function install($filename)
{
$GLOBALS["PROGRESS_FILE"] = "/usr/share/artica-postfix/ressources/logs/squid.install.progress";
$GLOBALS["LOG_FILE"] = "/usr/share/artica-postfix/ressources/logs/web/squid.install.progress.txt";
$unix = new unix();
$LINUX_CODE_NAME = $unix->LINUX_CODE_NAME();
$LINUX_DISTRIBUTION = $unix->LINUX_DISTRIBUTION();
$LINUX_VERS = $unix->LINUX_VERS();
$LINUX_ARCHITECTURE = $unix->LINUX_ARCHITECTURE();
$APACHEUSER = $unix->APACHE_SRC_ACCOUNT();
$DebianVer = "debian{$LINUX_VERS[0]}";
$TMP_DIR = $unix->TEMP_DIR();
$ORGV = @file_get_contents("/usr/share/artica-postfix/VERSION");
$PATCH_VER = null;
$tarballs_file = "/usr/share/artica-postfix/ressources/conf/upload/{$filename}";
echo "Package {$tarballs_file}\n";
$size = filesize($tarballs_file);
echo "Size....................: " . FormatBytes($size / 1024) . "\n";
build_progress("Analyze...", 10);
echo "Current system..........: {$LINUX_CODE_NAME} {$LINUX_DISTRIBUTION} {$LINUX_VERS[0]}/{$LINUX_VERS[1]} {$LINUX_ARCHITECTURE}\n";
echo "Package.................: {$filename}\n";
echo "Temp dir................: {$TMP_DIR}\n";
if (!is_file($tarballs_file)) {
echo "{$tarballs_file} no such file...\n";
build_progress("No such file...", 110);
return;
}
echo "Uncompressing {$tarballs_file}...\n";
build_progress("{extracting} {$filename}...", 20);
$chown = $unix->find_program("chown");
$chmod = $unix->find_program("chmod");
$tar = $unix->find_program("tar");
$rm = $unix->find_program("rm");
$nohup = $unix->find_program("nohup");
$php = $unix->LOCATE_PHP5_BIN();
$squid = $unix->LOCATE_SQUID_BIN();
build_progress("{extracting} {$filename}...", 50);
system("{$tar} xf {$tarballs_file} -C /");
echo "Removing {$tarballs_file}...\n";
@unlink($tarballs_file);
shell_exec("{$rm} -rf /usr/share/artica-postfix/ressources/conf/upload/*");
@unlink(dirname(__FILE__) . "/ressources/logs/squid.compilation.params");
build_progress("{restarting} Squid-cache...", 60);
system("/etc/init.d/squid restart --force");
build_progress("{reconfiguring} Squid-cache...", 65);
system("{$php} /usr/share/artica-postfix/exec.squid.php --build --force");
build_progress("{reconfiguring} {APP_UFDBGUARD}...", 70);
system("{$php} /usr/share/artica-postfix/exec.squidguard.php --build --force");
build_progress("{restarting} {APP_C_ICAP}...", 80);
system("/etc/init.d/c-icap restart");
build_progress("Refresh local versions...", 90);
system('/usr/share/artica-postfix/bin/process1 --force --verbose --' . time());
$squid_version = x_squid_version();
build_progress("{success} v.{$squid_version}...", 100);
echo "Starting......: " . date("H:i:s") . " Done you can close the screen....\n";
}
function download()
{
$unix = new unix();
build_progress("{downloading}", 10);
$URI = "http://wordpress.org/latest.tar.gz";
$TMP_FILE = $unix->FILE_TEMP() . ".gz";
$TMP_DIR = $unix->TEMP_DIR();
echo "Downloading {$URI}\n";
$curl = new ccurl($URI);
$curl->WriteProgress = true;
$curl->ProgressFunction = "download_progress";
if (!$curl->GetFile($TMP_FILE)) {
build_progress("{downloading} {failed}", 110);
echo $curl->error;
return;
}
echo "Extracting {$TMP_FILE} in {$TMP_DIR}\n";
$tar = $unix->find_program("tar");
$cmd = "{$tar} xf {$TMP_FILE} -C {$TMP_DIR}/";
build_progress("{uncompress}", 50);
shell_exec("{$tar} xf {$TMP_FILE} -C {$TMP_DIR}/");
@unlink($TMP_FILE);
$dirs = $unix->dirdir($TMP_DIR);
$WDP_DIR = null;
while (list($num, $ligne) = each($dirs)) {
if (!is_file("{$ligne}/wp-admin/install.php")) {
continue;
}
$WDP_DIR = $ligne;
break;
echo "Find Directory {$ligne}\n";
}
if (!is_dir($WDP_DIR)) {
build_progress("Find directory failed", 110);
echo "Find directory failed\n";
return;
}
build_progress("{installing}", 80);
@mkdir("/usr/share/wordpress-src", 0755, true);
$cp = $unix->find_program("cp");
$rm = $unix->find_program("rm");
shell_exec("cp -rfv {$WDP_DIR}/* /usr/share/wordpress-src/");
if (is_dir($WDP_DIR)) {
echo "Removing {$WDP_DIR}\n";
shell_exec("{$rm} -rf {$WDP_DIR}");
}
$sock = new sockets();
$sock->SET_INFO("EnableFreeWeb", 1);
@file_put_contents("/etc/artica-postfix/settings/Daemons/WordPressInstalled", 1);
system("/etc/init.d/artica-status restart --force");
build_progress("{success}", 100);
$nohup = $unix->find_program("nohup");
$sock = new sockets();
shell_exec("{$nohup} /usr/share/artica-postfix/bin/process1 --verbose 654646 >/dev/null 2>&1 &");
}
function install()
{
$unix = new unix();
$DISTRICODE = $unix->LINUX_CODE_NAME();
$arch = $unix->LINUX_ARCHITECTURE();
$VERS = $unix->LINUX_VERS();
$dpkg = $unix->find_program("dpkg");
echo "DISTRICODE:{$DISTRICODE} \n";
if (!python_verify_modules("MySQLdb")) {
$unix->DEBIAN_INSTALL_PACKAGE("python-mysqldb");
}
if (!python_verify_modules("ldap")) {
echo "Installing python-ldap\n";
if ($DISTRICODE == "DEBIAN") {
if ($arch == 64) {
if ($VERS[0] == 6) {
if (is_file("/usr/share/artica-postfix/bin/install/postfix/python-6-ldap-amd64.deb")) {
shell_exec("{$dpkg} -i --force-all /usr/share/artica-postfix/bin/install/postfix/python-6-ldap-amd64.deb");
}
}
if ($VERS[0] == 7) {
if (is_file("/usr/share/artica-postfix/bin/install/postfix/python-7-ldap-amd64.deb")) {
shell_exec("{$dpkg} -i --force-all /usr/share/artica-postfix/bin/install/postfix/python-7-ldap-amd64.deb");
}
}
}
}
}
if (!python_verify_modules("ldap")) {
$unix->DEBIAN_INSTALL_PACKAGE("python-ldap");
}
if (!python_verify_modules("ldap")) {
echo "Warning, ldap/python-ldap not installed...\n";
return;
}
if (!python_verify_modules("MySQLdb")) {
echo "Warning, MySQLdb/python-mysqldb not installed...\n";
return;
}
echo "MySQLdb / python-mysqldb OK\n";
echo "LDAP / python-ldap OK\n";
$tmpdir = $unix->TEMP_DIR() . "/iredmail";
$tar = $unix->find_program("tar");
$rm = $unix->find_program("rm");
if (!is_file("/usr/share/artica-postfix/bin/install/postfix/iredapd.tar.gz")) {
return;
}
@mkdir($tmpdir, 0755, true);
shell_exec("{$tar} xf /usr/share/artica-postfix/bin/install/postfix/iredapd.tar.gz -C /");
if (!is_file("/opt/iRedAPD/iredapd.py")) {
return;
}
@chmod("/opt/iRedAPD/iredapd.py", 0755);
}
function update()
{
if (system_is_overloaded()) {
return;
}
$unix = new unix();
$sock = new sockets();
$pidfile = "/etc/artica-postfix/pids/exec.ipblock.php.update.pid";
$pidtime = "/etc/artica-postfix/pids/exec.ipblock.php.update.time";
$pid = @file_get_contents($pidfile);
if (!$GLOBALS["FORCE"]) {
if ($unix->process_exists($pid)) {
echo "Already running pid {$pid}\n";
return;
}
}
include_once dirname(__FILE__) . '/ressources/class.ccurl.inc';
if (!is_file($pidtime)) {
@file_put_contents($pidtime, time());
}
if (!$GLOBALS["FORCE"]) {
if ($unix->file_time_min($pidtime) > 720) {
@unlink($pidtime);
@file_put_contents($pidtime, time());
return;
}
}
@file_put_contents($pidfile, getmypid());
$EnableIpBlocks = intval($sock->GET_INFO("EnableIpBlocks"));
if ($EnableIpBlocks == 0) {
return;
}
$DIR_TEMP = $unix->TEMP_DIR();
$curl = new ccurl("http://www.ipdeny.com/ipblocks/data/countries/all-zones.tar.gz");
if (!$curl->GetFile("{$DIR_TEMP}/all-zones.tar.gz")) {
system_admin_events(0, "Fatal, Unable to download all-zones.tar.gz from ipdeny.com", __FILE__, __LINE__);
return;
}
$OldMd5 = $sock->GET_INFO("IpBlocksMD5");
$md5File = md5_file("{$DIR_TEMP}/all-zones.tar.gz");
if ($md5File == $OldMd5) {
ipblocks();
return;
}
$tar = $unix->find_program("tar");
@mkdir("/home/artica/ipblocks", 0755, true);
shell_exec("{$tar} xf {$DIR_TEMP}/all-zones.tar.gz -C /home/artica/ipblocks/");
if (ipblocks()) {
$sock->SET_INFO("IpBlocksMD5", "{$md5File}");
system_admin_events(0, "Restarting Firewall in order to refresh countries blocking");
}
}
function xinstall()
{
$unix = new unix();
$curl = new ccurl();
$tmpfile = $unix->FILE_TEMP();
$tmpdir = $unix->TEMP_DIR();
build_progress("{downloading} v3.1.0-25", 15);
$curl = new ccurl("http://articatech.net/download/UpdateUtility/updateutility-3.1.0-25.tar.gz");
if (!$curl->GetFile($tmpfile)) {
@unlink($tmpfile);
build_progress("{downloading} {failed}", 110);
return;
}
$tar = $unix->find_program("tar");
$rm = $unix->find_program("rm");
@mkdir("{$tmpdir}/updateutility", 0755);
build_progress("{uncompress}", 20);
shell_exec("{$tar} -xf {$tmpfile} -C {$tmpdir}/updateutility/");
build_progress("{find_source_directory}", 25);
$dirs = $unix->dirdir("{$tmpdir}/updateutility");
$SOURCE_DIRECTORY = null;
while (list($num, $ligne) = each($dirs)) {
build_progress("{scanning} {$ligne}", 25);
if (is_file("{$ligne}/UpdateUtility-Console")) {
$SOURCE_DIRECTORY = $ligne;
break;
}
}
if ($SOURCE_DIRECTORY == null) {
echo "Unable to find source directory\n";
build_progress("{installing} {failed}", 110);
shell_exec("{$rm} -rf {$tmpdir}/updateutility");
return;
}
echo "Using directory {$SOURCE_DIRECTORY}\n";
build_progress("{installing}...", 80);
$cp = $unix->find_program("cp");
@mkdir("/etc/UpdateUtility", 0755, true);
shell_exec("{$cp} -rfv {$SOURCE_DIRECTORY}/* /etc/UpdateUtility/");
shell_exec("{$rm} -rf {$tmpdir}/updateutility");
if (!is_file("/etc/UpdateUtility/UpdateUtility-Console")) {
echo "/etc/UpdateUtility/UpdateUtility-Console no such binary\n";
build_progress("{installing} {failed}", 110);
}
build_progress("{installing} {success}", 100);
}
function xstart()
{
$curl = new ccurl();
$unix = new unix();
$Pidfile = "/etc/artica-postfix/pids/exec.abuse-ch.pid";
$PidTime = "/etc/artica-postfix/pids/exec.abuse-ch.time";
$pid = $unix->get_pid_from_file($Pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
if ($GLOBALS["VERBOSE"]) {
echo "Aborting Task already running pid {$pid} " . __FUNCTION__ . "()\n";
}
return;
}
@file_put_contents($Pidfile, getmypid());
if (!$GLOBALS["VERBOSE"]) {
$time = $unix->file_time_min($PidTime);
if ($time < 10) {
echo "Only each 10mn\n";
die;
}
@unlink($PidTime);
@file_put_contents($PidTime, time());
}
$curl = new ccurl("http://articatech.net/WebfilterDBS/ransomwaretracker.txt");
$tmpfile = $unix->TEMP_DIR();
if (!$curl->GetFile("{$tmpfile}/ransomwaretracker.txt")) {
squid_admin_mysql(0, "ransomwaretracker.txt unable to get index file", $curl->error, __FILE__, __LINE__);
return;
}
$array = unserialize(@file_get_contents("{$tmpfile}/ransomwaretracker.txt"));
$TIME = $array["TIME"];
if (!isset($array["MD5"])) {
squid_admin_mysql(0, "ransomwaretracker.txt corrupted file", $curl->error, __FILE__, __LINE__);
return;
}
@unlink("{$tmpfile}/ransomwaretracker.txt");
$CurrentMD5 = @file_get_contents("/etc/artica-postfix/settings/Daemons/ransomwaretrackerMD5");
if ($CurrentMD5 == $array["MD5"]) {
return;
}
$curl = new ccurl("http://articatech.net/WebfilterDBS/ransomwaretracker.gz");
if (!$curl->GetFile("{$tmpfile}/ransomwaretracker.gz")) {
squid_admin_mysql(0, "ransomwaretracker.gz unable to get pattern file", $curl->error, __FILE__, __LINE__);
return;
}
if (!$unix->uncompress("{$tmpfile}/ransomwaretracker.gz", "{$tmpfile}/ransomwaretracker.db")) {
squid_admin_mysql(0, "ransomwaretracker.gz unable to extract file", $curl->error, __FILE__, __LINE__);
return;
}
$ARRAY = unserialize(@file_get_contents("{$tmpfile}/ransomwaretracker.db"));
if (!isset($ARRAY["URIS"])) {
squid_admin_mysql(0, "ransomwaretracker.db corrupted database", $curl->error, __FILE__, __LINE__);
return;
}
if (is_file("/etc/squid3/ransomwaretracker.db")) {
@unlink("/etc/squid3/ransomwaretracker.db");
}
@copy("{$tmpfile}/ransomwaretracker.db", "/etc/squid3/ransomwaretracker.db");
if (!is_file("/etc/artica-postfix/settings/Daemons/RansomwareReloaded")) {
squid_admin_mysql(1, "Reloading Proxy service for updating Ranswomware function", null, __FILE__, __LINE__);
$squid = $unix->LOCATE_SQUID_BIN();
shell_exec("{$squid} -f /etc/squid3/squid.conf -k reconfigure");
@touch("/etc/artica-postfix/settings/Daemons/RansomwareReloaded");
}
squid_admin_mysql(2, "Success updating ranswomware database v{$TIME}", null, __FILE__, __LINE__);
}
function ping()
{
$ip = $_GET["ip"];
$unix = new unix();
$tmp = $unix->TEMP_DIR();
if (trim($ip) == null) {
return false;
}
$ftmp = "{$tmp}/" . md5(__FILE__);
exec("/bin/ping -q -c 1 -s 16 -W1 -Q 0x02 {$ip} >{$ftmp} 2>&1");
$results = explode("\n", @file_get_contents($ftmp));
@unlink($ftmp);
if (!is_array($results)) {
return false;
}
while (list($index, $line) = each($results)) {
if (preg_match("#[0-9]+\\s+[a-zA-Z]+\\s+[a-zA-Z]+,\\s+([0-9]+)\\s+received#", $line, $re)) {
if ($re[1] > 0) {
$ping_check = true;
} else {
$ping_check = false;
}
}
}
if ($ping_check) {
echo "<articadatascgi>TRUE</articadatascgi>";
return;
}
echo "<articadatascgi>FALSE</articadatascgi>";
}
function GetIndex()
{
$WORKING_DIR = "/home/working_toulouse_databases";
$WORKING_DOWNLOAD = "{$WORKING_DIR}/dowloads";
$WORKING_UPLOAD = "{$WORKING_DIR}/uploads";
@mkdir($WORKING_DOWNLOAD, 0755, true);
@mkdir($WORKING_UPLOAD, 0755, true);
$unix = new unix();
$tar = $unix->find_program("tar");
$catz = new mysql_catz();
$tmpfile = $unix->FILE_TEMP();
$tmpdir = $unix->TEMP_DIR();
$rm = $unix->find_program("rm");
$mainuri = "ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib";
$EXEC_NICE = $unix->EXEC_NICE();
$ufdbGenTable = $unix->find_program("ufdbGenTable");
$curl = new ccurl("{$mainuri}/MD5SUM.LST");
if (!$curl->GetFile($tmpfile)) {
echo "Failed to download MD5SUM.LST\n";
return;
}
$tr = explode("\n", @file_get_contents($tmpfile));
while (list($index, $line) = each($tr)) {
if (preg_match("#(.+?)\\s+(.+)#", $line, $re)) {
$filename = trim($re[1]);
$md5 = trim($re[2]);
$array[$md5] = $filename;
}
}
@unlink($tmpfile);
$q = new mysql_squid_builder();
$TLSE_CONVERTION = TLSE_CONVERTION();
$FINAL_ARRAY = array();
while (list($filename, $md5) = each($array)) {
$category = str_replace(".tar.gz", "", $filename);
if (isset($TLSE_CONVERTION[$category])) {
$FINAL_ARRAY[$filename] = $md5;
}
}
$UPDATED = 0;
$MAIN_ARRAY = unserialize(base64_decode(@file_get_contents("{$WORKING_UPLOAD}/index.txt")));
while (list($filename, $md5) = each($FINAL_ARRAY)) {
$TargetFile = "{$WORKING_DOWNLOAD}/{$filename}";
$categoryname = str_replace(".tar.gz", "", $filename);
if ($categoryname == "adult") {
continue;
}
if ($categoryname == "aggressive") {
continue;
}
if ($categoryname == "agressif") {
continue;
}
if ($categoryname == "redirector") {
continue;
}
if ($categoryname == "ads") {
continue;
}
if ($categoryname == "drogue") {
continue;
}
$MyStoreMd5 = md5_file($TargetFile);
if ($MyStoreMd5 == $md5) {
echo "Skipping {$filename}\n";
continue;
}
echo "Downloading {$filename}\n";
$curl = new ccurl("{$mainuri}/{$filename}");
$tmpfile = $unix->FILE_TEMP();
if (!$curl->GetFile($tmpfile)) {
echo "Failed {$curl->error}\n";
@unlink($tmpfile);
continue;
}
$md5_tmp = md5_file($tmpfile);
if ($md5_tmp != $md5) {
echo "Failed Corrupted file\n";
@unlink($tmpfile);
continue;
}
if (is_file($TargetFile)) {
@unlink($TargetFile);
}
if (!@copy($tmpfile, $TargetFile)) {
echo "Failed Copy file\n";
@unlink($tmpfile);
@unlink($TargetFile);
continue;
}
@unlink($tmpfile);
$MyStoreMd5 = md5_file($TargetFile);
if ($MyStoreMd5 != $md5) {
echo "Failed MD5 file\n";
@unlink($TargetFile);
continue;
}
@mkdir("{$WORKING_DIR}/{$categoryname}", 0755, true);
echo "Extracting {$TargetFile}\n";
$cmd = "{$tar} xvf {$TargetFile} -C {$WORKING_DIR}/{$categoryname}/";
echo $cmd . "\n";
system($cmd);
$SOURCE_DIR = find_sources("{$WORKING_DIR}/{$categoryname}");
if (!is_file("{$SOURCE_DIR}/domains")) {
echo "Failed {$SOURCE_DIR}/domains no such file\n";
@unlink($TargetFile);
continue;
}
$COUNT_OF_DOMAINS = $unix->COUNT_LINES_OF_FILE("{$SOURCE_DIR}/domains");
echo "{$categoryname} {$COUNT_OF_DOMAINS} domains\n";
if ($COUNT_OF_DOMAINS == 0) {
shell_exec("{$rm} -rf {$WORKING_DIR}/{$categoryname}");
@unlink($TargetFile);
continue;
}
if (is_file("{$SOURCE_DIR}/domains.ufdb")) {
@unlink("{$SOURCE_DIR}/domains.ufdb");
}
if (!is_file("{$SOURCE_DIR}/urls")) {
@touch("{$SOURCE_DIR}/urls");
}
$u = " -u {$SOURCE_DIR}/urls";
$d = " -d {$SOURCE_DIR}/domains";
$cmd = "{$EXEC_NICE}{$ufdbGenTable} -n -q -W -t {$categoryname}{$d}{$u}";
echo $cmd . "\n";
shell_exec($cmd);
if (!is_file("{$SOURCE_DIR}/domains.ufdb")) {
echo "Failed to compile {$categoryname}\n";
@unlink($TargetFile);
continue;
}
$MD5SRC = md5_file("{$SOURCE_DIR}/domains.ufdb");
if (is_file("{$WORKING_UPLOAD}/{$categoryname}.gz")) {
@unlink("{$WORKING_UPLOAD}/{$categoryname}.gz");
}
$unix->compress("{$SOURCE_DIR}/domains.ufdb", "{$WORKING_UPLOAD}/{$categoryname}.gz");
$MD5GZ = md5_file("{$WORKING_UPLOAD}/{$categoryname}.gz");
$UPDATED++;
$NOTIFICATIONS[] = "{$categoryname} updated with {$COUNT_OF_DOMAINS} domains";
$MAIN_ARRAY[$categoryname]["ROWS"] = $COUNT_OF_DOMAINS;
$MAIN_ARRAY[$categoryname]["MD5SRC"] = $MD5SRC;
$MAIN_ARRAY[$categoryname]["MD5GZ"] = $MD5GZ;
$MAIN_ARRAY[$categoryname]["TIME"] = time();
$MAIN_ARRAY[$categoryname]["SIZE"] = @filesize("{$WORKING_UPLOAD}/{$categoryname}.gz");
@file_put_contents("{$WORKING_UPLOAD}/index.txt", base64_encode(serialize($MAIN_ARRAY)));
}
if ($UPDATED > 0) {
PushToRepo_alls();
sendEmail("{$UPDATED} Toulouse Unversity databases uploaded.", @implode("\n", $NOTIFICATIONS));
}
}
function install($filekey = 0, $OS)
{
include_once dirname(__FILE__) . "/ressources/class.ccurl.inc";
$unix = new unix();
$filename = null;
$MD5 = null;
$DebianVersion = DebianVersion();
if ($OS != $DebianVersion) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, influxdb Debian version incompatible!\n";
}
build_progress_idb("Incompatible system {$OS}<>{$DebianVersion}!", 110);
die;
}
if ($filekey != 0) {
$sock = new sockets();
$ArticaTechNetHaProxyRepo = unserialize(base64_decode($sock->GET_INFO("ArticaTechNetHaProxyRepo")));
$version = $ArticaTechNetHaProxyRepo[$filekey][$OS]["VERSION"];
$filename = $ArticaTechNetHaProxyRepo[$filekey][$OS]["FILENAME"];
$MD5 = $ArticaTechNetHaProxyRepo[$filekey][$OS]["MD5"];
$URL = $ArticaTechNetHaProxyRepo[$filekey][$OS]["URL"];
}
$rmmod = $unix->find_program("rmmod");
$depmod = $unix->find_program("depmod");
$modprobe = $unix->find_program("modprobe");
$ldconfig = $unix->find_program("ldconfig");
echo "Downloading {$URL}\n";
$curl = new ccurl($URL);
$tmpdir = $unix->TEMP_DIR();
$php = $unix->LOCATE_PHP5_BIN();
build_progress_idb("{downloading}", 1);
$curl->WriteProgress = true;
$curl->ProgressFunction = "download_progress";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Downloading {$filename}\n";
}
if (!$curl->GetFile("{$tmpdir}/{$filename}")) {
build_progress_idb("{$curl->error}", 110);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$curl->error}\n";
}
while (list($key, $value) = each($curl->errors)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$value}\n";
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, HaProxy unable to install....\n";
}
@unlink("{$tmpdir}/{$filename}");
return;
}
if ($MD5 != null) {
$DESTMD5 = md5_file("{$tmpdir}/{$filename}");
if ($DESTMD5 != $MD5) {
echo "{$DESTMD5}<>{$MD5}\n";
@unlink("{$tmpdir}/{$filename}");
build_progress_idb("{install_failed} {corrupted_package}", 110);
return;
}
}
build_progress_idb("{stopping_service}", 95);
if (!is_file("/etc/init.d/haproxy")) {
system("{$php} /usr/share/artica-postfix/exec.initslapd.php --haproxy");
}
system("/etc/init.d/firehol stop");
system("/etc/init.d/haproxy stop");
build_progress_idb("{extracting}", 96);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, extracting....\n";
}
$tar = $unix->find_program("tar");
shell_exec("{$tar} xvf {$tmpdir}/{$filename} -C /");
build_progress_idb("{installing} 1/1", 96);
system("{$ldconfig}");
if ($GLOBALS["PROGRESS"]) {
build_progress_idb("{restarting_service}", 97);
system("{$php} /usr/share/artica-postfix/exec.status.php --haproxy >/dev/null");
system("/etc/init.d/artica-status restart --force");
build_progress_idb("{restarting_service} 1/2", 98);
system("/etc/init.d/haproxy restart");
build_progress_idb("{restarting_service} 2/2", 98);
system("/etc/init.d/firehol restart");
}
build_progress_idb("{refresh_status}", 98);
build_progress_idb("{done}", 100);
}
function nightly()
{
@mkdir("/var/log/artica-postfix", 0755, true);
$GLOBALS["MasterIndexFile"] = "/usr/share/artica-postfix/ressources/index.ini";
$unix = new unix();
$sock = new sockets();
$autoinstall = true;
$timefile = "/etc/artica-postfix/croned.1/nightly";
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
$pid = @file_get_contents($pidfile);
$kill = $unix->find_program("kill");
$tmpdir = $unix->TEMP_DIR();
$php5 = $unix->LOCATE_PHP5_BIN();
$nohup = $unix->find_program("nohup");
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
echo "Starting......: " . date("H:i:s") . " nightly build already executed PID: {$pid} since {$time}Mn\n";
system_admin_events("nightly build already executed PID: {$pid} since {$time}Mn", __FUNCTION__, __FILE__, __LINE__, "artica-update");
if ($time < 120) {
if (!$GLOBALS["FORCE"]) {
die;
}
}
unix_system_kill_force($pid);
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
$EnableScheduleUpdates = $sock->GET_INFO("EnableScheduleUpdates");
if (!is_numeric($EnableScheduleUpdates)) {
$EnableScheduleUpdates = 0;
}
if ($GLOBALS["FORCE"]) {
_artica_update_event(1, "Update task pid {$mypid} is forced by an human.", null, __FILE__, __LINE__);
}
if ($EnableScheduleUpdates == 1) {
if (!$GLOBALS["FORCE"]) {
if (!$GLOBALS["BYCRON"]) {
_artica_update_event(2, "Operation must be only executed by scheduler ( use --force to by pass)", null, __FILE__, __LINE__);
@file_put_contents("/usr/share/artica-postfix/download_progress", 100);
return;
}
}
}
$ini = new iniFrameWork();
$ini->loadFile('/etc/artica-postfix/artica-update.conf');
if (!isset($ini->_params["AUTOUPDATE"]["enabled"])) {
$ini->_params["AUTOUPDATE"]["enabled"] = "yes";
}
if (trim($ini->_params["AUTOUPDATE"]["enabled"]) == null) {
$ini->_params["AUTOUPDATE"]["enabled"] = "yes";
}
if ($ini->_params["AUTOUPDATE"]["enabled"] == null) {
$ini->_params["AUTOUPDATE"]["enabled"] = "yes";
}
if (trim($ini->_params["AUTOUPDATE"]["uri"]) == null) {
$ini->_params["AUTOUPDATE"]["uri"] = "http://www.articatech.net/auto.update.php";
}
if ($ini->_params["AUTOUPDATE"]["enabled"] == 1) {
$ini->_params["AUTOUPDATE"]["enabled"] = 'yes';
}
if (!is_numeric(trim($ini->_params["AUTOUPDATE"]["CheckEveryMinutes"]))) {
$ini->_params["AUTOUPDATE"]["CheckEveryMinutes"] = 60;
}
if ($ini->_params["AUTOUPDATE"]["enabled"] != 'yes') {
echo "Starting......: " . date("H:i:s") . " Artica Update feature is disabled (enabled = {$ini->_params["AUTOUPDATE"]["enabled"]} )\n";
return;
}
$CheckEveryMinutes = $ini->_params["AUTOUPDATE"]["CheckEveryMinutes"];
$uri = $ini->_params["AUTOUPDATE"]["uri"];
$arrayURI = parse_url($uri);
$MAIN_URI = "{$arrayURI["scheme"]}://{$arrayURI["host"]}";
$MAIN_URI = str_replace("www.artica.fr", "www.articatech.net", $MAIN_URI);
if (!$GLOBALS["FORCE"]) {
if ($EnableScheduleUpdates == 0) {
if ($unix->file_time_min($timefile) < $CheckEveryMinutes) {
echo "Starting......: " . date("H:i:s") . " update feature (too short time, require {$CheckEveryMinutes}mn)\n";
@file_put_contents("/usr/share/artica-postfix/download_progress", 100);
return;
}
}
}
@unlink($timefile);
@file_put_contents($timefile, time());
if ($GLOBALS["FORCE"]) {
if (is_file("/root/artica-latest.tgz")) {
echo "Starting......: " . date("H:i:s") . " Installing old downloaded package\n";
if (install_package("/root/artica-latest.tgz")) {
return;
}
}
}
// ----------------------- LANCEMENT ------------------------------------------------------------------------------
$EnableArticaMetaClient = intval($sock->GET_INFO("EnableArticaMetaClient"));
if ($EnableArticaMetaClient == 1) {
echo "Starting......: " . date("H:i:s") . " Nightly builds using Artica Meta console\n";
system("{$nohup} {$php5} /usr/share/artica-postfix/exec.artica-meta-client.php --artica-updates >/dev/null 2>&1 &");
die;
}
echo "Starting......: " . date("H:i:s") . " Nightly builds checking an official release first\n";
if (update_release()) {
return;
}
$nightly = trim(strtolower($ini->_params["AUTOUPDATE"]["nightlybuild"]));
if ($nightly == 1) {
$nightly = "yes";
}
if ($GLOBALS["FORCE"]) {
$nightly = "yes";
}
if ($GLOBALS["FORCE_NIGHTLY"]) {
$nightly = "yes";
}
if ($nightly != 'yes') {
echo "Starting......: " . date("H:i:s") . " Nightly builds feature is disabled [{$nightly}]\n";
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/download_progress", 100);
return;
}
if ($ini->_params["AUTOUPDATE"]["autoinstall"] == 1) {
$ini->_params["AUTOUPDATE"]["autoinstall"] = "yes";
}
if (trim($ini->_params["AUTOUPDATE"]["autoinstall"]) == null) {
$ini->_params["AUTOUPDATE"]["autoinstall"] = "yes";
}
if ($ini->_params["AUTOUPDATE"]["autoinstall"] != "yes") {
$autoinstall = false;
}
@file_put_contents("/usr/share/artica-postfix/download_progress", 0);
$MyCurrentVersion = GetCurrentVersion();
echo "Starting......: " . date("H:i:s") . " Current version: {$MyCurrentVersion}\n";
$Lastest = trim(strtolower($GLOBALS["lastest-nightly"]));
echo "Starting......: " . date("H:i:s") . " Nightly builds version \"{$Lastest}\" on repository\n";
$MyNextVersion = intval(str_replace(".", "", $Lastest));
echo "Starting......: " . date("H:i:s") . " nightly builds Cur:{$MyCurrentVersion}, Next:{$MyNextVersion}\n";
if ($MyNextVersion == $MyCurrentVersion) {
echo "Starting......: " . date("H:i:s") . " nightly builds {$MyCurrentVersion}/{$MyNextVersion} \"Up to date - Same version\"\n";
@file_put_contents("/usr/share/artica-postfix/download_progress", 100);
return;
}
if ($MyCurrentVersion > $MyNextVersion) {
echo "Starting......: " . date("H:i:s") . " nightly builds {$MyCurrentVersion}/{$MyNextVersion} \"Up to date - Most updated\"\n";
@file_put_contents("/usr/share/artica-postfix/download_progress", 100);
return;
}
$t1 = time();
_artica_update_event(2, "nightly builds Downloading new version {$Lastest}", null, __FILE__, __LINE__);
echo "Starting......: " . date("H:i:s") . " nightly builds Downloading new version {$Lastest}, please wait\n";
events("Downloading new version {$Lastest}");
$uri = "{$MAIN_URI}/nightbuilds/artica-{$Lastest}.tgz";
$ArticaFileTemp = "{$tmpdir}/{$Lastest}/artica-{$Lastest}.tgz";
@mkdir("{$tmpdir}/{$Lastest}", 0755, true);
$curl = new ccurl($uri);
$curl->Timeout = 2400;
$curl->WriteProgress = true;
$curl->ProgressFunction = "nightly_progress";
$t = time();
if (!$curl->GetFile($ArticaFileTemp)) {
_artica_update_event(0, "nightly builds Unable to download latest nightly build with error {$curl->error}", null, __FILE__, __LINE__);
events("Unable to download latest nightly build with error {$curl->error}");
system_admin_events("Unable to download latest nightly build with error {$curl->error}", __FUNCTION__, __FILE__, __LINE__, "artica-update");
@unlink($ArticaFileTemp);
return;
}
$took = $unix->distanceOfTimeInWords($t, time(), true);
_artica_update_event(2, "artica-{$Lastest}.tgz download, took {$took}", null, __FILE__, __LINE__);
system_admin_events("artica-{$Lastest}.tgz download, took {$took}", __FUNCTION__, __FILE__, __LINE__, "artica-update");
events("artica-{$Lastest}.tgz download, took {$took}");
$size = @filesize($ArticaFileTemp);
$size = FormatBytes($size / 1024, true);
ArticaMeta_nightly($ArticaFileTemp);
echo "Starting......: " . date("H:i:s") . " nightly builds took {$took}\n";
if (!$GLOBALS["FORCE"]) {
if ($autoinstall == false) {
_artica_update_event(2, "artica-latest.tgz will be stored in /root", null, __FILE__, __LINE__);
@copy("{$ArticaFileTemp}", "/root/artica-latest.tgz");
@unlink($ArticaFileTemp);
_artica_update_event(1, "Nightly builds New Artica update v.{$Lastest} ({$size}) waiting order", null, __FILE__, __LINE__);
system_admin_events("New Artica update v.{$Lastest} waiting your order", __FUNCTION__, __FILE__, __LINE__, "artica-update");
return;
} else {
}
}
events("Now, installing the newest version in {$ArticaFileTemp} package...");
$size = @filesize($ArticaFileTemp);
$size = FormatBytes($size / 1024, true);
if (!install_package($ArticaFileTemp, $Lastest)) {
events("Install package Failed...");
return false;
}
events("New Artica update v.{$Lastest}");
_artica_update_event(1, "Nightly builds New Artica update v.{$Lastest} ({$size})", null, __FILE__, __LINE__);
system_admin_events("New Artica update v.{$Lastest}", __FUNCTION__, __FILE__, __LINE__, "artica-update");
}
function compile_ufdbcat()
{
$unix = new unix();
$uri = "http://www.articatech.net/download/ufdbGuard-1.31.tar.gz";
$curl = new ccurl("http://www.articatech.net/download/ufdbGuard-1.31.tar.gz");
echo "Downloading {$uri}\n";
$tempdir = $unix->TEMP_DIR() . "/ufdb";
$tempfile = "{$tempdir}/ufdbGuard-1.31.tar.gz";
$tar = $unix->find_program("tar");
$rm = $unix->find_program("rm");
$cp = $unix->find_program("cp");
if (is_dir($tempdir)) {
shell_exec("{$rm} -rf {$tempdir}");
}
@mkdir($tempdir, 0755, true);
if (is_file($tempfile)) {
@unlink($tempfile);
}
if (!$curl->GetFile($tempfile)) {
echo "Fatal, unable to download {$uri}\n";
meta_admin_mysql(0, "Fatal, unable to download {$uri}", @implode("\n", $curl->errors), __FILE__, __LINE__);
return;
}
if (is_dir("{$tempdir}/ufdbcompile")) {
shell_exec("{$rm} -rf {$tempdir}/ufdbcompile");
}
echo "Uncompressing {$tempdir}/ufdbGuard-1.31.tar.gz to {$tempdir}/\n";
shell_exec("{$tar} -xf {$tempdir}/ufdbGuard-1.31.tar.gz -C {$tempdir}/");
$dirs = $unix->dirdir($tempdir);
while (list($directory, $value) = each($dirs)) {
echo "Found directory {$directory}\n";
if (is_file("{$directory}/src/mtserver/ufdbguardd.c")) {
$WORKDIR = "{$directory}";
break;
}
}
if (!is_dir($WORKDIR)) {
echo "Fatal, unable to download {$uri}\n";
meta_admin_mysql(0, "Fatal, unable to locate working directory", __FILE__, __LINE__);
if (is_dir($tempdir)) {
shell_exec("{$rm} -rf {$tempdir}");
}
return;
}
echo "Patching mtserver/ufdbguardd.c\n";
$C = explode("\n", @file_get_contents("{$directory}/src/mtserver/ufdbguardd.c"));
while (list($index, $line) = each($C)) {
if (strpos($line, "/tmp/ufdbguardd-") > 0) {
echo "Patching mtserver/ufdbguardd.c line {$index}\n";
$C[$index] = str_replace("/tmp/ufdbguardd-", "/var/run/ufdbcat-", $line);
}
}
@file_put_contents("{$directory}/src/mtserver/ufdbguardd.c", @implode("\n", $C));
chdir($WORKDIR);
if (is_dir("/opt/ufdbcat")) {
shell_exec("{$rm} -rf /opt/ufdbcat");
}
echo "Configure\n";
$f[] = "./configure";
$f[] = "--prefix=/opt/ufdbcat";
$f[] = "--includedir=\"\\\${prefix}/include\"";
$f[] = "--mandir=\"\\\${prefix}/share/man\"";
$f[] = "--infodir=\"\\\${prefix}/share/info\"";
$f[] = "--sysconfdir=/etc/ufdbcat";
$f[] = "--localstatedir=/opt/ufdbcat";
$f[] = "--with-ufdb-logdir=/var/log/ufdbcat";
$f[] = "--with-ufdb-dbhome=/home/ufdbcat";
$f[] = "--with-ufdb-user=root";
$f[] = "--with-ufdb-config=/etc/ufdbcat";
$f[] = "--with-ufdb-logdir=/var/log/ufdbcat";
$f[] = "--with-ufdb-config=/etc/ufdbcat";
$f[] = "--with-ufdb-piddir=/var/run/ufdbcat";
$cmd = @implode(" ", $f);
system($cmd);
echo "Make\n";
system("make");
echo "Install\n";
system("make install");
if (!is_file("/opt/ufdbcat/bin/ufdbguardd")) {
echo "Fatal, unable to compile ufdbcat\n";
meta_admin_mysql(0, "Fatal, unable to compile ufdbcat", __FILE__, __LINE__);
if (is_dir($tempdir)) {
shell_exec("{$rm} -rf {$tempdir}");
}
return;
}
@copy("/opt/ufdbcat/bin/ufdbguardd", "/opt/ufdbcat/bin/ufdbcatdd");
@unlink("/opt/ufdbcat/bin/ufdbguardd");
@chmod("/opt/ufdbcat/bin/ufdbcatdd", 0755);
$ufdbcatVersion = ufdbcatVersion();
$Architecture = Architecture();
$DebianVersion = DebianVersion();
$base = "/root/ufdbcat-compile";
if (is_dir($base)) {
shell_exec("{$rm} -rf {$base}");
}
@mkdir("{$base}/opt/ufdbcat", 0755, true);
shell_exec("{$cp} -rfp /opt/ufdbcat/* {$base}/opt/ufdbcat/");
$filename = "ufdbcat-debian{$DebianVersion}-{$Architecture}-{$ufdbcatVersion}.tar.gz";
chdir($base);
@unlink("/root/{$filename}");
shell_exec("/bin/tar -czf /root/{$filename} *");
echo "/root/{$filename} done\n\n";
}
function start($id)
{
$GLOBALS["CACHEFILE"] = "/usr/share/artica-postfix/ressources/logs/web/mimedefang.resend.progress.{$id}";
$id = intval($id);
$sock = new sockets();
$unix = new unix();
if ($id == 0) {
echo "ID: {$id} not supported\n";
build_progress(110, "{failed}");
die;
}
$postgres = new postgres_sql();
$tempfile = $unix->FILE_TEMP();
$Dirtemp = $unix->TEMP_DIR();
$q = new postgres_sql();
$ligne = pg_fetch_array($q->QUERY_SQL("SELECT * FROM quarmsg WHERE id='{$id}'"));
if (!$q->ok) {
echo "PostgreSQL Error:" . $q->mysql_error . "\n";
build_progress(110, "PostgreSQL {failed}");
die;
}
$instance = $unix->hostname_g();
$mailfrom = $ligne["mailfrom"];
$mailto = $ligne["mailto"];
$msgmd5 = $ligne["msgmd5"];
if ($mailfrom == null) {
$mailfrom = "root@{$instance}";
}
echo "From: {$mailfrom}\n";
echo "To..: {$mailto}\n";
echo "ID..: {$msgmd5}\n";
build_progress(20, "{$mailfrom} {to} {$mailto} ({$msgmd5})");
$sql = "SELECT contentid FROM quardata WHERE msgmd5='{$msgmd5}'";
$ligne = pg_fetch_array($q->QUERY_SQL($sql));
if (!$q->ok) {
echo "PostgreSQL Error:" . $q->mysql_error . "\n";
build_progress(110, "PostgreSQL {failed}");
die;
}
$contentid = $ligne["contentid"];
build_progress(30, "msg id: {$contentid}");
@mkdir($Dirtemp, 0777, true);
@chmod($Dirtemp, 0777);
$sql = "select lo_export({$contentid}, '{$Dirtemp}/{$msgmd5}.gz')";
if ($GLOBALS["VERBOSE"]) {
echo "<hr>{$sql}<br>\n";
}
$q->QUERY_SQL($sql);
if (!$q->ok) {
echo "PostgreSQL Error:" . $q->mysql_error . "\n";
build_progress(110, "PostgreSQL {failed}");
die;
}
build_progress(40, "{uncompress}");
if (!$unix->uncompress("{$Dirtemp}/{$msgmd5}.gz", "{$Dirtemp}/{$msgmd5}.msg")) {
@unlink("{$Dirtemp}/{$msgmd5}.gz");
@unlink("{$Dirtemp}/{$msgmd5}.msg");
build_progress(110, "{uncompress} {failed}");
die;
}
$smtp = new smtp();
$TargetHostname = inet_interfaces();
if (preg_match("#all#is", $TargetHostname)) {
$TargetHostname = "127.0.0.1";
}
$params["helo"] = $instance;
$params["debug"] = true;
$params["host"] = $TargetHostname;
$params["bindto"] = "127.0.0.1";
build_progress(50, "{connecting}");
if (!$smtp->connect($params)) {
build_progress(110, "{connect} {failed}");
@unlink("{$Dirtemp}/{$msgmd5}.msg");
echo "{$smtp->error_number}: Could not connect to `{$TargetHostname}` {$smtp->error_text}\n";
return;
}
$finalbody = @file_get_contents("{$Dirtemp}/{$msgmd5}.msg");
build_progress(90, "{sending}");
if (!$smtp->send(array("from" => $mailfrom, "recipients" => $mailto, "body" => $finalbody, "headers" => null))) {
build_progress(110, "{sending} {failed}");
@unlink("{$Dirtemp}/{$msgmd5}.msg");
echo "{$smtp->error_number}: Could not connect to `{$TargetHostname}` {$smtp->error_text}\n";
$smtp->quit();
return;
}
@unlink("{$Dirtemp}/{$msgmd5}.msg");
$smtp->quit();
build_progress(100, "{success}");
}
function snapshot()
{
$unix = new unix();
$password = null;
$mysqldump = $unix->find_program("mysqldump");
$gzip = $unix->find_program("gzip");
$sock = new sockets();
$rm = $unix->find_program("rm");
$BaseWorkDir = "/usr/share/artica-postfix/snapshots/" . time();
$tar = $unix->find_program("tar");
@mkdir($BaseWorkDir, 0755, true);
$nice = $unix->EXEC_NICE();
$q = new mysql();
$LIST_TABLES_ARTICA_BACKUP = $q->LIST_TABLES_ARTICA_BACKUP();
if ($q->mysql_password != null) {
$password = "******" . $unix->shellEscapeChars($q->mysql_password);
}
$prefix = trim("{$nice} {$mysqldump} --add-drop-table --single-transaction --force --insert-ignore -S /var/run/mysqld/mysqld.sock -u {$q->mysql_admin}{$password} artica_backup");
$ARRAY["artica_backup_blacklists"]["ipblocks_db"] = true;
$ARRAY["artica_backup_blacklists"]["adgroups"] = true;
$ARRAY["artica_backup_blacklists"]["adusers"] = true;
$ARRAY["artica_backup_blacklists"]["drupal_queue_orders"] = true;
$ARRAY["artica_backup_blacklists"]["haarp"] = true;
$ARRAY["artica_backup_blacklists"]["icons_db"] = true;
$ARRAY["artica_backup_blacklists"]["setup_center"] = true;
$ARRAY["artica_backup_blacklists"]["clamavsig"] = true;
$ARRAY["artica_backup_blacklists"]["kav4proxy_license"] = true;
$ARRAY["artica_backup_blacklists"]["getent_groups"] = true;
$ARRAY["artica_backup_blacklists"]["zarafa_orphaned"] = true;
$c = 0;
@mkdir("{$BaseWorkDir}/artica_backup", 0755, true);
while (list($table_name, $val) = each($LIST_TABLES_ARTICA_BACKUP)) {
$table_name = trim($table_name);
if (isset($ARRAY["artica_backup_blacklists"][$table_name])) {
continue;
}
if (preg_match("#^activedirectory#", $table_name)) {
continue;
}
if (preg_match("#^amanda#", $table_name)) {
continue;
}
if ($q->COUNT_ROWS($table_name, "artica_backup") == 0) {
$GLOBALS["TRUNCATES"]["artica_backup"][$table_name] = true;
continue;
}
progress(15, "{backup} {$table_name}");
echo "{$BaseWorkDir}/artica_backup/{$table_name}.gz\n";
$cmd = "{$prefix} {$table_name} | {$gzip} > {$BaseWorkDir}/artica_backup/{$table_name}.gz 2>&1";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
exec($cmd, $results);
if ($unix->MYSQL_BIN_PARSE_ERROR($results)) {
echo "Failed to create snapshot\n " . @implode("\n", $results);
system_admin_events("Failed to create snapshot " . @implode("\n", $results), __FUNCTION__, __FILE__, __LINE__);
shell_exec("{$rm} -rf {$BaseWorkDir}");
return;
}
$GLOBALS["ARRAY_CONTENT"]["artica_backup/{$table_name}.gz"] = @filesize("{$BaseWorkDir}/artica_backup/{$table_name}.gz");
$c++;
}
$squidbin = $unix->LOCATE_SQUID_BIN();
if (is_file($squidbin)) {
if ($unix->is_socket("/var/run/mysqld/squid-db.sock")) {
$q = new mysql_squid_builder();
$LIST_TABLES_ARTICA_SQUIDLOGS = $q->LIST_TABLES_ARTICA_SQUIDLOGS();
if ($q->mysql_password != null) {
$password = "******" . $unix->shellEscapeChars($q->mysql_password);
}
$prefix = trim("{$nice} {$mysqldump} --add-drop-table --single-transaction --force --insert-ignore -S /var/run/mysqld/squid-db.sock -u root squidlogs");
@mkdir("{$BaseWorkDir}/squidlogs", 0755, true);
$BLACKLIST["tables_day"] = true;
$BLACKLIST["quotachecked"] = true;
$BLACKLIST["cached_total"] = true;
$BLACKLIST["MySQLStats"] = true;
$BLACKLIST["phraselists_weigthed"] = true;
$BLACKLIST["squid_reports"] = true;
$BLACKLIST["stats_appliance_events"] = true;
$BLACKLIST["webfilter_catprivslogs"] = true;
$BLACKLIST["webfilters_backupeddbs"] = true;
$BLACKLIST["webfilters_bigcatzlogs"] = true;
$BLACKLIST["FamilyCondensed"] = true;
$BLACKLIST["catztemp"] = true;
$BLACKLIST["hotspot_sessions"] = true;
$BLACKLIST["instant_updates"] = true;
$BLACKLIST["macscan"] = true;
$BLACKLIST["members_uid"] = true;
$BLACKLIST["members_macip"] = true;
$BLACKLIST["members_mac"] = true;
$BLACKLIST["webfilters_categories_caches"] = true;
$BLACKLIST["webfilters_thumbnails"] = true;
$BLACKLIST["wpad_events"] = true;
while (list($table_name, $val) = each($LIST_TABLES_ARTICA_SQUIDLOGS)) {
if (isset($BLACKLIST[$table_name])) {
continue;
}
if (preg_match("#[0-9]+#", $table_name)) {
continue;
}
if (preg_match("#[0-9]+#", $table_name)) {
continue;
}
if (preg_match("#updateev\$#", $table_name)) {
continue;
}
if (preg_match("#^traffic#", $table_name)) {
continue;
}
if (preg_match("#^www_#", $table_name)) {
continue;
}
if (preg_match("#^visited_#", $table_name)) {
continue;
}
if (preg_match("#^youtube_#", $table_name)) {
continue;
}
if (preg_match("#^UserAgents#", $table_name)) {
continue;
}
if (preg_match("#^UserAutDB#", $table_name)) {
continue;
}
if (preg_match("#^UserAuthDays#", $table_name)) {
continue;
}
if (preg_match("#^UserAuthDaysGrouped#", $table_name)) {
continue;
}
if (preg_match("#^UserSizeRTT#", $table_name)) {
continue;
}
if (preg_match("#^UsersAgentsDB#", $table_name)) {
continue;
}
if (preg_match("#^UsersTMP#", $table_name)) {
continue;
}
if (preg_match("#^UsersToTal#", $table_name)) {
continue;
}
if (preg_match("#^allsizes#", $table_name)) {
continue;
}
if (preg_match("#^alluid#", $table_name)) {
continue;
}
if (preg_match("#^categorize#", $table_name)) {
continue;
}
if (preg_match("#^blocked_#", $table_name)) {
continue;
}
if (preg_match("#^sites\$#", $table_name)) {
continue;
}
if (preg_match("#^users\$#", $table_name)) {
continue;
}
if (preg_match("#^ufdbunlock\$#", $table_name)) {
continue;
}
if (preg_match("#^updateblks_events\$#", $table_name)) {
continue;
}
if (preg_match("#^main_websites#", $table_name)) {
continue;
}
if (preg_match("#^notcategorized#", $table_name)) {
continue;
}
if ($q->COUNT_ROWS($table_name, "squidlogs") == 0) {
$GLOBALS["TRUNCATES"]["squidlogs"][$table_name] = true;
continue;
}
progress(30, "{backup} {$table_name}");
echo "{$BaseWorkDir}/squidlogs/{$table_name}.gz\n";
$cmd = "{$prefix} {$table_name} | {$gzip} > {$BaseWorkDir}/squidlogs/{$table_name}.gz 2>&1";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
exec($cmd, $results);
if ($unix->MYSQL_BIN_PARSE_ERROR($results)) {
echo "Failed to create snapshot\n " . @implode("\n", $results);
shell_exec("{$rm} -rf {$BaseWorkDir}");
system_admin_events("Failed to create snapshot " . @implode("\n", $results), __FUNCTION__, __FILE__, __LINE__);
return;
}
$GLOBALS["ARRAY_CONTENT"]["squidlogs/{$table_name}.gz"] = @filesize("{$BaseWorkDir}/squidlogs/{$table_name}.gz");
$c++;
}
}
}
progress(35, "{backup} OpenDLAP server");
backup_ldap($BaseWorkDir);
progress(40, "{backup} Reverse Proxy");
backup_nginx($BaseWorkDir);
progress(45, "{backup} PowerDNS");
backup_mysql_powerdns($BaseWorkDir);
progress(50, "{backup} Artica settings");
backup_artica_settings($BaseWorkDir);
@file_put_contents("{$BaseWorkDir}/TRUNCATE_TABLES", serialize($GLOBALS["TRUNCATES"]));
$temp = $unix->FILE_TEMP() . ".tar.gz";
$tempdir = $unix->TEMP_DIR();
chdir($BaseWorkDir);
progress(60, "{compressing}");
system("{$tar} -czf {$temp} *");
shell_exec("{$rm} -rf {$BaseWorkDir}");
echo "{$temp}\n";
$q = new mysql();
$q->CREATE_DATABASE("artica_snapshots");
$sql = "CREATE TABLE IF NOT EXISTS `snapshots` (\n\t`ID` int(11) NOT NULL AUTO_INCREMENT,\n\t`zmd5` VARCHAR(90) NOT NULL,\n\t`size` INT UNSIGNED NOT NULL,\n\t`zDate` DATETIME NOT NULL,\n\t`snap` LONGBLOB NOT NULL,\n\t `content` TEXT NOT NULL,\n\t PRIMARY KEY (`ID`),\n\t UNIQUE KEY `zmd5` (`zmd5`),\n\t KEY `zDate` (`zDate`)\n\t) ENGINE=MyISAM";
$q->QUERY_SQL($sql, 'artica_snapshots');
progress(70, "{saving}");
if ($GLOBALS["SEND_META"]) {
$articameta = new artica_meta();
$filemeta = $tempdir . "/snapshot.tar.gz";
if (@copy($temp, $filemeta)) {
if (!$articameta->SendFile($filemeta, "SNAPSHOT")) {
$articameta->events("{$temp} unable to upload", __FUNCTION__, __FILE__, __LINE__);
}
} else {
$articameta->events("{$temp} unable to copy {$temp} to {$filemeta}", __FUNCTION__, __FILE__, __LINE__);
}
@unlink($filemeta);
}
$zmd5 = md5_file($temp);
$data = mysql_escape_string2(@file_get_contents($temp));
$size = @filesize($temp);
$final_array = mysql_escape_string2(serialize($GLOBALS["ARRAY_CONTENT"]));
$q->QUERY_SQL("INSERT IGNORE INTO `snapshots` (zDate,snap,size,content,zmd5) \n\t\t\tVALUES (NOW(),'{$data}','{$size}','{$final_array}','{$zmd5}')", "artica_snapshots");
if (!$q->ok) {
echo "{$q->mysql_error}\n";
progress(70, "{failed}");
}
@unlink($temp);
shell_exec("{$rm} -rf /usr/share/artica-postfix/snapshots");
progress(100, "{success}");
}
function WriteGnuPlot($processname, $array)
{
$unix = new unix();
$tempdir = $unix->TEMP_DIR();
$processname_path = str_replace(".", "-", $processname);
$processname_path = str_replace(" ", "-", $processname_path);
$processname_path = strtolower($processname_path);
$countlines = count($array);
$shellpath = "{$tempdir}/gnuplot." . md5($processname) . ".plot";
$imagepath = "/usr/share/artica-postfix/ressources/logs/dstat.topmem.{$countlines}.{$processname_path}.png";
$datafile = "{$tempdir}/gnuplot." . md5($processname) . ".datas";
while (list($num, $datas) = each($array)) {
usleep(1000);
$line = $line . "{$datas[0]} {$datas[1]}\n";
}
file_put_contents($datafile, $line);
$conf = $conf . '#!/usr/bin/gnuplot -persist' . "\n";
$conf = $conf . 'reset' . "\n";
$conf = $conf . "set xlabel \"time\" #font \"Helvetica,12\"\n";
$conf = $conf . "set ylabel \"Mo\" #font \"Helvetica,12\"\n";
$conf = $conf . 'set autoscale' . "\n";
$conf = $conf . 'set grid' . "\n";
$conf = $conf . 'set xdata time' . "\n";
$conf = $conf . 'set format x "%H:%M"' . "\n";
$conf = $conf . 'set timefmt "%d-%m %H:%M:%S"' . "\n";
$conf = $conf . 'set term png transparent size 500,250' . "\n";
$conf = $conf . 'set datafile commentschars "-"' . "\n";
$conf = $conf . "set title \"{$processname}\"\n";
$conf = $conf . "set output \"{$imagepath}\"\n";
$conf = $conf . "plot \"{$datafile}\" using 1:3 title \"{$processname} Memory\" with lines\n";
file_put_contents($shellpath, $conf);
system("/bin/chmod 777 {$shellpath}");
echo "Processing \"{$imagepath}\"\n";
echo "Processing {$datafile}\n";
echo "Processing {$shellpath}\n";
sleep(1);
system("{$shellpath}");
if (!is_file($imagepath)) {
echo "Fatal ERROR on {$imagepath}\n";
}
if (is_file($imagepath)) {
system("/bin/chmod 755 {$imagepath}");
}
}
function install()
{
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pidTime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
$pidTimeEx = $unix->file_time_min($pidTime);
if ($pidTimeEx < 60) {
return;
}
@unlink($pidTime);
@file_put_contents($pidTime, time());
include_once dirname(__FILE__) . "/ressources/class.ccurl.inc";
$Masterbin = "/opt/ufdbcat/bin/ufdbcatdd";
$DebianVersion = _DebianVersion();
$Arch = _Architecture();
if ($Arch == 32) {
return;
}
$filename = "ufdbcat-debian{$DebianVersion}-{$Arch}-1.31.tar.gz";
$url = "http://articatech.net/download/Debian7-squid/{$filename}";
$curl = new ccurl($url);
$tmpfile = $unix->TEMP_DIR() . "/{$filename}";
if (!$curl->GetFile($tmpfile)) {
squid_admin_mysql(0, "Unable to download {$filename}", @implode("\n", $curl->errors), __FILE__, __LINE__);
return;
}
$tar = $unix->find_program("tar");
shell_exec("{$tar} xf {$tmpfile} -C /");
if (is_file($Masterbin)) {
squid_admin_mysql(0, "Success installing Artica Categorize Daemon", null, __FILE__, __LINE__);
return;
}
$php = $unix->LOCATE_PHP5_BIN();
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --ufdbcat");
if (!$GLOBALS["NOUPDATE"]) {
shell_exec("{$php} /usr/share/artica-postfix/exec.squid.blacklists.php --ufdb --force --" . __FUNCTION__ . "-" . __LINE__ . " >/dev/null 2>&1 &");
}
}
function nightly()
{
@mkdir("/var/log/artica-postfix", 0755, true);
$GLOBALS["MasterIndexFile"] = "/usr/share/artica-postfix/ressources/index.ini";
$unix = new unix();
$sock = new sockets();
$autoinstall = true;
$timefile = "/etc/artica-postfix/croned.1/nightly";
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
$pid = @file_get_contents($pidfile);
$kill = $unix->find_program("kill");
$tmpdir = $unix->TEMP_DIR();
$php5 = $unix->LOCATE_PHP5_BIN();
$nohup = $unix->find_program("nohup");
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
echo "Starting......: " . date("H:i:s") . " nightly build already executed PID: {$pid} since {$time}Mn\n";
updater_events("Already executed PID: {$pid} since {$time}Mn");
if ($time < 120) {
if (!$GLOBALS["FORCE"]) {
die;
}
}
unix_system_kill_force($pid);
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
updater_events("Running PID {$mypid}");
$EnableScheduleUpdates = $sock->GET_INFO("EnableScheduleUpdates");
$ArticaUpdateIntervalAllways = intval($sock->GET_INFO("EnableScheduleUpdates"));
if (!is_numeric($EnableScheduleUpdates)) {
$EnableScheduleUpdates = 0;
}
$ArticaAutoUpateOfficial = $sock->GET_INFO("ArticaAutoUpateOfficial");
$ArticaAutoUpateNightly = intval($sock->GET_INFO("ArticaAutoUpateNightly"));
$ArticaUpdateIntervalAllways = intval($sock->GET_INFO("ArticaUpdateIntervalAllways"));
$OfficialArticaUri = $sock->GET_INFO("OfficialArticaUri");
if (!is_numeric($ArticaAutoUpateOfficial)) {
$ArticaAutoUpateOfficial = 1;
}
if ($OfficialArticaUri == null) {
$OfficialArticaUri = "http://articatech.net";
}
$CheckEveryMinutes = 60;
$uri = $OfficialArticaUri;
if ($GLOBALS["FORCE"]) {
_artica_update_event(1, "Update task pid {$mypid} is forced by an human.", null, __FILE__, __LINE__);
}
if ($EnableScheduleUpdates == 1) {
if (!$GLOBALS["FORCE"]) {
if (!$GLOBALS["BYCRON"]) {
updater_events("Operation must be only executed by scheduler");
_artica_update_event(2, "Operation must be only executed by scheduler ( use --force to by pass)", null, __FILE__, __LINE__);
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/download_progress", 100);
return;
}
}
}
if ($ArticaAutoUpateOfficial == 0) {
updater_events("Artica Update feature is disabled");
echo "Starting......: " . date("H:i:s") . " Artica Update feature is disabled (enabled = {$ArticaAutoUpateOfficial}} )\n";
return;
}
if (!$GLOBALS["FORCE"]) {
if ($EnableScheduleUpdates == 0) {
if ($unix->file_time_min($timefile) < $CheckEveryMinutes) {
updater_events("too short time ({$timefile}Mn, require {$CheckEveryMinutes}mn)");
echo "Starting......: " . date("H:i:s") . " update feature (too short time, require {$CheckEveryMinutes}mn)\n";
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/download_progress", 110);
return;
}
}
if ($ArticaUpdateIntervalAllways == 0) {
if ($unix->IsProductionTime()) {
updater_events("Update feature need to be run only during the non-production time");
echo "Starting......: " . date("H:i:s") . " update feature need to be run only during the non-production time \n";
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/download_progress", 110);
}
}
}
@unlink($timefile);
@file_put_contents($timefile, time());
// ----------------------- LANCEMENT ------------------------------------------------------------------------------
$EnableArticaMetaClient = intval($sock->GET_INFO("EnableArticaMetaClient"));
if ($EnableArticaMetaClient == 1) {
updater_events("Nightly builds using Meta console");
echo "Starting......: " . date("H:i:s") . " Nightly builds using Meta console\n";
system("{$nohup} {$php5} /usr/share/artica-postfix/exec.artica-meta-client.php --artica-updates >/dev/null 2>&1 &");
die;
}
echo "Starting......: " . date("H:i:s") . " Nightly builds checking an official release first\n";
if (update_release()) {
updater_events("update_release() return true, finish");
return;
}
if ($ArticaAutoUpateNightly == 0) {
echo "Starting......: " . date("H:i:s") . " Nightly builds feature is disabled\n";
updater_events("Update to Nightly builds feature is disabled");
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/download_progress", 100);
return;
}
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/download_progress", 0);
$array = unserialize(@file_get_contents("/etc/artica-postfix/settings/Daemons/ArticaUpdateRepos"));
$OFFICIALS = $array["NIGHT"];
$key = update_find_latest_nightly();
$MyNextVersion = $key;
$Lastest = $OFFICIALS[$key]["VERSION"];
$MAIN_URI = $OFFICIALS[$key]["URL"];
$MAIN_MD5 = $OFFICIALS[$key]["MD5"];
$MAIN_FILENAME = $OFFICIALS[$key]["FILENAME"];
$uri = $MAIN_URI;
$Lastest = trim(strtolower($Lastest));
$MyCurrentVersion = GetCurrentVersion();
echo "Starting......: " . date("H:i:s") . " Current version: {$MyCurrentVersion}\n";
echo "Starting......: " . date("H:i:s") . " Nightly builds version \"{$Lastest}\" on repository\n";
echo "Starting......: " . date("H:i:s") . " nightly builds Cur:{$MyCurrentVersion}, Next:{$MyNextVersion}\n";
if ($MyNextVersion == $MyCurrentVersion) {
echo "Starting......: " . date("H:i:s") . " nightly builds {$MyCurrentVersion}/{$MyNextVersion} \"Up to date - Same version\"\n";
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/download_progress", 100);
return;
}
if ($MyCurrentVersion > $MyNextVersion) {
echo "Starting......: " . date("H:i:s") . " nightly builds {$MyCurrentVersion}/{$MyNextVersion} \"Up to date - Most updated\"\n";
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/download_progress", 100);
return;
}
$t1 = time();
_artica_update_event(2, "nightly builds Downloading new version {$Lastest}", null, __FILE__, __LINE__);
echo "Starting......: " . date("H:i:s") . " nightly builds Downloading new version {$Lastest}, please wait\n";
events("Downloading new version {$Lastest}");
$ArticaFileTemp = "{$tmpdir}/{$Lastest}/artica-{$Lastest}.tgz";
@mkdir("{$tmpdir}/{$Lastest}", 0755, true);
$curl = new ccurl($uri);
$curl->Timeout = 2400;
$curl->WriteProgress = true;
$curl->ProgressFunction = "nightly_progress";
$t = time();
if (!$curl->GetFile($ArticaFileTemp)) {
_artica_update_event(0, "nightly builds Unable to download latest nightly build {$Lastest} with error {$curl->error}", null, __FILE__, __LINE__);
events("Unable to download latest nightly build with error {$curl->error}");
system_admin_events("Unable to download latest nightly build with error {$curl->error}", __FUNCTION__, __FILE__, __LINE__, "artica-update");
@unlink($ArticaFileTemp);
return;
}
$took = $unix->distanceOfTimeInWords($t, time(), true);
_artica_update_event(2, "{$MAIN_FILENAME} download, took {$took}", null, __FILE__, __LINE__);
$md5_file = md5_file($ArticaFileTemp);
if ($md5_file != $MAIN_MD5) {
echo "{$md5_file} <> {$MAIN_MD5}\n";
_artica_update_event(0, "nightly builds {$MAIN_FILENAME}: corrupted package", null, __FILE__, __LINE__);
events("nightly builds {$MAIN_FILENAME}: corrupted package");
system_admin_events("nightly builds {$MAIN_FILENAME}: corrupted package", __FUNCTION__, __FILE__, __LINE__, "artica-update");
@unlink($ArticaFileTemp);
return;
}
system_admin_events("{$MAIN_FILENAME} download, took {$took}", __FUNCTION__, __FILE__, __LINE__, "artica-update");
events("artica-{$Lastest}.tgz download, took {$took}");
$size = @filesize($ArticaFileTemp);
$size = FormatBytes($size / 1024, true);
ArticaMeta_nightly($ArticaFileTemp);
echo "Starting......: " . date("H:i:s") . " nightly builds took {$took}\n";
events("Now, installing the newest version in {$ArticaFileTemp} package...");
$size = @filesize($ArticaFileTemp);
$size = FormatBytes($size / 1024, true);
if (!install_package($ArticaFileTemp, $Lastest)) {
events("Install package Failed...");
return false;
}
events("New Artica update v.{$Lastest}");
_artica_update_event(1, "Nightly builds New Artica update v.{$Lastest} ({$size})", null, __FILE__, __LINE__);
system_admin_events("New Artica update v.{$Lastest}", __FUNCTION__, __FILE__, __LINE__, "artica-update");
}
function scan_backup_dir()
{
$unix = new unix();
$sock = new sockets();
$BackupMaxDaysDir = $sock->GET_INFO("BackupMaxDaysDir");
if ($BackupMaxDaysDir == null) {
$BackupMaxDaysDir = "/home/logrotate_backup";
}
echo "BackupMaxDaysDir: {$BackupMaxDaysDir}\n";
build_progress_scandir("{scanning} {$BackupMaxDaysDir}", 20);
sleep(3);
$c = 0;
$find = $unix->find_program("find");
exec("{$find} {$BackupMaxDaysDir} 2>&1", $results);
while (list($num, $filename) = each($results)) {
if (!is_file($filename)) {
build_progress_scandir("{skip} {$filename}", 30);
continue;
}
$basename = basename($filename);
if (preg_match("#^cache-#", $basename)) {
build_progress_scandir("{skip} {$basename}", 30);
continue;
}
if (!preg_match("#^access-tail#", $basename)) {
build_progress_scandir("{skip} {$basename}", 30);
continue;
}
build_progress_scandir("{importing} {$basename}", 30);
$c++;
if (upload_mysql($filename, true)) {
$c++;
}
}
$unix = new unix();
$tempdir = $unix->TEMP_DIR();
$destfile = "{$tempdir}/current-access.log";
if ($unix->compress("/var/log/squid/access.log", $destfile)) {
build_progress_scandir("{importing} squid/access.log", 90);
upload_mysql($destfile, true, true);
@unlink($destfile);
}
if ($c == 0) {
build_progress_scandir("{failed} 0 {files}", 110);
return;
}
build_progress_scandir("{done} {$c} {files}", 100);
}
function install($filename)
{
$GLOBALS["PROGRESS_FILE"] = "/usr/share/artica-postfix/ressources/logs/artica.install.progress";
$GLOBALS["LOG_FILE"] = "/usr/share/artica-postfix/ressources/logs/web/artica.install.progress.txt";
$unix = new unix();
$LINUX_CODE_NAME = $unix->LINUX_CODE_NAME();
$LINUX_DISTRIBUTION = $unix->LINUX_DISTRIBUTION();
$LINUX_VERS = $unix->LINUX_VERS();
$LINUX_ARCHITECTURE = $unix->LINUX_ARCHITECTURE();
$APACHEUSER = $unix->APACHE_SRC_ACCOUNT();
$DebianVer = "debian{$LINUX_VERS[0]}";
$TMP_DIR = $unix->TEMP_DIR();
$ORGV = @file_get_contents("/usr/share/artica-postfix/VERSION");
$PATCH_VER = null;
$tarballs_file = "/usr/share/artica-postfix/ressources/conf/upload/{$filename}";
echo "Package {$tarballs_file}\n";
$size = filesize($tarballs_file);
ArticaMeta_release($tarballs_file);
if (preg_match('#([0-9\\.]+)_([0-9\\.]+)-([0-9]+).tgz$#i', $filename, $r)) {
$CUR_BRANCH = @file_get_contents("/usr/share/artica-postfix/MAIN_RELEASE");
$CUR_BRANCH = trim($CUR_BRANCH);
echo "Patch....................: {$r[3]}\n";
echo "From.....................: {$r[1]}\n";
echo "To.......................: {$r[2]}\n";
echo "Current Branch..........: {$CUR_BRANCH}\n";
if ($CUR_BRANCH != $r[1]) {
echo "{$CUR_BRANCH} != {$r[1]}\n";
build_progress("{not_for_current_branch} {requested} {$r[1]}", 110);
return;
}
$PATCH_VER = $r[2] . " :";
$ASPATCH = true;
}
echo "Size....................: " . FormatBytes($size / 1024) . "\n";
echo "Current version.........: {$ORGV}\n";
build_progress("{analyze}...", 10);
echo "Current system..........: {$LINUX_CODE_NAME} {$LINUX_DISTRIBUTION} {$LINUX_VERS[0]}/{$LINUX_VERS[1]} {$LINUX_ARCHITECTURE}\n";
echo "Package.................: {$filename}\n";
echo "Temp dir................: {$TMP_DIR}\n";
echo "Apache User.............: {$APACHEUSER}\n";
if (!is_file($tarballs_file)) {
echo "{$tarballs_file} no such file...\n";
build_progress("No such file...", 110);
return;
}
echo "Uncompressing {$tarballs_file}...\n";
build_progress("{extracting} {$filename}...", 20);
$chown = $unix->find_program("chown");
$chmod = $unix->find_program("chmod");
$tar = $unix->find_program("tar");
$rm = $unix->find_program("rm");
$nohup = $unix->find_program("nohup");
$php = $unix->LOCATE_PHP5_BIN();
$squid = $unix->LOCATE_SQUID_BIN();
build_progress("{extracting} {$filename}...", 50);
system("{$tar} xpf {$tarballs_file} -C /usr/share/");
echo "Removing {$tarballs_file}...\n";
@unlink($tarballs_file);
shell_exec("{$rm} -rf /usr/share/artica-postfix/ressources/conf/upload/*");
build_progress("{apply_permissions}...", 55);
echo "{$APACHEUSER} -> /usr/share/artica-postfix\n";
shell_exec("{$chown} -R {$APACHEUSER} /usr/share/artica-postfix");
echo "0755 -> /usr/share/artica-postfix\n";
shell_exec("{$chmod} -R 0755 /usr/share/artica-postfix");
$ORGD = @file_get_contents("/usr/share/artica-postfix/VERSION");
echo "Old version.............: {$ORGV}\n";
if ($ASPATCH) {
$patched = " (patched)";
}
echo "Current version.........: {$ORGD}{$patched}\n";
sleep(2);
if ($ORGV == $ORGD) {
build_progress("{operation_failed} Same version {$PATCH_VER}{$filename}...", 110);
return;
}
build_progress("{restarting} Artica...", 60);
$unix->THREAD_COMMAND_SET("{$php} /usr/share/artica-postfix/exec.web-community-filter.php --register");
build_progress("{restarting} Artica...", 65);
build_progress("{building_init_scripts}...", 70);
system("{$php} /usr/share/artica-postfix/exec.initslapd.php");
build_progress("{updating_network}...", 75);
system("{$php} /usr/share/artica-postfix/exec.virtuals-ip.php");
system("{$php} /usr/share/artica-postfix/exec.monit.php --build");
echo "Starting......: " . date("H:i:s") . " Purge and clean....\n";
build_progress("{restarting} Artica...", 80);
if (is_file("/etc/init.d/nginx")) {
shell_exec("{$nohup} /etc/init.d/nginx reload >/dev/null 2>&1 &");
}
build_progress("{restarting} Artica...", 81);
shell_exec("{$nohup} /etc/init.d/auth-tail restart");
build_progress("{restarting} Artica...", 82);
shell_exec("{$nohup} /etc/init.d/artica-framework");
build_progress("{restarting} Artica...", 83);
shell_exec("{$nohup} /usr/share/artica-postfix/bin/process1 --force --verbose " . time() . "");
build_progress("{restarting} Artica...", 84);
shell_exec("{$nohup} /usr/share/artica-postfix/bin/artica-make --empty-cache >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 85);
shell_exec("{$nohup} /etc/init.d/monit restart >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 86);
shell_exec("{$nohup} /etc/init.d/artica-status restart --force >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 87);
shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.squid.php --build-schedules >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 88);
shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.schedules.php --defaults >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 90);
build_progress("{restarting} Artica...", 100);
echo "Starting......: " . date("H:i:s") . " Done you can close the screen....\n";
}
function update()
{
$unix = new unix();
$sock = new sockets();
$filetime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
if ($GLOBALS["VERBOSE"]) {
echo "filetime = {$filetime}\n";
echo "pidfile = {$pidfile}\n";
}
$EnableSpamhausDROPList = $sock->GET_INFO("EnableSpamhausDROPList");
if (!is_numeric($EnableSpamhausDROPList)) {
$EnableSpamhausDROPList = 0;
}
if (!$GLOBALS["FORCE"]) {
if (!$GLOBALS["VERBOSE"]) {
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid)) {
if ($GLOBALS["VERBOSE"]) {
echo "{$pid} already running !!!\n";
}
return;
}
}
}
@file_put_contents($pidfile, getmypid());
if (!$GLOBALS["FORCE"]) {
$time = $unix->file_time_min($filetime);
if ($time < 1440) {
if ($GLOBALS["VERBOSE"]) {
echo "{$time}Mn !!!\n";
}
return;
}
@unlink($filetime);
@file_put_contents($filetime, time());
}
$iptables = new iptables_chains();
$curl = new ccurl("http://www.spamhaus.org/drop/drop.lasso");
$curl->NoHTTP_POST = true;
$tmpdir = $unix->TEMP_DIR();
$destination = "{$tmpdir}/drop.lasso";
if (!$curl->get()) {
system_admin_events("Spamhaus DROP List failed {$curl->error}");
return;
}
$drop = explode("\n", $curl->data);
foreach ($drop as $line) {
$line = trim($line);
if (!empty($line) && substr($line, 0, 1) !== ';') {
list($cidr, $sbl) = explode(" ; ", $line);
$cidr = trim($cidr);
$sbl = trim($sbl);
//echo "iptables -A input -s $cidr -d 0/0 -j REJECT\n";
//echo "iptables -A output -s 0/0 -d $cidr -j REJECT\n";
$array[$cidr] = $sbl;
}
}
$q = new mysql();
$prefix = "INSERT IGNORE INTO iptables(\n\tservice,\n\tservername,\n\tserverip,\n\tlocal_port,\n\tdisable,\n\tevents_number,\n\trule_string,\n\trulemd5,\n\tflux,\n\tevents_block,\n\tdate_created,\n\tmultiples_ports,allow ) VALUES ";
$date = date("Y-m-d H:i:s");
while (list($cidr, $sbl) = each($array)) {
$rulemd5 = md5("{$cidr}{$sbl}");
$f[] = "('SpamHaus',\n\t\t'{$cidr}',\n\t\t'{$cidr}',\n\t\t'0',\n\t\t'0',\n\t\t'0',\n\t\t'iptables -A input -s {$cidr} -d 0/0 -j REJECT',\n\t\t'{$rulemd5}','INPUT',\n\t\t'Spamhaus DROP List',\n\t\t'{$date}',\n\t\t'0',0)";
}
if (count($f) > 0) {
echo count($f) . " rules added";
$q->QUERY_SQL("DELETE FROM iptables WHERE `service`='SpamHaus' AND `allow`=0", "artica_backup");
$q->QUERY_SQL($prefix . @implode($f, ","), "artica_backup");
}
$php = $unix->LOCATE_PHP5_BIN();
$nohup = $unix->find_program("nohup");
$cmd = "{$nohup} {$php} /usr/share/artica-postfix/exec.postfix.iptables.php --spamhaus >/dev/null 2>&1 &";
echo $cmd . "\n";
shell_exec($cmd);
}
function start()
{
$unix = new unix();
$tmp_path = $unix->TEMP_DIR();
_progress("Check repository", 10);
echo "Downloading index file...\n";
$curl = new ccurl("http://www.artica.fr/auto.update.php");
$curl->NoHTTP_POST = true;
if (!$curl->get()) {
_progress("Check repository - FAILED", 100);
echo "{$curl->error}\n";
return;
}
$ini = new Bs_IniHandler();
$ini->loadString($curl->data);
$couldversion = $ini->_params["NEXT"]["z-push"];
echo "Available version = {$couldversion}\n";
if ($couldversion == null) {
_progress("Check repository - FAILED", 100);
echo "Corrupted index file\n";
return;
}
$rm = $unix->find_program("rm");
$SourceFile = "z-push-{$couldversion}.tar.gz";
$SourcePath = "{$tmp_path}/{$SourceFile}";
$SourceTemp = "{$tmp_path}/" . time();
$InstallDir = $SourceTemp;
echo "Downloading http://www.artica.fr/download/z-push-{$couldversion}.tar.gz\n";
_progress("Downloading v.{$couldversion}", 15);
$curl = new ccurl("http://www.artica.fr/download/z-push-{$couldversion}.tar.gz");
@unlink($SourcePath);
if (!$curl->GetFile($SourcePath)) {
@unlink($SourcePath);
_progress("Download {$SourceFile} - FAILED", 100);
echo $curl->error . "\n";
return;
}
_progress("Uncompress {$SourceFile}", 20);
echo "Create temp dir: {$SourceTemp}\n";
echo "Uncompress {$SourcePath}\n";
@mkdir("/usr/share/z-push", 0755, true);
@mkdir($SourceTemp, 0755, true);
$tar = $unix->find_program("tar");
$cp = $unix->find_program("cp");
$php = $unix->LOCATE_PHP5_BIN();
shell_exec("{$tar} xf {$SourcePath} -C {$SourceTemp}/");
@unlink($SourcePath);
if (!is_file("{$InstallDir}/version.php")) {
echo "Finding directory\n";
$DIRS = $unix->dirdir($SourceTemp);
while (list($num, $ligne) = each($DIRS)) {
if (is_file("{$num}/version.php")) {
echo "Found Directory {$num}\n";
$InstallDir = $num;
break;
}
}
}
if (!is_file("{$InstallDir}/version.php")) {
_progress("Failed Corrupted compressed file", 100);
shell_exec("{$rm} -rf {$SourceTemp}");
return;
}
_progress("Installing z-Push {$couldversion}", 50);
shell_exec("{$cp} -rfd {$InstallDir}/* /usr/share/z-push/");
shell_exec("{$rm} -rf {$SourceTemp}");
_progress("Reconfiguring FreeWebs ", 80);
system("{$php} /usr/share/artica-postfix/exec.freeweb.php --reconfigure-zpush");
_progress("Success", 100);
}
function BlockIPs()
{
$ipClass = new IP();
$unix = new unix();
$tmpdir = $unix->TEMP_DIR();
$curl = new ccurl("https://rules.emergingthreatspro.com/fwrules/emerging-Block-IPs.txt");
$targetpath = "{$tmpdir}/emerging-Block-IPs.txt";
if (!$curl->GetFile($targetpath)) {
echo "{$targetpath} failed\n";
artica_update_event(0, "Unable to download emerging-Block-IPs.txt", $curl->errors, __FILE__, __LINE__);
return;
}
$f = explode("\n", @file_get_contents($targetpath));
$proxyname = $unix->hostname_g();
$q = new postgres_sql();
$q->suricata_tables();
$tr = array();
while (list($num, $ligne) = each($f)) {
$ligne = trim($ligne);
if ($ligne == null) {
continue;
}
if (strpos(" {$ligne}", "#") > 0) {
continue;
}
if (!$ipClass->isIPAddressOrRange($ligne)) {
continue;
}
$zdate = date("Y-m-d H:i:s");
$proto = "TCP";
$dest_port = 0;
$src_ip = $ligne;
$uduniq = md5("0,{$src_ip},{$dest_port},{$proto}");
if ($GLOBALS["VERBOSE"]) {
echo "0,{$src_ip},{$dest_port},{$proto}\n";
}
$tr[] = "('{$zdate}','{$uduniq}','0','{$src_ip}','{$dest_port}','{$proto}','{$proxyname}',1)";
}
if (count($tr) > 0) {
$q->QUERY_SQL("DELETE FROM suricata_firewall WHERE xauto=1");
}
$content = @implode(",", $tr);
$prefix = "INSERT INTO suricata_firewall (zdate,uduniq,signature,src_ip,dst_port,proto,proxyname,xauto) VALUES ";
$q->QUERY_SQL("{$prefix} {$content} ON CONFLICT DO NOTHING");
if (!$q->ok) {
echo $q->mysql_error . "\n";
return;
}
$php = $unix->LOCATE_PHP5_BIN();
shell_exec("{$php} /usr/share/artica-postfix/exec.suricata-fw.php --run");
}
function artica_meta_client($force = false)
{
$unix = new unix();
$WORKDIR = "/var/lib/ftpunivtlse1fr";
@mkdir($WORKDIR, 0755, true);
@chmod($WORKDIR, 0755);
$tmpdir = $unix->TEMP_DIR();
$myVersion = intval(trim(@file_get_contents("/etc/artica-postfix/ftpunivtlse1fr.txt")));
$tmpdir = $unix->TEMP_DIR();
$meta = new artica_meta();
$curl = $meta->buildCurl("/meta-updates/webfiltering/ftpunivtlse1fr.txt");
if (!$curl->GetFile("{$tmpdir}/ftpunivtlse1fr.txt")) {
artica_update_event(0, "Failed Downloading webfiltering/ftpunivtlse1fr.txt", @implode("\n", $curl->errors), __FILE__, __LINE__);
$meta->events($curl->errors, __FUNCTION__, __FILE__, __LINE__);
meta_admin_mysql(0, "Failed Downloading webfiltering/ftpunivtlse1fr.txt", @implode("\n", $curl->errors), __FILE__, __LINE__);
return false;
}
$Remote_version = intval(trim(@file_get_contents("{$tmpdir}/ftpunivtlse1fr.txt")));
@unlink("{$tmpdir}/ftpunivtlse1fr.txt");
echo "Current............: {$myVersion}\n";
echo "Available..........: {$Remote_version}\n";
$datev = date("Y-m-d H:i:s", $myVersion);
$STATUS = unserialize(@file_get_contents("/etc/artica-postfix/TLSE_LAST_DOWNLOAD"));
$STATUS["LAST_CHECK"] = time();
@file_put_contents("/etc/artica-postfix/TLSE_LAST_DOWNLOAD", serialize($STATUS));
if ($myVersion > $Remote_version) {
echo "My version {$myVersion} is newest than {$Remote_version}, aborting\n";
build_progress("{version-up-to-date} {$datev}", 100);
return;
}
if ($myVersion == $Remote_version) {
build_progress("{version-up-to-date} {$datev}", 100);
echo "My version {$myVersion} is the same than {$Remote_version}, aborting\n";
return;
}
$curl = $meta->buildCurl("/meta-updates/webfiltering/ftpunivtlse1fr.tgz");
$curl->Timeout = 120;
if (!$curl->GetFile("{$tmpdir}/ftpunivtlse1fr.tgz")) {
artica_update_event(0, "Failed Downloading webfiltering/ftpunivtlse1fr.tgz", @implode("\n", $curl->errors), __FILE__, __LINE__);
$meta->events($curl->errors, __FUNCTION__, __FILE__, __LINE__);
meta_admin_mysql(0, "Failed Downloading webfiltering/ftpunivtlse1fr.tgz", @implode("\n", $curl->errors), __FILE__, __LINE__);
@unlink("{$tmpdir}/ftpunivtlse1fr.tgz");
return false;
}
if (!$unix->TARGZ_TEST_CONTAINER("{$tmpdir}/ftpunivtlse1fr.tgz")) {
artica_update_event(0, "Failed {$tmpdir}/ftpunivtlse1fr.tgz corrupted package", @implode("\n", $curl->errors), __FILE__, __LINE__);
meta_admin_mysql(0, "Failed {$tmpdir}/ftpunivtlse1fr.tgz corrupted package", @implode("\n", $curl->errors), __FILE__, __LINE__);
@unlink("{$tmpdir}/ftpunivtlse1fr.tgz");
return false;
}
$tar = $unix->find_program("tar");
shell_exec("{$tar} -xf {$tmpdir}/ftpunivtlse1fr.tgz -C {$WORKDIR}/");
@unlink("{$tmpdir}/ftpunivtlse1fr.tgz");
artica_update_event(0, "Success update categories statistics v.{$Remote_version}", @implode("\n", $curl->errors), __FILE__, __LINE__);
meta_admin_mysql(0, "Success update categories statistics v.{$Remote_version}", @implode("\n", $curl->errors), __FILE__, __LINE__);
@file_put_contents("/etc/artica-postfix/ftpunivtlse1fr.txt", $Remote_version);
build_progress("Using Artica Meta server {done}", 100);
CoherenceOffiels();
CoherenceRepertoiresUfdb();
BuildDatabaseStatus();
remove_bad_files();
}
function backup_mkdir($path)
{
$USE_RSYNC = $GLOBALS["USE_RSYNC"];
if (preg_match("#bin\\/cp\\s+-#", $GLOBALS["COMMANDLINECOPY"])) {
$USE_RSYNC = false;
}
$unix = new unix();
$mkdir = $unix->find_program("mkdir");
$chmod = $unix->find_program("chmod");
$tmpdir = $unix->TEMP_DIR();
if ($USE_RSYNC) {
writelogs(date('m-d H:i:s') . " " . "create directory /tmp/artica-temp/{$path}", __FUNCTION__, __FILE__, __LINE__);
@mkdir("{$tmpdir}/artica-temp/{$path}", 0755, true);
chdir("{$tmpdir}/artica-temp");
@file_put_contents("{$tmpdir}/artica-temp/{$path}/.default", "#");
writelogs(date('m-d H:i:s') . " " . " COMMANDLINECOPY={$GLOBALS["COMMANDLINECOPY"]}", __FUNCTION__, __FILE__, __LINE__);
$cmd = str_replace("{SRC_PATH}", "{$tmpdir}/artica-temp/*", $GLOBALS["COMMANDLINECOPY"]);
$cmd = str_replace("{NEXT}", "", $cmd);
if ($cmd == null) {
writelogs("Warning, no command-line copy has been defined....", __FUNCTION__, __FILE__, __LINE__);
return;
}
events($cmd, __LINE__);
system($cmd);
shell_exec("/bin/rm -rf {$tmpdir}/artica-temp/*");
chdir("/root");
return;
}
writelogs("Creating dir {$path} 0755", __FUNCTION__, __FILE__, __LINE__);
if (is_file($mkdir)) {
exec("{$mkdir} -p \"{$path}\" 2>&1", $results);
if (count($results) > 0) {
while (list($num, $line) = each($results)) {
writelogs("MKDIR Found {$line}", __FUNCTION__, __FILE__, __LINE__);
}
}
if (is_file($chmod)) {
exec("{$chmod} -R 0755 \"" . dirname($path) . "\" 2>&1", $results);
if (count($results) > 0) {
while (list($num, $line) = each($results)) {
writelogs("CHMOD Found {$line}", __FUNCTION__, __FILE__, __LINE__);
}
}
}
if (!is_dir("{$path}")) {
writelogs("Unable to create directory {$path} no such file or directory", __FUNCTION__, __FILE__, __LINE__);
return;
}
}
if ($GLOBALS["VERBOSE"]) {
mkdir("{$path}", 0755, true);
} else {
@mkdir("{$path}", 0755, true);
}
if (!is_dir("{$path}")) {
writelogs("Unable to create directory {$path} no such file or directory", __FUNCTION__, __FILE__, __LINE__);
}
}
function SSH_TEST_CONNECTION()
{
$unix = new unix();
$uid = $_GET["uid"];
$hostname = $_GET["ssh-test"];
$sshbin = $unix->find_program("ssh");
$tmp = $unix->TEMP_DIR();
$tt[] = "Host {$hostname}";
$tt[] = "\tStrictHostKeyChecking no";
$tt[] = "\tUserKnownHostsFile=/dev/null";
@file_put_contents("{$tmp}/{$hostname}.{$uid}", @implode("\n", $tt));
$cmd = "{$sshbin} {$hostname} -F {$tmp}/{$hostname}.{$uid} -qq -l {$uid} -i /home/{$uid}/.ssh/id_rsa -v -n 2>&1";
writelogs_framework("{$cmd}", __FUNCTION__, __FILE__, __LINE__);
exec($cmd, $results);
writelogs_framework(count($results) . " rows", __FUNCTION__, __FILE__, __LINE__);
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/{$uid}.ssh", @implode("\n", $results));
@chmod("/usr/share/artica-postfix/ressources/logs/web/{$uid}.ssh", 0777);
}
function remove_MAC_sessions($mac)
{
$ipClass = new IP();
if (!$ipClass->IsvalidMAC($mac)) {
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} invalid mac address: {$mac}\n";
}
return;
}
$unix = new unix();
$tmp = $unix->TEMP_DIR();
$iptables_save = $unix->find_program("iptables-save");
$iptables_restore = $unix->find_program("iptables-restore");
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$GLOBALS["CACHE_FILE"]}\n";
}
shell_exec("{$iptables_save} > {$GLOBALS["CACHE_FILE"]}");
$data = file_get_contents($GLOBALS["CACHE_FILE"]);
$datas = explode("\n", $data);
$pattern = "#{$mac}#i";
$c = 0;
$MAIN = array();
while (list($num, $ligne) = each($datas)) {
if ($ligne == null) {
continue;
}
if (preg_match($pattern, $ligne)) {
$c++;
continue;
}
$MAIN[] = $ligne;
}
$t = time();
file_put_contents("{$tmp}/{$t}.conf", @implode("\n", $MAIN));
system("{$iptables_restore} < {$tmp}/{$t}.conf");
@unlink("{$tmp}/{$t}.conf");
shell_exec("{$iptables_save} > {$GLOBALS["CACHE_FILE"]}");
}
function build($OnlySingle = false)
{
if (isset($GLOBALS[__FILE__ . __FUNCTION__])) {
return;
}
$GLOBALS[__FILE__ . __FUNCTION__] = true;
$unix = new unix();
$php5 = $unix->LOCATE_PHP5_BIN();
shell_exec("/etc/init.d/mysql start");
build_progress("{building_main_settings}", 10);
if ($unix->SQUID_GET_LISTEN_PORT() == 80) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 80, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
}
shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
}
}
if ($unix->SQUID_GET_LISTEN_SSL_PORT() == 443) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 443, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
}
shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
}
}
$reconfigured = false;
if ($unix->APACHE_GET_LISTEN_PORT() == 80) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 80, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --stop --force");
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --start --force");
$reconfigured = true;
}
if (!$reconfigured) {
if ($unix->APACHE_GET_LISTEN_PORT() == 443) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 443, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
}
}
$APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$NginxProxyStorePath = "/home/nginx";
@mkdir("/etc/nginx/sites-enabled", 0755, true);
@mkdir("/etc/nginx/local-sites", 0755, true);
@mkdir("/etc/nginx/local-sslsites", 0755, true);
@mkdir($NginxProxyStorePath, 0755, true);
@mkdir($NginxProxyStorePath . "/tmp", 0755, true);
@mkdir($NginxProxyStorePath . "/disk", 0755, true);
@mkdir("/var/lib/nginx/fastcgi", 0755, true);
@mkdir("/home/nginx/tmp", 0755, true);
$Tempdir = $unix->TEMP_DIR() . "/nginx";
@mkdir($Tempdir, 0755, true);
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath);
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/etc/nginx/sites-enabled");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/tmp");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/disk");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/var/lib/nginx/fastcgi");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $Tempdir);
nginx_ulimit();
$workers = $unix->CPU_NUMBER();
build_progress("Building configuration", 15);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$APACHE_USER}:{$APACHE_SRC_GROUP}..\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$workers} worker(s)..\n";
}
if (is_file("/etc/nginx/sites-enabled/default")) {
@unlink("/etc/nginx/sites-enabled/default");
}
if (is_link("/etc/nginx/sites-enabled/default")) {
@unlink("/etc/nginx/sites-enabled/default");
}
if (is_link("/etc/nginx/conf.d/example_ssl.conf")) {
@unlink("/etc/nginx/conf.d/example_ssl.conf");
}
$limit = 4096 * $workers;
if ($limit > 65535) {
$limit = 65535;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Running limit of {$limit} open files\n";
}
$L = explode("\n", @file_get_contents("/etc/security/limits.conf"));
$FOUNDL = false;
$T = array();
while (list($index, $line) = each($L)) {
$line = trim($line);
if (trim($line) == null) {
continue;
}
if (substr($line, 0, 1) == "#") {
continue;
}
if (preg_match("#^{$APACHE_USER}#", $line)) {
continue;
}
$T[] = $line;
}
if (!$FOUNDL) {
$T[] = "{$APACHE_USER} soft nofile {$limit}";
$T[] = "{$APACHE_USER} hard nofile {$limit}";
}
@file_put_contents("/etc/security/limits.conf", @implode("\n", $T) . "\n");
$L = array();
$T = array();
$MEMORY = $unix->MEM_TOTAL_INSTALLEE();
$server_names_hash_bucket_size = 128;
$worker_connections = 8192;
if ($MEMORY < 624288) {
$server_names_hash_bucket_size = 64;
$worker_connections = 1024;
$workers = 4;
}
$mail_protocols = mail_protocols();
//
$f[] = "# Builded on " . date("Y-m-d H:i:s");
$f[] = "user {$APACHE_USER};";
$f[] = "worker_processes {$workers};";
$nginx_version = nginx_version();
preg_match("#^([0-9])+\\.([0-9]+)\\.#", $nginx_version, $re);
$re[1] = intval($re[1]);
$re[2] = intval($re[2]);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Major {$re[1]} Minor:{$re[2]}\n";
}
$syslog = false;
$f[] = "worker_rlimit_nofile 16384;";
$f[] = "timer_resolution 1ms;";
$f[] = "";
if ($re[1] > 0) {
if ($re[2] > 6) {
$f[] = "error_log syslog:server=127.0.0.1,facility=daemon info;";
$syslog = true;
}
}
$syslog = false;
if (!$syslog) {
$f[] = "error_log /var/log/nginx/error.log warn;";
}
$f[] = "pid /var/run/nginx.pid;";
$f[] = "";
$f[] = "";
$f[] = "events {";
$f[] = " worker_connections {$worker_connections};";
$f[] = " multi_accept on;";
$f[] = " use epoll;";
$f[] = "\t accept_mutex_delay 1ms;";
$f[] = "}";
$upstream = new nginx_upstream();
$upstreams_servers = $upstream->build();
$f[] = "";
$f[] = "";
$f[] = "http {";
$f[] = "\tinclude /etc/nginx/mime.types;";
$f[] = "\tlog_format awc_log";
$f[] = "\t\t'[\$server_name] \$remote_addr - \$remote_user [\$time_local] \$request '";
$f[] = "\t\t'\"\$status\" \$body_bytes_sent \"\$http_referer\" '";
$f[] = "\t\t'\"\$http_user_agent\" \"\$http_x_forwarded_for\" [\$upstream_cache_status]';";
$f[] = "";
$f[] = "\tlimit_conn_zone \$binary_remote_addr zone=LimitCnx:10m;";
$q = new mysql_squid_builder();
$results = $q->QUERY_SQL("SELECT LimitReqs,servername FROM reverse_www WHERE LimitReqs > 0");
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$servername = $ligne["servername"];
$ZoneName = str_replace(".", "", $servername);
$ZoneName = str_replace("-", "", $servername);
$ZoneName = str_replace("_", "", $servername);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, limit {$servername}/{$servername} {$ligne["LimitReqs"]}r/s\n";
}
$f[] = "\tlimit_req_zone \$binary_remote_addr zone={$ZoneName}:10m rate={$ligne["LimitReqs"]}r/s;";
}
$nginxClass = new nginx();
if ($nginxClass->IsSubstitutions()) {
//$f[]="\tsubs_filter_types text/html text/css text/xml;";
}
@mkdir($Tempdir, 0775, true);
@mkdir("/home/nginx/tmp", 0755, true);
$f[] = "\tlimit_conn_log_level info;";
$f[] = "\tclient_body_temp_path {$Tempdir} 1 2;";
$f[] = "\tclient_header_timeout 5s;";
$f[] = "\tclient_body_timeout 5s;";
$f[] = "\tsend_timeout 10m;";
$f[] = "\tconnection_pool_size 128k;";
$f[] = "\tclient_header_buffer_size 16k;";
$f[] = "\tlarge_client_header_buffers 1024 128k;";
$f[] = "\trequest_pool_size 128k;";
$f[] = "\tkeepalive_requests 1000;";
$f[] = "\tkeepalive_timeout 10;";
$f[] = "\tclient_max_body_size 10g;";
$f[] = "\tclient_body_buffer_size 1m;";
$f[] = "\tclient_body_in_single_buffer on;";
$f[] = "\topen_file_cache max=10000 inactive=300s;";
$f[] = "\treset_timedout_connection on;";
$f[] = "\ttypes_hash_max_size 8192;";
$f[] = "\tserver_names_hash_bucket_size 128;";
$f[] = "\tserver_names_hash_max_size 512;";
$f[] = "\tvariables_hash_max_size 512;";
$f[] = "\tvariables_hash_bucket_size 128;";
$f[] = "\tfastcgi_buffers 8 16k;";
$f[] = "\tfastcgi_buffer_size 32k;";
$f[] = "\tfastcgi_connect_timeout 300;";
$f[] = "\tfastcgi_send_timeout 300;";
$f[] = "\tfastcgi_read_timeout 300;";
$f[] = "map \$scheme \$server_https {";
$f[] = "default off;";
$f[] = "https on;";
$f[] = "}\t";
$f[] = "\tgzip on;";
$f[] = "\tgzip_disable msie6;";
$f[] = "\tgzip_static on;";
$f[] = "\tgzip_min_length 1100;";
$f[] = "\tgzip_buffers 16 8k;";
$f[] = "\tgzip_comp_level 9;";
$f[] = "\tgzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;";
$f[] = "\tgzip_vary on;";
$f[] = "\tgzip_proxied any;";
$f[] = "\toutput_buffers 1000 128k;";
$f[] = "\tpostpone_output 1460;";
$f[] = "\tsendfile on;";
$f[] = "\tsendfile_max_chunk 256k;";
$f[] = "\ttcp_nopush on;";
$f[] = "\ttcp_nodelay on;";
$f[] = "\tserver_tokens off;";
$dns = new resolv_conf();
$sock = new sockets();
if ($sock->dnsmasq_enabled()) {
$resolver[] = "127.0.0.1";
}
if ($dns->MainArray["DNS1"] != null) {
$resolver[] = $dns->MainArray["DNS1"];
}
if ($dns->MainArray["DNS2"] != null) {
$resolver[] = $dns->MainArray["DNS2"];
}
if ($dns->MainArray["DNS3"] != null) {
$resolver[] = $dns->MainArray["DNS3"];
}
$f[] = "\tresolver " . @implode(" ", $resolver) . ";";
$f[] = "\tignore_invalid_headers on;";
$f[] = "\tindex index.html;";
$f[] = "\tadd_header X-CDN \"Served by myself\";";
$q = new mysql_squid_builder();
$sql = "SELECT * FROM nginx_caches ORDER BY directory";
$results = $q->QUERY_SQL($sql);
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$directory = $ligne["directory"];
@mkdir($directory, 0755, true);
$unix->chown_func("www-data", "www-data", $directory);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, cache `{$directory}`\n";
}
$f[] = "\tproxy_cache_path {$directory} levels={$ligne["levels"]} keys_zone={$ligne["keys_zone"]}:{$ligne["keys_zone_size"]}m max_size={$ligne["max_size"]}G inactive={$ligne["inactive"]} loader_files={$ligne["loader_files"]} loader_sleep={$ligne["loader_sleep"]} loader_threshold={$ligne["loader_threshold"]};";
}
$f[] = "\tproxy_temp_path {$NginxProxyStorePath}/tmp/ 1 2;";
$f[] = "\tproxy_cache_valid 404 10m;";
$f[] = "\tproxy_cache_valid 400 501 502 503 504 1m;";
$f[] = "\tproxy_cache_valid any 4320m;";
$f[] = "\tproxy_cache_use_stale updating invalid_header error timeout http_404 http_500 http_502 http_503 http_504;";
$f[] = "\tproxy_next_upstream error timeout invalid_header http_404 http_500 http_502 http_503 http_504;";
$f[] = "\tproxy_redirect off;";
$f[] = "\tproxy_set_header Host \$http_host;";
$f[] = "\tproxy_set_header Server Apache;";
$f[] = "\tproxy_set_header Connection Close;";
$f[] = "\tproxy_pass_header Set-Cookie;";
$f[] = "\tproxy_pass_header User-Agent;";
$f[] = "\tproxy_set_header X-Accel-Buffering on;";
$f[] = "\tproxy_hide_header X-CDN;";
$f[] = "\tproxy_hide_header X-Server;";
$f[] = "\tproxy_intercept_errors off;";
$f[] = "\tproxy_ignore_client_abort on;";
$f[] = "\tproxy_connect_timeout 60s;";
$f[] = "\tproxy_send_timeout 60s;";
$f[] = "\tproxy_read_timeout 150s;";
$f[] = "\tproxy_buffer_size 64k;";
$f[] = "\tproxy_buffers 16384 128k;";
$f[] = "\tproxy_busy_buffers_size 256k;";
$f[] = "\tproxy_temp_file_write_size 128k;";
$f[] = "\tproxy_headers_hash_bucket_size 128;";
$f[] = "\tproxy_cache_min_uses 0;";
$f[] = "";
$f[] = "{$upstreams_servers}";
$f[] = "\tinclude /etc/nginx/sites-enabled/*.conf;";
$f[] = "\tinclude /etc/nginx/local-sites/*.conf;";
$f[] = "\tinclude /etc/nginx/conf.d/*.conf;";
$f[] = "\t}";
$f[] = $mail_protocols;
$f[] = "";
@copy("/etc/nginx/nginx.conf", "/etc/nginx/nginx.bak");
@file_put_contents("/etc/nginx/nginx.conf", @implode("\n", $f));
if (!$OnlySingle) {
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
}
build_progress("Building default configuration", 10);
build_default(true);
build_localhosts();
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Only single defined\n";
}
}
if ($GLOBALS["RECONFIGURE"]) {
$pid = PID_NUM();
if (is_numeric($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, reload pid {$pid}\n";
}
$kill = $unix->find_program("kill");
unix_system_HUP($pid);
} else {
start(true);
}
}
build_progress("Building configuration done", 10);
}
function CleanRotatedFiles()
{
include_once dirname(__FILE__) . "/ressources/class.mysql.syslog.inc";
$unix = new unix();
$sock = new sockets();
$LogRotateCompress = 1;
$LogRotatePath = $sock->GET_INFO("LogRotatePath");
$ApacheLogRotate = $sock->GET_INFO("ApacheLogRotate");
$cpbin = $unix->find_program("cp");
$php5 = $unix->LOCATE_PHP5_BIN();
$tmpdir = $unix->TEMP_DIR();
if (!is_numeric($ApacheLogRotate)) {
$ApacheLogRotate = 1;
}
if (!is_numeric($LogRotatePath)) {
$LogRotatePath = "/home/logrotate";
}
$DirsToScan["/var/log"] = true;
$DirsToScan["/var/log/apache2"] = true;
$DirsToScan["/var/log/lighttpd"] = true;
$DirsToScan["/var/log/ejabberd"] = true;
$apache2 = $unix->dirdir("/var/log/apache2");
while (list($WorkingDir, $ligne) = each($apache2)) {
$DirsToScan[$WorkingDir] = true;
}
$q = new mysql_storelogs();
while (list($WorkingDir, $ligne) = each($DirsToScan)) {
$RotateSquid = false;
if ($WorkingDir == "/var/log/squid") {
continue;
}
$table = $unix->DirFiles($WorkingDir, "(\\.|-)[0-9]+.*?\$");
$compressed["gz"] = true;
$compressed["bz"] = true;
$compressed["bz2"] = true;
while (list($filename, $ligne) = each($table)) {
$path = "{$WorkingDir}/{$filename}";
if ($unix->file_time_min($path) < 1440) {
continue;
}
$filedate = date('Y-m-d H:i:s', filemtime($path));
$q->events("Injecting {$path} {$filedate}");
if (!$q->ROTATE_TOMYSQL($path, $filedate)) {
continue;
}
}
}
}
function export_table($tablename)
{
if ($GLOBALS["VERBOSE"]) {
echo "Exporting {$tablename}\n";
}
$q = new mysql_squid_builder();
$sql = "SELECT * FROM {$tablename}";
$results = $q->QUERY_SQL($sql);
$unix = new unix();
$tmpdir = $unix->TEMP_DIR();
$fh = fopen("{$tmpdir}/{$tablename}.sql", 'w+');
$c = 0;
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
if ($ligne["category"] == null) {
continue;
}
if ($ligne["pattern"] == null) {
continue;
}
if ($ligne["zmd5"] == null) {
continue;
}
$c++;
$line = "('{$ligne["zmd5"]}','{$ligne["zDate"]}','{$ligne["category"]}','{$ligne["pattern"]}','{$ligne["uuid"]}',1,1)";
fwrite($fh, $line . "\n");
}
echo "close {$tmpdir}/{$tablename}.sql {$c} rows\n";
fwrite($fh, @implode(",", $f));
fclose($fh);
}
function export_tables()
{
$q = new mysql();
$unix = new unix();
$tmppath = $unix->TEMP_DIR();
$sql = "SELECT * FROM `squid_admin_mysql` ORDER BY zDate DESC";
$results = $q->QUERY_SQL($sql, "artica_events");
while ($ligne = mysql_fetch_assoc($results)) {
$f[] = "{$ligne["zDate"]}:{$ligne["filename"]} {function}:{$ligne["function"]}, {line}:{$ligne["line"]}";
$f[] = "{$ligne["subject"]}";
$f[] = "{$ligne["content"]}";
$f[] = "************************************************************************************************************";
$f[] = "";
}
progress("{get_all_logs}", 75);
@file_put_contents("{$tmppath}/squid_admin_mysql.log", @implode("\n", $f));
$unix->compress("{$tmppath}/squid_admin_mysql.log", "/usr/share/artica-postfix/ressources/support/squid_admin_mysql.log.gz");
@unlink("{$tmppath}/squid_admin_mysql.log");
$f = array();
progress("{get_all_logs}", 80);
$sql = "SELECT * FROM `artica_update_task` ORDER BY zDate DESC";
$results = $q->QUERY_SQL($sql, "artica_events");
while ($ligne = mysql_fetch_assoc($results)) {
$f[] = "{$ligne["zDate"]}:{$ligne["filename"]} {function}:{$ligne["function"]}, {line}:{$ligne["line"]}";
$f[] = "{$ligne["subject"]}";
$f[] = "{$ligne["content"]}";
$f[] = "************************************************************************************************************";
$f[] = "";
}
@file_put_contents("{$tmppath}/artica_update_task.log", @implode("\n", $f));
$unix->compress("{$tmppath}/artica_update_task.log", "/usr/share/artica-postfix/ressources/support/artica_update_task.log.gz");
@unlink("{$tmppath}/artica_update_task.log");
progress("{get_all_logs}", 85);
}
function remove_session()
{
$mac = $_GET["MAC"];
$ip = $_GET["ip"];
writelogs_framework("MAC: {$mac}, IP={$ip} ", __FUNCTION__, __FILE__, __LINE__);
$unix = new unix();
$tmp = $unix->TEMP_DIR();
$iptables_save = $unix->find_program("iptables-save");
$iptables_restore = $unix->find_program("iptables-restore");
shell_exec("{$iptables_save} > {$GLOBALS["CACHE_FILE"]}");
$data = file_get_contents($GLOBALS["CACHE_FILE"]);
$datas = explode("\n", $data);
$c = 0;
$tab = array();
while (list($num, $ligne) = each($datas)) {
if ($ligne == null) {
continue;
}
if ($mac != null) {
if (preg_match("#{$mac}#i", $ligne)) {
$c++;
continue;
}
}
if ($ip != null) {
if (preg_match("#{$ip}#i", $ligne)) {
$c++;
continue;
}
}
$tab[] = $ligne . "\n";
}
$t = time();
file_put_contents("{$tmp}/{$t}.conf", @implode("\n", $tab));
system("{$iptables_restore} < {$tmp}/{$t}.conf");
@unlink("{$tmp}/{$t}.conf");
shell_exec("{$iptables_save} > {$GLOBALS["CACHE_FILE"]}");
$conntrack = $unix->find_program("conntrack");
if ($ip != null) {
shell_exec("{$conntrack} -D -s {$ip}");
}
$nohup = $unix->find_program("nohup");
$php = $unix->LOCATE_PHP5_BIN();
writelogs_framework("Framework: Remove firewall session {$mac}/{$ip}", __FUNCTION__, __FILE__, __LINE__);
hotspot_admin_mysql(2, "Framework: Remove firewall session {$mac}/{$ip}", "Remove firewall session {$mac}/{$ip}");
shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.artica.hotspot.php --remove-mysql-sessions --force >/dev/null 2>&1 &");
}