticaHotSpotSMTP["SKIN_LINK_COLOR"]};\n}\n\t\na:link{\n\tcolor:#{$ArticaHotSpotSMTP["SKIN_LINK_COLOR"]};\n}\n\t\n\t\nh1 span{\n\tdisplay: none;\n}\n#content{\n\twidth: {$ArticaHotSpotSMTP["SKIN_CONTENT_WIDTH"]};\n\theight: {$ArticaHotSpotSMTP["SKIN_CONTENT_HEIGHT"]};\n\tbackground: {$contentBack};\n\t{$contentBorders}\n}\n.f{\n\tpadding: 23px 23px 45px 38px;\n\toverflow: hidden;\n}\n.field{\n\tclear:both;\n\ttext-align: right;\n\tmargin-bottom: 10px;\n}\n.field label{\n\tfloat:left;\n\tfont-weight: bold;\n\tline-height: 42px;\n}\n\t\n.field input.active{\n\tbackground: url('{$prefix}/ressources/templates/Squid/i/input_act.png') no-repeat;\n}\n.button{\n\twidth: 450px;\n\tfloat: right;\n}\n.button input{\n\twidth: 69px;\n\tbackground: url('{$prefix}/ressources/templates/Squid/i/btn_bg.png') no-repeat;\n\tborder: 0;\n\tfont-weight: bold;\n\theight: 27px;\n\tfloat: left;\n\tpadding: 0;\n}\n\t\n.Button2014-lg {\n\tborder-radius: 6px 6px 6px 6px;\n\t-moz-border-radius: 6px 6px 6px 6px;\n\t-khtml-border-radius: 6px 6px 6px 6px;\n\t-webkit-border-radius: 6px 6px 6px 6px;\n\tfont-size: {$btsize};\n\tline-height: 1.33;\n\tpadding: 10px 16px;\n}\n.Button2014-success {\n\tbackground-color: #5CB85C;\n\tborder-color: #4CAE4C;\n\tcolor: #FFFFFF;\n}\n.Button2014 {\n\t-moz-user-select: none;\n\tborder: 1px solid transparent;\n\tborder-radius: 4px 4px 4px 4px;\n\tcursor: pointer;\n\tdisplay: inline-block;\n\tfont-size: 14px;\n\tfont-weight: normal;\n\tline-height: 1.42857;\n\tmargin-bottom: 0;\n\tpadding: 6px 22px;\n\ttext-align: center;\n\tvertical-align: middle;\n\twhite-space: nowrap;\n}\n\t\n.form-horizontal .control-label {\n\tfloat: left;\n\tfont-size: 14px;\n\tpadding-top: 5px;\n\ttext-align: right;\n\twidth: 240px;\n}\n.form-horizontal .controls {\n\tmargin-left: 250px;\n\t}\n\n.form-horizontal button, input, select, textarea {\n\tfont-size: 100%;\n\tmargin: 0;\n\tvertical-align: middle;\n}\n.form-horizontal button, input {\n\tline-height: normal;\n\t}\n.form-horizontal label, select, button, input[type=\"button\"], input[type=\"reset\"], input[type=\"submit\"], input[type=\"radio\"], input[type=\"checkbox\"] {\ncursor: pointer;\n}\n.form-horizontal input, textarea, .uneditable-input {\n\twidth: 250px;\n\t}\n.form-horizontal textarea {\n\theight: auto;\n}\n.form-horizontal input[type=\"checkbox\"], input[type=\"radio\"] {\n\tborder: 1px solid #CCCCCC;\n\t}\n\t.form-horizontal textarea, input[type=\"text\"], input[type=\"password\"], input[type=\"datetime\"], input[type=\"datetime-local\"], input[type=\"date\"], input[type=\"month\"], input[type=\"time\"], input[type=\"week\"], input[type=\"number\"], input[type=\"email\"], input[type=\"url\"], input[type=\"search\"], input[type=\"tel\"], input[type=\"color\"], .uneditable-input {\n\tbackground-color: #FFFFFF;\n\tborder: 1px solid #CCCCCC;\n\tbox-shadow: 0 1px 1px rgba(0, 0, 0, 0.075) inset;\n\ttransition: border 0.2s linear 0s, box-shadow 0.2s linear 0s;\n\t}\n\t.form-horizontal textarea:focus, input[type=\"text\"]:focus, input[type=\"password\"]:focus, input[type=\"datetime\"]:focus, input[type=\"datetime-local\"]:focus, input[type=\"date\"]:focus, input[type=\"month\"]:focus, input[type=\"time\"]:focus, input[type=\"week\"]:focus, input[type=\"number\"]:focus, input[type=\"email\"]:focus, input[type=\"url\"]:focus, input[type=\"search\"]:focus, input[type=\"tel\"]:focus, input[type=\"color\"]:focus, .uneditable-input:focus {\n\tborder-color: rgba(82, 168, 236, 0.8);\n\tbox-shadow: 0 1px 1px rgba(0, 0, 0, 0.075) inset, 0 0 8px rgba(82, 168, 236, 0.6);\n\toutline: 0 none;\n\t}\n\t.form-horizontal textarea {\n\toverflow: auto;\n\tvertical-align: top;\n\t}\n\t.form-horizontal h1, h2, h3, h4, h5, h6 {\n\tcolor: inherit;\n\tfont-family: inherit;\n\tfont-weight: bold;\n\tline-height: 20px;\n\tmargin: 10px 0;\n\ttext-rendering: optimizelegibility;\n\t}\n\t.form-horizontal h1, h2, h3, h4, h5, h6 *:first-letter {\n\ttext-transform: capitalize;\n\t}\n\t.form-horizontal legend {\n\t-moz-border-bottom-colors: none;\n\t-moz-border-left-colors: none;\n\t-moz-border-right-colors: none;\n\t-moz-border-top-colors: none;\n\tborder-color: -moz-use-text-color -moz-use-text-color #E5E5E5;\n\tborder-image: none;\n\tborder-style: none none solid;\n\tborder-width: 0 0 1px;\n\tcolor: #333333;\n\tdisplay: block;\n\tfont-size: 21px;\n\tline-height: 40px;\n\tmargin-bottom: 20px;\n\tpadding: 0;\n\twidth: 100%;\n\t}\n\t\n\t\n\t.form-horizontal label, input, button, select, textarea {\n\tfont-size: 14px;\n\tfont-weight: normal;\n\tline-height: 20px;\n\t}\n\t.form-horizontal input, button, select, textarea {\n\tfont-family: 'Lucida Grande',Arial,Helvetica,sans-serif;\n\t}\n\tlabel {\n\tdisplay: block;\n\tmargin-bottom: 5px;\n\t}\n\t.form-horizontal select, textarea, input[type=\"text\"], input[type=\"password\"], input[type=\"datetime\"], input[type=\"datetime-local\"], input[type=\"date\"], input[type=\"month\"], input[type=\"time\"], input[type=\"week\"], input[type=\"number\"], input[type=\"email\"], input[type=\"url\"], input[type=\"search\"], input[type=\"tel\"], input[type=\"color\"], .uneditable-input {\n\tborder-radius: 4px 4px 4px 4px;\n\tcolor: #555555;\n\tdisplay: inline-block;\n\tfont-size: 14px;\n\theight: auto;\n\tline-height: 20px;\n\tmargin-bottom: 10px;\n\tpadding: 4px 6px;\n\tvertical-align: middle;\n\t}\n\t.form-horizontal textarea, input[type=\"text\"], input[type=\"password\"], input[type=\"datetime\"], input[type=\"datetime-local\"], input[type=\"date\"], input[type=\"month\"], input[type=\"time\"], input[type=\"week\"], input[type=\"number\"], input[type=\"email\"], input[type=\"url\"], input[type=\"search\"], input[type=\"tel\"], input[type=\"color\"], .uneditable-input {\n\tbackground-color: #FFFFFF;\n\tborder: 1px solid #CCCCCC;\n\tbox-shadow: 0 1px 1px rgba(0, 0, 0, 0.075) inset;\n\ttransition: border 0.2s linear 0s, box-shadow 0.2s linear 0s;\n\t}\n\t.form-horizontal textarea:focus, input[type=\"text\"]:focus, input[type=\"password\"]:focus, input[type=\"datetime\"]:focus, input[type=\"datetime-local\"]:focus, input[type=\"date\"]:focus, input[type=\"month\"]:focus, input[type=\"time\"]:focus, input[type=\"week\"]:focus, input[type=\"number\"]:focus, input[type=\"email\"]:focus, input[type=\"url\"]:focus, input[type=\"search\"]:focus, input[type=\"tel\"]:focus, input[type=\"color\"]:focus, .uneditable-input:focus {\n\tborder-color: rgba(82, 168, 236, 0.8);\n\tbox-shadow: 0 1px 1px rgba(0, 0, 0, 0.075) inset, 0 0 8px rgba(82, 168, 236, 0.6);\n\toutline: 0 none;\n\t}\n\t\n\ta.Button2014, a.Button2014:link, a.Button2014:visited, a.Button2014:hover{\n\tcolor: #FFFFFF;\n\ttext-decoration:none;\n\t}\n\t\n\t.Button2014-success {\n\tbackground-color: #{$ArticaHotSpotSMTP["SKIN_BUTTON_BG_COLOR"]} !important;\n\tborder-color: #{$ArticaHotSpotSMTP["SKIN_BUTTON_BD_COLOR"]} !important;\n\tcolor: #{$ArticaHotSpotSMTP["SKIN_BUTTON_TXT_COLOR"]} !important;\n\t}\n\t.Button2014-success:hover, .Button2014-success:focus, .Button2014-success:active, .Button2014-success.active, .open .dropdown-toggle.Button2014-success {\n\tbackground-color: #{$ArticaHotSpotSMTP["SKIN_BUTTON_BG_COLOR_HOVER"]} !important;\n\tborder-color: #{$ArticaHotSpotSMTP["SKIN_BUTTON_BD_COLOR"]} !important;\n\tcolor: #{$ArticaHotSpotSMTP["SKIN_BUTTON_TXT_COLOR"]} !important;\n\t}\n\t.Button2014-success:active, .Button2014-success.active, .open .dropdown-toggle.Button2014-success {\n\tbackground-image: none;\n\t}\n\t.Button2014-success.disabled, .Button2014-success[disabled], fieldset[disabled] .Button2014-success, .Button2014-success.disabled:hover, .Button2014-success[disabled]:hover, fieldset[disabled] .Button2014-success:hover, .Button2014-success.disabled:focus, .Button2014-success[disabled]:focus, fieldset[disabled] .Button2014-success:focus, .Button2014-success.disabled:active, .Button2014-success[disabled]:active, fieldset[disabled] .Button2014-success:active, .Button2014-success.disabled.active, .Button2014-success.active[disabled], fieldset[disabled] .Button2014-success.active {\n\tbackground-color: #{$ArticaHotSpotSMTP["SKIN_BUTTON_BG_COLOR"]} !important;\n\tborder-color: #{$ArticaHotSpotSMTP["SKIN_BUTTON_BD_COLOR"]} !important;\n\t}\n\t\t\n\t\t\n.field input {\n\tbackground: url(\"{$prefix}/ressources/templates/Squid/i/input.png\") no-repeat scroll 0 0 #FFFFFF;\n\tborder: medium none;\n\tcolor: #444444;\n\tfont-size: 18px;\n\tfont-weight: bolder;\n\theight: 25px;\n\toutline: medium none;\n\tpadding: 7px 9px 8px;\n\twidth: 279px;\n}\n\t\n.input-block-level {\n\tdisplay: block;\n\twidth: 100%;\n\tmin-height: 30px;\n\t-webkit-box-sizing: border-box;\n\t-moz-box-sizing: border-box;\n\tbox-sizing: border-box;\n\t}\n\t";
$css[] = "div .form {";
if (!$ASIE) {
$css[] = "background: -moz-linear-gradient(center top , #F1F1F1 0px, #FFFFFF 45px) repeat scroll 0 0 transparent;\n background: -webkit-gradient(linear, center top, center bottom, from(#F1F1F1), to(#FFFFFF)) repeat scroll 0 0 transparent;\n\tbackground: -webkit-linear-gradient( #F1F1F1, #FFFFFF) repeat scroll 0 0 transparent;\n\tbackground: -o-linear-gradient(#F1F1F1, #FFFFFF) repeat scroll 0 0 transparent;\n\tbackground: -ms-linear-gradient(#F1F1F1, #ffffff) repeat scroll 0 0 transparent;\n\tbackground: linear-gradient(#F1F1F1, #ffffff) repeat scroll 0 0 transparent;\n";
}
if ($ASIE) {
$css[] = "filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#F1F1F1', endColorstr='#ffffff');";
$css[] = "/* behavior:url({$prefix}/css/border-radius.htc); */";
}
$css[] = "border: 1px solid #DDDDDD;\n\tborder-radius: 5px 5px 5px 5px;\n \t-moz-border-radius: 5px 5px 5px 5px;\n -khtml-border-radius: 5px 5px 5px 5px;\n -webkit-border-radius: 5px 5px 5px 5px;\n box-shadow: 2px 2px 8px rgba(0, 0, 0, 0.6);\n margin: 5px;\n padding: 5px;\n}";
if ($ArticaHotSpotSMTP["SKIN_COMPANY_NAME_BG_COLOR"] != null) {
$css[] = ".footer{\n\tborder-radius: 5px 5px 5px 5px;\n \t-moz-border-radius: 5px 5px 5px 5px;\n -khtml-border-radius: 5px 5px 5px 5px;\n -webkit-border-radius: 5px 5px 5px 5px;\n box-shadow: 2px 2px 8px rgba(0, 0, 0, 0.6);\n margin: 5px;\n padding: 5px;\n\tbackground-color:#{$ArticaHotSpotSMTP["SKIN_COMPANY_NAME_BG_COLOR"]};\n}";
}
$cssContent = @implode("\n", $css);
$f[] = "<!DOCTYPE html>";
$f[] = "<html lang=\"en\">";
$f[] = "<head>";
$f[] = "<meta http-equiv=\"X-UA-Compatible\" content=\"IE=9; IE=8\">";
$f[] = "<meta content=\"text/html; charset=utf-8\" http-equiv=\"Content-type\" />";
$f[] = "{$headerAdd}";
$f[] = "\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"{$prefix}/css/artica-theme/jquery-ui.custom.css\" />";
$f[] = "\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"{$prefix}/css/jquery.jgrowl.css\" />";
$f[] = "\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"{$prefix}/css/jquery.cluetip.css\" />";
$f[] = "\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"{$prefix}/css/jquery.treeview.css\" />";
$f[] = "\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"{$prefix}/css/thickbox.css\" media=\"screen\"/>";
$f[] = "\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"{$prefix}/css/jquery.qtip.css\" />";
if ($GLOBALS["AS_ROOT"]) {
$f[] = "\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"{$prefix}/css/hotspot.css\" />";
@file_put_contents("/usr/share/artica-postfix/css/hotspot.css", $cssContent);
@chmod("/usr/share/artica-postfix/css/hotspot.css", 0755);
$cssContent = null;
}
$f[] = "<style type=\"text/css\">";
$f[] = "{$cssContent}";
$f[] = "\t</style>";
$f[] = "<title>{$ArticaSplashHotSpotTitle}</title>";
$f[] = "<!-- HEAD TITLE: ressources/templates/Wordpress/TITLE -->";
$f[] = "<link rel=\"icon\" href=\"/ressources/templates/Wordpress/favicon.ico\" type=\"image/x-icon\" />";
$f[] = "<link rel=\"shortcut icon\" href=\"/ressources/templates/Wordpress/favicon.ico\" type=\"image/x-icon\" />";
$f[] = "<!-- Prepend: -->";
$f[] = "<link rel=\"icon\" type=\"image/x-icon\" href=\"ressources/templates/default/favicon.ico\" />";
$f[] = "<!--[if IE]><link rel=\"shortcut icon\" type=\"image/x-icon\" href=\"ressources/templates/default/favicon.ico\" /><![endif]-->";
$f[] = "<script type=\"text/javascript\" language=\"javascript\" src=\"{$prefix}/js/jquery-1.8.3.js\"></script>";
$f[] = "<script type=\"text/javascript\" language=\"javascript\" src=\"{$prefix}/js/jquery-ui-1.8.22.custom.min.js\"></script>";
$f[] = "<script type=\"text/javascript\" language=\"javascript\" src=\"{$prefix}/default.js\"></script>";
$f[] = "<script type=\"text/javascript\" language=\"javascript\" src=\"{$prefix}/js/rloader1.5.4_min.js\"></script>";
$f[] = "<script type=\"text/javascript\" language=\"javascript\">\t\t\$.rloader([ {src:'/mouse.js'},";
$f[] = "\t{src:'{$prefix}/js/md5.js'},";
$f[] = "\t{src:'{$prefix}/TimersLogs.js'},";
$f[] = "\t{src:'{$prefix}/js/cookies.js'},";
$f[] = "\t{src:'{$prefix}/js/thickbox-compressed.js'},";
$f[] = "\t{src:'{$prefix}/js/jquery.jgrowl_minimized.js'},";
$f[] = "\t{src:'{$prefix}/js/jquery.cluetip.js'},";
$f[] = "\t{src:'{$prefix}/js/jquery.treeview.min.js'},";
$f[] = "\t{src:'{$prefix}/js/jquery.treeview.async.js'},";
$f[] = "\t{src:'{$prefix}/js/jquery.tools.min.js'},";
$f[] = "\t{src:'{$prefix}/js/jquery.cookie.js'},";
$f[] = "\t{src:'{$prefix}/js/jquery.watermark.min.js'},";
$f[] = "\t{src:'{$prefix}/bootstrap/js/bootstrap-tab.js'},";
$f[] = "\t{src:'{$prefix}/bootstrap/js/bootstrap-tooltip.js'},";
$f[] = "\t{src:'{$prefix}/bootstrap/js/bootstrap-button.js'} ]);</script>";
$f[] = "<script type=\"text/javascript\" language=\"javascript\" src=\"{$prefix}/XHRConnection.js\"></script>";
$f[] = "</head>";
$f[] = "";
$f[] = "<body>";
$f[] = "<div style=\"postition:absolute;top:0px;left:80%;width:100%\">";
$f[] = "<table style='width:100%;padding:0px;margin:0px'>";
$f[] = "<tbody><tr>";
$f[] = "<td width=100%> <td>";
$f[] = "<td width=1% nowrap><div id=\"user_info\" style='text-align:right;width:90px'>";
$f[] = " <div id=\"langs\" style=\"text-align:right;\">";
$f[] = "\t";
$f[] = " </div>";
$f[] = "</div>";
$f[] = "</td>";
$f[] = "</tr>";
$f[] = "</tbody>";
$f[] = "</table>";
$f[] = "</div>";
$f[] = "";
$f[] = " <div id=\"sum\">";
$f[] = " <div id=\"header\">";
$f[] = " <h1><span>{$hostname}</span></h1>";
$f[] = " </div>";
$f[] = "{$error}";
$f[] = "{$content}";
if (!$users->CORP_LICENSE) {
$ArticaHotSpotSMTP["SKIN_COMPANY_NAME"] = "\t\t\t\t\t<span style='color:white'>\n\t\t\t\t\t\t<center style='margin:5px;font-size:{$ArticaHotSpotSMTP["SKIN_COMPANY_NAME_FONT_SIZE"]};padding:5px;'>- {$hostname} -</center>\n\t\t\t\t\t\t<center style='margin:5px;font-size:{$ArticaHotSpotSMTP["SKIN_COMPANY_NAME_FONT_SIZE"]};padding:5px;\n\t\t\t\t\t\tborder-top:1px solid white;border-bottom:1px solid white'>- ArticaTech -</center>\n\t\t\t\tCopyright 2003 - " . date("Y") . " <a href=\"http://www.articatech.com\" style='color:white'>Artica Tech</a>\n\t\t\t\t";
}
$f[] = "";
$f[] = " <div class=\"footer\">";
$f[] = " \t<center style='font-size:{$ArticaHotSpotSMTP["SKIN_COMPANY_NAME_FONT_SIZE"]};color:white'>{$ArticaHotSpotSMTP["SKIN_COMPANY_NAME"]}</center>";
$f[] = " </div><!-- /#footer -->";
$f[] = " </div>";
$f[] = "";
$f[] = "</body>";
$f[] = "</html>";
return @implode("\n", $f);
}
function GetInfluxListenIP()
{
$unix = new unix();
$sock = new sockets();
$STATS_APPLIANCE = false;
if (is_file("/etc/artica-postfix/STATS_APPLIANCE")) {
$STATS_APPLIANCE = true;
}
$InfluxListenInterface = $sock->GET_INFO("InfluxListenInterface");
$InfluxListenIP = null;
if ($STATS_APPLIANCE) {
if ($InfluxListenInterface == null) {
$InfluxListenInterface = "ALL";
}
}
if ($InfluxListenInterface == null) {
$InfluxListenInterface = "lo";
}
if ($InfluxListenInterface == "lo") {
$InfluxListenIP = "127.0.0.1";
$InfluxApiIP = "127.0.0.1";
}
if ($InfluxListenInterface == "ALL") {
$InfluxListenIP = "0.0.0.0";
$InfluxApiIP = "127.0.0.1";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen Interface {$InfluxListenInterface}\n";
}
if ($InfluxListenIP == null) {
$unix = new unix();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$InfluxListenIP = $NETWORK_ALL_INTERFACES[$InfluxListenInterface]["IPADDR"];
$InfluxApiIP = $InfluxListenIP;
if ($InfluxListenIP == "0.0.0.0") {
$InfluxApiIP = "127.0.0.1";
}
if ($InfluxListenIP == "127.0.0.1") {
$InfluxApiIP = "127.0.0.1";
}
}
if ($STATS_APPLIANCE) {
if ($InfluxListenIP == "127.0.0.1") {
$InfluxListenIP = "0.0.0.0";
}
}
$sock->SET_INFO("InfluxListenIP", $InfluxListenIP);
return $InfluxListenIP;
}
function LoadConfigs()
{
if (isset($GLOBALS["LoadConfigs"])) {
return;
}
$GLOBALS["REMOVE_LOCAL_ADDR"] = false;
$unix = new unix();
$q = new mysql_squid_builder();
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT COUNT(*) as tcount FROM reverse_www WHERE default_server=0"));
if (!$q->ok) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, *** FATAL ** {$q->mysql_error}\n";
}
return;
}
if ($ligne["tcount"] > 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx *** NOTICE *** Defaults websites as been defined, no IP addresses are allowed\n";
}
$EnableArticaFrontEndToNGninx = 0;
$GLOBALS["REMOVE_LOCAL_ADDR"] = true;
}
if ($GLOBALS["REMOVE_LOCAL_ADDR"]) {
$GLOBALS["IPADDRS"] = $unix->NETWORK_ALL_INTERFACES(true);
unset($GLOBALS["IPADDRS"]["127.0.0.1"]);
}
$GLOBALS["LoadConfigs"] = true;
}
function build()
{
$users = new usersMenus();
$sock = new sockets();
$unix = new unix();
$SystemLoadNotif = $sock->GET_INFO("SystemLoadNotif");
if (!is_numeric($SystemLoadNotif)) {
$SystemLoadNotif = 0;
}
$EnableSyslogDB = $sock->GET_INFO("EnableSyslogDB");
if (!is_numeric($EnableSyslogDB)) {
$EnableSyslogDB = 0;
}
$MySQLSyslogType = $sock->GET_INFO("MySQLSyslogType");
if (!is_numeric($MySQLSyslogType)) {
$MySQLSyslogType = 1;
}
$SquidPerformance = intval($sock->GET_INFO("SquidPerformance"));
$EnableIntelCeleron = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableIntelCeleron"));
$python = $unix->find_program("python");
$nice = $unix->EXEC_NICE();
$ps = $unix->find_program("ps");
$sort = $unix->find_program("sort");
$head = $unix->find_program("head");
$echo = $unix->find_program("echo");
$date = $unix->find_program("date");
$mkdir = $unix->find_program("mkdir");
$php5 = $unix->LOCATE_PHP5_BIN();
$ZarafaDedicateMySQLServer = $sock->GET_INFO("ZarafaDedicateMySQLServer");
if (!is_numeric($ZarafaDedicateMySQLServer)) {
$ZarafaDedicateMySQLServer = 0;
}
build_progress_restart("{reconfiguring}", 22);
$ini = new Bs_IniHandler();
$ini->loadFile('/etc/artica-postfix/smtpnotif.conf');
if (!is_numeric($ini->_params["SMTP"]["EnableNotifs"])) {
$ini->_params["SMTP"]["EnableNotifs"] = 0;
}
if (!is_numeric($ini->_params["SMTP"]["tls_enabled"])) {
$ini->_params["SMTP"]["tls_enabled"] = 0;
}
$smtp_server = trim($ini->_params["SMTP"]['smtp_server_name']);
$smtp_server_port = $ini->_params["SMTP"]['smtp_server_port'];
$smtp_dest = $ini->_params["SMTP"]['smtp_dest'];
$smtp_sender = $ini->_params["SMTP"]['smtp_sender'];
$smtp_auth_user = $ini->_params["SMTP"]['smtp_auth_user'];
$smtp_auth_passwd = $ini->_params["SMTP"]['smtp_auth_passwd'];
$tls_enabled = $ini->_params["SMTP"]["tls_enabled"];
$recipientsZ = explode("\n", "/etc/artica-postfix/settings/Daemons/SmtpNotificationConfigCC");
$recipients = array();
while (list($index, $to) = each($recipientsZ)) {
if (trim($to) == null) {
continue;
}
$recipients[] = $to;
}
if ($smtp_server == null) {
$ini->_params["SMTP"]["EnableNotifs"] = 0;
}
if ($smtp_dest == null) {
if (count($recipients) == 0) {
$ini->_params["SMTP"]["EnableNotifs"] = 0;
}
}
if (!is_numeric($smtp_server_port)) {
$smtp_server_port = 25;
}
$EnableNotifs = $ini->_params["SMTP"]["EnableNotifs"];
$monit_not_on = 'instance,action';
$f[] = 'set daemon 60 with start delay 5';
$f[] = 'set idfile /var/run/monit/monit.id';
$cpunum = $unix->CPU_NUMBER();
$normal = $cpunum * 2 + 1;
$normal2 = $cpunum * 2;
$busy = $cpunum * 4;
build_progress_restart("{reconfiguring}", 23);
$EnableMONITSmtpNotif = $sock->GET_INFO("EnableMONITSmtpNotif");
if (!is_numeric($EnableMONITSmtpNotif)) {
$EnableMONITSmtpNotif = 1;
}
$MonitCPUUsage = intval($sock->GET_INFO("MonitCPUUsage"));
$MonitCPUUsageCycles = intval($sock->GET_INFO("MonitCPUUsageCycles"));
$MonitMemUsage = intval($sock->GET_INFO("MonitMemUsage"));
$MonitMemUsageCycles = intval($sock->GET_INFO("MonitMemUsageCycles"));
$MonitReportLoadVG1mn = intval($sock->GET_INFO("MonitReportLoadVG1mn"));
$MonitReportLoadVG1mnCycles = intval($sock->GET_INFO("MonitReportLoadVG1mnCycles"));
if ($MonitReportLoadVG1mnCycles == 0) {
$MonitReportLoadVG1mnCycles = 5;
}
$MonitReportLoadVG5mn = intval($sock->GET_INFO("MonitReportLoadVG5mn"));
$MonitReportLoadVG5mnCycles = intval($sock->GET_INFO("MonitReportLoadVG5mnCycles"));
if ($MonitReportLoadVG5mnCycles == 0) {
$MonitReportLoadVG5mnCycles = 15;
}
$MonitReportLoadVG15mn = intval($sock->GET_INFO("MonitReportLoadVG15mn"));
$MonitReportLoadVG15mnCycles = intval($sock->GET_INFO("MonitReportLoadVG15mnCycles"));
if ($MonitReportLoadVG15mnCycles == 0) {
$MonitReportLoadVG15mnCycles = 60;
}
$MonitMemPurgeCache = intval($sock->GET_INFO("MonitMemPurgeCache"));
$MonitMemPurgeCacheCycles = intval($sock->GET_INFO("MonitMemPurgeCacheCycles"));
if ($MonitMemPurgeCache == 0) {
$MonitMemPurgeCache = 70;
}
if ($MonitMemPurgeCacheCycles == 0) {
$MonitMemPurgeCacheCycles = 5;
}
if ($MonitMemUsageCycles == 0) {
$MonitMemUsageCycles = 5;
}
if ($MonitCPUUsageCycles == 0) {
$MonitCPUUsageCycles = 15;
}
if ($MonitCPUUsage > 0) {
if ($MonitCPUUsage < 50) {
$MonitCPUUsage = 90;
}
}
if ($MonitMemUsage > 0) {
if ($MonitMemUsage < 50) {
$MonitMemUsage = 90;
}
}
build_progress_restart("{reconfiguring}", 24);
$rmbin = $unix->find_program("rm");
$echo = $unix->find_program("echo");
$SQUIDEnable = $sock->GET_INFO("SQUIDEnable");
if (!is_numeric($SQUIDEnable)) {
$SQUIDEnable = 1;
}
$f[] = 'set logfile syslog facility log_daemon';
$f[] = 'set statefile /var/run/monit/monit.state';
$f[] = '';
if ($EnableNotifs == 1) {
if ($EnableMONITSmtpNotif == 1) {
$f[] = "set mailserver {$smtp_server} PORT {$smtp_server_port}";
if (strlen($smtp_auth_user) > 0) {
$f[] = "\tUSERNAME \"{$smtp_auth_user}\" PASSWORD \"{$smtp_auth_passwd}\"";
}
if ($tls_enabled == 1) {
$f[] = "\tusing TLSV1";
}
$f[] = "\tset eventqueue";
$f[] = "\tbasedir /var/monit";
$f[] = "\tslots 100";
$f[] = "\tset mail-format {";
$f[] = "\t\tfrom: {$smtp_sender}";
$f[] = "\t\tsubject: Artica service monitor: \$SERVICE \$EVENT";
$f[] = "\t\tmessage: Artica service monitor \$ACTION \$SERVICE at \$DATE on \$HOST: \$DESCRIPTION";
$f[] = "\t}";
$f[] = "set alert {$smtp_dest} but not on {{$monit_not_on}}";
if ($recipients > 0) {
while (list($index, $to) = each($recipientsZ)) {
$f[] = "set alert {$to} but not on {{$monit_not_on}}";
}
}
}
}
build_progress_restart("{reconfiguring}", 25);
$allips = $unix->NETWORK_ALL_INTERFACES(true);
$f[] = "set httpd port 2874 and use address 127.0.0.1";
$f[] = "\tallow 127.0.0.1";
while (list($tcpi, $to) = each($allips)) {
$f[] = "\tallow {$tcpi}";
}
$top = $unix->find_program("top");
$hostname = $unix->hostname_g();
$TSCR = array();
if ($MonitReportLoadVG1mn > 0) {
$TSCR[] = "\tif loadavg (1min) > {$MonitReportLoadVG1mn} for {$MonitReportLoadVG1mnCycles} cycles then exec \"/bin/artica-system-alert.sh LOAD_1 {$MonitReportLoadVG1mn}\"";
}
if ($MonitReportLoadVG5mn > 0) {
$TSCR[] = "\tif loadavg (5min) > {$MonitReportLoadVG5mn} for {$MonitReportLoadVG5mnCycles} cycles then exec \"/bin/artica-system-alert.sh LOAD_5 {$MonitReportLoadVG5mn}\"";
}
if ($MonitReportLoadVG15mn > 0) {
$TSCR[] = "\tif loadavg (15min) > {$MonitReportLoadVG15mn} for {$MonitReportLoadVG15mnCycles} cycles then exec \"/bin/artica-system-alert.sh LOAD_15 {$MonitReportLoadVG15mn}\"";
}
if ($MonitCPUUsage > 0) {
if ($MonitCPUUsage < 75) {
$MonitCPUUsage = 75;
}
$TSCR[] = "\tif cpu usage(system) > {$MonitCPUUsage}% for {$MonitCPUUsageCycles} cycles then exec \"/bin/artica-system-alert.sh CPU_SYSTEM {$MonitCPUUsage}\"";
$TSCR[] = "\tif cpu usage(user) > {$MonitCPUUsage}% for {$MonitCPUUsageCycles} cycles then exec \"/bin/artica-system-alert.sh CPU_USER {$MonitCPUUsage}\"";
$TSCR[] = "\tif cpu usage(wait) > {$MonitCPUUsage}% for {$MonitCPUUsageCycles} cycles then exec \"/bin/artica-system-alert.sh CPU_WAIT {$MonitCPUUsage}\"";
}
if ($MonitMemUsage > 0) {
if ($MonitMemUsage < 75) {
$MonitMemUsage = 75;
}
$TSCR[] = "\tif memory > {$MonitMemUsage}% for {$MonitMemUsageCycles} cycles then exec \"/bin/artica-system-alert.sh MEM {$MonitMemUsage}\"";
}
if ($MonitMemPurgeCache > 5) {
@chmod("/usr/share/artica-postfix/exec.kernel.purge.cache.php", 0755);
$TSCR[] = "\tif memory > {$MonitMemPurgeCache}% for {$MonitMemPurgeCacheCycles} cycles then exec \"/usr/share/artica-postfix/exec.kernel.purge.cache.php\"";
}
if (count($TSCR) > 1) {
$f[] = "check system " . $unix->hostname_g();
$f[] = @implode("\n", $TSCR);
}
$TSCR = array();
$SCRIPT = array();
$SCRIPT[] = "#!/bin/sh";
$SCRIPT[] = "CURRENT=`{$date} +%s`";
$SCRIPT[] = "DIR=\"/home/artica/system/perf-queue/\$CURRENT\"";
$SCRIPT[] = "{$mkdir} -p \"\$DIR\"";
$SCRIPT[] = "{$echo} \$CURRENT >\$DIR/time.txt";
$SCRIPT[] = "{$echo} \$1 >\$DIR/why.txt";
$SCRIPT[] = "{$echo} \$2 >\$DIR/why2.txt";
$iotop = $unix->find_program("iotop");
if (is_file($iotop)) {
$SCRIPT[] = "{$iotop} -o -a -b -q -t -n 20 >\$DIR/iotop.txt || true";
}
$SCRIPT[] = "{$nice} {$python} /usr/share/artica-postfix/bin/ps_mem.py >\$DIR/psmem.txt 2>&1";
$SCRIPT[] = "{$ps} --no-heading -eo user,pid,pcpu,args|{$sort} -grbk 3|{$head} -50 >\$DIR/TOP50-CPU.txt 2>&1";
$SCRIPT[] = "{$ps} --no-heading -eo user,pid,pmem,args|{$sort} -grbk 3|{$head} -50 >\$DIR/TOP50-MEM.txt 2>&1";
$SCRIPT[] = "{$ps} auxww >\$DIR/ALLPS.txt 2>&1";
$SCRIPT[] = "";
@file_put_contents("/bin/artica-system-alert.sh", @implode("\n", $SCRIPT));
@chmod("/bin/artica-system-alert.sh", 0755);
$SCRIPT = array();
$f[] = "";
$f[] = "check host loopback with address 127.0.0.1";
$f[] = "\tif failed icmp type echo with timeout 1 seconds then exec \"/bin/loopbackfailed.sh\"";
$f[] = "";
$loopbackfailed[] = "#!/bin/sh";
$loopbackfailed[] = "{$php5} /usr/share/artica-postfix/exec.virtuals-ip.php --loopback";
$loopbackfailed[] = "";
@file_put_contents("/bin/loopbackfailed.sh", @implode("\n", $loopbackfailed));
@chmod("/bin/loopbackfailed.sh", 0755);
$loopbackfailed = array();
build_progress_restart("{reconfiguring}", 25);
//********************************************************************************************************************
$f[] = "check file php.log with path /var/log/php.log";
$f[] = "\tif size > 100 MB then";
$f[] = "\t\texec \"/bin/clean-phplog.sh\"";
$f[] = "";
$f[] = "check file usrphp.log with path /usr/share/artica-postfix/ressources/logs/php.log";
$f[] = " if size > 100 MB then";
$f[] = "\t\texec \"/bin/clean-phplog.sh\"";
$f[] = "";
$f[] = "check file squid-logger-start.log with path /var/log/artica-postfix/squid-logger-start.log";
$f[] = "\tif size > 100 MB then";
$f[] = "\t\texec \"/bin/squid-logger-start.sh\"";
$f[] = "";
build_progress_restart("{reconfiguring}", 26);
$f[] = "include /etc/monit/conf.d/*";
@file_put_contents("/etc/monit/monitrc", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/monit/monitrc done...\n";
}
$AA[] = "#!/bin/sh";
$AA[] = "{$echo} \"#\" >/var/log/artica-postfix/squid-logger-start.log";
$AA[] = "";
@file_put_contents("/bin/squid-logger-start.sh", @implode("\n", $AA));
@chmod("/bin/squid-logger-start.sh", 0755);
$AA = array();
$AA[] = "#!/bin/sh";
$AA[] = "{$echo} \"#\" >/var/log/php.log";
$AA[] = "";
@file_put_contents("/bin/clean-phplog.sh", @implode("\n", $AA));
@chmod("/bin/clean-phplog.sh", 0755);
$AA = array();
$monit = new monit();
$monit->save();
$INITD_PATH = $unix->SLAPD_INITD_PATH();
$SLAPD_PID_FILE = $unix->SLAPD_PID_PATH();
$squidbin = $unix->LOCATE_SQUID_BIN();
@unlink("/etc/monit/conf.d/APP_OPENLDAP.monitrc");
//********************************************************************************************************************
$f = array();
//********************************************************************************************************************
build_progress_restart("{reconfiguring}", 27);
$f = array();
$f[] = "check process APP_FRAMEWORK";
$f[] = "with pidfile /var/run/lighttpd/framework.pid";
$f[] = "start program = \"/etc/init.d/artica-framework start --monit\"";
$f[] = "stop program = \"/etc/init.d/artica-framework stop --monit\"";
$f[] = "if 5 restarts within 5 cycles then timeout";
@file_put_contents("/etc/monit/conf.d/articaframework.monitrc", @implode("\n", $f));
$f = array();
//********************************************************************************************************************
$f = array();
@unlink("/etc/monit/conf.d/APP_OPENSSH.monitrc");
@unlink("/etc/monit/conf.d/APP_MYSQLD.monitrc");
//********************************************************************************************************************
$f = array();
build_progress_restart("{reconfiguring}", 28);
$f[] = "check process APP_ARTICA_STATUS with pidfile /etc/artica-postfix/exec.status.php.pid";
$f[] = "\tstart program = \"/etc/init.d/artica-status start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/artica-status stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Artica Status...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_ARTICASTATUS.monitrc", @implode("\n", $f));
//********************************************************************************************************************
$f = array();
$EnableInflux = 1;
if ($SquidPerformance > 2) {
$EnableInflux = 0;
}
$InfluxUseRemote = intval($sock->GET_INFO("InfluxUseRemote"));
$EnableInfluxDB = intval($sock->GET_INFO("EnableInfluxDB"));
if ($InfluxUseRemote == 1) {
$EnableInfluxDB = 0;
}
if ($EnableIntelCeleron == 1) {
$EnableInflux = 0;
}
if ($EnableInfluxDB == 0) {
$EnableInflux = 0;
}
if (is_file("/etc/artica-postfix/STATS_APPLIANCE")) {
$EnableInflux = 1;
}
build_progress_restart("{reconfiguring}", 29);
@unlink("/etc/monit/conf.d/APP_INFLUXDB.monitrc");
@unlink("/etc/monit/conf.d/APP_POSTGRES.monitrc");
if (is_file("/usr/local/ArticaStats/bin/postgres")) {
if ($EnableInflux == 1) {
$InfluxRestartMem = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/InfluxRestartMem"));
$f[] = "check process APP_POSTGRES with pidfile /home/ArticaStatsDB/postmaster.pid";
$f[] = "\tstart program = \"/etc/init.d/artica-postgres start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/artica-postgres --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
if ($InfluxRestartMem > 50) {
$f[] = "\tif totalmem > {$InfluxRestartMem} MB for 5 cycles then restart";
}
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Artica Status...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_POSTGRES.monitrc", @implode("\n", $f));
//********************************************************************************************************************
}
}
$f = array();
@unlink("/etc/monit/conf.d/squid.monitrc");
@unlink("/etc/monit/conf.d/APP_SQUIDMAIN.monitrc");
// ********************************************************************************************************************
$f = array();
@unlink("/etc/monit/conf.d/APP_SQUIDDB.monitrc");
build_progress_restart("{reconfiguring} Proxy service", 30);
if (is_dir("/opt/squidsql/data")) {
if ($SQUIDEnable == 1) {
$f = array();
$f[] = "check process APP_SQUID_DB with pidfile /var/run/squid-db.pid";
$f[] = "\tstart program = \"/etc/init.d/squid-db start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/squid-db stop --monit\"";
$f[] = "\tif failed unixsocket /var/run/mysqld/squid-db.sock then restart";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Squid MySQL DB...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_SQUIDDB.monitrc", @implode("\n", $f));
}
}
// ********************************************************************************************************************
$f = array();
build_progress_restart("{reconfiguring} Dnsmasq", 31);
@unlink("/etc/monit/conf.d/APP_DNSMASQ.monitrc");
if ($users->dnsmasq_installed) {
$enabled = $sock->dnsmasq_enabled();
if ($enabled == 1) {
$f[] = "check process APP_DNSMASQ with pidfile /var/run/dnsmasq.pid";
$f[] = "\tstart program = \"/etc/init.d/dnsmasq start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/dnsmasq stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring DnsMASQ...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_DNSMASQ.monitrc", @implode("\n", $f));
}
}
// ********************************************************************************************************************
$f = array();
build_progress_restart("{reconfiguring} Proftpd", 31);
@unlink("/etc/monit/conf.d/APP_PROFTPD.monitrc");
$proftpd = $unix->find_program("proftpd");
if (is_file($proftpd)) {
$enabled = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableProFTPD"));
if ($enabled == 1) {
$f[] = "check process APP_PROFTPD with pidfile /var/run/proftpd.pid";
$f[] = "\tstart program = \"/etc/init.d/proftpd start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/proftpd stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring DnsMASQ...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_PROFTPD.monitrc", @implode("\n", $f));
}
}
// ********************************************************************************************************************
$f = array();
build_progress_restart("{reconfiguring} Bandwidthd", 31);
@unlink("/etc/monit/conf.d/APP_BANDWIDTHD.monitrc");
if (is_file("/usr/bandwidthd/bandwidthd")) {
$enabled = $sock->Bandwidthd_enabled();
if ($enabled == 1) {
$f[] = "check process APP_BANDWIDTHD with pidfile /var/run/bandwidthd.pid";
$f[] = "\tstart program = \"/etc/init.d/bandwidthd start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/bandwidthd stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring DnsMASQ...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_BANDWIDTHD.monitrc", @implode("\n", $f));
}
}
// ********************************************************************************************************************
$f = array();
build_progress_restart("{reconfiguring} rsyslog", 32);
$rsyslogd = $unix->find_program("rsyslogd");
@unlink("/etc/monit/conf.d/APP_RSYSLOG.monitrc");
if (is_file($rsyslogd)) {
$SCRIPT = array();
$SCRIPT[] = "#!/bin/sh";
$SCRIPT[] = "{$php5} /usr/share/artica-postfix/exec.watchdog.rsyslogd.php --start";
$SCRIPT[] = "";
@file_put_contents("/bin/artica-rsyslog-start.sh", @implode("\n", $SCRIPT));
@chmod("/bin/artica-rsyslog-start.sh", 0755);
$SCRIPT = array();
$SCRIPT[] = "#!/bin/sh";
$SCRIPT[] = "{$php5} /usr/share/artica-postfix/exec.watchdog.rsyslogd.php --stop";
$SCRIPT[] = "";
@file_put_contents("/bin/artica-rsyslog-stop.sh", @implode("\n", $SCRIPT));
@chmod("/bin/artica-rsyslog-stop.sh", 0755);
$SCRIPT = array();
$f[] = "check process APP_RSYSLOG with pidfile /var/run/rsyslogd.pid";
$f[] = "\tstart program = \"/bin/artica-rsyslog-start.sh\"";
$f[] = "\tstop program = \"/bin/artica-rsyslog-stop.sh\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring rsyslogd...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_RSYSLOG.monitrc", @implode("\n", $f));
}
// ********************************************************************************************************************
build_progress_restart("{reconfiguring} Squid-tail", 32);
$APP_ARTICA_SQUID_TAIL = $unix->SQUID_TAIL_ENABLED();
@unlink("/etc/monit/conf.d/APP_ARTICA_SQUID_TAIL.monitrc");
if ($APP_ARTICA_SQUID_TAIL == 1) {
$f = array();
$f[] = "check process APP_ARTICA_SQUID_TAIL with pidfile /etc/artica-postfix/pids/exec.logfile_daemon.php.pid";
$f[] = "\tstart program = \"/etc/init.d/squid-tail start\"";
$f[] = "\tstop program = \"/etc/init.d/squid-tail stop\"";
$f[] = "\tif cpu usage > 95% for 5 cycles then restart";
$f[] = "\tif totalmem > 550.0 MB for 5 cycles then restart";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring squid-tail...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_ARTICA_SQUID_TAIL.monitrc", @implode("\n", $f));
}
// ********************************************************************************************************************
build_progress_restart("{reconfiguring} Squid-Proxy", 32);
$APP_SQUID = $unix->SQUID_ENABLED();
@unlink("/etc/monit/conf.d/APP_SQUID.monitrc");
if ($APP_SQUID == 1) {
$MonitConfig = unserialize(base64_decode(@file_get_contents("/etc/artica-postfix/settings/SquidWatchdogMonitConfig")));
if (!isset($MonitConfig["watchdog"])) {
$MonitConfig["watchdog"] = 1;
}
if (!is_numeric($MonitConfig["watchdog"])) {
$MonitConfig["watchdog"] = 1;
}
$f = array();
if ($MonitConfig["watchdog"] == 1) {
$MonitSquidMaxRestartMem = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/MonitSquidMaxRestartMem"));
$MonitSquidMaxCPU = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/MonitSquidMaxCPU"));
$f[] = "check process APP_SQUID with pidfile /var/run/squid/squid.pid";
$f[] = "\tstart program = \"/etc/init.d/squid start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/squid stop --monit\"";
if ($MonitSquidMaxCPU > 0) {
$f[] = "\tif cpu usage > {$MonitSquidMaxCPU}% for 5 cycles then restart";
}
if ($MonitSquidMaxRestartMem > 0) {
$f[] = "\tif totalmem > {$MonitSquidMaxRestartMem}.0 MB for 5 cycles then restart";
}
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring squid...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_SQUID.monitrc", @implode("\n", $f));
}
}
// ********************************************************************************************************************
build_progress_restart("{reconfiguring} OpenLDAP", 32);
$EnableOpenLDAP = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableOpenLDAP"));
$SLAPD_PID_FILE = $unix->SLAPD_PID_PATH();
@unlink("/etc/monit/conf.d/APP_SLAPD.monitrc");
if ($EnableOpenLDAP == 1) {
if ($EnableIntelCeleron == 0) {
$f = array();
$f[] = "check process APP_SLAPD with pidfile {$SLAPD_PID_FILE}";
$f[] = "\tstart program = \"/etc/init.d/slapd start --force --monit\"";
$f[] = "\tstop program = \"/etc/init.d/slapd stop --force\"";
$f[] = "\tif cpu usage > 95% for 5 cycles then restart";
$f[] = "\tif totalmem > 550.0 MB for 5 cycles then restart";
$f[] = "\tif failed unixsocket /var/run/slapd/slapd.sock then restart";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring slapd...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_SLAPD.monitrc", @implode("\n", $f));
}
}
// ********************************************************************************************************************
$f = array();
build_progress_restart("{reconfiguring} Suricata", 32);
$EnableSuricata = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableSuricata"));
@unlink("/etc/monit/conf.d/APP_SURICATA.monitrc");
@unlink("/etc/monit/conf.d/APP_SURICATA_TAIL.monitrc");
$suricata = $unix->find_program("suricata");
if (is_file($suricata)) {
if ($EnableSuricata == 1) {
$f[] = "check process APP_SURICATA with pidfile /var/run/suricata/suricata.pid";
$f[] = "\tstart program = \"/etc/init.d/suricata start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/suricata stop --monit\"";
$f[] = "\tif cpu usage > 95% for 5 cycles then restart";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Suricata...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_SURICATA.monitrc", @implode("\n", $f));
$f = array();
$f[] = "check process APP_SURICATA_TAIL with pidfile /etc/artica-postfix/exec.suricata-tail.php.pid";
$f[] = "\tstart program = \"/etc/init.d/suricata-tail start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/suricata-tail stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Suricata tail...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_SURICATA_TAIL.monitrc", @implode("\n", $f));
}
}
// ********************************************************************************************************************
$f = array();
build_progress_restart("{reconfiguring}", 32);
$winbind = $unix->find_program("winbindd");
if (is_file("/etc/monit/conf.d/winbindd.monitrc")) {
@unlink("/etc/monit/conf.d/winbindd.monitrc");
}
@unlink("/etc/monit/conf.d/winbind.monitrc");
$EnableKerbAuth = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableKerbAuth"));
if (is_file($winbind)) {
if ($EnableKerbAuth == 1) {
$f[] = "check process winbindd with pidfile /var/run/samba/winbindd.pid";
$f[] = "\tstart program = \"/etc/init.d/winbind start\"";
$f[] = "\tstop program = \"/etc/init.d/winbind stop\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring winbindd...\n";
}
@file_put_contents("/etc/monit/conf.d/winbind.monitrc", @implode("\n", $f));
}
}
// ********************************************************************************************************************
$f = array();
build_progress_restart("{reconfiguring}", 33);
@unlink("/etc/monit/conf.d/APP_CICAP.monitrc");
if ($users->C_ICAP_INSTALLED) {
if ($SQUIDEnable == 1) {
$CicapEnabled = $sock->GET_INFO("CicapEnabled");
if (!is_numeric($CicapEnabled)) {
$CicapEnabled = 0;
}
if ($CicapEnabled == 1) {
$f[] = "check process APP_C_ICAP with pidfile /var/run/c-icap/c-icap.pid";
$f[] = "\tstart program = \"/etc/init.d/artica-postfix start cicap\"";
$f[] = "\tstop program = \"/etc/init.d/artica-postfix stop cicap\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring C-ICAP...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_CICAP.monitrc", @implode("\n", $f));
}
}
}
// ********************************************************************************************************************
build_progress_restart("{reconfiguring}", 34);
@unlink("/etc/monit/conf.d/APP_SYSLOGDB.monitrc");
if ($EnableSyslogDB == 1) {
if ($MySQLSyslogType == 1) {
$f = array();
$f[] = "check process APP_SYSLOG_DB with pidfile /var/run/syslogdb.pid";
$f[] = "\tstart program = \"/etc/init.d/syslog-db start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/syslog-db stop --monit\"";
$f[] = "\tif failed unixsocket /var/run/syslogdb.sock then restart";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring syslogd...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_SYSLOGDB.monitrc", @implode("\n", $f));
$f = array();
}
}
//********************************************************************************************************************
$f = array();
@unlink("/etc/monit/conf.d/cron.monitrc");
if (is_file("/etc/monit/templates/rootbin")) {
$f[] = "check process crond with pidfile /var/run/crond.pid";
$f[] = " group system";
$f[] = " group crond";
$f[] = " start program = \"/etc/init.d/cron start\"";
$f[] = " stop program = \"/etc/init.d/cron stop\"";
$f[] = " if 5 restarts with 5 cycles then timeout";
$f[] = " depend cron_bin";
$f[] = " depend cron_rc";
$f[] = " depend cron_spool";
$f[] = "";
$f[] = " check file cron_bin with path /usr/sbin/cron";
$f[] = " group crond";
$f[] = " include /etc/monit/templates/rootbin";
$f[] = "";
$f[] = " check file cron_rc with path \"/etc/init.d/cron\"";
$f[] = " group crond";
$f[] = " include /etc/monit/templates/rootbin";
$f[] = "";
$f[] = " check directory cron_spool with path /var/spool/cron/crontabs";
$f[] = " group crond";
$f[] = " if failed permission 1730 then unmonitor";
$f[] = " if failed uid root then unmonitor";
$f[] = " if failed gid crontab then unmonitor";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring cron...\n";
}
@file_put_contents("/etc/monit/conf.d/cron.monitrc", @implode("\n", $f));
$f = array();
}
@unlink("/etc/monit/conf.d/APP_ZARAFASERVER.monitrc");
@unlink("/etc/monit/conf.d/APP_ZARAFAGATEWAY.monitrc");
@unlink("/etc/monit/conf.d/APP_ZARAFAAPACHE.monitrc");
@unlink("/etc/monit/conf.d/APP_ZARAFAWEB.monitrc");
@unlink("/etc/monit/conf.d/APP_ZARAFASPOOLER.monitrc");
@unlink("/etc/monit/conf.d/APP_ZARAFADB.monitrc");
build_progress_restart("{reconfiguring}", 35);
if (is_file($unix->find_program("zarafa-server"))) {
$ZarafaApacheEnable = $sock->GET_INFO("ZarafaApacheEnable");
if (!is_numeric($ZarafaApacheEnable)) {
$ZarafaApacheEnable = 1;
}
$ZarafaApachePort = $sock->GET_INFO("ZarafaApachePort");
if (!is_numeric($ZarafaApachePort)) {
$ZarafaApachePort = 9010;
}
if ($ZarafaDedicateMySQLServer == 1) {
$f = array();
$f[] = "check process APP_ZARAFA_DB with pidfile /var/run/zarafa-db.pid";
$f[] = "\tstart program = \"/etc/init.d/zarafa-db start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/zarafa-db stop --monit\"";
$f[] = "\tif failed unixsocket /var/run/mysqld/zarafa-db.sock then restart";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Zarafa Database...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_ZARAFADB.monitrc", @implode("\n", $f));
}
$f = array();
$f[] = "check process APP_ZARAFA_SERVER with pidfile /var/run/zarafa-server.pid";
$f[] = "\tstart program = \"/etc/init.d/zarafa-server start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/zarafa-server stop --monit\"";
$f[] = "\tif failed unixsocket /var/run/zarafa then restart";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Zarafa Server...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_ZARAFASERVER.monitrc", @implode("\n", $f));
$f = array();
$f[] = "check process APP_ZARAFA_SPOOLER with pidfile /var/run/zarafa-spooler.pid";
$f[] = "\tstart program = \"/etc/init.d/zarafa-spooler start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/zarafa-spooler stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Zarafa Spooler...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_ZARAFASPOOLER.monitrc", @implode("\n", $f));
$f = array();
$f[] = "check process APP_ZARAFA_GATEWAY with pidfile /var/run/zarafa-gateway.pid";
$f[] = "\tstart program = \"/etc/init.d/zarafa-gateway start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/zarafa-gateway stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Zarafa Gateway...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_ZARAFAGATEWAY.monitrc", @implode("\n", $f));
}
//********************************************************************************************************************
build_progress_restart("{reconfiguring}", 36);
$EnableClamavDaemon = $sock->GET_INFO("EnableClamavDaemon");
$EnableClamavDaemonForced = $sock->GET_INFO("EnableClamavDaemonForced");
$CicapEnabled = $sock->GET_INFO("CicapEnabled");
$SQUIDEnable = $sock->GET_INFO("SQUIDEnable");
if (!is_numeric($EnableClamavDaemon)) {
$EnableClamavDaemon = 0;
}
if (!is_numeric($EnableClamavDaemonForced)) {
$EnableClamavDaemonForced = 0;
}
if (!is_numeric($SQUIDEnable)) {
$SQUIDEnable = 1;
}
if (!is_numeric($CicapEnabled)) {
$CicapEnabled = 0;
}
if ($SQUIDEnable == 1) {
if ($CicapEnabled == 1) {
$EnableClamavDaemon = 1;
}
}
if ($EnableClamavDaemonForced == 1) {
$EnableClamavDaemon = 1;
}
//********************************************************************************************************************
build_progress_restart("{reconfiguring}", 37);
@unlink("/etc/monit/conf.d/APP_CLAMAV.monitrc");
$MasterBin = $unix->find_program("clamd");
if (is_file($MasterBin)) {
if ($EnableClamavDaemon == 1) {
$f = array();
$f[] = "check process APP_CLAMAV";
$f[] = "with pidfile /var/run/clamav/clamd.pid";
$f[] = "start program = \"/etc/init.d/clamav-daemon start --monit\"";
$f[] = "stop program = \"/etc/init.d/clamav-daemon stop --monit\"";
$f[] = "if 5 restarts within 5 cycles then timeout";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Clamd service...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_CLAMAV.monitrc", @implode("\n", $f));
$f = array();
}
}
//********************************************************************************************************************
@unlink("/etc/monit/conf.d/ufdb.monitrc");
@unlink("/etc/monit/conf.d/ufdbweb.monitrc");
$ufdbbin = $unix->find_program("ufdbguardd");
build_progress_restart("{reconfiguring}", 38);
if (is_file($ufdbbin)) {
$EnableUfdbGuard = intval($sock->EnableUfdbGuard());
$UseRemoteUfdbguardService = $sock->GET_INFO('UseRemoteUfdbguardService');
$EnableSquidGuardHTTPService = $sock->GET_INFO("EnableSquidGuardHTTPService");
$SquidPerformance = intval($sock->GET_INFO("SquidPerformance"));
$EnableWebProxyStatsAppliance = $sock->GET_INFO("EnableWebProxyStatsAppliance");
$SquidGuardApachePort = $sock->GET_INFO("SquidGuardApachePort");
$SquidGuardApacheSSLPort = $sock->GET_INFO("SquidGuardApacheSSLPort");
if (!is_numeric($UseRemoteUfdbguardService)) {
$UseRemoteUfdbguardService = 0;
}
if (!is_numeric($EnableUfdbGuard)) {
$EnableUfdbGuard = 0;
}
if (!is_numeric($EnableSquidGuardHTTPService)) {
$EnableSquidGuardHTTPService = 1;
}
if (!is_numeric($EnableWebProxyStatsAppliance)) {
$EnableWebProxyStatsAppliance = 0;
}
if ($EnableUfdbGuard == 0) {
$EnableSquidGuardHTTPService = 0;
}
if ($EnableWebProxyStatsAppliance == 1) {
$EnableSquidGuardHTTPService = 1;
}
if (!is_numeric($SquidGuardApachePort)) {
$SquidGuardApachePort = "9020";
}
if (!is_numeric($SquidGuardApacheSSLPort)) {
$SquidGuardApacheSSLPort = 9025;
}
if ($SquidPerformance > 2) {
$EnableSquidGuardHTTPService = 0;
}
if ($SQUIDEnable == 1) {
if ($EnableSquidGuardHTTPService == 1) {
$f = array();
$f[] = "check process APP_SQUIDGUARD_HTTP";
$f[] = "with pidfile /var/run/lighttpd/squidguard-lighttpd.pid";
$f[] = "start program = \"/etc/init.d/squidguard-http start --monit\"";
$f[] = "stop program = \"/etc/init.d/squidguard-http stop --monit\"";
$f[] = "if failed host 127.0.0.1 port {$SquidGuardApachePort} then restart";
$f[] = "if 5 restarts within 5 cycles then timeout";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Web filtering HTTP service...\n";
}
@file_put_contents("/etc/monit/conf.d/ufdbweb.monitrc", @implode("\n", $f));
}
}
}
//********************************************************************************************************************
$EnableArticaFrontEndToNGninx = $sock->GET_INFO("EnableArticaFrontEndToNGninx");
$EnableArticaFrontEndToApache = $sock->GET_INFO("EnableArticaFrontEndToApache");
if (!is_numeric($EnableArticaFrontEndToNGninx)) {
$EnableArticaFrontEndToNGninx = 0;
}
if (!is_numeric($EnableArticaFrontEndToApache)) {
$EnableArticaFrontEndToApache = 0;
}
$EnableNginx = $sock->GET_INFO("EnableNginx");
$EnableFreeWeb = $sock->GET_INFO("EnableFreeWeb");
if (!is_numeric($EnableFreeWeb)) {
$EnableFreeWeb = 0;
}
if (!is_numeric($EnableNginx)) {
$EnableNginx = 1;
}
if ($EnableNginx == 0) {
$EnableArticaFrontEndToNGninx = 0;
}
$pid = null;
build_progress_restart("{reconfiguring}", 39);
@unlink("/etc/monit/conf.d/APP_LIGHTTPD.monitrc");
if ($EnableArticaFrontEndToNGninx == 0) {
$pid = "/var/run/lighttpd/lighttpd.pid";
if ($EnableArticaFrontEndToApache == 1) {
$pid = "/var/run/artica-apache/apache.pid";
}
$f = array();
$f[] = "check process APP_ARTICAWEBCONSOLE with pidfile {$pid}";
$f[] = "\tstart program = \"/etc/init.d/artica-webconsole start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/artica-webconsole stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring Artica Web Console...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_LIGHTTPD.monitrc", @implode("\n", $f));
}
//********************************************************************************************************************
@unlink("/etc/monit/conf.d/APP_NGINX.monitrc");
$nginx = $unix->find_program("nginx");
if (is_file($nginx)) {
if ($EnableNginx == 1) {
$f = array();
$f[] = "check process APP_NGINX with pidfile /var/run/nginx.pid";
$f[] = "\tstart program = \"/etc/init.d/nginx start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/nginx stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring NgINX...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_NGINX.monitrc", @implode("\n", $f));
}
}
//********************************************************************************************************************
build_progress_restart("{reconfiguring}", 40);
$f = array();
if (is_file("/etc/init.d/sysklogd")) {
$f[] = "check process APP_SYSLOGD with pidfile /var/run/syslogd.pid";
$f[] = "\tstart program = \"/etc/init.d/sysklogd start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/sysklogd stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "\tcheck file syslogd_file with path /var/log/syslog";
$f[] = "\tif timestamp > 10 minutes then restart";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring sysklogd...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_SYSKLOGD.monitrc", @implode("\n", $f));
}
//********************************************************************************************************************
build_progress_restart("{reconfiguring}", 41);
$binpath = $unix->DHCPD_BIN_PATH();
@unlink("/etc/monit/conf.d/APP_DHCPD.monitrc");
$f = array();
if (is_file($binpath)) {
$EnableDHCPServer = $sock->GET_INFO("EnableDHCPServer");
if (!is_numeric($EnableDHCPServer)) {
$EnableDHCPServer = 0;
}
if ($EnableDHCPServer == 1) {
$f[] = "check process APP_DHCP with pidfile /var/run/dhcpd.pid";
$f[] = "\tstart program = \"/etc/init.d/isc-dhcp-server start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/isc-dhcp-server stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring DHCP Service...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_DHCPD.monitrc", @implode("\n", $f));
}
}
//********************************************************************************************************************
$binpath = $unix->find_program("rdpproxy");
build_progress_restart("{reconfiguring}", 42);
@unlink("/etc/monit/conf.d/APP_RDPPROXY.monitrc");
$f = array();
if (is_file($binpath)) {
$EnableRDPProxy = $sock->GET_INFO("EnableRDPProxy");
if (!is_numeric($EnableRDPProxy)) {
$EnableRDPProxy = 0;
}
if ($EnableRDPProxy == 1) {
$f[] = "check process APP_RDPPROXY with pidfile /var/run/redemption/rdpproxy.pid";
$f[] = "\tstart program = \"/etc/init.d/rdpproxy start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/rdpproxy stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring RDP Proxy...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_RDPPROXY.monitrc", @implode("\n", $f));
}
}
//********************************************************************************************************************
build_progress_restart("{reconfiguring}", 43);
@unlink("/etc/monit/conf.d/APP_DNSMASQ.monitrc");
$f = array();
$binpath = $unix->find_program("dnsmasq");
if (is_file($binpath)) {
$EnableDNSMASQ = $users->EnableDNSMASQ();
if ($EnableDNSMASQ == 1) {
$f[] = "check process APP_DNSMASQ with pidfile /var/run/dnsmasq.pid";
$f[] = "\tstart program = \"/etc/init.d/dnsmasq start --monit\"";
$f[] = "\tstop program = \"/etc/init.d/dnsmasq stop --monit\"";
$f[] = "\tif 5 restarts within 5 cycles then timeout";
$f[] = "";
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} monitoring DNSMasq Service...\n";
}
@file_put_contents("/etc/monit/conf.d/APP_DNSMASQ.monitrc", @implode("\n", $f));
}
}
//********************************************************************************************************************
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} checking syslog\n";
}
if (is_file("/etc/init.d/syslog")) {
checkDebSyslog();
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} configuration done\n";
}
shell_exec($GLOBALS["MONIT_CLASS"]->monitor_all_cmdline . " 2>&1");
build_progress_restart("{reconfiguring}", 45);
}