function detect_kernels()
{
$unix = new unix();
if (!$GLOBALS["VERBOSE"]) {
if (is_file("/usr/share/artica-postfix/ressources/logs/kernel.lst")) {
if ($unix->file_time_min("/usr/share/artica-postfix/ressources/logs/kernel.lst") < 360) {
die;
}
}
}
$users = new usersMenus();
if ($users->LinuxDistriCode != "DEBIAN" && $users->LinuxDistriCode != "UBUNTU") {
die;
}
$unix = new unix();
$apt_cache = $unix->find_program("apt-cache");
if ($apt_cache == null) {
echo "Could not find apt-cache\n";
die;
}
if (system_is_overloaded(basename(__FILE__))) {
$unix->send_email_events("apt-cache aborted, system is overloaded..", "will restart analyzis in next cycle", "system");
die;
}
echo "{$apt_cache} search linux-image\n";
exec("{$apt_cache} search linux-image", $results);
while (list($num, $val) = each($results)) {
if (preg_match("#linux-image-([0-9\\.]+)-([0-9]+)-(.+?)\\s+-\\s+(.+?)\$#", $val, $re)) {
$array["DPKG"][] = array("VERSION" => $re[1], "BUILD" => $re[2], "ARCH" => $re[3], "INFOS" => $re[4], "PACKAGE" => "linux-image-{$re[1]}-{$re[2]}-{$re[3]}", "FULL_VERSION" => "{$re[1]}-{$re[2]}-{$re[3]}");
}
}
$array["INFOS"] = CpuFamilyInfos();
@file_put_contents("/usr/share/artica-postfix/ressources/logs/kernel.lst", base64_encode(serialize($array)));
}
function ParseAllcontacts()
{
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pidtime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid)) {
return;
}
@file_put_contents($pidfile, getmypid());
if ($unix->file_time_min($pidtime) < 120) {
return;
}
@file_put_contents($pidtime, time());
$ldap = new clladp();
$suffix = $ldap->suffix;
$arr = array("uid");
$sr = @ldap_search($ldap->ldap_connection, "dc=organizations,{$suffix}", '(objectclass=userAccount)', $arr);
if ($sr) {
$hash = ldap_get_entries($ldap->ldap_connection, $sr);
for ($i = 0; $i < $hash["count"]; $i++) {
ParseContacts($hash[$i]["uid"][0]);
if (system_is_overloaded(dirname(__FILE__))) {
$unix->send_email_events(basename(__FILE__) . " Overloaded aborting task", "Zarafa contacts importation has been canceled due to overloaded system", "mailbox");
return;
}
sleep(1);
}
}
}
function execute()
{
$pid = getmypid();
$pidfile = "/etc/artica-postfix/" . basename(__FILE__) . ".pid";
$unix = new unix();
if ($unix->process_exists($unix->get_pid_from_file($pidfile))) {
die;
}
file_put_contents($pidfile, $pid);
build_conf();
if (is_file("/etc/spamassassin/sa-learn-cyrus.conf")) {
exec("/usr/share/artica-postfix/bin/sa-learn-cyrus", $results);
$unix->send_email_events("Junk learning successfully executed for {$GLOBALS["USERS_LIST_COUNT"]} user(s)", @implode("\n", $results), 'mailbox');
}
}
function amavis_reload(){
SPAMASSASSIN_V320();
PhishTag();
HitFreqsRuleTiming();
if(!is_file("/usr/local/sbin/amavisd")){return null;}
if(!is_file("/usr/local/etc/amavisd.conf")){return null;}
$amavis=new amavis();
$amavis->CheckDKIM();
$conf=$amavis->buildconf();
@file_put_contents("/usr/local/etc/amavisd.conf",$conf);
$unix=new unix();
$unix->THREAD_COMMAND_SET("/usr/share/artica-postfix/bin/artica-make APP_SPAMASSASSIN_RQ");
CheckSecuritiesFolders();
$unix->send_email_events("Amavis will be reloaded", "exec.spamassassin, ordered to reload amavis {$GLOBALS["CMDLINES"]}", "postfix");
$unix->THREAD_COMMAND_SET("/usr/local/sbin/amavisd -c /usr/local/etc/amavisd.conf reload");
}
function ActiveDirectoryToMysql()
{
$sock = new sockets();
$EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
$EnableManageUsersTroughActiveDirectory = 0;
}
if ($EnableManageUsersTroughActiveDirectory == 0) {
die;
}
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
$pidTime = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".time";
$oldpid = $unix->get_pid_from_file($pidfile);
$sock = new sockets();
$ActiveDirectoryMysqlSinc = $sock->GET_INFO($ActiveDirectoryMysqlSinc);
if (!is_numeric($ActiveDirectoryMysqlSinc)) {
$ActiveDirectoryMysqlSinc = 5;
}
if ($ActiveDirectoryMysqlSinc == 0) {
$ActiveDirectoryMysqlSinc = 1;
}
$ActiveDirectoryMysqlSinc = $ActiveDirectoryMysqlSinc * 60;
if ($unix->process_exists($oldpid, basename(__FILE__))) {
writelogs("Process {$oldpid} already exists", __FUNCTION__, __FILE__, __LINE__);
return;
}
if (system_is_overloaded(basename(__FILE__))) {
writelogs("Overloaded system, aborting", __FUNCTION__, __FILE__, __LINE__);
return;
}
@file_put_contents($pidfile, getmypid());
if (!$GLOBALS["FORCE"]) {
if ($unix->file_time_min($pidTime) < $ActiveDirectoryMysqlSinc) {
return;
}
}
@unlink($pidTime);
@file_put_contents($pidTime, time());
$t1 = time();
$ldap = new ldapAD();
$hash = $ldap->Ldap_search($ldap->suffix, "(objectClass=organizationalUnit)", array("name", "ou", "dn"), 5000);
if (!is_numeric($hash["count"])) {
$hash["count"] = 0;
}
if ($hash["count"] == 0) {
return;
}
$q = new mysql();
$q->QUERY_SQL("TRUNCATE TABLE `activedirectory_users`", "artica_backup");
if (!$q->ok) {
$unix->send_email_events("ActiveDirectory: mysql error {$q->mysql_error}", "process aborted. Will restart in next cycle", "system");
return;
}
$q->QUERY_SQL("TRUNCATE TABLE `activedirectory_groups`", "artica_backup");
$q->QUERY_SQL("TRUNCATE TABLE `activedirectory_groupsNames`", "artica_backup");
$sql = "SELECT ou,dn,enabled,OnlyBranch FROM activedirectory_orgs ORDER BY ou";
$results = $q->QUERY_SQL($sql, "artica_backup");
$BranchsInMyql = mysql_num_rows($results);
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$OUCONFIG[$ligne["dn"]]["PARAMS"]["ENABLED"] = $ligne["enabled"];
$OUCONFIG[$ligne["dn"]]["PARAMS"]["OnlyBranch"] = $ligne["OnlyBranch"];
}
$GLOBALS["MEMORY_COUNT_USERS"] = 0;
$GLOBALS["MEMORY_COUNT_GROUPS"] = 0;
for ($i = 0; $i < $hash["count"]; $i++) {
$OrganizationDN = utf8_encode($hash[$i]["dn"]);
if (isset($OUCONFIG[$OrganizationDN])) {
if ($OUCONFIG[$OrganizationDN]["PARAMS"]["ENABLED"] == 0) {
echo "Importing users from {$hash[$i]["ou"][0]} {$OrganizationDN} aborted (disabled)\n";
continue;
}
}
if ($BranchsInMyql > 0) {
if (!isset($OUCONFIG[$OrganizationDN])) {
echo "Importing users from {$hash[$i]["ou"][0]} {$OrganizationDN} is not in mysql database (disabled)\n";
continue;
}
}
$OnlyBranch = $OUCONFIG[$OrganizationDN]["PARAMS"]["OnlyBranch"];
$dn = utf8_encode($hash[$i]["dn"]);
$ou = utf8_encode($hash[$i]["ou"][0]);
$dn = addslashes($dn);
$ou = addslashes($ou);
$sql = "INSERT IGNORE INTO activedirectory_orgs (ou,dn) VALUES('{$ou}','{$dn}')";
$q->QUERY_SQL($sql, "artica_backup");
echo "Importing users from {$hash[$i]["ou"][0]} {$hash[$i]["dn"]} OnlyBranch={$OnlyBranch}\n";
importuser($hash[$i]["dn"], $ou, $OnlyBranch);
}
if ($GLOBALS["MEMORY_COUNT_USERS"] == 0) {
@unlink($pidTime);
}
checksGroups();
$distanceOfTimeInWords = $unix->distanceOfTimeInWords($t1, time());
$unix->send_email_events("ActiveDirectory: {$GLOBALS["MEMORY_COUNT_USERS"]} members / {$GLOBALS["MEMORY_COUNT_GROUPS"]} groups imported", "These items has been imported into the cache database in {$distanceOfTimeInWords}", "system");
}
function CleanDirLogs($path)
{
return;
if ($GLOBALS["VERBOSE"]) {
echo "CleanDirLogs({$path})\n";
}
$BigSize = false;
if ($path == '/var/log') {
$BigSize = true;
}
if ($GLOBALS["ArticaMaxLogsSize"] < 100) {
$GLOBALS["ArticaMaxLogsSize"] = 100;
}
$maxday = $GLOBALS["MaxTempLogFilesDay"] * 24;
$maxday = $maxday * 60;
$users = new usersMenus();
$maillog_path = $users->maillog_path;
$unix = new unix();
$sock = new sockets();
$restartSyslog = false;
if ($path == null) {
return;
}
$countfile = 0;
foreach (glob("{$path}/*") as $filepath) {
if ($filepath == null) {
continue;
}
if (is_link($filepath)) {
continue;
}
if (is_dir($filepath)) {
continue;
}
if ($filepath == $maillog_path) {
continue;
}
if (preg_match("#\\/log\\/artica-postfix\\/#", $filepath)) {
continue;
}
$countfile++;
if ($countfile > 500) {
if (is_overloaded()) {
$unix->send_email_events("Clean Files: [{$path}/*] System is overloaded ({$GLOBALS["SYSTEM_INTERNAL_LOAD"]}", "The clean logs function is stopped and wait a new schedule with best performances", "logs_cleaning");
die;
}
$countfile = 0;
}
usleep(300);
$size = round(unix_file_size("{$filepath}") / 1024);
$time = $unix->file_time_min($filepath);
$unix->events("{$filepath} {$size} Ko, {$time}Mn/{$maxday}Mn TTL");
if ($size > $GLOBALS["ArticaMaxLogsSize"]) {
if ($GLOBALS["VERBOSE"]) {
echo "Delete {$filepath}\n";
}
$restartSyslog = true;
$GLOBALS["DELETED_SIZE"] = $GLOBALS["DELETED_SIZE"] + $size;
$GLOBALS["DELETED_FILES"] = $GLOBALS["DELETED_FILES"] + 1;
$GLOBALS["UNLINKED"][] = $filepath;
@unlink($filepath);
continue;
}
if ($time > $maxday) {
$GLOBALS["DELETED_SIZE"] = $GLOBALS["DELETED_SIZE"] + $size;
$GLOBALS["DELETED_FILES"] = $GLOBALS["DELETED_FILES"] + 1;
if ($GLOBALS["VERBOSE"]) {
echo "Delete {$filepath}\n";
}
@unlink($filepath);
$GLOBALS["UNLINKED"][] = $filepath;
$restartSyslog = true;
continue;
}
}
if ($restartSyslog) {
$unix->send_email_events("System log will be restarted", "Logs files was deleted and log daemons will be restarted\n\t\t\t" . @implode("\n", $GLOBALS["UNLINKED"]), "logs_cleaning");
$unix->RESTART_SYSLOG();
}
}
function CheckPostfixLogs()
{
$log_path = LOCATE_MAILLOG_PATH();
$unix = new unix();
if (!is_file($log_path)) {
events("CheckPostfixLogs(): Cannot found log path");
return null;
}
$size = filesize($log_path);
$size = $size / 1024;
$size = $size / 1000;
events("CheckPostfixLogs():{$log_path}={$size} MB");
if ($size == 0) {
events("CheckPostfixLogs():Restarting postfix");
if (is_file("/etc/init.d/syslog-ng")) {
shell_exec("/etc/init.d/syslog-ng restart");
}
$unix->send_email_events("Postfix will be restarted", "Line: " . __LINE__ . "\nIn order to rebuild the log file", "postfix");
shell_exec("/etc/init.d/artica-postfix restart postfix-single");
}
}
function wakeup_client_mode(){
$main_path="/etc/artica-postfix/openvpn/clients";
$unix=new unix();
$pidpath="/etc/artica-postfix/pids/".basename(__FILE__).".".__FUNCTION__.".pid";
$oldpid=@file_get_contents($pidpath);
if($unix->process_exists($oldpid)){
writelogs("OpenVPN Already instance executed pid $oldpid",__FUNCTION__,__FILE__,__LINE__);
return;
}
@file_put_contents($pidpath, posix_getpid());
$ping=$unix->find_program("ping");
if(!is_file($ping)){writelogs("Fatal,ping, no such binary",__FUNCTION__,__FILE__,__LINE__);return;}
$tbl=$unix->dirdir($main_path);
if(count($tbl)==0){return;}
while (list ($path, $id) = each ($tbl) ){
if(!preg_match("#/etc/artica-postfix/openvpn/clients/([0-9]+)#",$path,$re)){if($GLOBALS["VERBOSE"]){echo "Starting......: $path NO MATCH\n";}continue;}
$id=$re[1];
if($GLOBALS["VERBOSE"]){echo "Starting......: OpenVPN wake up checking client ID:$id\n";}
if(!is_file("$path/settings.ovpn")){if($GLOBALS["VERBOSE"]){echo "Starting......: $path/settings.ovpn no such file\n";}continue;}
$ip=wakeup_client_mode_getWakeup("$path/settings.ovpn");
if($ip==null){continue;}
$resultsPing=array();
exec("$ping -c2 -i0.2 $ip 2>&1",$resultsPing);
writelogs("OpenVPN \"$ip\" ".count($resultsPing)." rows",__FUNCTION__,__FILE__,__LINE__);
$text=date("Y-m-d H:i:s")."\n".@implode("\n", $resultsPing);
$ping_results=@file_get_contents("$path/ping_results");
while (list ($nimber, $l) = each ($resultsPing) ){
if(preg_match("#,\s+([0-9]+)\%\s+#", $l,$re)){
writelogs("OpenVPN \"{$re[1]}%\" Packets lost",__FUNCTION__,__FILE__,__LINE__);
if($re[1]==100){
$note=-1;
writelogs("OpenVPN $ip Ping failed",__FUNCTION__,__FILE__,__LINE__);
$unix->send_email_events("[VPN]: wake up failed server link $ip" , "It seems that OpenVPN server did not respond\n$text", "vpn");
}else{
$note=1;
if($ping_results<>1){$unix->send_email_events("[VPN]: wake up server success $ip" , "It seems that the connection to the server has been established\n$text", "vpn");}
}
@file_put_contents("$path/ping_results", $note);
}
}
}
}
function mount_usb($pattern, $ID, $testwrite = true)
{
$backup = new backup_protocols();
$uuid = $backup->extractFirsRessource($pattern);
$unix = new unix();
$rsync = $unix->find_program("rsync");
if ($uuid == null) {
backup_events($ID, "initialization", "ERROR, (usb) usb protocol error {$pattern}", __LINE__);
writelogs(date('m-d H:i:s') . " " . "[TASK {$ID}]: usb protocol error {$pattern}", __FUNCTION__, __FILE__, __LINE__);
return false;
}
$usb = new usb($uuid);
writelogs(date('m-d H:i:s') . " " . "[TASK {$ID}]: {$uuid} {$usb->path} FS_TYPE: {$usb->ID_FS_TYPE}", __FUNCTION__, __FILE__, __LINE__);
if ($usb->ID_FS_TYPE == null) {
backup_events($ID, "initialization", "ERROR, (usb) usb type error {$pattern}", __LINE__);
return false;
}
if ($usb->path == null) {
backup_events($ID, "initialization", "ERROR, (usb) usb dev error {$pattern}", __LINE__);
return false;
}
$mount = new mount($GLOBALS["ADDLOG"]);
$mount_path = "/opt/artica/mounts/backup/{$ID}";
if (!$mount->ismounted($mount_path)) {
backup_events($ID, "initialization", "ERROR, (usb) local mount point {$mount_path} not mounted");
@mkdir($mount_path, null, true);
}
if (!$mount->usb_mount($mount_path, $usb->ID_FS_TYPE, $usb->path)) {
backup_events($ID, "initialization", "ERROR, (usb) unable to mount target point");
return false;
}
if (!$testwrite) {
writelogs(date('m-d H:i:s') . " " . "[TASK {$ID}]: Test write has been cancelled", __FUNCTION__, __FILE__, __LINE__);
return true;
}
$md5 = md5(date('Y-m-d H:i:s'));
writelogs(date('m-d H:i:s') . " " . "[TASK {$ID}]: Test write Creating file \"{$mount_path}/{$md5}\"", __FUNCTION__, __FILE__, __LINE__);
try {
file_put_contents("{$mount_path}/{$md5}", time());
} catch (Exception $e) {
$IOERROR = $e->getMessage();
}
if (is_file("{$mount_path}/{$md5}")) {
@unlink("{$mount_path}/{$md5}");
if (is_file($rsync)) {
$GLOBALS["COMMANDLINECOPY"] = "{$rsync} -ar {SRC_PATH} {NEXT} --stats --chmod=ug=rwX,o=rwX";
} else {
$GLOBALS["COMMANDLINECOPY"] = "/bin/cp -ru {SRC_PATH} {NEXT}";
}
$GLOBALS["COMMANDLINE_MOUNTED_PATH"] = $mount_path;
writelogs(date('m-d H:i:s') . " " . "[TASK {$ID}]: OK !", __FUNCTION__, __FILE__, __LINE__);
if ($GLOBALS["ONLY_TESTS"]) {
writelogs(date('m-d H:i:s') . " " . "<H2>{success}</H2>", __FUNCTION__, __FILE__, __LINE__);
}
return true;
} else {
backup_events($ID, "initialization", "ERROR, (usb) {$mount_path}/{$md5} {$IOERROR}");
backup_events($ID, "initialization", "ERROR, (usb) {$mount_path}/{$md5} should be a permission denied (I/O error)");
$unix = new unix();
$unix->send_email_events("Backup: task id {$ID} aborted, unable to write into the device {$usb->path} FS_TYPE: {$usb->ID_FS_TYPE}", "Artica has tried to write {$mount_path}/{$md5} into this mounted device but it seems that it is impossible\n{$IOERROR}", "backup");
writelogs(date('m-d H:i:s') . " " . "[TASK {$ID}]: Failed !!!, umounting...{$mount_path}", __FUNCTION__, __FILE__, __LINE__);
$umount = $unix->find_program("umount");
exec("{$umount} -l {$mount_path}");
}
}
function activedirectory_ping(){
$sock=new sockets();
$unix=new unix();
$filetime="/etc/artica-postfix/pids/".basename(__FILE__).".".__FUNCTION__.".time";
$EnableSambaActiveDirectory=$sock->GET_INFO("EnableSambaActiveDirectory");
if(!is_numeric($EnableSambaActiveDirectory)){return;}
if($EnableSambaActiveDirectory<>1){return;}
$ping_dc=false;
$time=$unix->file_time_min($filetime);
if($time<120){
if(!$GLOBALS["VERBOSE"]){return;}
echo "$filetime ({$time}Mn)\n";
}
$kinit=$unix->find_program("kinit");
$echo=$unix->find_program("echo");
$net=$unix->LOCATE_NET_BIN_PATH();
$wbinfo=$unix->find_program("wbinfo");
$config=unserialize(base64_decode($sock->GET_INFO("SambaAdInfos")));
$domain=strtoupper($config["ADDOMAIN"]);
$domain_lower=strtolower($config["ADDOMAIN"]);
$ADSERVER_IP=$config["ADSERVER_IP"];
$ad_server=strtolower($config["ADSERVER"]);
$kinitpassword=$config["PASSWORD"];
$kinitpassword=$unix->shellEscapeChars($kinitpassword);
$clock_explain="The clock on you system (Linux/UNIX) is too far off from the correct time.\nYour machine needs to be within 5 minutes of the Kerberos servers in order to get any tickets.\nYou will need to run ntp, or a similar service to keep your clock within the five minute window";
$cmd="$echo $kinitpassword|$kinit {$config["ADADMIN"]}@$domain 2>&1";
echo "$cmd\n";
exec("$cmd",$kinit_results);
while (list ($num, $ligne) = each ($kinit_results) ){
if(preg_match("#Clock skew too great while getting initial credentials#", $ligne)){$unix->send_email_events("Active Directory connection clock issue", "kinit program claim\n$ligne\n$clock_explain", "system");}
if($GLOBALS["VERBOSE"]){echo "kinit: $ligne\n";}
}
exec("$wbinfo --ping-dc 2>&1",$ping_dc_results);
while (list ($num, $ligne) = each ($ping_dc_results) ){
if($GLOBALS["VERBOSE"]){echo "ping-dc: $ligne\n";}
if(preg_match("#succeeded#", $ligne)){$ping_dc=true;}
}
@unlink($filetime);
@file_put_contents($filetime, time());
}
function upgradeTo7()
{
return;
if (is_file("/etc/artica-postfix/NO_ZARAFA_UPGRADE_TO_7")) {
return;
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$unix = new unix();
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid)) {
echo "Already running pid {$pid}\n";
return;
}
@file_put_contents($pidfile, getmypid());
$python = $unix->find_program("python");
$cmd = "{$python} /usr/share/artica-postfix/bin/zarafa7-upgrade 2>&1";
exec($cmd, $results);
writelogs("{$cmd} -> " . count($results) . "rows", __FUNCTION__, __FILE__, __LINE__);
while (list($index, $line) = each($results)) {
writelogs("{$line}", __FUNCTION__, __FILE__, __LINE__);
}
$unix->send_email_events("Zarafa upgraded to 7 (see details)", $cmd . "\n" . @implode("\n", $results), "mailbox");
$nohup = $unix->find_program("nohup");
shell_exec("{$nohup} /etc/init.d/artica-postfix restart zarafa >/dev/null 2>&1 &");
}
function import_rules(){
if (!$handle = opendir("/var/log/artica-postfix/iptaccount")) {return ;}
$q=new mysql();
$unix=new unix();
while (false !== ($filename = readdir($handle))) {
$targetFile="/var/log/artica-postfix/iptaccount/$filename";
if(!is_file($targetFile)){continue;}
if(!preg_match("#^([0-9]+)\.([0-9]+)$#",$filename,$re)){echo "$filename is not a requested file...\n";continue;}
$rule_id=$re[2];
$time=$re[1];
$zDate=date('Y-m-d H:i:s',$time);
$f=explode("\n",@file_get_contents($targetFile));
$suffix=array();
$sql_prefix="INSERT INTO tcp_account_events (rule_id,zDate,ipaddr,src_parckets,src_bytes,dst_packets,dst_bytes) VALUES ";
while (list ($num, $ligne) = each ($f) ){
if(!preg_match("#^(.+?);([0-9]+);([0-9]+);([0-9]+);([0-9]+)#", $ligne,$re)){continue;}
$ipaddr=$re[1];
$src_parckets=$re[2];
$src_bytes=$re[3];
$dst_packets=$re[4];
$dst_bytes=$re[5];
$suffix[]="('$rule_id','$zDate','$ipaddr','$src_parckets','$src_bytes','$dst_packets','$dst_bytes')";
}
$sql="$sql_prefix".@implode(",", $suffix);
$q->QUERY_SQL($sql,"artica_events");
if(!$q->ok){
$unix->send_email_events("TCP/IP account failed $filename (MySQL)", "Artica encounter an error while inserting statistics\n$q->mysql_error\n$sql", "system");
continue;
}
@unlink($targetFile);
}
}
function UpdatePatches()
{
$ini = new Bs_IniHandler();
$sock = new sockets();
$configDisk = trim($sock->GET_INFO('ArticaAutoUpdateConfig'));
$ini->loadString($configDisk);
$AUTOUPDATE = $ini->_params["AUTOUPDATE"];
if (trim($AUTOUPDATE["uri"]) == null) {
$AUTOUPDATE["uri"] = "http://www.artica.fr/auto.update.php";
}
if (trim($AUTOUPDATE["enabled"]) == null) {
$AUTOUPDATE["enabled"] = "yes";
}
if (trim($AUTOUPDATE["autoinstall"]) == null) {
$AUTOUPDATE["autoinstall"] = "yes";
}
$tr = explode("/", $AUTOUPDATE["uri"]);
unset($tr[count($tr) - 1]);
$uri = implode("/", $tr);
if ($GLOBALS["VERBOSE"]) {
echo "URI: {$uri}\n";
}
$q = new mysql();
$unix = new unix();
$myversion = trim(@file_get_contents("/usr/share/artica-postfix/VERSION"));
$myversionbin = str_replace(".", "", $myversion);
if ($GLOBALS["VERBOSE"]) {
echo "{$myversionbin} = {$myversion}\n";
}
$sql = "SELECT * FROM artica_patchs WHERE patch_number>{$myversionbin} AND updated=0 ORDER BY patch_number";
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
writelogs("Fatal Error: {$this->mysql_error}", __FUNCTION__, __FILE__, __LINE__);
return array();
}
if ($GLOBALS["VERBOSE"]) {
echo $sql . " => " . mysql_num_rows($results) . "\n";
}
$nohup = $unix->find_program("nohup");
$tar = $unix->find_program("tar");
$killall = $unix->find_program("killall");
$update = false;
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$filename = $ligne["filename"];
$patch_number = $ligne["patch_number"];
if ($GLOBALS["VERBOSE"]) {
echo "Downloading {$uri}/patchs/{$filename}...\n";
}
$curl = new ccurl("{$uri}/patchs/{$filename}");
if (!$curl->GetFile("/tmp/{$filename}")) {
$unix->send_email_events("Unable to download patch {$patch_number}", $curl->error, "update");
return;
}
$size = @filesize("/tmp/{$filename}");
if ($size != $ligne["size"]) {
if ($GLOBALS["VERBOSE"]) {
echo "Corrupted patch file {$filename} aborting...\n";
}
$unix->send_email_events("Corrupted patch file {$filename} aborting...", $curl->error, "update");
return;
}
shell_exec("{$killall} artica-install >/dev/null 2>&1");
shell_exec("{$killall} artica-update >/dev/null 2>&1");
shell_exec("{$killall} process1 >/dev/null 2>&1");
shell_exec("{$tar} -xf /tmp/{$filename} -C /usr/share/artica-postfix/");
@unlink("/tmp/{$filename}");
$update = true;
$unix->send_email_events("Success apply patch number {$patch_number}", $ligne["path_explain"], "update");
$sql = "UPDATE artica_patchs SET updated=1 WHERE patch_number='{$patch_number}'";
$q->QUERY_SQL($sql, "artica_backup");
}
if ($update) {
shell_exec("{$nohup} /etc/init.d/artica-postfix restart apache >/dev/null 2>&1 &");
shell_exec("{$nohup} /etc/init.d/artica-postfix restart artica-status >/dev/null 2>&1 &");
shell_exec("{$nohup} /etc/init.d/artica-postfix restart artica-back >/dev/null 2>&1 &");
shell_exec("{$nohup} /etc/init.d/artica-postfix restart artica-exec >/dev/null 2>&1 &");
}
$sql = "UPDATE artica_patchs SET updated=1 WHERE patch_number<={$myversionbin}";
$q->QUERY_SQL($sql, "artica_backup");
}
function mysqlcheck($db, $table)
{
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$oldpid = @file_get_contents($pidfile);
$unix = new unix();
if ($unix->process_exists($oldpid)) {
echo "Process already exists pid {$oldpid}\n";
return;
}
$time1 = time();
$mysqlcheck = $unix->find_program("mysqlcheck");
$q = new mysql();
$cmd = "{$mysqlcheck} -r {$db} {$table} -u {$q->mysql_admin} -p{$q->mysql_password} 2>&1";
exec($cmd, $results);
$time_duration = distanceOfTimeInWords($time1, time());
$unix->send_email_events("mysqlcheck results on {$db}/{$table}", "{$time_duration}\n" . @implode("\n", $results), "system");
}
$UsersNumber = 0;
}
$uriplus = "{$SYSTEMID};{$MEMORY_INSTALLED};{$SystemCpuNumber};{$LinuxDistributionFullName};{$ARTICA_VERSION};{$hostname};{$UsersNumber};{$datas}";
$uriplus = str_replace(" ", "%20", $uriplus);
$ini = new Bs_IniHandler();
$ini->loadFile("/etc/artica-postfix/artica-update.conf");
$uri = $ini->get("AUTOUPDATE", "uri");
if (trim($uri) == null) {
$uri = "http://93.88.245.88/auto.update.php";
}
$uri = str_replace("www.artica.fr", "93.88.245.88", $uri);
$localFile = '/usr/share/artica-postfix/ressources/index.ini';
$curl = new ccurl("{$uri}?datas={$uriplus}");
$tmpfile = "/tmp/artica." . basename(__FILE__) . '.tmp';
@unlink("/usr/share/artica-postfix/ressources/logs/INTERNET_FAILED");
if (!$curl->GetFile($tmpfile)) {
$unix->send_email_events("Check Internet connexion Failed", "System is unable to connect trough internet: {$curl->error}", "update");
@file_put_contents("/usr/share/artica-postfix/ressources/logs/INTERNET_FAILED", $curl->error);
shell_exec("{$chmod} 777 /usr/share/artica-postfix/ressources/logs/INTERNET_FAILED");
return;
}
$ini = new Bs_IniHandler();
$ini->loadFile("{$tmpfile}");
$articaversion = $ini->get("NEXT", "artica");
if ($GLOBALS["VERBOSE"]) {
echo "Artica version:{$articaversion}\n";
}
if (preg_match("#^[0-9\\.]+#", $articaversion)) {
@copy($tmpfile, "/usr/share/artica-postfix/ressources/index.ini");
shell_exec("{$chmod} 777 /usr/share/artica-postfix/ressources/index.ini");
}
function av_stats()
{
$GLOBALS["NO_PID_CHECKS"] = true;
$users = new usersMenus();
if (!$users->KAV4PROXY_INSTALLED) {
if ($GLOBALS["VERBOSE"]) {
writelogs("Kav4Proxy is not installed...", __FUNCTION__, __FILE__, __LINE__);
}
return;
}
$timefile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$unix = new unix();
$minute = $unix->file_time_min($timefile);
if (!$GLOBALS["FORCE"]) {
if ($minute < 15) {
if ($GLOBALS["VERBOSE"]) {
writelogs("{$minute}Mn need 15, aborting", __FUNCTION__, __FILE__, __LINE__);
}
return;
}
}
$pid = $unix->get_pid_from_file("/var/run/kav4proxy/kavicapserver.pid");
if (!$unix->process_exists($pid)) {
if ($GLOBALS["VERBOSE"]) {
writelogs("Process antivirus statistics failed, Kav4Proxy seems not running (PID:{$pid})", __FUNCTION__, __FILE__, __LINE__);
}
$unix->send_email_events("Process antivirus statistics failed, Kav4Proxy seems not running (PID:{$pid})", "/var/run/kav4proxy/kavicapserver.pid as no valid PID", "proxy");
return;
}
@unlink($timefile);
@file_put_contents($timefile, time());
$kill = $unix->find_program("kill");
if ($GLOBALS["VERBOSE"]) {
writelogs("{$kill} -USR2 {$pid}", __FUNCTION__, __FILE__, __LINE__);
}
shell_exec("{$kill} -USR2 {$pid}");
if (!is_file("/var/log/kaspersky/kav4proxy/counter.stats")) {
if (is_file("/var/log/kaspersky/kav4proxy/av.stats")) {
av_events();
}
if ($GLOBALS["VERBOSE"]) {
writelogs("/var/log/kaspersky/kav4proxy/counter.stats no such file", __FUNCTION__, __FILE__, __LINE__);
}
return;
}
if (is_file("/var/log/kaspersky/kav4proxy/av.stats")) {
av_events();
}
$FileExploded = explode("\n", @file_get_contents("/var/log/kaspersky/kav4proxy/counter.stats"));
if ($GLOBALS["VERBOSE"]) {
writelogs("/var/log/kaspersky/kav4proxy/counter.stats " . count($FileExploded) . " items", __FUNCTION__, __FILE__, __LINE__);
}
$val = array();
while (list($num, $line) = each($FileExploded)) {
if (preg_match("#^(.+?)\\s+([0-9\\.]+)#", $line, $re)) {
if ($GLOBALS["VERBOSE"]) {
writelogs("item: {$re[1]} = \"{$re[2]}\"", __FUNCTION__, __FILE__, __LINE__);
}
$val[trim($re[1])] = trim($re[2]);
} else {
if ($GLOBALS["VERBOSE"]) {
writelogs("{$line} no match ^(.+?)\\s+([0-9\\.]+)", __FUNCTION__, __FILE__, __LINE__);
}
}
}
if (count($val) == 0) {
if ($GLOBALS["VERBOSE"]) {
writelogs("\$val no items, aborting", __FUNCTION__, __FILE__, __LINE__);
}
return;
}
$fields[] = "`zDate`";
$values[] = "'" . date('Y-m-d H:i:s') . "'";
while (list($num, $line) = each($val)) {
if ($num == null) {
continue;
}
$fields[] = "`{$num}`";
$values[] = "'{$line}'";
}
$sql = "INSERT IGNORE INTO kav4proxy_av_stats (" . @implode(",", $num) . ") VALUES(" . @implode(",", $values) . ")";
if ($GLOBALS["VERBOSE"]) {
writelogs("{$sql}", __FUNCTION__, __FILE__, __LINE__);
}
$q = new mysql();
$q->QUERY_SQL($sql, "artica_events");
if (!$q->ok) {
if ($GLOBALS["VERBOSE"]) {
writelogs("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__);
}
$unix->send_email_events("Process antivirus statistics failed, mysql errors", "Query was: {$sql}\nError was:{$q->mysql_error}\nData was\n" . @file_get_contents("/var/log/kaspersky/kav4proxy/counter.stats"), "proxy");
return;
}
@unlink("/var/log/kaspersky/kav4proxy/counter.stats");
}
function ParseResolvMX()
{
$sock = new sockets();
$WhiteListResolvMX = $sock->GET_INFO("WhiteListResolvMX");
if (!is_numeric($WhiteListResolvMX)) {
return null;
}
if ($WhiteListResolvMX == 0) {
return null;
}
if (!function_exists("getmxrr")) {
echo "getmxrr() no such function\n";
return;
}
$sql = "SELECT sender FROM postfix_global_whitelist WHERE enabled=1 ORDER BY sender";
if ($GLOBALS["VERBOSE"]) {
echo $sql . "\n";
}
$q = new mysql();
if (!$q->TestingConnection()) {
echo "ParseResolvMX()/" . basename(__FILE__) . " Connection to MySQL server failed...\n";
return;
}
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo $q->mysql_error;
return;
}
$q = new mysql();
$sql = "SELECT * FROM postfix_whitelist_con";
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo "{$q->mysql_error}\n";
}
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$WHITELISTED[$ligne["ipaddr"]] = true;
$WHITELISTED[$ligne["hostname"]] = true;
}
$count_whitelisted_before = count($WHITELISTED);
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$domain = trim($ligne["sender"]);
if ($domain == null) {
continue;
}
if (preg_match("#@(.+)#", $domain, $re)) {
$domain = $re[1];
}
if (strpos($domain, "*") > 0) {
continue;
}
$array_mx = resolvMX($domain);
if (count($array_mx) == 0) {
continue;
}
echo "{$domain} = " . count($array_mx) . " mx\n";
while (list($ipaddr, $hostname) = each($array_mx)) {
$notif[] = "{$domain}: {$hostname} [{$ipaddr}]";
$WHITELISTED[$ipaddr] = $hostname;
}
}
$count_whitelisted_after = count($WHITELISTED);
$somme = $count_whitelisted_after - $count_whitelisted_before;
if ($somme == 0) {
echo "Nothing to do...\n";
return;
}
if ($somme > 0) {
if ($GLOBALS["VERBOSE"]) {
echo "{$somme} items added in array\n" . @implode("\n", $notif);
}
$unix = new unix();
$unix->send_email_events("{$somme} items MX has been whitelisted", @implode("\n", $notif), "postfix");
}
reset($WHITELISTED);
while (list($value, $hostname) = each($WHITELISTED)) {
if (trim($value) == null) {
continue;
}
$sql = "DELETE FROM iptables WHERE serverip='{$value}' AND local_port=25";
$q->QUERY_SQL($sql, "artica_backup");
$sql = "INSERT IGNORE INTO postfix_whitelist_con (ipaddr,hostname) VALUES('{$value}','{$hostname}')";
$q->QUERY_SQL($sql, "artica_backup");
}
$cmd = LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.postfix.maincf.php --postscreen";
shell_exec($cmd);
}
function ping_kdc()
{
$sock = new sockets();
$unix = new unix();
$users = new settings_inc();
$chmod = $unix->find_program("chmod");
$filetime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth");
if (!is_numeric("{$EnableKerbAuth}")) {
$EnableKerbAuth = 0;
}
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$ttime = $unix->PROCCESS_TIME_MIN($pid);
progress_logs(20, "{join_activedirectory_domain}", "[PING]: Already executed pid {$pid} since {$ttime}Mn");
return;
}
@file_put_contents($pidfile, getmypid());
if ($EnableKerbAuth == 0) {
progress_logs(20, "{ping_kdc}", "[PING]: Kerberos, disabled");
return;
}
if (!checkParams()) {
progress_logs(20, "{ping_kdc}", "[PING]: Kerberos, misconfiguration failed");
return;
}
$array["RESULTS"] = false;
$array = unserialize(base64_decode($sock->GET_INFO("KerbAuthInfos")));
$time = $unix->file_time_min($filetime);
if (!$GLOBALS["FORCE"]) {
if ($time < 10) {
if (!$GLOBALS["VERBOSE"]) {
return;
}
progress_logs(20, "{ping_kdc}", "{$filetime} ({$time}Mn)");
}
}
$kinit = $unix->find_program("kinit");
$echo = $unix->find_program("echo");
$net = $unix->LOCATE_NET_BIN_PATH();
$wbinfo = $unix->find_program("wbinfo");
$chmod = $unix->find_program("chmod");
$nohup = $unix->find_program("nohup");
$domain = strtoupper($array["WINDOWS_DNS_SUFFIX"]);
$domain_lower = strtolower($array["WINDOWS_DNS_SUFFIX"]);
$ad_server = strtolower($array["WINDOWS_SERVER_NETBIOSNAME"]);
$kinitpassword = $array["WINDOWS_SERVER_PASS"];
$kinitpassword = $unix->shellEscapeChars($kinitpassword);
$php5 = $unix->LOCATE_PHP5_BIN();
$clock_explain = "The clock on you system (Linux/UNIX) is too far off from the correct time.\nYour machine needs to be within 5 minutes of the Kerberos servers in order to get any tickets.\nYou will need to run ntp, or a similar service to keep your clock within the five minute window";
$cmd = "{$echo} {$kinitpassword}|{$kinit} {$array["WINDOWS_SERVER_ADMIN"]}@{$domain} -V 2>&1";
progress_logs(20, "{ping_kdc}", "{$cmd}");
exec("{$cmd}", $kinit_results);
while (list($num, $ligne) = each($kinit_results)) {
if (preg_match("#Clock skew too great while getting initial credentials#", $ligne)) {
if ($GLOBALS["VERBOSE"]) {
progress_logs(20, "{ping_kdc}", "Clock skew too great while");
}
$array["RESULTS"] = false;
$array["INFO"] = $ligne;
$unix->send_email_events("Active Directory connection clock issue", "kinit program claim\n{$ligne}\n{$clock_explain}", "system");
}
if (preg_match("#Client not found in Kerberos database while getting initial credentials#", $ligne)) {
$array["RESULTS"] = false;
$array["INFO"] = $ligne;
$unix->send_email_events("Active Directory authentification issue", "kinit program claim\n{$ligne}\n", "system");
}
if (preg_match("#Authenticated to Kerberos#", $ligne)) {
$array["RESULTS"] = true;
$array["INFO"] = $ligne;
progress_logs(20, "{join_activedirectory_domain}", "[PING]: Kerberos, Success");
}
if ($GLOBALS["VERBOSE"]) {
progress_logs(20, "{ping_kdc}", "kinit: {$ligne}");
}
}
$TestJoin = true;
if ($array["RESULTS"] == true) {
exec("{$net} ads testjoin 2>&1", $results);
while (list($num, $ligne) = each($results)) {
if (preg_match("#Unable to find#", $ligne)) {
$array["RESULTS"] = false;
$array["INFO"] = $array["INFO"] . "<div><i style='font-size:11px;color:#B3B3B3'>{$ligne}</i></div>";
$TestJoin = false;
continue;
}
if (preg_match("#is not valid:#", $ligne)) {
$array["RESULTS"] = false;
$array["INFO"] = $array["INFO"] . "<div><i style='font-size:11px;color:#B3B3B3'>{$ligne}</i></div>";
$TestJoin = false;
continue;
}
}
if (preg_match("#OK#", $ligne)) {
$array["INFO"] = $array["INFO"] . "<div><i style='font-size:11px;color:#B3B3B3'>{$ligne}</i></div>";
$array["RESULTS"] = true;
}
}
@unlink($filetime);
@file_put_contents($filetime, time());
@file_put_contents("/usr/share/artica-postfix/ressources/logs/kinit.array", serialize($array));
@chmod("/usr/share/artica-postfix/ressources/logs/kinit.array", 0777);
if ($GLOBALS["JUST_PING"]) {
return;
}
if (!$TestJoin) {
shell_exec("{$nohup} {$php5} " . __FILE__ . " --join >/dev/null 2>&1 &");
}
if ($users->SQUID_INSTALLED) {
winbind_priv();
if (!is_dir("/var/lib/samba/smb_krb5")) {
@mkdir("/var/lib/samba/smb_krb5", 0777, true);
}
shell_exec("{$chmod} 1775 /var/lib/samba/smb_krb5 >/dev/null 2>&1");
shell_exec("{$chmod} 1775 /var/lib/samba >/dev/null 2>&1");
}
}
function cyrus_empty_mailbox()
{
$unix = new unix();
$ipurge = $unix->LOCATE_CYRUS_IPURGE();
if ($ipurge == null) {
echo "<articadatascgi>" . base64_encode("Could not locate ipurge") . "</articadatascgi>";
return;
}
$user = $_GET["uid"];
if ($user == null) {
echo "<articadatascgi>" . base64_encode("No user set") . "</articadatascgi>";
return;
}
if (trim($_GET["size_of_message"]) != null) {
$params[] = "-m{$_GET["size_of_message"]}";
}
if (trim($_GET["age_of_message"]) != null) {
$params[] = "-d{$_GET["age_of_message"]}";
}
if ($_GET["submailbox"] != null) {
$submailbox = "/{$_GET["submailbox"]}";
}
$params[] = "user/{$user}{$submailbox}";
$cmd = "su cyrus -c \"{$ipurge} -f " . @implode(" ", $params) . " 2>&1\"";
writelogs_framework("{$cmd}", __FUNCTION__, __FILE__, __LINE__);
exec($cmd, $results);
if ($_GET["by"] == -100) {
$_GET["by"] = "Super Administrator";
}
$finale = trim(implode("", $results));
if ($finale == null) {
$results[] = "Executed...";
}
$unix->send_email_events("Messages task deletion on mailbox {$user}{$submailbox} by {{$_GET["by"]} executed", @implode("\n", $results), "mailbox");
echo "<articadatascgi>" . base64_encode(@implode("\n", $results)) . "</articadatascgi>";
}
function check()
{
$unix = new unix();
$oldpid = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
if ($unix->process_exists(@file_get_contents($oldpid))) {
writelogs("Process " . @file_get_contents($oldpid) . " already exists", __FUNCTION__, __FILE__);
die;
}
@file_put_contents($oldpid, getmypid());
$sock = new sockets();
$EnableEmergingThreats = $sock->GET_INFO("EnableEmergingThreats");
if (!is_numeric($EnableEmergingThreats)) {
$sock->SET_INFO("EnableEmergingThreats", 0);
$EnableEmergingThreats = 0;
}
if ($EnableEmergingThreats != 1) {
echo "Starting......: Emerging Threats: Disabled\n";
@unlink("/usr/share/artica-postfix/ressources/logs/EnableEmergingThreatsBuild.db");
die;
}
$GLOBALS["iptables"] = $unix->find_program("iptables");
$GLOBALS["ipset"] = $unix->find_program("ipset");
if (!is_file($GLOBALS["iptables"])) {
echo "Starting......: Emerging Threats: iptables no such file\n";
return;
}
if (!is_file($GLOBALS["ipset"])) {
echo "Starting......: Emerging Threats: ipset no such file\n";
$unix->send_email_events("Could not update Emerging Threats (ipset no such file)", "You have enabled Emerging Threats, but it seems that\nipset binary is not installed on your system.\ntry to install it by using setup-ubuntu stored in /usr/share/artica-postfix/bin\nArtica will disable Emerging Threats to remove this notification");
$sock->SET_INFO("EnableEmergingThreats", 0);
return;
}
$q = new mysql();
$sql = "SELECT * FROM postfix_whitelist_con";
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo "{$q->mysql_error}\n";
}
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$WHITELISTED[$ligne["ipaddr"]] = true;
$WHITELISTED[$ligne["hostname"]] = true;
}
$pattern_number = @file_get_contents("/etc/artica-postfix/emerging.threats.pattern");
if (!is_numeric($pattern_number)) {
$pattern_number = 0;
}
$http = new ccurl("http://rules.emergingthreats.net/fwrules/FWrev");
$tmp = $unix->FILE_TEMP();
if (!$http->GetFile("{$tmp}")) {
echo "Starting......: Emerging Threats: http error {$http->error}\n";
return;
}
$pattern_number_internet = trim(@file_get_contents($tmp));
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: Emerging Threats: {$tmp}\n";
}
if (!is_numeric($pattern_number_internet)) {
echo "Starting......: Emerging Threats: corrupted pattern\n";
return;
}
if ($pattern_number_internet == $pattern_number) {
echo "Starting......: Emerging Threats: No new Pattern current is {$pattern_number}\n";
return;
}
echo "Starting......: Emerging Threats: new Pattern {$pattern_number_internet}\n";
$tmp = $unix->FILE_TEMP();
$http = new ccurl("http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt");
if (!$http->GetFile("{$tmp}")) {
echo "Starting......: Emerging Threats: http error {$http->error}\n";
return;
}
$tbl = explode("\n", @file_get_contents("{$tmp}"));
if (count($tbl) == 0) {
echo "Starting......: Emerging Threats: corrupted file\n";
return;
}
$iptables_drop_chain = 'ETLOGDROP';
$iptables_att_chain = 'ATTACKERS';
$ipset_botcc = 'botcc';
$ipset_botccnet = 'botccnet';
$iptables = $GLOBALS["iptables"];
$ipset = $GLOBALS["ipset"];
echo "Starting......: Emerging Threats: flush {$iptables_drop_chain}\n";
shell_exec("{$iptables} -F {$iptables_drop_chain} 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: flush {$iptables_att_chain}\n";
shell_exec("{$iptables} -F {$iptables_att_chain} 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: delete {$iptables_att_chain} from FORWARD chain\n";
shell_exec("{$iptables} -D FORWARD -j {$iptables_att_chain} 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: delete {$iptables_att_chain} from INPUT chain\n";
shell_exec("{$iptables} -D INPUT -j {$iptables_att_chain} 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: delete {$ipset_botccnet}\n";
shell_exec("{$ipset} -X {$ipset_botccnet} 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: delete {$ipset_botcc}\n";
shell_exec("{$ipset} -X {$ipset_botcc} 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: Create attacker and drop chains\n";
shell_exec("{$iptables} -N {$iptables_att_chain} 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: insert {$iptables_att_chain} chain into FOWARD chain\n";
shell_exec("{$iptables} -I FORWARD 1 -j {$iptables_att_chain} 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: insert {$iptables_att_chain} chain into INPUT chain\n";
shell_exec("{$iptables} -I INPUT 1 -j {$iptables_att_chain} 2>/dev/null 1>/dev/null");
shell_exec("{$iptables} -N {$iptables_drop_chain} 2>/dev/null 1>/dev/null");
shell_exec("{$iptables} -A {$iptables_drop_chain} -j LOG --log-level INFO --log-prefix 'ET BLOCK: ' 2>/dev/null 1>/dev/null");
shell_exec("{$iptables} -A {$iptables_drop_chain} -j DROP 2>/dev/null 1>/dev/null");
shell_exec("{$ipset} -N {$ipset_botccnet} nethash 2>/dev/null 1>/dev/null");
shell_exec("{$ipset} -N {$ipset_botcc} iphash 2>/dev/null 1>/dev/null");
echo "Starting......: Emerging Threats: Starting blocklist " . count($tbl) . " ip(s) in population\n";
$count = 0;
while (list($num, $ligne) = each($tbl)) {
if (trim($ligne) == null) {
continue;
}
if (substr($ligne, 0, 1) == "#") {
continue;
}
if (!$WHITELISTED[$ligne]) {
echo "adding {$ligne}\n";
shell_exec("{$ipset} -A {$ipset_botccnet} {$ligne} 2>/dev/null 1>/dev/null");
shell_exec("{$ipset} -A {$ipset_botcc} {$ligne} 2>/dev/null 1>/dev/null");
$count++;
}
}
shell_exec("{$iptables} -A {$iptables_att_chain} -p ALL -m set --set {$ipset_botcc} src,src -j {$iptables_drop_chain} 2>/dev/null 1>/dev/null");
shell_exec("{$iptables} -A {$iptables_att_chain} -p ALL -m set --set {$ipset_botccnet} src,src -j {$iptables_drop_chain} 2>/dev/null 1>/dev/null");
shell_exec("{$iptables} -A {$iptables_att_chain} -p ALL -m set --set {$ipset_botcc} dst,dst -j {$iptables_drop_chain} 2>/dev/null 1>/dev/null");
shell_exec("{$iptables} -A {$iptables_att_chain} -p ALL -m set --set {$ipset_botccnet} dst,dst -j {$iptables_drop_chain} 2>/dev/null 1>/dev/null");
$unix->send_email_events("Emerging Threats update new pattern {$pattern_number_internet} {$count} ip addresses", "", "system");
@file_put_contents("/etc/artica-postfix/emerging.threats.pattern", $pattern_number_internet);
shell_exec("{$ipset} -L botccnet >/etc/artica-postfix/botccnet.list");
$tr = explode("\n", @file_get_contents("/etc/artica-postfix/botccnet.list"));
$conf = array();
while (list($num, $ligne) = each($tr)) {
if (trim($ligne) == null) {
continue;
}
if (preg_match("#(.+?):#", $ligne)) {
continue;
}
$conf["THREADS"][] = $ligne;
}
shell_exec("{$ipset} --list botcc >/etc/artica-postfix/ccnet.list");
$tr = explode("\n", @file_get_contents("/etc/artica-postfix/ccnet.list"));
$conf = array();
while (list($num, $ligne) = each($tr)) {
if (trim($ligne) == null) {
continue;
}
if (preg_match("#(.+?):#", $ligne)) {
continue;
}
$conf["THREADS"][] = $ligne;
}
$conf["COUNT"] = count($conf["THREADS"]);
writelogs_framework("Writing ressources/logs/EnableEmergingThreatsBuild.db done.");
@file_put_contents("/usr/share/artica-postfix/ressources/logs/EnableEmergingThreatsBuild.db", serialize($conf));
@chmod("/usr/share/artica-postfix/ressources/logs/EnableEmergingThreatsBuild.db", 0777);
$conf["COUNT"] = count($conf["THREADS"]);
@file_put_contents("/usr/share/artica-postfix/ressources/logs/EnableEmergingThreatsBuild.db", serialize($conf));
}
function SingleInstance()
{
$sock = new sockets();
$unix = new unix();
$php5 = $unix->LOCATE_PHP5_BIN();
$miltergreybin = $unix->find_program("milter-greylist");
$MilterGreyListEnabled = $sock->GET_INFO("MilterGreyListEnabled");
if (!is_numeric($MilterGreyListEnabled)) {
$MilterGreyListEnabled = 0;
}
if ($MilterGreyListEnabled == 0) {
echo "{$GLOBALS["deflog_start"]} Milter-greylist is not enabled\n";
return;
}
$nohup = $unix->find_program("nohup");
echo "{$GLOBALS["deflog_start"]} single instance execute exec.white-black-central.php\n";
shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.white-black-central.php >/dev/null 2>&1 &");
$mg = new milter_greylist(false, "master", "master");
$datas = $mg->BuildConfig();
if ($datas != null) {
$conf_path = SingleInstanceConfPath();
@mkdir(dirname($conf_path), 0666, true);
echo "{$GLOBALS["deflog_start"]} single instance {$conf_path}\n";
$tbl = explode("\n", $datas);
echo "{$GLOBALS["deflog_start"]} cleaning {$conf_path} with " . count($tbl) . " lines\n";
while (list($num, $ligne) = each($tbl)) {
$ligne = trim($ligne);
if ($ligne == null) {
continue;
}
$newf[] = $ligne;
}
$newf[] = "";
echo "{$GLOBALS["deflog_start"]} writing {$conf_path} (" . count($newf) . " lines)\n";
@file_put_contents($conf_path, @implode("\n", $newf));
}
TestConfigFile($conf_path);
echo "{$GLOBALS["deflog_start"]} notify administrator\n";
$unix->send_email_events("Milter-greylist has been reconfigured", "By {$GLOBALS["WHOPROCESS"]}\nSettings:\n" . @implode("\n", $newf), "postfix");
echo "{$GLOBALS["deflog_start"]} done.\n";
}
function logrotate()
{
$unix = new unix();
$sock = new sockets();
$BackupMailLogPath = $sock->GET_INFO("BackupMailLogPath");
$BackupMailLogMaxTimeCompressed = $sock->GET_INFO("BackupMailLogMaxTimeCompressed");
if (!is_numeric($BackupMailLogMaxTimeCompressed)) {
$BackupMailLogMaxTimeCompressed = 10080;
}
if ($BackupMailLogPath == null) {
$BackupMailLogPath = "/home/logrotate_backup";
}
$du = $unix->find_program("du");
$gzip = $unix->find_program("gzip");
@mkdir("{$BackupMailLogPath}", true, 660);
if (!is_dir("{$BackupMailLogPath}")) {
$unix->send_email_events("PostFinder:Error while creating {$BackupMailLogPath}");
return;
}
$nice = $unix->EXEC_NICE();
$timestart = time();
$log = array();
foreach (glob("{$BackupMailLogPath}/*.log") as $filename) {
$timefile = $unix->file_time_min($filename);
$basename = basename($filename);
if ($GLOBALS["VERBOSE"]) {
echo "{$basename}: {$timefile} minutes (need {$BackupMailLogMaxTimeCompressed} minutes)\n";
}
if ($timefile > $BackupMailLogMaxTimeCompressed) {
$targetgzip = "{$BackupMailLogPath}/{$basename}.gz";
$cmd = trim("{$nice}{$gzip} -c {$filename} >{$targetgzip}");
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
$time = time();
shell_exec($cmd);
if (is_file($targetgzip)) {
$ev = "{$basename} -> {$targetgzip} " . $unix->distanceOfTimeInWords($time, time());
if ($GLOBALS["VERBOSE"]) {
echo "{$ev}\n";
}
$log[] = $ev;
@unlink($filename);
}
}
}
$strings = null;
exec("{$du} -h -s {$BackupMailLogPath}", $results);
$strings = @implode("", $results);
if (preg_match("#^(.+?)\\s+#", $strings, $re)) {
$final_size = $re[1];
}
@file_put_contents("/usr/share/artica-postfix/ressources/logs/postfinder.dirsize.txt", $final_size);
@chmod("/usr/share/artica-postfix/ressources/logs/postfinder.dirsize.txt", 777);
if (count($log) > 0) {
$unix->send_email_events("Postfinder: Directory size: {$strings} - " . count($log) . " maillog compressed (" . $unix->distanceOfTimeInWords($timestart, time()) . ")", "Directory: {$BackupMailLogPath}\n" . @implode("\n", $log), "postfix");
}
}
function send_email_events_frame()
{
$array = unserialize(base64_decode($_GET["send-email-events"]));
$unix = new unix();
$unix->send_email_events($array["SUBJECT"], $array["TEXT"], $array["CONTEXT"]);
}
function cron_compile()
{
$sock = new sockets();
$EnableWebProxyStatsAppliance = $sock->GET_INFO("EnableWebProxyStatsAppliance");
$EnableRemoteStatisticsAppliance = $sock->GET_INFO("EnableRemoteStatisticsAppliance");
$isFiltersInstalled = false;
$trace = debug_backtrace();
if (isset($trace[1])) {
$called = " called by " . basename($trace[1]["file"]) . " {$trace[1]["function"]}() line {$trace[1]["line"]}";
}
if (!is_numeric($EnableWebProxyStatsAppliance)) {
$EnableWebProxyStatsAppliance = 0;
}
if (!is_numeric($EnableRemoteStatisticsAppliance)) {
$EnableRemoteStatisticsAppliance = 0;
}
if ($EnableRemoteStatisticsAppliance == 1) {
return;
}
$users = new usersMenus();
if ($users->APP_UFDBGUARD_INSTALLED) {
$isFiltersInstalled = true;
}
if ($users->DANSGUARDIAN_INSTALLED) {
$isFiltersInstalled = true;
}
if ($EnableWebProxyStatsAppliance == 0) {
if (!$isFiltersInstalled) {
return;
}
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$unix = new unix();
$restart = false;
if ($unix->process_exists(@file_get_contents($pidfile))) {
return;
}
@file_put_contents($pidfile, getmypid());
if (is_file("/etc/artica-postfix/ufdbguard.compile.alldbs")) {
$WHY = "ufdbguard.compile.alldbs exists";
@unlink("/etc/artica-postfix/ufdbguard.compile.alldbs");
events_ufdb_exec("CRON:: -> ufdbguard_recompile_dbs()");
ufdbguard_admin_events("-> ufdbguard_recompile_dbs()", __FUNCTION__, __FILE__, __LINE__, "config");
UFDBGUARD_COMPILE_ALL_CATEGORIES();
return;
}
if (is_file("/etc/artica-postfix/ufdbguard.compile.missing.alldbs")) {
$WHY = "ufdbguard.compile.missing.alldbs exists";
events_ufdb_exec("CRON:: -> ufdbguard_recompile_missing_dbs()");
@unlink("/etc/artica-postfix/ufdbguard.compile.missing.alldbs");
ufdbguard_admin_events("-> ufdbguard_recompile_missing_dbs()", __FUNCTION__, __FILE__, __LINE__, "config");
ufdbguard_recompile_missing_dbs();
return;
}
if (is_file("/etc/artica-postfix/ufdbguard.reconfigure.task")) {
$WHY = "ufdbguard.reconfigure.task exists";
events_ufdb_exec("CRON:: -> build()");
@unlink("/etc/artica-postfix/ufdbguard.reconfigure.task");
ufdbguard_admin_events("-> build()", __FUNCTION__, __FILE__, __LINE__, "config");
build();
return;
}
foreach (glob("/etc/artica-postfix/ufdbguard.recompile-queue/*") as $filename) {
$restart = true;
$db = @file_get_contents($filename);
@unlink($filename);
ufdbguard_admin_events("-> UFDBGUARD_COMPILE_SINGLE_DB(/var/lib/squidguard/{$db}/domains)", __FUNCTION__, __FILE__, __LINE__, "config");
UFDBGUARD_COMPILE_SINGLE_DB("/var/lib/squidguard/{$db}/domains");
}
if ($restart) {
$unix->send_email_events("cron-compile: Ask to reload ufdbguard service", "\n{$WHY}\nFunction:" . __FUNCTION__ . "\nFile:" . __FILE__ . "\nLine:" . __LINE__, "proxy");
ufdbguard_admin_events("Service will be reloaded", __FUNCTION__, __FILE__, __LINE__, "ufdbguard-service");
build_ufdbguard_HUP();
}
}
function awstats_import_sql($servername)
{
$q = new mysql();
$unix = new unix();
$sql = "DELETE FROM awstats_files WHERE `servername`='{$servername}'";
$q->QUERY_SQL($sql, "artica_backup");
foreach (glob("/var/tmp/awstats/{$servername}/awstats.*") as $filename) {
if (basename($filename) == "awstats.{$servername}.html") {
$awstats_filename = "index";
} else {
if (preg_match("#awstats\\.(.+)\\.([a-z0-9]+)\\.html#", $filename, $re)) {
$awstats_filename = $re[2];
}
}
if ($GLOBALS["VERBOSE"]) {
echo "{$servername}: {$awstats_filename}\n";
}
if ($awstats_filename != null) {
$content = addslashes(@file_get_contents("{$filename}"));
$results[] = "Importing {$filename}";
@unlink($filename);
$sql = "INSERT INTO awstats_files (`servername`,`awstats_file`,`content`)\n\t\t\tVALUES('{$servername}','{$awstats_filename}','{$content}')";
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
if ($GLOBALS["VERBOSE"]) {
echo "{$q->mysql_error}\n";
}
$unix->send_email_events("awstats for {$servername} failed database error", $q->mysql_error, "system");
return false;
}
}
$q->ok;
}
return true;
}
function compile_sshd_rules(){
include_once(dirname(__FILE__)."/ressources/class.openssh.inc");
$q=new mysql();
$iptablesClass=new iptables_chains();
$unix=new unix();
$openssh=new openssh();
$SSHDPort=$openssh->main_array["Port"];
if(!is_numeric($SSHDPort)){$SSHDPort=22;}
$iptables=$unix->find_program("iptables");
$GLOBALS["IPTABLES_WHITELISTED"]=$iptablesClass->LoadWhiteLists();
$sql="SELECT * FROM iptables WHERE disable=0 AND flux='INPUT' AND local_port=22";
$results=$q->QUERY_SQL($sql,"artica_backup");
iptables_delete_all();
if($GLOBALS["VERBOSE"]){echo "OpenSSH port is $SSHDPort\n";}
while($ligne=@mysql_fetch_array($results,MYSQL_ASSOC)){
$ip=$ligne["serverip"];
if($iptablesClass->isWhiteListed($ip)){continue;}
events("ADD REJECT {$ligne["serverip"]} INBOUND PORT 22");
ssh_events("ADD REJECT {$ligne["serverip"]} INBOUND PORT 22",__FUNCTION__,__FILE__,__LINE__);
/*if($InstantIptablesEventAll==1){
if($GLOBALS["VERBOSE"]){echo "$ip -> LOG\n";}
$cmd="$iptables -A INPUT -s $ip -p tcp --destination-port 25 -j LOG --log-prefix \"SMTP DROP: \" -m comment --comment \"ArticaInstantPostfix\"";
$commands[]=$cmd;
}*/
$cmd="$iptables -A INPUT -s $ip -p tcp --destination-port $SSHDPort -j DROP -m comment --comment \"ArticaInstantSSH\"";
$commands[]=$cmd;
}
if($GLOBALS["VERBOSE"]){echo count($commands)." should be performed\n";}
if(is_array($commands)){
while (list ($index, $line) = each ($commands) ){
writelogs($line,__FUNCTION__,__FILE__,__LINE__);
if($GLOBALS["VERBOSE"]){echo $line."\n";}
shell_exec($line);
}
$unix->send_email_events("SSHD Hack ".count($commands)." rules(s) added",null,"system");
}
}
function ChecksDNSBL($iptocheck = null, $output = false, $increment = false)
{
if (trim($iptocheck == "--force")) {
$iptocheck = null;
$output = false;
}
$textip = null;
if ($iptocheck == null) {
$myip = GetMyIp();
} else {
$myip = $iptocheck;
}
if (!preg_match("#[0-9+]\\.[0-9+]\\.[0-9+]\\.[0-9+]#", $myip)) {
$textip = " ({$myip}) ";
$myip = gethostbyname($myip);
if ($GLOBALS["VERBOSE"]) {
echo "Checking {$myip}...........: was{$textip}\n";
}
}
$sock = new sockets();
$unix = new unix();
$RBLCheckFrequency = $sock->GET_INFO("RBLCheckFrequency");
$RBLCheckNotification = $sock->GET_INFO("RBLCheckNotification");
if (!is_numeric($RBLCheckFrequency)) {
$RBLCheckFrequency = 60;
}
if (!is_numeric($RBLCheckNotification)) {
$RBLCheckNotification = 0;
}
if ($GLOBALS["VERBOSE"]) {
echo "Checking {$myip}{$textip}...........: RBLCheckFrequency...: {$RBLCheckFrequency}\n";
echo "Checking {$myip}{$textip}...........: RBLCheckNotification: {$RBLCheckNotification}\n";
}
if (!$GLOBALS["FORCE"]) {
$md = md5($myip);
$timefile = "/etc/artica-postfix/cron.1/ChecksDNSBL.{$md}.time";
if (!$GLOBALS["VERBOSE"]) {
$time = file_time_min($timefile);
if ($time < $RBLCheckFrequency) {
echo @file_get_contents($timefile);
return;
}
}
@unlink($timefile);
@file_put_contents($timefile, "#");
}
include_once 'Net/DNSBL.php';
$dnsbl = new Net_DNSBL();
if (!isset($GLOBALS["DDNS"])) {
$sql = "SELECT * FROM rbl_servers WHERE enabled=1 ORDER BY `rbl`";
$q = new mysql();
$results = $q->QUERY_SQL($sql, "artica_backup");
if ($q->ok) {
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$GLOBALS["DDNS"][] = $ligne["rbl"];
}
}
}
if (count($GLOBALS["DDNS"]) == 0) {
$GLOBALS["DDNS"][] = "b.barracudacentral.org";
$GLOBALS["DDNS"][] = "bl.deadbeef.com";
$GLOBALS["DDNS"][] = "bl.emailbasura.org";
$GLOBALS["DDNS"][] = "bl.spamcannibal.org";
$GLOBALS["DDNS"][] = "bl.spamcop.net";
//$dnss[]="blackholes.five-ten-sg.com";
$GLOBALS["DDNS"][] = "blacklist.woody.ch";
$GLOBALS["DDNS"][] = "bogons.cymru.com";
$GLOBALS["DDNS"][] = "cbl.abuseat.org";
$GLOBALS["DDNS"][] = "cdl.anti-spam.org.cn";
$GLOBALS["DDNS"][] = "combined.abuse.ch";
$GLOBALS["DDNS"][] = "combined.rbl.msrbl.net";
$GLOBALS["DDNS"][] = "db.wpbl.info";
$GLOBALS["DDNS"][] = "dnsbl-1.uceprotect.net";
$GLOBALS["DDNS"][] = "dnsbl-2.uceprotect.net";
$GLOBALS["DDNS"][] = "dnsbl-3.uceprotect.net";
$GLOBALS["DDNS"][] = "dnsbl.ahbl.org";
$GLOBALS["DDNS"][] = "dnsbl.cyberlogic.net";
$GLOBALS["DDNS"][] = "dnsbl.inps.de";
$GLOBALS["DDNS"][] = "dnsbl.njabl.org";
$GLOBALS["DDNS"][] = "dnsbl.sorbs.net";
$GLOBALS["DDNS"][] = "drone.abuse.ch";
$GLOBALS["DDNS"][] = "drone.abuse.ch";
$GLOBALS["DDNS"][] = "duinv.aupads.org";
$GLOBALS["DDNS"][] = "dul.dnsbl.sorbs.net";
$GLOBALS["DDNS"][] = "dul.ru";
$GLOBALS["DDNS"][] = "dyna.spamrats.com";
$GLOBALS["DDNS"][] = "dynip.rothen.com";
$GLOBALS["DDNS"][] = "fl.chickenboner.biz";
$GLOBALS["DDNS"][] = "http.dnsbl.sorbs.net";
$GLOBALS["DDNS"][] = "images.rbl.msrbl.net";
$GLOBALS["DDNS"][] = "ips.backscatterer.org";
$GLOBALS["DDNS"][] = "ix.dnsbl.manitu.net";
$GLOBALS["DDNS"][] = "korea.services.net";
$GLOBALS["DDNS"][] = "misc.dnsbl.sorbs.net";
$GLOBALS["DDNS"][] = "noptr.spamrats.com";
$GLOBALS["DDNS"][] = "ohps.dnsbl.net.au";
$GLOBALS["DDNS"][] = "omrs.dnsbl.net.au";
$GLOBALS["DDNS"][] = "orvedb.aupads.org";
$GLOBALS["DDNS"][] = "osps.dnsbl.net.au";
$GLOBALS["DDNS"][] = "osrs.dnsbl.net.au";
$GLOBALS["DDNS"][] = "owfs.dnsbl.net.au";
$GLOBALS["DDNS"][] = "owps.dnsbl.net.au";
$GLOBALS["DDNS"][] = "pbl.spamhaus.org";
$GLOBALS["DDNS"][] = "phishing.rbl.msrbl.net";
$GLOBALS["DDNS"][] = "probes.dnsbl.net.au";
$GLOBALS["DDNS"][] = "proxy.bl.gweep.ca";
$GLOBALS["DDNS"][] = "proxy.block.transip.nl";
$GLOBALS["DDNS"][] = "psbl.surriel.com";
$GLOBALS["DDNS"][] = "rbl.interserver.net";
$GLOBALS["DDNS"][] = "rdts.dnsbl.net.au";
$GLOBALS["DDNS"][] = "relays.bl.gweep.ca";
$GLOBALS["DDNS"][] = "relays.bl.kundenserver.de";
$GLOBALS["DDNS"][] = "relays.nether.net";
$GLOBALS["DDNS"][] = "residential.block.transip.nl";
$GLOBALS["DDNS"][] = "ricn.dnsbl.net.au";
$GLOBALS["DDNS"][] = "rmst.dnsbl.net.au";
$GLOBALS["DDNS"][] = "sbl.spamhaus.org";
$GLOBALS["DDNS"][] = "short.rbl.jp";
$GLOBALS["DDNS"][] = "smtp.dnsbl.sorbs.net";
$GLOBALS["DDNS"][] = "socks.dnsbl.sorbs.net";
$GLOBALS["DDNS"][] = "spam.abuse.ch";
$GLOBALS["DDNS"][] = "spam.dnsbl.sorbs.net";
$GLOBALS["DDNS"][] = "spam.rbl.msrbl.net";
$GLOBALS["DDNS"][] = "spam.spamrats.com";
$GLOBALS["DDNS"][] = "spamlist.or.kr";
$GLOBALS["DDNS"][] = "spamrbl.imp.ch";
$GLOBALS["DDNS"][] = "t3direct.dnsbl.net.au";
$GLOBALS["DDNS"][] = "tor.ahbl.org";
$GLOBALS["DDNS"][] = "tor.dnsbl.sectoor.de";
$GLOBALS["DDNS"][] = "torserver.tor.dnsbl.sectoor.de";
$GLOBALS["DDNS"][] = "ubl.lashback.com";
$GLOBALS["DDNS"][] = "ubl.unsubscore.com";
$GLOBALS["DDNS"][] = "virbl.bit.nl";
$GLOBALS["DDNS"][] = "virus.rbl.jp";
$GLOBALS["DDNS"][] = "virus.rbl.msrbl.net";
$GLOBALS["DDNS"][] = "web.dnsbl.sorbs.net";
$GLOBALS["DDNS"][] = "wormrbl.imp.ch";
$GLOBALS["DDNS"][] = "xbl.spamhaus.org";
$GLOBALS["DDNS"][] = "zen.spamhaus.org";
$GLOBALS["DDNS"][] = "zombie.dnsbl.sorbs.net";
}
if ($GLOBALS["VERBOSE"]) {
echo "Checking {$myip}{$textip}...........: checking............: " . count($GLOBALS["DDNS"]) . " rbls servers\n";
echo "Checking {$myip}{$textip}...........: Output..............: {$output}\n";
}
if ($GLOBALS["VERBOSE"]) {
echo "checking " . count($GLOBALS["DDNS"]) . " rbls servers\n";
}
if ($GLOBALS["VERBOSE"]) {
echo "Checking {$myip}...........: ->setBlacklists();\n";
}
reset($GLOBALS["DDNS"]);
$dnsbl->setBlacklists($GLOBALS["DDNS"]);
if (!$output) {
if (!$increment) {
if ($GLOBALS["VERBOSE"]) {
echo "Delete /usr/share/artica-postfix/ressources/logs/web/blacklisted.html\n";
}
@unlink("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html");
}
}
if ($output) {
if ($dnsbl->isListed($myip)) {
$blacklist = $dnsbl->getListingBl($myip);
$detail = $dnsbl->getDetails($myip);
$final = "{$blacklist};{$detail["txt"][0]}";
@file_put_contents($timefile, $final);
echo $final;
}
return;
}
$date = date('l F H:i');
if ($GLOBALS["VERBOSE"]) {
echo "Checking {$myip}{$textip}...........: Output..............: {$date}\n";
}
if (!$increment) {
@unlink("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html");
@unlink("/usr/share/artica-postfix/ressources/logs/web/Notblacklisted.html");
}
if ($dnsbl->isListed($myip)) {
$blacklist = $dnsbl->getListingBl($myip);
if ($RBLCheckNotification == 1) {
$unix->send_email_events("Your server ({$myip}{$textip}) is blacklisted from {$blacklist}", "This is the result of checking your server from " . count($GLOBALS["DDNS"]) . " black list servers.\n It seems your server (ip:{$myip}{$textip}) is blacklisted from {$blacklist}\n If you trying to send mails from this server, it should be rejected from many SMTP servers that use \"{$blacklist}\" for check senders IP addresses.\n ", "postfix");
}
echo "{$myip}: blacklisted from {$blacklist} write \"/usr/share/artica-postfix/ressources/logs/web/blacklisted.html\"\n";
$p = Paragraphe('danger64.png', "{WARN_BLACKLISTED}", "{$myip}{$textip} {IS_BLACKLISTED_FROM} {$blacklist} ({$date})", "javascript:Loadjs('system.rbl.check.php')", "{$myip} {IS_BLACKLISTED_FROM} {$blacklist}", 300, 80);
if ($increment) {
$p = @file_get_contents("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html") . $p;
}
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html", $p);
shell_exec("/bin/chmod 777 /usr/share/artica-postfix/ressources/logs/web/blacklisted.html >/dev/null 2>&1");
return;
} else {
if ($GLOBALS["VERBOSE"]) {
echo "checking " . count($GLOBALS["DDNS"]) . " rbls servers success\n";
}
}
$dnsbl = new Net_DNSBL();
reset($GLOBALS["DDNS"]);
$dnsbl->setBlacklists($GLOBALS["DDNS"]);
if ($dnsbl->isListed($myip)) {
$blacklist = $dnsbl->getListingBl($myip);
if ($RBLCheckNotification == 1) {
send_email_events("Your server ({$myip}{$textip}) is blacklisted from {$blacklist}", "This is the result of checking your server from " . count($GLOBALS["DDNS"]) . " black list servers.\n\t It seems your server (ip:{$myip}{$textip}) is blacklisted from {$blacklist}\n\t If you trying to send mails from this server, it should be rejected from many SMTP servers that use \"{$blacklist}\" for check senders IP addresses.\n\t ", "postfix");
}
echo "{$myip}{$textip}: blacklisted from {$blacklist} write \"/usr/share/artica-postfix/ressources/logs/web/blacklisted.html\"\n";
$p = Paragraphe('danger64.png', "{WARN_BLACKLISTED}", "{$myip}{$textip} {IS_BLACKLISTED_FROM} {$blacklist} ({$date})", "javascript:Loadjs('system.rbl.check.php')", "{$myip}{$textip} {IS_BLACKLISTED_FROM} {$blacklist}", 300, 80);
if ($increment) {
$p = @file_get_contents("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html") . $p;
}
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html", $p);
shell_exec("/bin/chmod 777 /usr/share/artica-postfix/ressources/logs/web/blacklisted.html >/dev/null 2>&1");
return;
} else {
if ($GLOBALS["VERBOSE"]) {
echo "checking " . count($GLOBALS["DDNS"]) . " rbls servers success\n";
}
}
$p = Paragraphe('ok64.png', "{NOT_BLACKLISTED}", "{$myip}{$textip} {IS_NOT_BLACKLISTED } ({$date})", "javascript:Loadjs('system.rbl.check.php')", null, 300, 80);
if ($increment) {
$p = @file_get_contents("/usr/share/artica-postfix/ressources/logs/web/Notblacklisted.html") . $p;
}
@file_put_contents("/usr/share/artica-postfix/ressources/logs/web/Notblacklisted.html", $p);
shell_exec("/bin/chmod 777 /usr/share/artica-postfix/ressources/logs/web/Notblacklisted.html >/dev/null 2>&1");
}
function net_ads_info()
{
if ($_GET["reconnect"] == "yes") {
shell_exec(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.samba.php --ads");
}
$cachefile = "/etc/artica-postfix/NetADSInfo.cache";
$cachefilesize = filesize($cachefile);
writelogs_framework("{$cachefile} {$cachefilesize}", __FUNCTION__, __FILE__, __LINE__);
if (is_file("/etc/artica-postfix/NetADSInfo.cache")) {
$filetime = file_time_min($cachefile);
if ($filetime < 30) {
writelogs_framework("{$cachefile} {$filetime}Mn", __FUNCTION__, __FILE__, __LINE__);
$results = explode("\n", @file_get_contents($cachefile));
}
}
writelogs_framework("results= " . count($results) . " rows", __FUNCTION__, __FILE__, __LINE__);
if (!is_array($results)) {
$unix = new unix();
$net = $unix->LOCATE_NET_BIN_PATH();
if (!is_file($net)) {
$unix->send_email_events("Unable to locate net binary !!", "", "system");
return;
}
writelogs_framework("{$net} ads info 2>&1", __FUNCTION__, __FILE__, __LINE__);
exec("{$net} ads info 2>&1", $results);
@file_put_contents($cachefile, @implode("\n", $results));
}
while (list($index, $line) = each($results)) {
if (preg_match("#^(.+?):(.+)#", trim($line), $re)) {
writelogs_framework(trim($re[1]) . "=" . trim($re[2]), __FUNCTION__, __FILE__, __LINE__);
$array[trim($re[1])] = trim($re[2]);
}
}
echo "<articadatascgi>" . base64_encode(serialize($array)) . "</articadatascgi>";
}
function sa_update()
{
if (system_is_overloaded(basename(__FILE__))) {
writelogs("Overloaded system, aborting task", __FUNCTION__, __FILE__, __LINE__);
return;
}
$unix = new unix();
$saupdate = $unix->find_program("sa-update");
$sacompile = $unix->find_program("sa-compile");
if (!is_file($saupdate)) {
return null;
}
$statusFileContent = "/usr/share/artica-postfix/ressources/logs/sa-update-status.txt";
$statusFile = "/usr/share/artica-postfix/ressources/logs/sa-update-status.html";
if ($sacompile != null) {
$sacompile = " && {$sacompile} >>{$statusFileContent}";
}
$wget = $unix->find_program("wget");
shell_exec("{$wget} http://yerp.org/rules/GPG.KEY -O /root/GPG.KEY");
shell_exec("{$saupdate} sa-update --import /root/GPG.KEY");
$cmd = "{$saupdate} --nogpg -D --gpgkey 6C6191E3 --channel sought.rules.yerp.org --channel updates.spamassassin.org >{$statusFileContent}{$sacompile} 2>&1";
if ($GLOBALS["VERBOSE"]) {
echo "sa-update:: {$cmd}\n";
}
shell_exec($cmd);
shell_exec("/bin/chmod 777 {$statusFileContent}");
$f = explode("\n", $statusFileContent);
while (list($index, $line) = each($f)) {
if (preg_match("updates complete, exiting with code [0-9]+", $line)) {
if ($GLOBALS["VERBOSE"]) {
echo "sa-update:: {$line}\n";
}
$unix->send_email_events("Spamassassin success update databases", @implode("\n", $f), "postfix");
shell_exec("{$sacompile}");
@unlink($statusFile);
shell_exec("/etc/init.d/spamassassin reload");
return;
}
}
if ($GLOBALS["VERBOSE"]) {
echo "sa-update:: FAILED\n";
}
}
function ping_kdc()
{
$sock = new sockets();
$unix = new unix();
$filetime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth");
if (!is_numeric("{$EnableKerbAuth}")) {
$EnableKerbAuth = 0;
}
if ($EnableKerbAuth == 0) {
echo "Starting......: [PING]: Kerberos, disabled\n";
return;
}
if (!checkParams()) {
echo "Starting......: [PING]: Kerberos, misconfiguration failed\n";
return;
}
$array = unserialize(base64_decode($sock->GET_INFO("KerbAuthInfos")));
$time = $unix->file_time_min($filetime);
if ($time < 120) {
if (!$GLOBALS["VERBOSE"]) {
return;
}
echo "{$filetime} ({$time}Mn)\n";
}
$kinit = $unix->find_program("kinit");
$echo = $unix->find_program("echo");
$net = $unix->LOCATE_NET_BIN_PATH();
$wbinfo = $unix->find_program("wbinfo");
$domain = strtoupper($array["WINDOWS_DNS_SUFFIX"]);
$domain_lower = strtolower($array["WINDOWS_DNS_SUFFIX"]);
$ad_server = strtolower($config["WINDOWS_SERVER_NETBIOSNAME"]);
$kinitpassword = $array["WINDOWS_SERVER_PASS"];
$kinitpassword = $unix->shellEscapeChars($kinitpassword);
$clock_explain = "The clock on you system (Linux/UNIX) is too far off from the correct time.\nYour machine needs to be within 5 minutes of the Kerberos servers in order to get any tickets.\nYou will need to run ntp, or a similar service to keep your clock within the five minute window";
$cmd = "{$echo} {$kinitpassword}|{$kinit} {$array["WINDOWS_SERVER_ADMIN"]}@{$domain} -V 2>&1";
echo "{$cmd}\n";
exec("{$cmd}", $kinit_results);
while (list($num, $ligne) = each($kinit_results)) {
if (preg_match("#Clock skew too great while getting initial credentials#", $ligne)) {
$unix->send_email_events("Active Directory connection clock issue", "kinit program claim\n{$ligne}\n{$clock_explain}", "system");
}
if (preg_match("#Client not found in Kerberos database while getting initial credentials#", $ligne)) {
$unix->send_email_events("Active Directory authentification issue", "kinit program claim\n{$ligne}\n", "system");
}
if (preg_match("#Authenticated to Kerberos#", $ligne)) {
echo "starting......: [PING]: Kerberos, Success\n";
}
if ($GLOBALS["VERBOSE"]) {
echo "kinit: {$ligne}\n";
}
}
@unlink($filetime);
@file_put_contents($filetime, time());
}
