function purge_bysquid()
{
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = @file_get_contents($pidfile);
if ($pid < 100) {
$pid = null;
}
if ($unix->process_exists($pid, basename(__FILE__))) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
ufdbguard_admin_events("Already executed pid {$pid} since {$timepid}", __FUNCTION__, __FILE__, __LINE__, "purge");
if ($GLOBALS["VERBOSE"]) {
echo "Already executed pid {$pid}\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
$sock = new sockets();
$users = new usersMenus();
$rm = $unix->find_program("rm");
$df = $unix->find_program("df");
$DF_RESULTS[] = "Scanning Artica directories in /var/log\ncurrent status:";
exec("{$df} -i /var/log 2>&1", $DF_RESULTS);
$DF_RESULTS[] = "";
exec("{$df} -h /var/log 2>&1", $DF_RESULTS);
$dirs = $unix->DirFiles("/var/log/artica-postfix");
while (list($directory, $b) = each($dirs)) {
$DF_RESULTS[] = "";
$DF_RESULTS[] = "";
$DF_RESULTS[] = date("Y-m-d H:i:s") . " Removing content of {$directory}";
$DF_RESULTS[] = date("Y-m-d H:i:s") . " {$directory} Before:";
$DF_RESULTS[] = "";
exec("{$df} -i {$directory} 2>&1", $DF_RESULTS);
$DF_RESULTS[] = "";
exec("{$df} -h {$directory} 2>&1", $DF_RESULTS);
shell_exec("{$rm} -rf {$directory}/* 2>&1");
$DF_RESULTS[] = date("Y-m-d H:i:s") . " {$directory} After removing content:";
exec("{$df} -i {$directory} 2>&1", $DF_RESULTS);
$DF_RESULTS[] = "";
exec("{$df} -h {$directory} 2>&1", $DF_RESULTS);
$DF_RESULTS[] = "";
}
squid_admin_mysql(0, "Log partition cleaning report", @implode("\n", $DF_RESULTS) . __FILE__, __LINE__);
}
function ping($hostid)
{
$mefile = basename(__FILE__);
$GLOBALS["CLASS_UNIX"] = new unix();
$GLOBALS["CLASS_UNIX"]->events("{$mefile}:: blackboxes({$hostid})", "/var/log/stats-appliance.log");
$black = new blackboxes($hostid);
$ssluri = $black->ssluri . "/nodes.listener.php";
$nossluri = $black->sslnouri . "/nodes.listener.php";
if ($GLOBALS["VERBOSE"]) {
echo "Try {$ssluri}\n";
}
$GLOBALS["CLASS_UNIX"]->events("{$mefile}:: {$ssluri}", "/var/log/stats-appliance.log");
$curl = new ccurl($ssluri);
$curl->parms["PING-ORDERS"] = true;
if ($GLOBALS["VERBOSE"]) {
$curl->parms["VERBOSE"] = true;
}
$curl->noproxyload = true;
if ($GLOBALS["VERBOSE"]) {
echo "Sending PING-ORDERS\n";
}
if (!$curl->get()) {
$ssluri = $nossluri;
$GLOBALS["CLASS_UNIX"]->events("{$mefile}:: {$ssluri}", "/var/log/stats-appliance.log");
if ($GLOBALS["VERBOSE"]) {
echo "error `{$ssluri}` {$curl->error}, trying http\n";
}
$curl = new ccurl($nossluri);
$curl->noproxyload = true;
$curl->parms["PING-ORDERS"] = true;
if (!$curl->get()) {
ufdbguard_admin_events("{$mefile}:: Failed to send ping to {$black->hostname} with Error:`{$curl->error}`", __FUNCTION__, __FILE__, __LINE__, "communicate");
return;
}
}
if ($GLOBALS["VERBOSE"]) {
echo $curl->data;
}
if (preg_match("#SUCCESS<#s", $curl->data)) {
$GLOBALS["CLASS_UNIX"]->events("Success to send ping to {$black->hostname}", "/var/log/stats-appliance.log");
ufdbguard_admin_events("{$mefile}:: Success to send ping to {$black->hostname}", __FUNCTION__, __FILE__, __LINE__, "communicate");
}
}
function month_visited()
{
$unix = new unix();
LoadParams();
$DaysbackupOlder = $GLOBALS["DaysbackupOlder"];
$workdir = $GLOBALS["WORKDIR"];
$q = new mysql_squid_builder();
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT MONTH( NOW( ) ) AS tmonth, YEAR( NOW( ) ) AS tyear", "artica_events"));
if (strlen($ligne["tmonth"]) == 1) {
$ligne["tmonth"] = "0" . $ligne["tmonth"];
}
$current_table = "{$ligne["tyear"]}{$ligne["tmonth"]}_day";
$sql = "SELECT MONTH( zDate ) AS tmonth, YEAR( zDate ) AS tyear FROM tables_day \n\tWHERE zDate < DATE_SUB( NOW( ) , INTERVAL 200 DAY ) GROUP BY tmonth, tyear";
$GLOBALS["BACKUPED_SIZE"] = 0;
$GLOBALS["TABLECOUNT"] = 0;
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
ufdbguard_admin_events("Fatal, {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "backup");
return;
}
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$alt_table0 = null;
$alt_table1 = null;
if (strlen($ligne["tmonth"]) == 1) {
$ligne["tmonth"] = "0" . $ligne["tmonth"];
}
$tablename = "{$ligne["tyear"]}{$ligne["tmonth"]}_day";
if ($tablename == $current_table) {
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "{$tablename}\n";
}
$filename = "{$workdir}/{$tablename}.gz";
if (is_file($filename)) {
@unlink($filename);
}
if (backupTable($tablename, $filename)) {
if (is_file($filename)) {
$filesize = $unix->file_size($filename);
$GLOBALS["BACKUPED_SIZE"] = $GLOBALS["BACKUPED_SIZE"] + $filesize;
$GLOBALS["TABLECOUNT"]++;
}
}
$tablename = "{$ligne["tyear"]}{$ligne["tmonth"]}_members";
if ($GLOBALS["VERBOSE"]) {
echo "{$tablename}\n";
}
$filename = "{$workdir}/{$tablename}.gz";
if (is_file($filename)) {
@unlink($filename);
}
if (backupTable($tablename, $filename)) {
if (is_file($filename)) {
$filesize = $unix->file_size($filename);
$GLOBALS["BACKUPED_SIZE"] = $GLOBALS["BACKUPED_SIZE"] + $filesize;
$GLOBALS["TABLECOUNT"]++;
}
}
$tablename = "{$ligne["tyear"]}{$ligne["tmonth"]}_blocked_days";
if ($GLOBALS["VERBOSE"]) {
echo "{$tablename}\n";
}
$filename = "{$workdir}/{$tablename}.gz";
if (is_file($filename)) {
@unlink($filename);
}
if (backupTable($tablename, $filename)) {
if (is_file($filename)) {
$filesize = $unix->file_size($filename);
$GLOBALS["BACKUPED_SIZE"] = $GLOBALS["BACKUPED_SIZE"] + $filesize;
$GLOBALS["TABLECOUNT"]++;
}
}
if (system_is_overloaded(basename(__FILE__))) {
sleep(15);
if (system_is_overloaded(__FILE__)) {
sleep(10);
if (system_is_overloaded(__FILE__)) {
sleep(5);
}
}
}
if (system_is_overloaded(basename(__FILE__))) {
ufdbguard_admin_events("Fatal, Overloaded system, aborting task and restart in newt cycle...", __FUNCTION__, __FILE__, __LINE__, "backup");
return;
}
}
}
function clean_squid_stats_no_items()
{
$sock = new sockets();
$DisableArticaProxyStatistics = $sock->GET_INFO("DisableArticaProxyStatistics");
$CleanArticaSquidDatabases = $sock->GET_INFO("CleanArticaSquidDatabases");
if (!is_numeric($DisableArticaProxyStatistics)) {
$DisableArticaProxyStatistics = 0;
}
if (!is_numeric($CleanArticaSquidDatabases)) {
$CleanArticaSquidDatabases = 0;
}
if ($CleanArticaSquidDatabases == 1) {
return;
}
$q = new mysql_squid_builder();
$tables = $q->LIST_TABLES_DAYS();
$rows = 0;
$count_tables = 0;
if (!$q->ok) {
return;
}
while (list($num, $table) = each($tables)) {
if (!$q->ok) {
return;
}
$rows = $q->COUNT_ROWS($table);
if ($rows == 0) {
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
ufdbguard_admin_events("{$table} was deleted (contains no row)", __FUNCTION__, __FILE__, __LINE__, "clean-stats");
$q->DELETE_TABLE($table);
}
}
$tables = $q->LIST_TABLES_DAYS_BLOCKED();
if (!$q->ok) {
return;
}
while (list($num, $table) = each($tables)) {
$rows = $q->COUNT_ROWS($table);
if (!$q->ok) {
return;
}
if ($rows == 0) {
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
ufdbguard_admin_events("{$table} was deleted (contains no row)", __FUNCTION__, __FILE__, __LINE__, "clean-stats");
$q->DELETE_TABLE($table);
}
}
$tables = $q->LIST_TABLES_MEMBERS();
if (!$q->ok) {
return;
}
while (list($num, $table) = each($tables)) {
$rows = $q->COUNT_ROWS($table);
if (!$q->ok) {
return;
}
if ($rows == 0) {
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
ufdbguard_admin_events("{$table} was deleted (contains no row)", __FUNCTION__, __FILE__, __LINE__, "clean-stats");
$q->DELETE_TABLE($table);
}
}
$tables = $q->LIST_TABLES_MONTH();
if (!$q->ok) {
return;
}
while (list($num, $table) = each($tables)) {
$rows = $q->COUNT_ROWS($table);
if (!$q->ok) {
return;
}
if ($rows == 0) {
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
ufdbguard_admin_events("{$table} was deleted (contains no row)", __FUNCTION__, __FILE__, __LINE__, "clean-stats");
$q->DELETE_TABLE($table);
}
}
$tables = $q->LIST_TABLES_WEEKS();
if (!$q->ok) {
return;
}
while (list($num, $table) = each($tables)) {
$rows = $q->COUNT_ROWS($table);
if (!$q->ok) {
return;
}
if ($rows == 0) {
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
ufdbguard_admin_events("{$table} was deleted (contains no row)", __FUNCTION__, __FILE__, __LINE__, "clean-stats");
$q->DELETE_TABLE($table);
}
}
if ($count_tables > 0) {
system_admin_events("{$count_tables} empy tables as been deleted in squid statistics database", __FUNCTION__, __FILE__, __LINE__, "clean");
}
}
function writelogs_squid($text, $function = null, $file = null, $line = 0, $category = null, $nosql = false)
{
if (!isset($GLOBALS["CLASS_UNIX"])) {
$GLOBALS["CLASS_UNIX"] = new unix();
}
if (!isset($GLOBALS["MYPID"])) {
$GLOBALS["MYPID"] = @getmypid();
}
if (!isset($GLOBALS["AS_ROOT"])) {
if (posix_getuid() == 0) {
$GLOBALS["AS_ROOT"] = true;
} else {
$GLOBALS["AS_ROOT"] = false;
}
}
$array_load = sys_getloadavg();
$internal_load = $array_load[0];
if ($file != null) {
$me = basename($file);
} else {
$me = basename(__FILE__);
}
$date = @date("H:i:s");
if (function_exists("debug_backtrace")) {
$trace = debug_backtrace();
if (isset($trace[1])) {
$sourcefile = basename($trace[1]["file"]);
$sourcefunction = $trace[1]["function"];
$sourceline = $trace[1]["line"];
}
}
if ($function == __FUNCTION__) {
$function = null;
}
if ($function == null) {
$function = $sourcefunction;
}
if ($line == 0) {
$line = $sourceline;
}
if ($file == null) {
$line = $sourcefile;
}
if (function_exists("stats_admin_events")) {
stats_admin_events(2, $text, "{$date} {$me}" . "[" . $GLOBALS["MYPID"] . "/{$internal_load}]:{$category}::{$function}", $sourcefile, $sourceline);
}
if ($GLOBALS["AS_ROOT"]) {
$logFile = "/var/log/artica-squid-stats.log";
if (is_file($logFile)) {
$size = filesize($logFile);
if ($size > 5000000) {
unlink($logFile);
}
}
$f = fopen($logFile, 'a');
fwrite($f, "{$date} {$me}" . "[" . $GLOBALS["MYPID"] . "/{$internal_load}]:{$category}::{$function}::{$line}: {$text}\n");
fclose($f);
}
if ($nosql) {
return;
}
if (function_exists("ufdbguard_admin_events")) {
ufdbguard_admin_events($text, $function, $file, $line, $category);
}
}
function inject_stored_items($nopid = false)
{
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
if (system_is_overloaded(basename(__FILE__))) {
$php = $unix->LOCATE_PHP5_BIN();
ufdbguard_admin_events("Overloaded system... ask to run this task later...", __FUNCTION__, __FILE__, __LINE__, "proxy");
$unix->THREAD_COMMAND_SET("{$php} " . __FILE__ . " --inject");
}
if (!$nopid) {
$pid = @file_get_contents($pidfile);
$myfile = basename(__FILE__);
if ($unix->process_exists($pid, $myfile)) {
ufdbguard_admin_events("Task already running PID: {$pid}, aborting current task", __FUNCTION__, __FILE__, __LINE__, "proxy");
return;
}
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
$t1 = time();
$file = "/var/cache/purge.calculated.db";
if (!is_file($file)) {
echo "{$file} no such file\n";
return;
}
$q = new mysql_blackbox();
if (!$q->TABLE_EXISTS("cacheitems_localhost")) {
$q->build_cached_items_table("localhost");
}
$BIGARRAY = inject_stored_array();
$prefix = "INSERT IGNORE INTO cacheitems_localhost(sitename,familysite,size,items) VALUES ";
$q->QUERY_SQL("TRUNCATE TABLE cacheitems_localhost");
$f = array();
$c = 0;
while (list($sitename, $array) = each($BIGARRAY)) {
$c++;
$f[] = "('{$sitename}','{$array["FAMILY"]}','{$array["SIZE"]}','{$array["ITEMS"]}')";
if (count($f) > 500) {
$q->QUERY_SQL($prefix . @implode(",", $f));
if (!$q->ok) {
squid_admin_mysql(0, "MySQL error!", $q->mysql_error, __FILE__, __LINE__);
return;
}
}
}
if (count($f) > 0) {
$q->QUERY_SQL($prefix . @implode(",", $f));
if (!$q->ok) {
squid_admin_mysql(0, "MySQL error!", $q->mysql_error, __FILE__, __LINE__);
return;
}
}
$took = $unix->distanceOfTimeInWords($t1, time());
if ($c > 0) {
squid_admin_mysql(2, "Sucess adding {$c} cached websites took:{$took}", null, __FILE__, __LINE__);
}
@unlink($file);
}
function download_mydb()
{
$sock = new sockets();
$unix = new unix();
$chmod = $unix->find_program("chmod");
$squidbin = $unix->find_program("squid3");
if (!is_file($squidbin)) {
$squidbin = $unix->find_program("squid");
}
if (!is_file($squidbin)) {
return;
}
$RemoteStatisticsApplianceSettings = unserialize(base64_decode($sock->GET_INFO("RemoteStatisticsApplianceSettings")));
if (!is_numeric($RemoteStatisticsApplianceSettings["SSL"])) {
$RemoteStatisticsApplianceSettings["SSL"] = 1;
}
if (!is_numeric($RemoteStatisticsApplianceSettings["PORT"])) {
$RemoteStatisticsApplianceSettings["PORT"] = 9000;
}
$GLOBALS["REMOTE_SSERVER"] = $RemoteStatisticsApplianceSettings["SERVER"];
$GLOBALS["REMOTE_SPORT"] = $RemoteStatisticsApplianceSettings["PORT"];
$GLOBALS["REMOTE_SSL"] = $RemoteStatisticsApplianceSettings["SSL"];
if ($GLOBALS["REMOTE_SSL"] == 1) {
$refix = "https";
} else {
$refix = "http";
}
$baseUri = "{$refix}://{$GLOBALS["REMOTE_SSERVER"]}:{$GLOBALS["REMOTE_SPORT"]}/ressources/databases";
$uri = "{$baseUri}/usersMacs.db";
$curl = new ccurl($uri, true);
if ($curl->GetFile("/etc/squid3/usersMacs.db")) {
shell_exec("{$chmod} 755 /etc/squid3/usersMacs.db");
ufdbguard_admin_events("download usersMacs.db success", __FUNCTION__, __FILE__, __LINE__, "global-compile");
} else {
ufdbguard_admin_events("Failed to download ufdbGuard.conf aborting `{$curl->error}`", __FUNCTION__, __FILE__, __LINE__, "global-compile");
return;
}
$cmd = "/etc/init.d/squid reload --script=" . basename(__FILE__);
shell_exec("{$cmd} >/dev/null 2>&1");
}
function searchwords_hour($aspid = false)
{
if (isset($GLOBALS["searchwords_hour_executed"])) {
return true;
}
$GLOBALS["searchwords_hour_executed"] = true;
$unix = new unix();
$GLOBALS["Q"] = new mysql_squid_builder();
$pidtime = "/etc/artica-postfix/pids/exec.squid-searchwords.php.searchwords_hour.time";
if ($GLOBALS["VERBOSE"]) {
echo "PidTime: {$pidtime}\n";
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = @file_get_contents($pidfile);
$myfile = basename(__FILE__);
if ($unix->process_exists($pid, $myfile)) {
ufdbguard_admin_events("{$pid} already running, aborting", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
$timeP = $unix->file_time_min($pidtime);
if ($timeP < 30) {
events("Main::Line: " . __LINE__ . " 30Mn minimal current: {$timeP}mn-> DIE - {$pidtime}");
die;
}
@unlink($pidtime);
@file_put_contents($pidtime, time());
@file_put_contents($pidfile, getmypid());
$currenttable = "searchwords_" . date("YmdH");
if (!isset($GLOBALS["Q"])) {
$GLOBALS["Q"] = new mysql_squid_builder();
}
$LIST_TABLES_SEARCHWORDS_HOURS = $GLOBALS["Q"]->LIST_TABLES_SEARCHWORDS_HOURS();
while (list($num, $tablename) = each($LIST_TABLES_SEARCHWORDS_HOURS)) {
if ($tablename == $currenttable) {
if ($GLOBALS["VERBOSE"]) {
echo "{$tablename} -> {$currenttable} >skip\n";
}
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "{$tablename} -> {$currenttable}\n";
}
if (searchwords_hour_to_day($tablename)) {
$GLOBALS["Q"]->QUERY_SQL("DROP TABLE {$tablename}");
}
}
hour_SearchWordTEMP();
$mysqladmin = $unix->find_program("mysqladmin");
shell_exec("{$mysqladmin} -u root -S /var/run/mysqld/squid-db.sock flush-tables >/dev/null 2>&1 &");
}
$rm = $unix->find_program("rm");
$cp = $unix->find_program("cp");
//http://ftp.samba.org/pub/samba/stable/
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid)) {
die;
}
$dirsrc = "samba-0.0.0";
$Architecture = Architecture();
if (!$GLOBALS["NO_COMPILE"]) {
$v = "samba-4.1.6.tar.gz";
if (preg_match("#samba-(.+?)#", $v, $re)) {
$dirsrc = $re[1];
}
ufdbguard_admin_events("Downloading lastest file {$v}, working directory {$dirsrc} ...", __FUNCTION__, __FILE__, __LINE__);
}
if (!$GLOBALS["FORCE"]) {
if (is_file("/root/{$v}")) {
if ($GLOBALS["REPOS"]) {
echo "No updates...\n";
die;
}
}
}
if (is_dir("/root/samba-builder")) {
shell_exec("{$rm} -rf /root/samba-builder");
}
chdir("/root");
if (!$GLOBALS["NO_COMPILE"]) {
if (is_dir("/root/{$dirsrc}")) {
function websites_uid_not_categorised($uid = null, $tablename = null, $aspid = false)
{
if (isset($GLOBALS["websites_uid_not_categorised_{$uid}"])) {
return;
}
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".{$uid}.pid";
if ($aspid) {
$pid = @file_get_contents($pidfile);
$myfile = basename(__FILE__);
if ($unix->process_exists($pid, $myfile)) {
ufdbguard_admin_events("Task already running PID: {$pid}, aborting current task", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
$q = new mysql_squid_builder();
if ($uid != null) {
$uidtable = $q->uid_to_tablename($uid);
$tablename = "www_{$uidtable}";
}
if (!$q->FIELD_EXISTS($tablename, "category")) {
$q->QUERY_SQL("ALTER TABLE `{$tablename}` ADD `category` varchar(255), ADD INDEX (`category`)");
}
$sql = "SELECT familysite,`category` FROM `{$tablename}` GROUP BY familysite,`category` HAVING `category` IS NULL ";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
if ($GLOBALS["VERBOSE"]) {
echo "############# ERROR #########\n{$q->mysql_error}\\Line:" . __LINE__ . "\n#############\n";
}
return false;
}
$c = 0;
$mysql_num_rows = mysql_num_rows($results);
if ($mysql_num_rows == 0) {
if ($GLOBALS["VERBOSE"]) {
echo "{$sql} (No rows)\n";
}
return true;
}
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$sitename = $ligne["familysite"];
$IpClass = new IP();
if ($IpClass->isValid($sitename)) {
if (isset($GLOBALS["IPCACHE"][$sitename])) {
$t = time();
$sitename = gethostbyaddr($sitename);
events("{$tablename}: {$ligne["familysite"]} -> {$sitename} " . $unix->distanceOfTimeInWords($t, time()) . " gethostbyaddr() LINE:" . __LINE__);
$GLOBALS["IPCACHE"][$sitename] = $sitename;
}
}
$category = $q->GET_CATEGORIES($sitename);
if ($IpClass->isValid($sitename)) {
if ($category == null) {
$category = "ipaddr";
}
$q->categorize($sitename, $category);
}
events("{$tablename}: {$ligne["familysite"]} -> {$sitename} [{$category}] LINE:" . __LINE__);
if (strlen($category) > 0) {
$category = mysql_escape_string2($category);
$ligne["familysite"] = mysql_escape_string2($ligne["familysite"]);
$sql = "UPDATE `{$tablename}` SET `category`='{$category}' WHERE familysite='{$ligne["familysite"]}'";
$q->QUERY_SQL($sql);
if (!$q->ok) {
ufdbguard_admin_events("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
}
}
}
function cron_compile()
{
$users = new usersMenus();
if (!$users->APP_UFDBGUARD_INSTALLED) {
return;
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$unix = new unix();
$restart = false;
if ($unix->process_exists(@file_get_contents($pidfile))) {
return;
}
@file_put_contents($pidfile, getmypid());
if (is_file("/etc/artica-postfix/ufdbguard.compile.alldbs")) {
@unlink("/etc/artica-postfix/ufdbguard.compile.alldbs");
events_ufdb_exec("CRON:: -> ufdbguard_recompile_dbs()");
ufdbguard_admin_events("-> ufdbguard_recompile_dbs()", __FUNCTION__, __FILE__, __LINE__, "config");
UFDBGUARD_COMPILE_ALL_CATEGORIES();
return;
}
if (is_file("/etc/artica-postfix/ufdbguard.compile.missing.alldbs")) {
events_ufdb_exec("CRON:: -> ufdbguard_recompile_missing_dbs()");
@unlink("/etc/artica-postfix/ufdbguard.compile.missing.alldbs");
ufdbguard_admin_events("-> ufdbguard_recompile_missing_dbs()", __FUNCTION__, __FILE__, __LINE__, "config");
ufdbguard_recompile_missing_dbs();
return;
}
if (is_file("/etc/artica-postfix/ufdbguard.reconfigure.task")) {
events_ufdb_exec("CRON:: -> build()");
@unlink("/etc/artica-postfix/ufdbguard.reconfigure.task");
ufdbguard_admin_events("-> build()", __FUNCTION__, __FILE__, __LINE__, "config");
build();
return;
}
foreach (glob("/etc/artica-postfix/ufdbguard.recompile-queue/*") as $filename) {
$restart = true;
$db = @file_get_contents($filename);
@unlink($filename);
ufdbguard_admin_events("-> UFDBGUARD_COMPILE_SINGLE_DB(/var/lib/squidguard/{$db}/domains)", __FUNCTION__, __FILE__, __LINE__, "config");
UFDBGUARD_COMPILE_SINGLE_DB("/var/lib/squidguard/{$db}/domains");
}
if ($restart) {
ufdbguard_admin_events("Service will be reloaded", __FUNCTION__, __FILE__, __LINE__, "config");
shell_exec("/etc/init.d/ufdb reload");
}
}
function backup_all()
{
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = @file_get_contents($pidfile);
if ($pid < 100) {
$pid = null;
}
if ($unix->process_exists($pid, basename(__FILE__))) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
ufdbguard_admin_events("Already executed pid {$pid} since {$timepid}", __FUNCTION__, __FILE__, __LINE__, "reports");
if ($GLOBALS["VERBOSE"]) {
echo "Already executed pid {$pid}\n";
}
return;
}
$mysqldump = $unix->find_program("mysqldump");
$bzip2 = $unix->find_program("bzip2");
$directory = GetMountPoint();
$time = time();
$target_file = "{$directory}/squidlogs-{$time}.tar.bz2";
if (!is_dir(dirname($target_file))) {
@mkdir(dirname($target_file), 0755, true);
}
$bzip2_cmd = "| {$bzip2} ";
$Socket = " -S /var/run/mysqld/squid-db.sock -u root";
$cmd = "{$mysqldump}{$Socket} --single-transaction --skip-add-locks --skip-lock-tables squidlogs {$bzip2_cmd}> {$target_file} 2>&1";
shell_exec($cmd);
}
function UseStatsAppliance()
{
include_once dirname(__FILE__) . "/ressources/class.ccurl.inc";
$sock = new sockets();
$unix = new unix();
$tempdir = $unix->TEMP_DIR();
$RemoteStatisticsApplianceSettings = unserialize(base64_decode($sock->GET_INFO("RemoteStatisticsApplianceSettings")));
if (!is_numeric($RemoteStatisticsApplianceSettings["SSL"])) {
$RemoteStatisticsApplianceSettings["SSL"] = 1;
}
if (!is_numeric($RemoteStatisticsApplianceSettings["PORT"])) {
$RemoteStatisticsApplianceSettings["PORT"] = 9000;
}
$GLOBALS["REMOTE_SSERVER"] = $RemoteStatisticsApplianceSettings["SERVER"];
$GLOBALS["REMOTE_SPORT"] = $RemoteStatisticsApplianceSettings["PORT"];
$GLOBALS["REMOTE_SSL"] = $RemoteStatisticsApplianceSettings["SSL"];
$unix = new unix();
$hostname = $unix->hostname_g();
if ($GLOBALS["REMOTE_SSL"] == 1) {
$refix = "https";
} else {
$refix = "http";
}
$uri = "{$refix}://{$GLOBALS["REMOTE_SSERVER"]}:{$GLOBALS["REMOTE_SPORT"]}/ressources/databases/dnsmasq.conf";
$curl = new ccurl($uri, true);
if (!$curl->GetFile("{$tempdir}/dnsmasq.conf")) {
ufdbguard_admin_events("Failed to download dnsmasq.conf aborting `{$curl->error}`", __FUNCTION__, __FILE__, __LINE__, "dns-compile");
return;
}
$mv = $unix->find_program("mv");
$cp = unix - find_program("cp");
$chmod = $unix->find_program("chmod");
shell_exec("{$mv} {$tempdir}/dnsmasq.conf /etc/dnsmasq.conf");
shell_exec("cp /etc/dnsmasq.conf /etc/artica-postfix/settings/Daemons/DnsMasqConfigurationFile");
$dnsmasqbin = $unix->find_program("dnsmasq");
if (is_file($dnsmasqbin)) {
$pid = $unix->PIDOF($dnsmasqbin);
if (is_numeric($pid)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} reloading PID:`{$pid}`\n";
$kill = $unix->find_program("kill");
unix_system_HUP($pid);
}
}
}
function run_schedules($ID)
{
$GLOBALS["SCHEDULE_ID"] = $ID;
writelogs("Task {$ID}", __FUNCTION__, __FILE__, __LINE__);
$q = new mysql_squid_builder();
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT TaskType FROM webfilters_schedules WHERE ID={$ID}"));
$TaskType = $ligne["TaskType"];
if ($TaskType == 0) {
continue;
}
if (!isset($q->tasks_processes[$TaskType])) {
ufdbguard_admin_events("Unable to understand task type `{$TaskType}` For this task", __FUNCTION__, __FILE__, __LINE__, "tasks");
return;
}
$script = $q->tasks_processes[$TaskType];
$unix = new unix();
$nohup = $unix->find_program("nohup");
$php5 = $unix->LOCATE_PHP5_BIN();
$WorkingDirectory = dirname(__FILE__);
$cmd = "{$nohup} {$php5} {$WorkingDirectory}/{$script} --schedule-id={$ID} >/dev/null 2>&1 &";
writelogs("Task {$GLOBALS["SCHEDULE_ID"]} is executed with `{$cmd}` ", __FUNCTION__, __FILE__, __LINE__);
ufdbguard_admin_events("Task is executed with `{$cmd}`", __FUNCTION__, __FILE__, __LINE__, "tasks");
shell_exec($cmd);
}
function familysites($nopid = false)
{
$q = new mysql_squid_builder();
$q->QUERY_SQL("DROP TABLE visited_sites_tot");
$sql = "CREATE TABLE IF NOT EXISTS `visited_sites_tot` (\n\t\t\t `familysite` varchar(255) NOT NULL,\n\t\t\t `size` BIGINT(255) UNSIGNED NOT NULL,\n\t\t\t `hits` BIGINT(255) UNSIGNED NOT NULL,\n\t\t\t KEY `size` (`size`),\n\t\t\t KEY `hits` (`hits`),\n\t\t\t PRIMARY KEY `familysite` (`familysite`)\n\t\t\t) ENGINE = MYISAM;";
$q->QUERY_SQL($sql);
$sql = "SELECT familysite,SUM(size) as size,SUM(hits) as hits FROM visited_sites_days GROUP BY familysite HAVING hits>2";
$prefix = "INSERT IGNORE INTO `visited_sites_tot` (familysite,`size` ,`hits`) VALUES ";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
ufdbguard_admin_events("Fatal {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$ligne["familysite"] = mysql_escape_string2($ligne["familysite"]);
$f[] = "('{$ligne["familysite"]}','{$ligne["size"]}','{$ligne["hits"]}')";
}
if (count($f) > 0) {
if ($GLOBALS["VERBOSE"]) {
echo count($f) . " rows...\n";
}
$q->QUERY_SQL($prefix . @implode(",", $f));
if (!$q->ok) {
if ($GLOBALS["VERBOSE"]) {
echo count($f) . " Fatal {$q->mysql_error}\n";
}
ufdbguard_admin_events("Fatal {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
}
return true;
}
function Clean_table($category_table)
{
$noclean["categoryuris_phishing"] = true;
$noclean["categoryuris_malware"] = true;
echo "Cleaning {$category_table}\n";
$q = new mysql_squid_builder();
$sql = "DELETE FROM {$category_table} WHERE LENGTH(pattern)<5";
$q->QUERY_SQL($sql);
if (!$q->ok) {
echo "{$sql}\n{$q->mysql_error}\n";
sendEmail("Error {$category_table} in line " . __LINE__ . " {$q->mysql_error}", "Function:" . __FUNCTION__);
ufdbguard_admin_events("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "cloud");
return;
}
if (isset($noclean[$category_table])) {
return;
}
$q->QUERY_SQL("DELETE FROM {$category_table} WHERE pattern LIKE '%?%'");
if (!$q->ok) {
sendEmail("Error {$category_table} in line " . __LINE__ . " {$q->mysql_error}", "Function:" . __FUNCTION__);
ufdbguard_admin_events("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "cloud");
return;
}
$q->QUERY_SQL("DELETE FROM {$category_table} WHERE pattern LIKE '%/%'");
if (!$q->ok) {
sendEmail("Error {$category_table} in line " . __LINE__ . " {$q->mysql_error}", "Function:" . __FUNCTION__);
ufdbguard_admin_events("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "cloud");
return;
}
$sql = "DELETE FROM {$category_table} WHERE enabled=0";
$q->QUERY_SQL($sql);
if (!$q->ok) {
sendEmail("Error {$category_table} in line " . __LINE__ . " {$q->mysql_error}", "Function:" . __FUNCTION__);
ufdbguard_admin_events("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "cloud");
return;
}
}
function _week_uris_blocked_perform($tablesource, $week_table, $DAYOFWEEK)
{
$f = array();
$t1 = 0;
$GLOBALS["Q"]->RepairTableBLock($tablesource);
if (!$GLOBALS["Q"]->TABLE_EXISTS($tablesource)) {
ufdbguard_admin_events("{$tablesource} does not exists, skiping", __FUNCTION__, __FILE__, __LINE__, "stats");
return true;
}
$sql = "SELECT COUNT( ID ) as hits,`website`,`category`,`client`,`hostname`,`rulename`,`event`,`why`,`explain`,`blocktype`,`account`\n\tFROM `{$tablesource}`\n\tGROUP BY website,`category`, `client`, `hostname`, `rulename`,`event`,`why`,`explain`,`blocktype`,`account`";
$results = $GLOBALS["Q"]->QUERY_SQL($sql);
if (!$GLOBALS["Q"]->ok) {
echo "\n\n{$sql}\n";
ufdbguard_admin_events("Fatal: {$GLOBALS["Q"]->mysql_error} on `{$tablesource}`", __FUNCTION__, __FILE__, __LINE__, "stats");
return false;
}
$prefix = "INSERT IGNORE INTO {$week_table} (`zMD5`,`hits`,`website`,`category`, `client`, `hostname`, `rulename`,`event`,`why`,`explain`,`blocktype`,`day`,`account`) VALUES ";
if (!$GLOBALS["Q"]->FIELD_EXISTS($week_table, "account")) {
ufdbguard_admin_events("Alter table {$week_table} (create new `account` field)", __FUNCTION__, __FILE__, __LINE__, "stats");
$GLOBALS["Q"]->QUERY_SQL("ALTER TABLE `{$week_table}` ADD `account` BIGINT UNSIGNED NOT NULL ,ADD INDEX ( `account` )");
}
if (!$GLOBALS["Q"]->FIELD_EXISTS($week_table, "MAC")) {
ufdbguard_admin_events("Alter table {$week_table} (create new `MAC` field)", __FUNCTION__, __FILE__, __LINE__, "stats");
$GLOBALS["Q"]->QUERY_SQL("ALTER TABLE `{$week_table}` ADD `MAC` VARCHAR(20) NOT NULL ,ADD INDEX ( `MAC` )");
}
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$zmd = array();
while (list($key, $value) = each($ligne)) {
$ligne[$key] = addslashes($value);
$zmd[] = $value;
}
$zMD5 = md5(@implode("", $zmd));
$f[] = "('{$zMD5}','{$ligne["hits"]}','{$ligne["website"]}','{$ligne["category"]}','{$ligne["client"]}','{$ligne["hostname"]}','{$ligne["rulename"]}','{$ligne["event"]}',\n\t\t'{$ligne["why"]}','{$ligne["explain"]}','{$ligne["blocktype"]}',{$DAYOFWEEK},'{$ligne["account"]}')";
if (count($f) > 500) {
$t1 = $t1 + count($f);
$GLOBALS["week_uris_blocked"] = $GLOBALS["week_uris_blocked"] + count($f);
if ($GLOBALS["VERBOSE"]) {
echo "{$week_table}: Adding " . count($f) . " events\n";
}
$GLOBALS["Q"]->QUERY_SQL($prefix . @implode(",", $f));
$f = array();
if (!$GLOBALS["Q"]->ok) {
ufdbguard_admin_events("Fatal: {$GLOBALS["Q"]->mysql_error} on `{$week_table}`", __FUNCTION__, __FILE__, __LINE__, "stats");
return false;
}
}
}
if (count($f) > 0) {
$t1 = $t1 + count($f);
$GLOBALS["week_uris_blocked"] = $GLOBALS["week_uris_blocked"] + count($f);
if ($GLOBALS["VERBOSE"]) {
echo "{$week_table}: Adding " . count($f) . " events\n";
}
$GLOBALS["Q"]->QUERY_SQL($prefix . @implode(",", $f));
if (!$GLOBALS["Q"]->ok) {
ufdbguard_admin_events("Fatal: {$GLOBALS["Q"]->mysql_error} on `{$week_table}`", __FUNCTION__, __FILE__, __LINE__, "stats");
return false;
}
}
$sql = "SELECT uid,MAC FROM webfilters_nodes";
$results = $GLOBALS["Q"]->QUERY_SQL($sql);
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
if (strlen($ligne["uid"]) > 1) {
$GLOBALS["Q"]->QUERY_SQL("UPDATE {$week_table} SET uid='{$ligne["uid"]}' WHERE MAC='{$ligne["MAC"]}' AND LENGTH(uid)<2");
}
}
ufdbguard_admin_events("Success: added {$t1} rows on `{$week_table}`", __FUNCTION__, __FILE__, __LINE__, "stats");
return true;
}
$rm = $unix->find_program("rm");
$cp = $unix->find_program("cp");
//http://ftp.samba.org/pub/samba/stable/
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid)) {
die;
}
$dirsrc = "samba-0.0.0";
$Architecture = Architecture();
if (!$GLOBALS["NO_COMPILE"]) {
$v = "samba-3.6.22.tar.gz";
if (preg_match("#samba-(.+?)#", $v, $re)) {
$dirsrc = $re[1];
}
ufdbguard_admin_events("Downloading lastest file samba-3.6.22.tar.gz, working directory {$dirsrc} ...", __FUNCTION__, __FILE__, __LINE__);
}
if (!$GLOBALS["FORCE"]) {
if (is_file("/root/samba-3.6.22.tar.gz")) {
if ($GLOBALS["REPOS"]) {
echo "No updates...\n";
die;
}
}
}
if (is_dir("/root/samba-builder")) {
shell_exec("{$rm} -rf /root/samba-builder");
}
chdir("/root");
if (!$GLOBALS["NO_COMPILE"]) {
if (is_dir("/root/{$dirsrc}")) {
function Execute()
{
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$myFile = basename(__FILE__);
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid, $myFile)) {
WriteMyLogs("Already executed PID:{$pid}, die()", __FUNCTION__, __FILE__, __LINE__);
die;
}
$cachetime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$q = new mysql_squid_builder();
if ($q->COUNT_ROWS("framework_orders") == 0) {
if ($GLOBALS["VERBOSE"]) {
echo "Table framework_orders as no row\n";
}
die;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$nice = EXEC_NICE();
$q = new mysql_squid_builder();
$results = $q->QUERY_SQL("SELECT * FROM framework_orders");
if (!$q->ok) {
if (strpos($q->mysql_error, "doesn't exist") > 0) {
$q->CheckTables();
$results = $q->QUERY_SQL("SELECT * FROM framework_orders");
}
}
if (!$q->ok) {
ufdbguard_admin_events("Fatal: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "framework");
die;
}
$reconfigure_plugins = false;
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
if ($GLOBALS["VERBOSE"]) {
echo "ORDER: {$ligne["ORDER"]} -> {$ligne["zmd5"]}\n";
}
if (preg_match("#COMPILEDB:(.+)#", $ligne["ORDER"], $re)) {
if (preg_match("#english-(.+)#", $re[1])) {
$q->QUERY_SQL("DELETE FROM framework_orders WHERE zmd5='{$ligne["zmd5"]}'");
continue;
}
ufdbguard_admin_events("LAUNCH: category {$re[1]} compilation", __FUNCTION__, __FILE__, __LINE__, "framework");
$re[1] = trim($re[1]);
$table = "category_" . $q->category_transform_name($re[1]);
if ($GLOBALS["VERBOSE"]) {
echo "order to compile database {$re[1]} (table {$table})\n";
}
if (!$q->TABLE_EXISTS($table)) {
ufdbguard_admin_events("Fatal: {$table} no suche table, create it", __FUNCTION__, __FILE__, __LINE__, "framework");
$q->CreateCategoryTable(null, $table);
}
$cmd = "{$nice} {$php5} /usr/share/artica-postfix/exec.squidguard.php --compile-category \"{$re[1]}\"";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
$q->QUERY_SQL("DELETE FROM framework_orders WHERE zmd5='{$ligne["zmd5"]}'");
if (!$q->ok) {
ufdbguard_admin_events("Fatal: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "framework");
die;
}
shell_exec($cmd);
$reconfigure_plugins = true;
}
}
if ($reconfigure_plugins) {
ufdbguard_admin_events("LAUNCH: filters reconfiguration", __FUNCTION__, __FILE__, __LINE__, "framework");
shell_exec("{$nice} {$php5} /usr/share/artica-postfix/exec.squidguard.php --build");
}
}
function Parseline($buffer)
{
$buffer = trim($buffer);
if ($buffer == null) {
return null;
}
$mdbuff = md5($buffer);
if (isset($GLOBALS['MDBUFF'][$mdbuff])) {
return;
}
$GLOBALS['MDBUFF'][$mdbuff] = true;
if (count($GLOBALS['MDBUFF']) > 1000) {
$GLOBALS['MDBUFF'] = array();
}
if (strpos($buffer, "] PASS ") > 0) {
return;
}
if (strpos($buffer, "UFDBinitHTTPSchecker") > 0) {
return;
}
if (strpos($buffer, "IP socket port") > 0) {
return;
}
if (strpos($buffer, "listening on interface") > 0) {
return;
}
if (strpos($buffer, "yielding") > 0) {
return;
}
if (strpos($buffer, "system:") > 0) {
return;
}
if (strpos($buffer, "URL verification threads and") > 0) {
return;
}
if (strpos($buffer, "worker threads") > 0) {
return;
}
if (strpos($buffer, "license status") > 0) {
return;
}
if (strpos($buffer, "redirect-fatal-error") > 0) {
return;
}
if (strpos($buffer, "using OpenSSL library") > 0) {
return;
}
if (strpos($buffer, "CA certificates are") > 0) {
return;
}
if (strpos($buffer, "Failure to load the CA database") > 0) {
return;
}
if (strpos($buffer, "CA file is") > 0) {
return;
}
if (strpos($buffer, "ufdbHandleAlarmForTimeEvents") > 0) {
return;
}
if (strpos($buffer, "Changing daemon status") > 0) {
return;
}
if (strpos($buffer, "UFDBchangeStatus") > 0) {
return;
}
if (strpos($buffer, "url-lookup-delay-during-database-reload") > 0) {
return;
}
if (strpos($buffer, "url-lookup-result-during-database-reload") > 0) {
return;
}
if (strpos($buffer, "url-lookup-result-when-fatal-error") > 0) {
return;
}
if (strpos($buffer, "no http-server") > 0) {
return;
}
if (strpos($buffer, "upload-stats") > 0) {
return;
}
if (strpos($buffer, "analyse-uncategorised-urls") > 0) {
return;
}
if (strpos($buffer, "redirect-loading-database") > 0) {
return;
}
if (strpos($buffer, "ufdb-expression-debug") > 0) {
return;
}
if (strpos($buffer, "ufdb-debug-filter") > 0) {
return;
}
if (strpos($buffer, "database status: up to date") > 0) {
return;
}
if (strpos($buffer, "ufdbGenTable should be called with the") > 0) {
return;
}
if (strpos($buffer, "is deprecated and ignored") > 0) {
return;
}
if (strpos($buffer, "init domainlist") > 0) {
return;
}
if (strpos($buffer, "is empty !") > 0) {
return;
}
if (strpos($buffer, "init expressionlist") > 0) {
return;
}
if (strpos($buffer, "is optimised to one expression") > 0) {
return;
}
if (strpos($buffer, "be analysed since there is no proper database") > 0) {
return;
}
if (strpos($buffer, "REDIRECT 302") > 0) {
return;
}
if (strpos($buffer, "close fd") > 0) {
return;
}
if (strpos($buffer, ": open fd ") > 0) {
return;
}
if (strpos($buffer, "acl {") > 0) {
return;
}
if (strpos($buffer, "URL verifications") > 0) {
return;
}
if (strpos($buffer, "must be part of the security") > 0) {
return;
}
if (strpos($buffer, "}") > 0) {
return;
}
if (strpos($buffer, "finished retrieving") > 0) {
return;
}
if (strpos($buffer, "loading URL table from") > 0) {
return;
}
if (strpos($buffer, "] option") > 0) {
return;
}
if (strpos($buffer, "{") > 0) {
return;
}
if (strpos($buffer, "] category \"") > 0) {
return;
}
if (strpos($buffer, "] domainlist \"") > 0) {
return;
}
if (strpos($buffer, "] pass ") > 0) {
return;
}
if (strpos($buffer, "] safe-search") > 0) {
return;
}
if (strpos($buffer, "configuration file") > 0) {
return;
}
if (strpos($buffer, "refreshdomainlist") > 0) {
return;
}
if (strpos($buffer, "software suite is free and Open Source Software") > 0) {
return;
}
if (strpos($buffer, "by URLfilterDB") > 0) {
return;
}
if (strpos($buffer, "] configuration status") > 0) {
return;
}
if (strpos($buffer, 'expressionlist "') > 0) {
return;
}
if (strpos($buffer, 'is newer than') > 0) {
return;
}
if (strpos($buffer, 'source "') > 0) {
return;
}
if (strpos($buffer, 'youtube-edufilter-id') > 0) {
return;
}
if (trim($buffer) == null) {
return;
}
if (strpos($buffer, 'max-logfile-size') > 0) {
return;
}
if (strpos($buffer, 'check-proxy-tunnels') > 0) {
return;
}
if (strpos($buffer, 'seconds to allow worker') > 0) {
return;
}
if (strpos($buffer, '] loading URL category') > 0) {
return;
}
if (preg_match("#\\] REDIR\\s+#", $buffer)) {
return;
}
if (strpos($buffer, 'execdomainlist for') > 0) {
return;
}
if (strpos($buffer, 'dynamic_domainlist_updater_main') > 0) {
return;
}
if (preg_match("#FATAL ERROR: connection queue is full#", $buffer)) {
$TimeFile = "/etc/artica-postfix/pids/webfiltering-connection.queue.full";
if (!IfFileTime($TimeFile, 5)) {
return;
}
$Threads = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/UfdbGuardThreads"));
$ThreadNew = $Threads + 5;
if ($ThreadNew > 128) {
$ThreadNew = 128;
}
squid_admin_mysql(0, "Webfiltering Service connection queue is full increase Threads from {$Threads} to {$ThreadNew} [action=restart]", $buffer, __FILE__, __LINE__);
@file_put_contents("/etc/artica-postfix/settings/Daemons/UfdbGuardThreads", $ThreadNew);
shell_exec("{$GLOBALS["nohup"]} /etc/init.d/ufdb restart --force >/dev/null 2>&1 &");
return;
}
if (stripos(" {$buffer}", "HUP signal received to reload the configuration") > 0) {
squid_admin_mysql(1, "Webfiltering Service was reloaded - reloading databases [action=notify]", $buffer, __FILE__, __LINE__);
events_ufdb_exec("Webfiltering Service was reloaded, wait 15 seconds");
return;
}
if (stripos(" {$buffer}", "ufdbGuard daemon stopped") > 0) {
squid_admin_mysql(1, "Webfiltering Service was stopped [action=notify]", $buffer, __FILE__, __LINE__);
events_ufdb_exec("Webfiltering Service was stopped, wait 15 seconds");
return;
}
if (stripos(" {$buffer}", 'Changing daemon status to "started"') > 0) {
squid_admin_mysql(1, "Webfiltering Service was started [action=notify]", $buffer, __FILE__, __LINE__);
events_ufdb_exec("Webfiltering Service was started, wait 15 seconds");
return;
}
if (preg_match("#thread socket-handler caught signal 11#", $buffer, $re)) {
$TimeFile = "/etc/artica-postfix/pids/webfiltering-emergency";
if (!IfFileTime($TimeFile, 5)) {
return;
}
squid_admin_mysql(0, "Webfiltering crash [action=Webfiltering Emergency]", $buffer, __FILE__, __LINE__);
shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["PHP5_BIN"]} /usr/share/artica-postfix/exec.squid.urgency.remove.php --ufdb-on >/dev/null 2>&1 &");
return;
}
if (preg_match("#Changing daemon status to \"error\"#", $buffer, $re)) {
$TimeFile = "/etc/artica-postfix/pids/webfiltering-emergency";
if (!IfFileTime($TimeFile, 5)) {
return;
}
squid_admin_mysql(0, "Webfiltering service error [action=Webfiltering Emergency]", $buffer, __FILE__, __LINE__);
shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["PHP5_BIN"]} /usr/share/artica-postfix/exec.ufdb.emergency.php --ufdb-on >/dev/null 2>&1 &");
return;
}
if (preg_match("#FATAL ERROR: cannot open configuration file\\s+\\/etc\\/squid3\\/ufdbGuard\\.conf#i", $buffer, $re)) {
squid_admin_mysql(0, "Webfiltering error, Open Configuration File failed [action=restart service]", $buffer, __FILE__, __LINE__);
shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["PHP5_BIN"]} /usr/share/artica-postfix/exec.ufdb.php --restart --force --ufdbtail --fatal-error >/dev/null 2>&1 &");
return;
}
if (preg_match("#FATAL.*?read failed on \"(.+?)\".*?Bad address#i", $buffer, $re)) {
squid_admin_mysql(0, "Webfiltering service error on database: {$re[1]} [action=Webfiltering Emergency]", $buffer, __FILE__, __LINE__);
shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["PHP5_BIN"]} /usr/share/artica-postfix/exec.ufdb.emergency.php --ufdb-on >/dev/null 2>&1 &");
return;
}
if (preg_match("#FATAL ERROR: cannot read from.*?No such file or directory#", $buffer, $re)) {
squid_admin_mysql(0, "Webfiltering error: a database is missing [action=reconfigure]", $buffer, __FILE__, __LINE__);
shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["PHP5_BIN"]} /usr/share/artica-postfix/exec.squidguard.php --build --force >/dev/null 2>&1 &");
return;
}
if (preg_match("#There are no sources and there is no default ACL#i", $buffer)) {
events("Seems not to be defined -> build compilation.");
xsyslog("{reconfigure} ufdb service...");
shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["PHP5_BIN"]} /usr/share/artica-postfix/exec.squidguard.php --build --force >/dev/null 2>&1 &");
return;
}
if (preg_match("#ERROR: cannot write to PID file\\s+(.+)#i", $buffer, $re)) {
xsyslog("Apply permissions on {$re[1]}");
$pidfile = $re[1];
$pidpath = dirname($pidfile);
@mkdir($pidpath, 0755, true);
@chown($pidpath, "squid");
@chmod($pidpath, 0755);
return;
}
if (preg_match("#\\] Changing daemon status to.*?error#", $buffer, $re)) {
squid_admin_mysql(0, "Fatal! Webfilter daemon is turned to error", $buffer, __FILE__, __LINE__);
return;
}
if (preg_match("#\\] Changing daemon status to.*?terminated#", $buffer, $re)) {
squid_admin_mysql(1, "Webfilter daemon is turned to OFF", $buffer, __FILE__, __LINE__);
return;
}
if (preg_match("#can't execute command of execdomainlist.*?popen failed: Cannot allocate memory#", $buffer, $re)) {
@file_put_contents("/etc/artica-postfix/settings/Daemons/UfdbExecDomainList", 0);
squid_admin_mysql(0, "Not Enough memory to use execdomainlist feature [action=reconfigure]", "{$buffer}\nexecdomainlist feature will be disabled..", __FILE__, __LINE__);
shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["PHP5_BIN"]} /usr/share/artica-postfix/exec.squidguard.php --build --force >/dev/null 2>&1 &");
return;
}
if (preg_match('#FATAL ERROR: table "(.+?)"\\s+could not be parsed.*?error code = [0-9]+#', $buffer, $re)) {
$direname = dirname($re[1]);
squid_admin_mysql(0, "Database {$direname} corrupted", $buffer . "\nReconfigure ufdb service after removing {$direname}...", __FILE__, __LINE__);
events("Webfiltering engine error on {$direname}");
if (!is_dir($direname)) {
return;
}
shell_exec("{$GLOBALS["SBIN_RM"]} -rf {$direname} >/dev/null 2>&1");
xsyslog("{reconfigure} ufdb service after removing {$direname}...");
shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["PHP5_BIN"]} /usr/share/artica-postfix/exec.squidguard.php --build --force >/dev/null 2>&1 &");
return;
}
if (preg_match("#BLOCK-FATAL\\s+#", $buffer, $re)) {
$TimeFile = "/etc/artica-postfix/pids/UFDB_BLOCK_FATAL";
if (!IfFileTime($TimeFile, 10)) {
return;
}
events("Webfiltering engine error, reload service");
events_ufdb_exec("service was restarted, {$buffer}");
squid_admin_mysql(0, "Fatal, Web filtering engine error", $buffer . "\nThe service will be reloaded", __FILE__, __LINE__);
xsyslog("Reloading ufdb service...");
shell_exec("{$GLOBALS["nohup"]} /etc/init.d/ufdb reload >/dev/null 2>&1 &");
return;
}
if (preg_match("#FATAL ERROR: connection queue is full#", $buffer, $re)) {
$TimeFile = "/etc/artica-postfix/pids/UFDB_QUEUE_IS_FULL";
$Threads = @file_get_contents("/etc/artica-postfix/settings/Daemons/UfdbGuardThreads");
if (!is_numeric($Threads)) {
$Threads = 48;
}
$Threads = $Threads + 1;
if ($Threads > 140) {
$Threads = 140;
}
@file_put_contents("/etc/artica-postfix/settings/Daemons/UfdbGuardThreads", $Threads);
if (!IfFileTime($TimeFile, 2)) {
return;
}
squid_admin_mysql(0, "Fatal, Web filtering connection queue is full", $buffer . "\nThe service will be restarted and threads are increased to {$Threads}", __FILE__, __LINE__);
xsyslog("Restarting ufdb service after connection queue is full...");
shell_exec("{$GLOBALS["nohup"]} /etc/init.d/ufdb restart >/dev/null 2>&1 &");
return;
}
if (preg_match('#FATAL\\*\\s+table\\s+"(.+?)"\\s+could not be parsed.+?14#', $buffer, $re)) {
events("Table on {$re[1]} crashed");
squid_admin_mysql(0, "Database {$re[1]} corrupted", $buffer, __FILE__, __LINE__);
ufdbguard_admin_events("Table on {$re[1]} crashed\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "ufdbguard-service");
events_ufdb_exec("{$buffer}");
$GLOBALS["CLASS_UNIX"]->send_email_events("ufdbguard: {$re[1]} could not be parsed", "Ufdbguard claim: {$buffer}\n\n\t\tYou need to compile this database", "proxy");
return;
}
if (preg_match("#FATAL ERROR: cannot bind daemon socket: Address already in use#", $buffer)) {
events_ufdb_exec("ERROR DETECTED : {$buffer} `cannot bind daemon socket`");
squid_admin_mysql(1, "Fatal ERROR: cannot bind daemon socket: Address already in use [action=restart]", $buffer, __FILE__, __LINE__);
ufdbguard_admin_events("Fatal ERROR: cannot bind daemon socket: Address already in use", __FUNCTION__, __FILE__, __LINE__, "ufdbguard-service");
xsyslog("Restarting ufdb service...");
shell_exec("{$GLOBALS["nohup"]} /etc/init.d/ufdb restart >/dev/null 2>&1 &");
return;
}
if (preg_match('#\\] FATAL ERROR: cannot read from "(.+?)".*?No such file or directory#', $buffer, $re)) {
squid_admin_mysql(0, "Database {$re[1]} missing", $buffer, __FILE__, __LINE__);
events("cannot read '{$re[1]}' -> \"{$buffer}\"");
squid_admin_mysql(2, "Web filtering issue on {$re[1]}", "Launch recover_a_database()", __FILE__, __LINE__);
recover_a_database($re[1]);
return;
}
if (preg_match('#\\*FATAL.+? cannot read from "(.+?)".+?: No such file or directory#', $buffer, $re)) {
squid_admin_mysql(0, "Database {$re[1]} missing", $buffer, __FILE__, __LINE__);
events("cannot read '{$re[1]}' -> \"{$buffer}\"");
squid_admin_mysql(2, "Web filtering issue on {$re[1]}", "Launch recover_a_database()", __FILE__, __LINE__);
recover_a_database($re[1]);
return;
}
if (preg_match('#\\*FATAL\\*\\s+cannot read from\\s+"(.+?)"#', $buffer, $re)) {
squid_admin_mysql(0, "Database {$re[1]} missing", $buffer, __FILE__, __LINE__);
events("Problem on {$re[1]}");
events_ufdb_exec("{$buffer}");
squid_admin_mysql(2, "Web filtering issue on {$re[1]}", "Launch recover_a_database()", __FILE__, __LINE__);
recover_a_database($re[1]);
$GLOBALS["CLASS_UNIX"]->send_email_events("ufdbguard: {$re[1]} Not compiled..", "Ufdbguard claim: {$buffer}\nYou need to compile your databases");
return;
}
if (preg_match("#\\*FATAL\\*\\s+cannot read from\\s+\"(.+?)\\.ufdb\".+?No such file or directory#", $buffer, $re)) {
squid_admin_mysql(0, "Database {$re[1]} missing", $buffer . "\n Problem on {$re[1]}\n\nYou need to compile your databases", __FILE__, __LINE__);
events("UFDB database missing : Problem on {$re[1]}");
if (!is_file($re[1])) {
@mkdir(dirname($re[1]), 666, true);
shell_exec("/bin/touch {$re[1]}");
}
$GLOBALS["CLASS_UNIX"]->send_email_events("ufdbguard: {$re[1]} Not compiled..", "Ufdbguard claim: {$buffer}\nYou need to compile your databases", "ufdbguard-service");
return;
}
if (preg_match("#thread worker-[0-1]+.+?caught signal\\s+[0-1]+#", $buffer, $re)) {
squid_admin_mysql(0, "Webfiltering Daemon as crashed - Start a new one", $buffer, __FILE__, __LINE__);
$GLOBALS["CLASS_UNIX"]->send_email_events("ufdbguard: crashed", "Ufdbguard claim: {$buffer}\n", "proxy");
shell_exec("/etc/init.d/ufdb start &");
}
if (preg_match("#\\*FATAL\\*\\s+expression list\\s+(.+?): Permission denied#", $buffer, $re)) {
squid_admin_mysql(0, "Database {$re[1]} permission denied", $buffer . "\nProblem on '{$re[1]}' -> chown squid:squid", __FILE__, __LINE__);
events("UFDB expression permission issue : Problem on '{$re[1]}' -> chown squid:squid");
shell_exec("{$GLOBALS["chown"]} -R squid:squid " . dirname($re[1]));
return;
}
if (preg_match("#\\*FATAL.+?expression list\\s+(.+?):\\s+No such file or directory#", $buffer, $re)) {
squid_admin_mysql(0, "Database {$re[1]} missing", $buffer . "\nProblem on '{$re[1]}' -> Try to repair", __FILE__, __LINE__);
events("Expression list: Problem on {$re[1]} -> \"{$buffer}\"");
events("Creating directory " . dirname($re[1]));
@mkdir(dirname($re[1]), 0755, true);
events("Creating empty file '" . $re[1] . "'");
@file_put_contents($re[1], "\n");
events("ufdbguard tail: Service will be reloaded");
$GLOBALS["CLASS_UNIX"]->send_email_events(basename(__FILE__) . ":Service ufdb will be reloaded ", "Cause:{$buffer}", "ufdbguard-service");
squid_admin_mysql(2, "Ask to reload the Web filtering service", "Cause:{$buffer}");
ufdbguard_admin_events("ufdbguard tail: Service will be reloaded", __FUNCTION__, __FILE__, __LINE__, "watchdog");
shell_exec("{$GLOBALS["RELOADCMD"]} --function==" . __FUNCTION__ . " --line=" . __LINE__ . " " . "--filename=" . basename(__FILE__) . " >/dev/null 2>&1 &");
return;
}
if (preg_match("#database table \\/var\\/lib\\/squidguard\\/(.+?)\\/domains\\s+is empty#", $buffer, $re)) {
//ufdbguard_admin_events("Database {$re[1]} as no datas, you should recompile your databases",__FUNCTION__,__FILE__,__LINE__,"ufdbguard-service");
//$GLOBALS["CLASS_UNIX"]->send_email_events("ufdbguard: {$re[1]} database is empty, please compile your databases","Ufdbguard claim: $buffer\nYou need to compile your databases","proxy");
return;
}
if (preg_match("#the new configuration and database are loaded for ufdbguardd ([0-9\\.]+)#", $buffer, $re)) {
squid_admin_mysql(2, "Web Filtering engine service v{$re[1]} has reloaded new configuration and databases", "");
$GLOBALS["CLASS_UNIX"]->send_email_events("UfdbGuard v{$re[1]} has reloaded new configuration and databases", null, "ufdbguard-service");
return;
}
if (preg_match("#statistics:(.+)#", $buffer, $re)) {
if (preg_match("#blocked ([0-9]+) times#", $re[1], $ri)) {
if ($ri[1] > 0) {
//squid_admin_mysql(2, "{$re[1]}","");
}
}
return;
}
if (preg_match("#BLOCK (.*?)\\s+(.+?)\\s+(.+?)\\s+(.+?)\\s+(|http|https|ftp|ftps)://(.+?)myip=(.+)\$#", $buffer, $re)) {
$user = trim($re[1]);
$local_ip = $re[2];
$rulename = $re[3];
$category = $re[4];
$www = $re[6];
$public_ip = $re[7];
//events("BLOCK[".__LINE__."]: $user/$local_ip - $www");
if (strpos($www, "/") > 0) {
$tb = explode("/", $www);
$www = $tb[0];
}
if (preg_match("#^www\\.(.+)#", $www, $re)) {
$www = $re[1];
}
if (preg_match("#([0-9]+)\\.addr#", $www)) {
$www = long2ip($re[1]);
}
if (preg_match("#^([0-9\\.]+)#", $local_ip, $re)) {
$local_ip = $re[1];
}
$date = time();
$table = date('Ymd') . "_blocked";
$category = CategoryCodeToCatName($category);
if ($user == "-") {
$user = null;
}
$MAC = $GLOBALS["CLASS_UNIX"]->IpToMac($local_ip);
$time = time();
if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $www)) {
$public_ip = $www;
$www = $GLOBALS["CLASS_UNIX"]->IpToHostname($www);
}
$Clienthostname = $GLOBALS["CLASS_UNIX"]->IpToHostname($local_ip);
if ($Clienthostname == null) {
$Clienthostname = $local_ip;
}
paranoidmode($local_ip, $www);
$q = new influx();
if ($GLOBALS["UfdbguardSMTPNotifs"]["BLOCK_NOTIFS"] == 1) {
events("Write notif");
$line_notif = date("H:i:s") . " [{$www}]: blocked domain: User: {$user}/{$local_ip}/{$Clienthostname}, Category: {$category}, Rule: {$rulename}";
$q->insert_ufdb_notif($line_notif);
}
if ($GLOBALS["SQUID_PERFORMANCE"] > 2) {
return;
}
$line = "{$time}:::{$user}:::{$category}:::{$rulename}:::{$public_ip}:::blocked domain:::blocked domain:::{$Clienthostname}:::{$www}:::{$local_ip}";
$q->insert_ufdb($line);
return;
}
if (preg_match("#BLOCK\\s+(.*?)\\s+(.+?)\\s+(.*?)\\s+(.+?)\\s+(.+?)\\s+[A-Z]+#", $buffer, $re)) {
$date = time();
$user = trim($re[1]);
$local_ip = $re[2];
$rulename = $re[3];
$category = $re[4];
$uri = $re[5];
//events("BLOCK[".__LINE__."]: $user/$local_ip - $www Notif:{$GLOBALS["UfdbguardSMTPNotifs"]["BLOCK_NOTIFS"]}");
if (preg_match("#^([0-9\\.]+)#", $local_ip, $re)) {
$local_ip = $re[1];
}
$time = time();
$array = parse_url($uri);
$www = $array["host"];
if (strpos($www, ":") > 0) {
$t = explode(":", $www);
$www = $t[0];
}
if (preg_match("#([0-9]+)\\.addr#", $www)) {
$www = long2ip($re[1]);
}
$category = CategoryCodeToCatName($category);
$MAC = $GLOBALS["CLASS_UNIX"]->IpToMac($local_ip);
if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $www)) {
$public_ip = $www;
$www = $GLOBALS["CLASS_UNIX"]->IpToHostname($www);
} else {
$public_ip = HostnameToIp($www);
}
if (preg_match("#^www\\.(.+)#", $www, $re)) {
$www = $re[1];
}
$Clienthostname = $GLOBALS["CLASS_UNIX"]->IpToHostname($local_ip);
if ($Clienthostname == null) {
$Clienthostname = $local_ip;
}
if ($user == "-") {
$user = null;
}
CreateCounter($www, $local_ip, $user, $category);
paranoidmode($local_ip, $www);
$q = new influx();
if ($GLOBALS["UfdbguardSMTPNotifs"]["BLOCK_NOTIFS"] == 1) {
$line_notif = date("H:i:s") . " [{$www}]: blocked domain: User: {$user}/{$local_ip}/{$Clienthostname}, Category: {$category}, Rule: {$rulename}";
$q->insert_ufdb_notif($line_notif);
}
if ($GLOBALS["SQUID_PERFORMANCE"] > 2) {
return;
}
$q = new influx();
$line = "{$time}:::{$user}:::{$category}:::{$rulename}:::{$public_ip}:::blocked domain:::blocked domain:::{$Clienthostname}:::{$www}:::{$local_ip}";
$q->insert_ufdb($line);
return;
}
events("Not filtered: {$buffer}");
}
function CoherenceBase()
{
$unix = new unix();
$myFile = basename(__FILE__);
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$cachetime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$unix = new unix();
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid, $myFile)) {
WriteMyLogs("Already executed PID:{$pid}, die()", __FUNCTION__, __FILE__, __LINE__);
die;
}
$q = new mysql_squid_builder();
$unix = new unix();
$results = $q->QUERY_SQL("SELECT * FROM ftpunivtlse1fr");
if (!$q->ok) {
if (strpos($q->mysql_error, "doesn't exist") > 0) {
$q->CheckTables();
$results = $q->QUERY_SQL("SELECT * FROM ftpunivtlse1fr");
}
}
if (!$q->ok) {
ufdbguard_admin_events("Fatal: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "Toulouse DB");
die;
}
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
if ($GLOBALS["VERBOSE"]) {
echo "ftpunivtlse1fr: {$ligne["filename"]} -> {$ligne["zmd5"]}\n";
}
$ARRAYSUM_LOCALE[$ligne["filename"]] = $ligne["zmd5"];
}
$dirs = $unix->dirdir("/var/lib/ftpunivtlse1fr");
while (list($directory, $line) = each($dirs)) {
if (!is_file("{$directory}/domains")) {
echo "{$directory} has no domains\n";
shell_exec("{$rm} -rf {$directory}");
continue;
}
$virtualFilename = basename($directory) . ".tar.gz";
if (!isset($ARRAYSUM_LOCALE[$virtualFilename])) {
$CountDeSitesFile = CountDeSitesFile("{$directory}/domains");
$md5 = md5($virtualFilename);
echo "Add virtual filename {$virtualFilename} with {$CountDeSitesFile} domains";
$q->QUERY_SQL("INSERT INTO ftpunivtlse1fr (`filename`,`zmd5`,`websitesnum`) VALUES ('{$virtualFilename}','{$md5}','{$CountDeSitesFile}')");
} else {
if ($GLOBALS["VERBOSE"]) {
echo "LOCAL: {$virtualFilename} -> {$directory} OK\n";
}
}
}
}
function CheckGroup($groupname)
{
$unix = new unix();
$wbinfo = $unix->find_program("wbinfo");
$net = $unix->find_program("net");
$groupanecmd = $unix->shellEscapeChars($groupname);
$cmd = "{$net} cache flush";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
shell_exec($cmd);
$cmd = "{$wbinfo} --group-info={$groupanecmd} 2>&1";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
exec($cmd, $results);
$line = trim(@implode(" ", $results));
if (preg_match("#Could not get info for group#", $line, $re)) {
ufdbguard_admin_events("Failed to lookup users, {$groupname}: {$line}", __FUNCTION__, __FILE__, __LINE__, "activedirectory");
return;
}
if (!preg_match("#^.+?:x:([0-9]+):(.*)#", $line, $re)) {
ufdbguard_admin_events("Failed to lookup users, {$groupname}: {$line}", __FUNCTION__, __FILE__, __LINE__, "activedirectory");
return;
}
$gpid = $re[1];
$userslist = $re[2];
$sql = "DELETE FROM adgroups WHERE gpid={$gpid}";
$q = new mysql();
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
ufdbguard_admin_events("Failed to manage, {$groupname}: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "activedirectory");
return;
}
$groupname = utf8_encode($groupname);
$groupname = addslashes($groupname);
$q->QUERY_SQL("INSERT IGNORE INTO adgroups (gpid,groupname) VALUES ('{$gpid}','{$groupname}')", "artica_backup");
if (!$q->ok) {
ufdbguard_admin_events("Failed to manage, {$groupname}: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "activedirectory");
return;
}
$q->QUERY_SQL("DELETE FROM adusers WHERE gpid={$gpid}", "artica_backup");
$c = 0;
$f = array();
$usersTR = explode(",", $userslist);
while (list($num, $line) = each($usersTR)) {
if (trim($line) == null) {
continue;
}
$line = utf8_encode($line);
$line = addslashes($line);
$f[] = "('{$gpid}','{$line}')";
$c++;
}
if (count($f) > 0) {
$sql = "INSERT IGNORE INTO adusers(`gpid`,`uid`) VALUES " . @implode(",", $f);
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
ufdbguard_admin_events("Failed to import users on {$groupname}: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "activedirectory");
return;
}
}
$GLOBALS["xxxCOUNT"] = $GLOBALS["xxxCOUNT"] + $c;
}
function youtube_inject($array)
{
$q = new mysql_squid_builder();
if (!is_array($array)) {
return;
}
if (count($array) == 0) {
return;
}
youtube_events("youtube_inject() array of " . count($array) . " elements...", __LINE__);
while (list($timeKey, $rows) = each($array)) {
if (count($rows) == 0) {
continue;
}
$q->check_youtube_hour($timeKey);
youtube_events("youtubehours_{$timeKey} = " . count($rows) . " elements...", __LINE__);
if (count($rows) == 1) {
youtube_events("youtubehours_{$timeKey} = '" . $rows[0] . "'", __LINE__);
}
$suffix = trim(@implode(",", $rows));
if ($suffix == null) {
youtube_events("youtubehours_{$timeKey} = suffix = null, abort", __LINE__);
continue;
}
$sql = "INSERT INTO youtubehours_{$timeKey} (zDate,ipaddr,hostname,uid,MAC,account,youtubeid) VALUES {$suffix}";
youtube_events($sql, __LINE__);
$q->QUERY_SQL($sql);
if (!$q->ok) {
youtube_events("youtubehours_{$timeKey} = {$q->mysql_error} ", __LINE__);
if ($GLOBALS["VERBOSE"]) {
echo "**** {$q->mysql_error} **** \n";
}
ufdbguard_admin_events("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, 'youtube');
@file_put_contents("/var/log/artica-postfix/youtube-errors/" . md5($sql), $sql);
return;
}
}
}
function UserSizeRTT_oldfiles()
{
if (!is_dir("/var/log/artica-postfix/squid-RTTSize")) {
return;
}
if (!($handle = opendir("/var/log/artica-postfix/squid-RTTSize"))) {
ufdbguard_admin_events("Fatal: /var/log/artica-postfix/squid-RTTSize no such directory", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
$q = new mysql_squid_builder();
$classParse = new squid_tail();
$CurrentFile = date("YmdH");
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . ":: scanning /var/log/artica-postfix/squid-RTTSize\n";
}
while (false !== ($filename = readdir($handle))) {
if ($filename == ".") {
continue;
}
if ($filename == "..") {
continue;
}
if ($filename == $CurrentFile) {
continue;
}
$targetFile = "/var/log/artica-postfix/squid-RTTSize/{$filename}";
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . ":: {$targetFile}\n";
}
$time = filemtime($targetFile);
$tablesuffix = date("Ymd", $time);
$tablename = "UserSizeD_{$tablesuffix}";
if (!$q->CreateUserSizeRTT_day($tablename)) {
ufdbguard_admin_events("{$tablename}: Query failed {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
$RTTSIZEARRAY = unserialize(@file_get_contents($targetFile));
$Hour = date('H', $time);
$date = date("Y-m-d H:00:00", $time);
//$sql="INSERT IGNORE INTO `$tablename` (`zMD5`,`uid`,`zdate`,
//`ipaddr`,`hostname`,`account`,`MAC`,`UserAgent`,`size`,`hits`,`hour`) VALUES ".@implode(",", $rows);
if (count($RTTSIZEARRAY["UID"]) > 0) {
$f = array();
$prefix = "INSERT IGNORE INTO `{$tablename}` (`zMD5`,`zdate`,`uid`,`size`,`hits`,`hour`) VALUES ";
while (list($username, $array) = each($RTTSIZEARRAY["UID"])) {
$hits = $array["HITS"];
$size = $array["SIZE"];
$md5 = md5("{$username}{$date}{$Hour}");
echo $username . " HITS:{$hits} SIZE:{$size}\n";
$f[] = "('{$md5}','{$date}','{$username}','{$size}','{$hits}','{$Hour}')";
}
if (count($f) > 0) {
$q->QUERY_SQL($prefix . @implode(",", $f));
if (!$q->ok) {
ufdbguard_admin_events("Fatal: {$q->mysql_error}\n", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
}
}
if (count($RTTSIZEARRAY["IP"]) > 0) {
$f = array();
$prefix = "INSERT IGNORE INTO `{$tablename}` (`zMD5`,`zdate`,`ipaddr`,`hostname`,`size`,`hits`,`hour`) VALUES ";
while (list($ip, $array) = each($RTTSIZEARRAY["IP"])) {
$hits = $array["HITS"];
$size = $array["SIZE"];
$md5 = md5("{$ip}{$date}{$Hour}");
$hostname = $classParse->GetComputerName($ip);
echo $ip . "/{$hostname} HITS:{$hits} SIZE:{$size}\n";
$f[] = "('{$md5}','{$date}','{$ip}','{$hostname}','{$size}','{$hits}','{$Hour}')";
}
if (count($f) > 0) {
$q->QUERY_SQL($prefix . @implode(",", $f));
if (!$q->ok) {
ufdbguard_admin_events("Fatal: {$q->mysql_error}\n", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
}
}
if (count($RTTSIZEARRAY["MAC"]) > 0) {
$f = array();
$prefix = "INSERT IGNORE INTO `{$tablename}` (`zMD5`,`zdate`,`MAC`,`size`,`hits`,`hour`) VALUES ";
while (list($mac, $array) = each($RTTSIZEARRAY["MAC"])) {
$hits = $array["HITS"];
$size = $array["SIZE"];
$md5 = md5("{$mac}{$date}{$Hour}");
echo "{$mac} HITS:{$hits} SIZE:{$size}\n";
$f[] = "('{$md5}','{$date}','{$mac}','{$size}','{$hits}','{$Hour}')";
}
if (count($f) > 0) {
$q->QUERY_SQL($prefix . @implode(",", $f));
if (!$q->ok) {
ufdbguard_admin_events("Fatal: {$q->mysql_error}\n", __FUNCTION__, __FILE__, __LINE__, "stats");
return;
}
}
}
@unlink($targetFile);
}
}
function ufdbguard_remote()
{
include_once dirname(__FILE__) . "/ressources/class.ccurl.inc";
$users = new usersMenus();
$sock = new sockets();
$unix = new unix();
$trace = debug_backtrace();
if (isset($trace[1])) {
$called = " called by " . basename($trace[1]["file"]) . " {$trace[1]["function"]}() line {$trace[1]["line"]}";
}
$timeFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
if ($unix->file_time_min($timeFile) < 5) {
writelogs("too short time to change settings, aborting {$called}...", __FUNCTION__, __FILE__, __LINE__);
return;
}
@unlink($timeFile);
@file_put_contents($timeFile, time());
@mkdir("/etc/ufdbguard", null, true);
$tar = $unix->find_program("tar");
$RemoteStatisticsApplianceSettings = unserialize(base64_decode($sock->GET_INFO("RemoteStatisticsApplianceSettings")));
if (!is_numeric($RemoteStatisticsApplianceSettings["SSL"])) {
$RemoteStatisticsApplianceSettings["SSL"] = 1;
}
if (!is_numeric($RemoteStatisticsApplianceSettings["PORT"])) {
$RemoteStatisticsApplianceSettings["PORT"] = 9000;
}
$GLOBALS["REMOTE_SSERVER"] = $RemoteStatisticsApplianceSettings["SERVER"];
$GLOBALS["REMOTE_SPORT"] = $RemoteStatisticsApplianceSettings["PORT"];
$GLOBALS["REMOTE_SSL"] = $RemoteStatisticsApplianceSettings["SSL"];
if ($GLOBALS["REMOTE_SSL"] == 1) {
$refix = "https";
} else {
$refix = "http";
}
$DenyUfdbWriteConf = $sock->GET_INFO("DenyUfdbWriteConf");
if (!is_numeric($DenyUfdbWriteConf)) {
$DenyUfdbWriteConf = 0;
}
$baseUri = "{$refix}://{$GLOBALS["REMOTE_SSERVER"]}:{$GLOBALS["REMOTE_SPORT"]}/ressources/databases";
if ($DenyUfdbWriteConf == 0) {
$uri = "{$baseUri}/ufdbGuard.conf";
$curl = new ccurl($uri, true);
if ($curl->GetFile("/tmp/ufdbGuard.conf")) {
@file_put_contents("/etc/ufdbguard/ufdbGuard.conf", @file_get_contents("/tmp/ufdbGuard.conf"));
@file_put_contents("/etc/squid3/ufdbGuard.conf", @file_get_contents("/tmp/ufdbGuard.conf"));
} else {
ufdbguard_admin_events("Failed to download ufdbGuard.conf aborting `{$curl->error}`", __FUNCTION__, __FILE__, __LINE__, "global-compile");
}
}
$uri = "{$baseUri}/blacklist.tar.gz";
$curl = new ccurl($uri, true);
if ($curl->GetFile("/tmp/blacklist.tar.gz")) {
$cmd = "{$tar} -xf /tmp/blacklist.tar.gz -C /var/lib/squidguard/";
writelogs($cmd, __FUNCTION__, __FILE__, __LINE__);
shell_exec($cmd);
} else {
ufdbguard_admin_events("Failed to download blacklist.tar.gz aborting `{$curl->error}`", __FUNCTION__, __FILE__, __LINE__, "global-compile");
}
$uri = "{$baseUri}/ftpunivtlse1fr.tar.gz";
$curl = new ccurl($uri, true);
if ($curl->GetFile("/tmp/ftpunivtlse1fr.tar.gz")) {
$cmd = "{$tar} -xf /tmp/ftpunivtlse1fr.tar.gz -C /var/lib/ftpunivtlse1fr/";
writelogs($cmd, __FUNCTION__, __FILE__, __LINE__);
shell_exec($cmd);
} else {
ufdbguard_admin_events("Failed to download ftpunivtlse1fr.tar.gz aborting `{$curl->error}`", __FUNCTION__, __FILE__, __LINE__, "global-compile");
}
Dansguardian_remote();
CheckPermissions();
ufdbguard_schedule();
if ($unix->Ufdbguard_remote_srvc_bool()) {
ufdbguard_admin_events("Using a remote UfdbGuard service, aborting", __FUNCTION__, __FILE__, __LINE__, "config");
return;
}
ufdbguard_admin_events("Service will be rebuiled and restarted", __FUNCTION__, __FILE__, __LINE__, "config");
build_ufdbguard_HUP();
$nohup = $unix->find_program("nohup");
$php5 = $unix->LOCATE_PHP5_BIN();
if (is_file($GLOBALS["SQUIDBIN"])) {
echo "Starting......: " . date("H:i:s") . " Squid reloading service\n";
shell_exec("{$nohup} {$php5} " . basename(__FILE__) . "/exec.squid.php --reconfigure-squid >/dev/null 2>&1");
}
$datas = @file_get_contents("/etc/ufdbguard/ufdbGuard.conf");
send_email_events("SquidGuard/ufdbGuard/Dansguardian rules was rebuilded", basename(__FILE__) . "\nFunction:" . __FUNCTION__ . "\nLine:" . __LINE__ . "\n" . "This is new configuration file of the squidGuard/ufdbGuard:\n-------------------------------------\n{$datas}", "proxy");
shell_exec(LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.c-icap.php --maint-schedule");
}
echo "Update {$table}\n";
}
$q->QUERY_SQL("UPDATE {$table} SET category='{$categories}' WHERE sitename='{$website}'");
if (!$q->ok) {
ufdbguard_admin_events($q->mysql_error, __FUNCTION__, __FILE__, __LINE__, "categorize");
}
}
if (systemMaxOverloaded()) {
$took = $unix->distanceOfTimeInWords($t, time());
ufdbguard_admin_events("Fatal: VERY Overloaded system, aborting task (after:{$took} TTL)", __FUNCTION__, __FILE__, __LINE__, "categorize");
return;
}
$took = $unix->distanceOfTimeInWords($t, time());
cloudlogs("[{$D}/{$MAX}]: Delete {$ligne["zmd5"]} {$website}");
$q->QUERY_SQL("DELETE FROM categorize_changes WHERE `zmd5`='{$ligne["zmd5"]}'");
ufdbguard_admin_events("{$website}/{$categories} has been re-categorized in {$c} week tables {$b} days tables and {$a} hours tables ({$took})", __FUNCTION__, __FILE__, __LINE__, "categorize");
}
echo "Finish...\n";
function cloudlogs($text = null)
{
$logFile = "/var/log/cleancloud.log";
$time = date("Y-m-d H:i:s");
$PID = getmypid();
if (!is_dir(dirname($logFile))) {
mkdir(dirname($logFile));
}
if (is_file($logFile)) {
$size = filesize($logFile);
if ($size > 1000000) {
unlink($logFile);
}
function perform($table_source, $zDate)
{
$f = array();
$q = new mysql_squid_builder();
$sql = "SELECT SUM( hits ) AS hits, SUM( size ) AS size, category FROM {$table_source} GROUP BY category";
$results = $q->QUERY_SQL($sql);
if (!$q->ok) {
ufdbguard_admin_events("Fatal {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "stats");
die;
}
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$category = mysql_escape_string2($ligne["category"]);
$f[] = "('{$zDate}','{$category}','{$ligne["size"]}','{$ligne["hits"]}')";
}
if (count($f) > 0) {
$sql = "INSERT INTO generic_categories (`zDate`,`category`,`size`,`hits`) VALUES " . @implode(",", $f);
$q->QUERY_SQL($sql);
if (!$q->ok) {
ufdbguard_admin_events("Fatal {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "stats");
die;
}
}
}
function StartUpdate()
{
$updaterbin = "/opt/kaspersky/kav4proxy/bin/kav4proxy-keepup2date";
if (!is_file($updaterbin)) {
return;
}
$t = time();
ufdbguard_admin_events("Starting updating Kaspersky For Proxy server", __FUNCTION__, __FILE__, __LINE__, "update");
$unix = new unix();
$sock = new sockets();
@mkdir("{$GLOBALS["RUN_DIR"]}", 0777, true);
$chmod = $unix->find_program("chmod");
shell_exec("{$chmod} 777 {$GLOBALS["RUN_DIR"]}");
$pidFile = "{$GLOBALS["RUN_DIR"]}/keepup2date.pid";
$pid = $unix->get_pid_from_file($pidFile);
if ($unix->process_exists($pid)) {
ufdbguard_admin_events("Other instance {$pid} running, aborting task", __FUNCTION__, __FILE__, __LINE__, "update");
return;
}
$Kav4ProxyDatabasePath = $sock->GET_INFO("Kav4ProxyDatabasePath");
if ($Kav4ProxyDatabasePath == null) {
$Kav4ProxyDatabasePath = "/home/artica/squid/kav4proxy/bases";
}
$php5 = $unix->LOCATE_PHP5_BIN();
shell_exec("{$php5} /usr/share/artica-postfix/exec.kav4proxy.php --build");
@mkdir("/opt/tmp", 0755, true);
@mkdir("{$Kav4ProxyDatabasePath}", 0755, true);
@mkdir("/var/log/artica-postfix/kaspersky/kav4proxy", 0755, true);
shell_exec("{$chmod} 777 /opt/tmp");
shell_exec("{$chmod} 777 {$Kav4ProxyDatabasePath}");
buildConf();
$logfile = "/var/log/artica-postfix/kaspersky/kav4proxy/" . date("Y-m-d_H-i-s");
$tmpFileName = "/etc/artica-postfix/kav4proxy-keepup2date.conf";
$nice = EXEC_NICE();
$cmd = "{$nice}{$updaterbin} -d {$pidFile} -c {$tmpFileName} -l {$logfile} 2>&1";
ufdbguard_admin_events("{$cmd}", __FUNCTION__, __FILE__, __LINE__, "update");
shell_exec($cmd);
$t2 = time();
$timehuman = $unix->distanceOfTimeInWords($t, $t2);
ufdbguard_admin_events("Updating Kaspersky For Proxy server finish took {$timehuman}", __FUNCTION__, __FILE__, __LINE__, "update");
ufdbguard_admin_events(@file_get_contents($logfile), __FUNCTION__, __FILE__, __LINE__, "update");
$t = file($logfile);
while (list($index, $line) = each($t)) {
if (preg_match("#^\\[.*?F\\]\\s+(.+)#", $line, $re)) {
ufdbguard_admin_events("Failed: {$re[1]}", __FUNCTION__, __FILE__, __LINE__, "update");
}
}
if ($GLOBALS["VERBOSE"]) {
$verb = " --verbose";
}
shell_exec("/opt/kaspersky/kav4proxy/bin/kav4proxy-licensemanager -i >/etc/artica-postfix/kav4proxy-licensemanager-i");
shell_exec($unix->LOCATE_PHP5_BIN() . " /usr/share/artica-postfix/exec.kaspersky-update-logs.php --force{$verb}");
Kav4ProxyDatabasePathSatus();
}
function tables_hours()
{
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$timefile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
if ($GLOBALS["VERBOSE"]) {
echo "timefile={$timefile}\n";
}
$pid = @file_get_contents($pidfile);
if (!$GLOBALS["FORCE"]) {
if ($pid < 100) {
$pid = null;
}
$unix = new unix();
if ($unix->process_exists($pid, basename(__FILE__))) {
if ($GLOBALS["VERBOSE"]) {
echo "Already executed pid {$pid}\n";
}
return;
}
$timeexec = $unix->file_time_min($timefile);
if ($timeexec < 60) {
if ($GLOBALS["VERBOSE"]) {
echo "Only each 60mn - current {$timeexec}mn, use --force to bypass\n";
}
return;
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
}
@unlink($timefile);
@file_put_contents($timefile, time());
$sock = new sockets();
$GLOBALS["Q"] = new mysql_squid_builder();
$prefix = date("YmdH");
$currenttable = "ngixattck_{$prefix}";
if ($GLOBALS["VERBOSE"]) {
echo "Current Table: {$currenttable}\n";
}
$tablesBrutes = $GLOBALS["Q"]->LIST_TABLES_NGINX_BLOCKED_RT();
while (list($tablename, $none) = each($tablesBrutes)) {
if ($tablename == $currenttable) {
if ($GLOBALS["VERBOSE"]) {
echo "Skip table: {$tablename}\n";
}
continue;
}
$t = time();
if ($GLOBALS["VERBOSE"]) {
echo "_table_hours_perform({$tablename})\n";
}
if (_table_hours_perform($tablename)) {
$took = $unix->distanceOfTimeInWords($t, time());
if ($GLOBALS["VERBOSE"]) {
echo "Remove table: {$tablename}\n";
}
$GLOBALS["Q"]->QUERY_SQL("DROP TABLE `{$tablename}`");
if (system_is_overloaded()) {
ufdbguard_admin_events("Fatal: Overloaded system: {$GLOBALS["SYSTEM_INTERNAL_LOAD"]} sleeping stopping function", __FUNCTION__, __FILE__, __LINE__, "stats");
return true;
}
}
}
}
function isMaxInstances()
{
$MaxInstnaces = 11;
$MaxInstancesToDie = 16;
$unix = new unix();
$php5 = $unix->LOCATE_PHP5_BIN();
$p = new processes_php();
$MemoryInstances = $p->MemoryInstances();
if (!is_numeric($MemoryInstances)) {
$MemoryInstances = 0;
}
writelogs("Task {$GLOBALS["SCHEDULE_ID"]} -> {$MemoryInstances} instances...", __FUNCTION__, __FILE__, __LINE__);
if ($MemoryInstances > $MaxInstancesToDie) {
writelogs("Task {$GLOBALS["SCHEDULE_ID"]} -> too much instances ({$MemoryInstances}) die " . @implode(",", $GLOBALS["INSTANCES_EXECUTED"]), __FUNCTION__, __FILE__, __LINE__);
return true;
}
if ($MemoryInstances > $MaxInstnaces) {
ufdbguard_admin_events("Too much instances ({$MemoryInstances} Max:{$MaxInstnaces})", __FUNCTION__, __FILE__, __LINE__, "tasks");
return true;
}
return false;
}
