function UFDBGUARD_COMPILE_SINGLE_DB($path) { $timeStart = time(); $OriginalDirename = dirname($path); $unix = new unix(); $path = str_replace(".ufdb", "", $path); $pidpath = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . md5($path) . ".pid"; $pid = @file_get_contents($pidpath); if ($unix->process_exists($pid)) { events_ufdb_tail("Check \"{$path}\"... Already process PID \"{$pid}\" running task has been aborted"); return; } $category = null; $ufdbGenTable = $unix->find_program("ufdbGenTable"); if (!is_file($ufdbGenTable)) { writelogs("ufdbGenTable no such binary", __FUNCTION__, __FILE__, __LINE__); return; } events_ufdb_tail("Check \"{$path}\"...", __LINE__); if (preg_match("#\\/var\\/lib\\/squidguard\\/(.+?)\\/(.+?)/(.+?)\$#", $path, $re)) { $category = $re[2]; $domain_path = "/var/lib/squidguard/{$re[1]}/{$re[2]}/domains"; } if ($category == null) { if (preg_match("#\\/var\\/lib\\/squidguard\\/(.+?)\\/domains#", $path, $re)) { $category = $re[1]; $domain_path = "/var/lib/squidguard/{$re[1]}/domains"; } } if (preg_match("#web-filter-plus\\/BL\\/(.+?)\\/domains#", $path, $re)) { $category = $re[1]; $domain_path = "/var/lib/squidguard/web-filter-plus/BL/{$category}/domains"; } if (preg_match("#blacklist-artica\\/(.+?)\\/(.+?)\\/domains#", $path, $re)) { events_ufdb_tail("find double category \"{$re[1]}-{$re[2]}\"...", __LINE__); $category = "{$re[1]}-{$re[2]}"; $domain_path = "/var/lib/squidguard/blacklist-artica/{$re[1]}/{$re[2]}/domains"; } if (preg_match("#blacklist-artica\\/sex\\/(.+?)\\/domains#", $path, $re)) { $category = $re[1]; $domain_path = "/var/lib/squidguard/blacklist-artica/sex/{$category}/domains"; } if ($category == null) { events_ufdb_tail("exec.squidguard.php:: \"{$path}\" cannot understand..."); } events_ufdb_tail("exec.squidguard.php:: Found category \"{$category}\"", __LINE__); if (!is_file($path)) { events_ufdb_tail("exec.squidguard.php:{$category}: \"{$path}\" no such file, build it", __LINE__); @file_put_contents($domain_path, " "); } $category_compile = substr($category, 0, 15); if (strlen($category_compile) > 15) { $category_compile = str_replace("recreation_", "recre_", $category_compile); $category_compile = str_replace("automobile_", "auto_", $category_compile); $category_compile = str_replace("finance_", "fin_", $category_compile); if (strlen($category_compile) > 15) { $category_compile = str_replace("_", "", $category_compile); if (strlen($category_compile) > 15) { $category_compile = substr($category_compile, strlen($category_compile) - 15, 15); } } } events_ufdb_tail("exec.squidguard.php:: category \"{$category}\" retranslated to \"{$category_compile}\"", __LINE__); if (is_file("{$domain_path}.ufdb")) { events_ufdb_tail("exec.squidguard.php:: removing \"{$domain_path}.ufdb\" ..."); @unlink("{$domain_path}.ufdb"); } if (!is_file($domain_path)) { events_ufdb_tail("exec.squidguard.php:: {$domain_path} no such file, create an empty one", __LINE__); @mkdir(dirname($domain_path), 0755, true); @file_put_contents($domain_path, "#"); } $urlcmd = null; $d = " -d {$domain_path}"; if (is_file("{$OriginalDirename}/urls")) { $urlssize = @filesize("{$OriginalDirename}/urls"); events_ufdb_tail("exec.squidguard.php:: {$OriginalDirename}/urls {$urlssize} bytes...", __LINE__); if ($urlssize > 50) { $urlcmd = " -u {$OriginalDirename}/urls"; } } $NICE = EXEC_NICE(); $cmd = "{$NICE}{$ufdbGenTable} -n -D -W -t {$category_compile}{$d}{$urlcmd} 2>&1"; events_ufdb_tail("exec.squidguard.php:{$category}:{$cmd}"); $time = time(); exec($cmd, $results); exec($cmd, $results); while (list($a, $b) = each($results)) { if (strpos($b, "is not added because it was already matched")) { continue; } if (strpos($b, "has optimised subdomains")) { continue; } events_ufdb_tail("exec.squidguard.php:{$category}:{$b}"); } $tookrecompile = $unix->distanceOfTimeInWords($time, time()); events_ufdb_tail("exec.squidguard.php:{$category_compile}: execution {$tookrecompile}", __LINE__); events_ufdb_tail("exec.squidguard.php:{$category}:done.."); $user = GetSquidUser(); $chown = $unix->find_program("chown"); if (is_file($chown)) { events_ufdb_tail("exec.squidguard.php:{$category}:{$chown} -R {$user} {$OriginalDirename}"); shell_exec("{$chown} -R {$user} {$OriginalDirename}/*"); shell_exec("{$chown} -R {$user} /var/log/squid/*"); } $sock = new sockets(); $took = $unix->distanceOfTimeInWords($timeStart, time()); $sock->TOP_NOTIFY("{$OriginalDirename} webfiltering database ({$category}) was recompiled took {$took} hard compilation took: {$tookrecompile}", "info"); }
function clean_squid_stats_dbs() { $sock = new sockets(); $DisableArticaProxyStatistics = $sock->GET_INFO("DisableArticaProxyStatistics"); $CleanArticaSquidDatabases = $sock->GET_INFO("CleanArticaSquidDatabases"); if (!is_numeric($DisableArticaProxyStatistics)) { $DisableArticaProxyStatistics = 0; } if (!is_numeric($CleanArticaSquidDatabases)) { $CleanArticaSquidDatabases = 0; } if (!$GLOBALS["FORCE"]) { if ($CleanArticaSquidDatabases == 0) { echo "Option is not activated...\n"; return; } } $q = new mysql_squid_builder(); $tables = $q->LIST_TABLES_DAYS(); $rows = 0; $count_tables = 0; while (list($num, $table) = each($tables)) { $rows = $rows + $q->COUNT_ROWS($table); if ($GLOBALS["VERBOSE"]) { echo " Delete table {$table} {$rows} rows \n"; } $count_tables++; $q->DELETE_TABLE($table); } $tables = $q->LIST_TABLES_DAYS_BLOCKED(); while (list($num, $table) = each($tables)) { $rows = $rows + $q->COUNT_ROWS($table); if ($GLOBALS["VERBOSE"]) { echo " Delete table {$table} {$rows} rows \n"; } $count_tables++; $q->DELETE_TABLE($table); } $tables = $q->LIST_TABLES_MEMBERS(); while (list($num, $table) = each($tables)) { $rows = $rows + $q->COUNT_ROWS($table); if ($GLOBALS["VERBOSE"]) { echo " Delete table {$table} {$rows} rows \n"; } $count_tables++; $q->DELETE_TABLE($table); } $tables = $q->LIST_TABLES_MONTH(); while (list($num, $table) = each($tables)) { $rows = $rows + $q->COUNT_ROWS($table); if ($GLOBALS["VERBOSE"]) { echo " Delete table {$table} {$rows} rows \n"; } $count_tables++; $q->DELETE_TABLE($table); } $tables = $q->LIST_TABLES_WEEKS(); while (list($num, $table) = each($tables)) { $rows = $rows + $q->COUNT_ROWS($table); if ($GLOBALS["VERBOSE"]) { echo " Delete table {$table} {$rows} rows \n"; } $count_tables++; $q->DELETE_TABLE($table); } $q = new mysql_catz(); $tables = $q->LIST_TABLES_CATEGORIES(); while (list($num, $table) = each($tables)) { $rows = $rows + $q->COUNT_ROWS($table); if ($GLOBALS["VERBOSE"]) { echo " Delete table {$table} {$rows} rows \n"; } $count_tables++; $q->DELETE_TABLE($table); } $q = new mysql(); if ($q->DATABASE_EXISTS("catz")) { $q->DELETE_DATABASE("catz"); } if ($count_tables > 0) { mysql_admin_mysql(1, "Restarting MySQL service...", null, __FILE__, __LINE__); shell_exec("/etc/init.d/mysql restart"); } $sock->TOP_NOTIFY("{$count_tables} statistics tables as been deleted with {$rows} rows", "info"); //print_r($tables); }
function rebuild_default_cache() { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = @file_get_contents($pidfile); if ($pid < 100) { $pid = null; } $unix = new unix(); $sock = new sockets(); if ($unix->process_exists($pid, basename(__FILE__))) { if ($GLOBALS["VERBOSE"]) { echo "Already executed pid {$pid}\n"; } die; } $mypid = getmypid(); @file_put_contents($pidfile, $mypid); $t = time(); $squid = new squidbee(); shell_exec($unix->LOCATE_PHP5_BIN() . " " . basename(__FILE__) . "/exec.squid.php --build >/dev/null 2>&1"); $cache_dir = $squid->CACHE_PATH; $mv = $unix->find_program("mv"); $rm = $unix->find_program("rm"); $chmod = $unix->find_program("chmod"); $chown = $unix->find_program("chown"); $php5 = $unix->LOCATE_PHP5_BIN(); writelogs("{$cache_dir} to delete...", __FUNCTION__, __FILE__, __LINE__); $t = time(); @unlink("/etc/artica-postfix/squid.lock"); @file_put_contents("/etc/artica-postfix/squid.lock", time()); $squidbin = $unix->find_program("squid"); if (!is_file($squidbin)) { $squidbin = $unix->find_program("squid3"); } if (!is_file($squidbin)) { writelogs("squid, no such binary file", __FUNCTION__, __FILE__, __LINE__); @unlink("/etc/artica-postfix/squid.lock"); return; } writelogs("Stopping squid", __FUNCTION__, __FILE__, __LINE__); $sock->TOP_NOTIFY("Proxy is stopped to rebuild default cache...", "info"); shell_exec("/etc/init.d/artica-postfix stop squid-cache"); $cachesRename = "{$cache_dir}-delete-{$t}"; exec("{$mv} {$cache_dir} {$cachesRename} 2>&1", $results); writelogs("re-create {$cache_dir}", __FUNCTION__, __FILE__, __LINE__); @mkdir($cache_dir, 0755, true); @chown($cache_dir, "squid"); @chgrp($cache_dir, "squid"); exec("{$squidbin} -z 2>&1", $results); while (list($num, $ligne) = each($results)) { writelogs("{$ligne}", __FUNCTION__, __FILE__, __LINE__); } shell_exec("{$chown} -R squid:squid {$cache_dir}"); shell_exec("{$chown} -R 0755 {$cache_dir}"); @unlink("/etc/artica-postfix/squid.lock"); writelogs("starting squid", __FUNCTION__, __FILE__, __LINE__); shell_exec("/etc/init.d/artica-postfix start squid-cache"); $sock->TOP_NOTIFY("Proxy was restarted to rebuild default cache...", "info"); for ($i = 0; $i < 60; $i++) { $array = $unix->squid_get_cache_infos(); if (count($array) > 0) { break; } writelogs("Waiting 1s to squid be ready...", __FUNCTION__, __FILE__, __LINE__); sleep(1); } shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --cache-infos --force"); writelogs("Deleting {$cachesRename}", __FUNCTION__, __FILE__, __LINE__); shell_exec("{$rm} -rf {$cachesRename}"); $took = $unix->distanceOfTimeInWords($t, time()); $sock->TOP_NOTIFY("Default Proxy cache was rebuilded took: {$took}", "info"); }
function ApplyConfig($smooth = false) { if (function_exists("WriteToSyslogMail")) { WriteToSyslogMail("Invoke ApplyConfig function", basename(__FILE__)); } $unix = new unix(); $ulimit = $unix->find_program("ulimit"); if (is_file($ulimit)) { shell_exec("{$ulimit} -HSd unlimited"); } else { echo "Starting......: " . date("H:i:s") . " [SYS]: Squid ulimit no such binary...\n"; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply kernel settings\n"; build_progress("{reconfigure} Kernel values", 46); kernel_values(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply Checks security limits\n"; build_progress("{reconfigure} Security limits", 47); security_limit(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances...\n"; build_progress("{reconfigure} checks remote appliances", 48); remote_appliance_restore_tables(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances done...\n"; $nohup = $unix->find_program("nohup"); $php5 = $unix->LOCATE_PHP5_BIN(); $squidbin = $unix->find_program("squid"); $SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid loading libraires...\n"; $sock = new sockets(); $squid = new squidbee(); if (!is_file($squidbin)) { $squidbin = $unix->find_program("squid3"); } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid binary: `{$squidbin}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Conf..: `{$SQUID_CONFIG_PATH}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid php...: `{$php5}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid nohup.: `{$nohup}`\n"; $DenySquidWriteConf = $sock->GET_INFO("DenySquidWriteConf"); if (!is_numeric($DenySquidWriteConf)) { $DenySquidWriteConf = 0; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `DenySquidWriteConf` = {$DenySquidWriteConf}\n"; @copy("/etc/artica-postfix/settings/Daemons/SquidNudityScanParams", "/etc/squid3/SquidNudityScanParams"); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `NudeBooster`\n"; build_progress("{reconfigure} Nude booster", 49); NudeBooster(); if (!is_dir("/usr/share/squid-langpack")) { echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Templates from MySQL\n"; $unix->THREAD_COMMAND_SET("{$php5} " . __FILE__ . " --tpl-save"); } $EnableRemoteStatisticsAppliance = 0; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build blocked Websites list...\n"; build_progress("{reconfigure} Whitelisted browsers", 50); acl_whitelisted_browsers(); build_progress("{reconfigure} allowed browsers", 51); acl_allowed_browsers(); echo "Starting......: " . date("H:i:s") . " Checking wrapzap\n"; build_progress("{reconfigure} wrapzap", 52); wrapzap(); build_progress("{reconfigure} Mime.conf", 53); mime_conf(); build_progress("{reconfigure} Blocked websites", 54); $squid->BuildBlockedSites(); build_progress("{reconfigure} FTP clients ACLs", 55); acl_clients_ftp(); build_progress("{reconfigure} Dynamic rules caches", 56); echo "Starting......: " . date("H:i:s") . " [SYS]: Dynamic rules caches...\n"; dyn_caches(); build_progress("{reconfigure} Webfiltering whitelisted", 57); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build url_rewrite_access deny...\n"; urlrewriteaccessdeny(); echo "Starting......: " . date("H:i:s") . " [SYS]:Squid building main configuration done\n"; if ($GLOBALS["NOAPPLY"]) { $DenySquidWriteConf = 0; } if ($DenySquidWriteConf == 0) { @mkdir("/tmp", 0755, true); $squid->CURRENT_PROGRESS = 79; $squid->MAX_PROGRESS = 79; $conf = $squid->BuildSquidConf(); $conf = str_replace("\n\n", "\n", $conf); build_progress("{writing_configuration}", 79); @file_put_contents("/tmp/squid.conf", $conf); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity of the configuration file with /tmp/squid.conf...\n"; $GLOBALS["SQUID_PATTERN_ERROR"] = array(); CheckConfig("/tmp/squid.conf"); if (count($GLOBALS["SQUID_PATTERN_ERROR"]) > 0) { echo "Starting......: " . date("H:i:s") . " [SYS]: Some errors are detected and cleaned\n"; squid_admin_mysql(1, "Some errors has been detected in settings", "Please check theses values:\n" . @implode("\n", $GLOBALS["SQUID_PATTERN_ERROR"])); $conf = @file_get_contents("/tmp/squid.conf"); } exec("{$squidbin} -f /tmp/squid.conf -k parse 2>&1", $results); while (list($index, $ligne) = each($results)) { if (strpos($ligne, "| WARNING:") > 0) { continue; } if (preg_match("#ERROR: Failed#", $ligne)) { build_progress("{operation_failed} !!!", 110); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid `{$ligne}`, aborting configuration, keep the old one...\n"; echo "<div style='font-size:16px;font-weight:bold;color:#E71010'>{$ligne}</div>"; $sock->TOP_NOTIFY("{$ligne}", "error"); return; } if (preg_match("#Segmentation fault#", $ligne)) { build_progress("{operation_failed} Segmentation fault !!!", 110); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid `{$ligne}`, aborting configuration, keep the old one...\n"; echo "<div style='font-size:16px;font-weight:bold;color:#E71010'>{$ligne}</div>"; $sock->TOP_NOTIFY("{$ligne}", "error"); return; } if (preg_match("#(unrecognized|FATAL|Bungled)#", $ligne)) { build_progress("{operation_failed} Bungled !!!", 110); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid `{$ligne}`, aborting configuration, keep the old one...\n"; echo "<div style='font-size:16px;font-weight:bold;color:#E71010'>{$ligne}</div>"; if (preg_match("#line ([0-9]+):#", $ligne, $ri)) { $Buggedline = $ri[1]; $tt = explode("\n", @file_get_contents("/tmp/squid.conf")); echo "<HR>"; for ($i = $Buggedline - 2; $i < $Buggedline + 2; $i++) { $lineNumber = $i + 1; $colorbugged = "black"; if (trim($tt[$i]) == null) { continue; } if ($lineNumber == $Buggedline) { $colorbugged = "#E71010"; } echo "<div style='font-size:12px;font-weight:bold;color:{$colorbugged}'>[line:{$lineNumber}]: {$tt[$i]}</div>"; } } echo "<HR>"; $sock->TOP_NOTIFY("{$ligne}", "error"); return; } if (preg_match("#strtokFile:\\s+(.+?)\\s+not found#", $ligne, $re)) { $filename = trim($re[1]); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid missing {$filename}, create an empty one\n"; @mkdir(dirname($filename), 0755, true); @file_put_contents($filename, ""); @chown($filename, "squid"); @chgrp($filename, "squid"); continue; } if (preg_match("#Processing:\\s+#", $ligne)) { continue; } if (preg_match("#Warning: empty ACL#", $ligne)) { continue; } if (preg_match("#searching predictable#", $ligne)) { continue; } if (preg_match("#is a subnetwork of#", $ligne)) { continue; } if (preg_match("#You should probably#", $ligne)) { continue; } if (preg_match("#Startup:\\s+#", $ligne)) { continue; } echo "Starting......: " . date("H:i:s") . " [SYS]: {$ligne}\n"; } @file_put_contents("/etc/artica-postfix/settings/Daemons/GlobalSquidConf", $conf); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity OK...\n"; if ($GLOBALS["NOAPPLY"]) { echo "Starting......: " . date("H:i:s") . " [SYS]: WARNING \"NOAPPLY\" Artica is denied to apply settings...\n"; return true; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Writing configuration file \"{$SQUID_CONFIG_PATH}\" " . strlen($conf) . " bytes...\n"; @file_put_contents($SQUID_CONFIG_PATH, $conf); @mkdir("/etc/squid3", 0755, true); if ($SQUID_CONFIG_PATH != "/etc/squid3/squid.conf") { @file_put_contents("/etc/squid3/squid.conf", $conf); } $sock->TOP_NOTIFY("{squid_parameters_was_saved}", "info"); $cmd = $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --templates --noreload"; $unix->THREAD_COMMAND_SET($cmd); } build_progress("{checking}: squidclamav", 79); if (!$smooth) { squidclamav(); } build_progress("{checking}: wrapzap", 79); if (!$smooth) { wrapzap(); } build_progress("{checking}: Cerificates", 79); if (!$smooth) { certificate_generate(); } $cmd = $nohup . " " . $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --cache-infos --force >/dev/null 2>&1 &"; if ($GLOBALS["VERBOSE"]) { echo "{$cmd}\n"; } shell_exec($cmd); shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.syslog-engine.php --rsylogd >/dev/null 2>&1 &"); shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.squid.watchdog.php --init >/dev/null 2>&1 &"); if (!$smooth) { build_progress("{checking}: Check Files And Security", 79); CheckFilesAndSecurity(); } return true; }
function rebuildcaches() { $logFile = "/usr/share/artica-postfix/ressources/logs/web/rebuild-cache.txt"; $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = @file_get_contents($pidfile); if ($pid < 100) { $pid = null; } $unix = new unix(); $sock = new sockets(); if ($unix->process_exists($pid, basename(__FILE__))) { ouputz("Already process exists {$pid}, aborting", __LINE__); die; } $mypid = getmypid(); @file_put_contents($pidfile, $mypid); @unlink($logFile); ouputz("Please wait, rebuild caches....", __LINE__); $t = time(); ouputz("Listing caches....", __LINE__); $array = ListCaches(); $mv = $unix->find_program("mv"); $rm = $unix->find_program("rm"); $php5 = $unix->LOCATE_PHP5_BIN(); ouputz(count($array) . " caches to delete...", __LINE__); if (count($array) == 0) { ouputz("Fatal, unable to list available caches...", __LINE__); squid_admin_mysql(0, "Fatal, unable to list available caches", null, __FILE__, __LINE__); @unlink("/etc/artica-postfix/squid.lock"); die; } $t = time(); @unlink("/etc/artica-postfix/squid.lock"); @file_put_contents("/etc/artica-postfix/squid.lock", time()); $squidbin = $unix->LOCATE_SQUID_BIN(); if (!is_file($squidbin)) { ouputz("squid, no such binary file", __LINE__); @unlink("/etc/artica-postfix/squid.lock"); return; } squid_admin_mysql(1, "Stopping Proxy service in order to rebuild caches", null, __FILE__, __LINE__); ouputz("Stopping squid, please wait...", __LINE__); if (function_exists("debug_backtrace")) { $trace = debug_backtrace(); if (isset($trace[1])) { $sourcefunction = $trace[1]["function"]; $sourceline = $trace[1]["line"]; $executed = "Executed by {$sourcefunction}() line {$sourceline}\nusing argv:{$GLOBALS["ARGVS"]}\n"; } } squid_admin_notifs("Asking to Stop Squid for rebuilding caches\n" . @implode("\n", $GLOBALS["LOGS"]) . "\n{$executed}", __FUNCTION__, __FILE__, __LINE__, "proxy"); shell_exec("/etc/init.d/squid stop --force --script=" . basename(__FILE__)); if ($GLOBALS["REPORT"]) { while (list($cache_dir, $ligne) = each($array)) { $DIRARRAY = $unix->DIR_STATUS($cache_dir); $size = $array["SIZE"]; $used = $array["USED"]; $pourc = $array["POURC"]; $mounted = $array["MOUNTED"]; $logs[] = "{$cache_dir} size: {$size}, used:{$used} {$pourc}% mounted on {$mounted}"; } squid_admin_mysql(2, "Report on caches status", @implode("\n", $logs), __FILE__, __LINE__); } while (list($cache_dir, $ligne) = each($array)) { if (preg_match("#MemBooster#", $cache_dir)) { squid_admin_mysql(1, "Removing cache {$cache_dir}", null, __FILE__, __LINE__); ouputz("Removing {$cache_dir} content...", __LINE__); squid_admin_mysql(2, "Removing cache {$cache_dir} done", null, __FILE__, __LINE__); shell_exec("{$rm} -rf {$cache_dir}/*"); continue; } $DISK_STATUS = $unix->DF_SATUS_K($cache_dir); $DIRECTORY_SIZE = $unix->DIRSIZE_BYTES($cache_dir) / 1024 / 1024; $AIVA = $DISK_STATUS["AIVA"] * 1024; if ($AIVA < 10) { ouputz("Removing {$cache_dir} '{$DIRECTORY_SIZE}'M Available {$AIVA}M", __LINE__); shell_exec("{$rm} -rf {$cache_dir}"); ouputz("re-create {$cache_dir}", __LINE__); squid_admin_mysql(2, "Re-create {$cache_dir}", null, __FILE__, __LINE__); @mkdir($cache_dir, 0755, true); @chown($cache_dir, "squid"); @chgrp($cache_dir, "squid"); continue; } $DIRECTORY_SIZE_NEC = $DIRECTORY_SIZE * 2; if ($AIVA < $DIRECTORY_SIZE_NEC) { ouputz("Removing {$cache_dir} '{$DIRECTORY_SIZE}'M Available {$AIVA}M", __LINE__); shell_exec("{$rm} -rf {$cache_dir}"); ouputz("re-create {$cache_dir}", __LINE__); squid_admin_mysql(2, "Re-create {$cache_dir}", null, __FILE__, __LINE__); @mkdir($cache_dir, 0755, true); @chown($cache_dir, "squid"); @chgrp($cache_dir, "squid"); continue; } $cachesRename[] = "{$cache_dir}-delete-{$t}"; ouputz("Moving {$cache_dir} to {$cache_dir}-delete-{$t}...", __LINE__); exec("{$mv} {$cache_dir} {$cache_dir}-delete-{$t} 2>&1", $results); $results = array(); while (list($num, $ll) = each($results)) { ouputz("{$ligne}", __LINE__); } ouputz("re-create {$cache_dir}", __LINE__); squid_admin_mysql(2, "Re-create {$cache_dir}", null, __FILE__, __LINE__); @mkdir($cache_dir, 0755, true); @chown($cache_dir, "squid"); @chgrp($cache_dir, "squid"); } $su = $unix->find_program("su"); $results = array(); ouputz("Building new caches {$su} -c \"{$squidbin} -z\" squid", __LINE__); exec("{$su} -c \"{$squidbin} -z\" squid 2>&1", $results); while (list($num, $ligne) = each($results)) { ouputz("{$ligne}", __LINE__); } ouputz("Remove lock file...", __LINE__); @unlink("/etc/artica-postfix/squid.lock"); ouputz("Starting squid, please wait...", __LINE__); if (function_exists("debug_backtrace")) { $trace = debug_backtrace(); if (isset($trace[1])) { $sourcefunction = $trace[1]["function"]; $sourceline = $trace[1]["line"]; $executed = "Executed by {$sourcefunction}() line {$sourceline}\nusing argv:{$GLOBALS["ARGVS"]}\n"; } } squid_admin_notifs("Asking to start squid after rebuilding caches...\n{$executed}", __FUNCTION__, __FILE__, __LINE__, "proxy"); squid_admin_mysql(2, "Starting Proxy Service", null, __FILE__, __LINE__); shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.watchdog.php --start"); for ($i = 0; $i < 60; $i++) { $array = $unix->squid_get_cache_infos(); if (count($array) > 0) { break; } ouputz("Waiting {$i}s/60 to Squid-cache be ready...", __LINE__); sleep(1); } ouputz("Done... Squid-cache seems to be ready...", __LINE__); squid_admin_mysql(2, "Reloading {$squidbin} cache", null, __FILE__, __LINE__); ouputz("Reloading {$squidbin} cache", __LINE__); $results = array(); squid_watchdog_events("Reconfiguring Proxy parameters..."); if (function_exists("debug_backtrace")) { $trace = debug_backtrace(); if (isset($trace[1])) { $file = basename($trace[1]["file"]); $function = $trace[1]["function"]; $line = $trace[1]["line"]; $called = "Called by {$function}() from line {$line}"; } } $cmd = "/etc/init.d/squid reload --script=" . basename(__FILE__) . " >/dev/null"; shell_exec($cmd); $NICE = $unix->EXEC_NICE(); $nohup = $unix->find_program("nohup"); ouputz("Refresh caches information, please wait...", __LINE__); shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --cache-infos --force"); if (is_array($cachesRename)) { reset($cachesRename); while (list($index, $cache_dir) = each($cachesRename)) { $cmd = "{$nohup} {$NICE} {$rm} -rf {$cache_dir} >/dev/null 2>&1 &"; squid_admin_mysql(2, "Ask to delete old cache dir {$cache_dir} done", "{$called}", __FILE__, __LINE__); ouputz("Deleting {$cache_dir} {$cmd}", __LINE__); shell_exec($cmd); } } $took = $unix->distanceOfTimeInWords($t, time()); squid_admin_mysql(2, "All Proxy caches was rebuilded took: {$took}", "{$called}", __FILE__, __LINE__); $sock->TOP_NOTIFY("All Proxy caches was rebuilded took: {$took}", "info"); }
function ApplyConfig($smooth = false) { if (function_exists("WriteToSyslogMail")) { WriteToSyslogMail("Invoke ApplyConfig function", basename(__FILE__)); } $unix = new unix(); $ulimit = $unix->find_program("ulimit"); if (is_file($ulimit)) { shell_exec("{$ulimit} -HSd unlimited"); } else { echo "Starting......: " . date("H:i:s") . " [SYS]: Squid ulimit no such binary...\n"; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply kernel settings\n"; build_progress("{reconfigure} Kernel values", 46); kernel_values(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply Checks security limits\n"; build_progress("{reconfigure} Security limits", 47); security_limit(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances...\n"; build_progress("{reconfigure} checks remote appliances", 48); remote_appliance_restore_tables(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances done...\n"; $nohup = $unix->find_program("nohup"); $php5 = $unix->LOCATE_PHP5_BIN(); $squidbin = $unix->find_program("squid"); $SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid loading libraires...\n"; $sock = new sockets(); $squid = new squidbee(); if (!is_file($squidbin)) { $squidbin = $unix->find_program("squid3"); } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid binary: `{$squidbin}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Conf..: `{$SQUID_CONFIG_PATH}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid php...: `{$php5}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid nohup.: `{$nohup}`\n"; $DenySquidWriteConf = $sock->GET_INFO("DenySquidWriteConf"); if (!is_numeric($DenySquidWriteConf)) { $DenySquidWriteConf = 0; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `DenySquidWriteConf` = {$DenySquidWriteConf}\n"; @copy("/etc/artica-postfix/settings/Daemons/SquidNudityScanParams", "/etc/squid3/SquidNudityScanParams"); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `NudeBooster`\n"; build_progress("{reconfigure} Nude booster", 49); NudeBooster(); if (!is_dir("/usr/share/squid-langpack")) { echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Templates from MySQL\n"; $unix->THREAD_COMMAND_SET("{$php5} " . __FILE__ . " --tpl-save"); } $EnableRemoteStatisticsAppliance = 0; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build blocked Websites list...\n"; if (!is_dir("/etc/squid3/artica-meta")) { @mkdir("/etc/squid3/artica-meta", 0755, true); } if (!is_file("/etc/squid3/artica-meta/whitelist-net.db")) { @touch("/etc/squid3/artica-meta/whitelist-net.db"); } if (!is_file("/etc/squid3/artica-meta/whitelist-domains.db")) { @touch("/etc/squid3/artica-meta/whitelist-domains.db"); } build_progress("{reconfigure} Whitelisted browsers", 50); acl_whitelisted_browsers(); build_progress("{reconfigure} allowed browsers", 51); acl_allowed_browsers(); echo "Starting......: " . date("H:i:s") . " Checking wrapzap\n"; build_progress("{reconfigure} wrapzap", 52); wrapzap(); build_progress("{reconfigure} Mime.conf", 53); mime_conf(); build_progress("{reconfigure} Blocked websites", 54); $squid->BuildBlockedSites(); build_progress("{reconfigure} FTP clients ACLs", 55); acl_clients_ftp(); build_progress("{checking_wccp_mode}", 55); system("{$php5} /usr/share/artica-postfix/exec.squid.wccp.php --squid"); build_progress("{reconfigure} Dynamic rules caches", 56); echo "Starting......: " . date("H:i:s") . " [SYS]: Dynamic rules caches...\n"; dyn_caches(); build_progress("{reconfigure} Webfiltering whitelisted", 57); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build url_rewrite_access deny...\n"; urlrewriteaccessdeny(); echo "Starting......: " . date("H:i:s") . " [SYS]:Squid building main configuration done\n"; build_progress("{reconfigure} Check files and security", 58); CheckFilesAndSecurity(); $tar = $unix->find_program("tar"); if ($GLOBALS["NOAPPLY"]) { $DenySquidWriteConf = 0; } if ($DenySquidWriteConf == 0) { @mkdir("/tmp", 0755, true); $squid->CURRENT_PROGRESS = 79; $squid->MAX_PROGRESS = 79; $conf = $squid->BuildSquidConf(); $conf = str_replace("\n\n", "\n", $conf); build_progress("{writing_configuration}", 79); @file_put_contents("/tmp/squid.conf", $conf); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity of the configuration file with /tmp/squid.conf...\n"; $GLOBALS["SQUID_PATTERN_ERROR"] = array(); $squid_checks = new squid_checks("/tmp/squid.conf"); if (!$squid_checks->squid_parse()) { build_progress("{checking}: {failed}", 110); return; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity OK...\n"; if ($GLOBALS["NOAPPLY"]) { echo "Starting......: " . date("H:i:s") . " [SYS]: WARNING \"NOAPPLY\" Artica is denied to apply settings...\n"; return true; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Writing configuration file \"{$SQUID_CONFIG_PATH}\" " . strlen($conf) . " bytes...\n"; @file_put_contents($SQUID_CONFIG_PATH, $conf); @mkdir("/etc/squid3", 0755, true); if ($SQUID_CONFIG_PATH != "/etc/squid3/squid.conf") { @file_put_contents("/etc/squid3/squid.conf", $conf); } $sock->TOP_NOTIFY("{squid_parameters_was_saved}", "info"); $cmd = $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --templates --noreload"; $unix->THREAD_COMMAND_SET($cmd); } build_progress("{checking}: squidclamav", 79); if (!$smooth) { squidclamav(); } build_progress("{checking}: wrapzap", 79); if (!$smooth) { wrapzap(); } build_progress("{checking}: Cerificates", 79); if (!$smooth) { certificate_generate(); } $cmd = $nohup . " " . $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --cache-infos --force >/dev/null 2>&1 &"; if ($GLOBALS["VERBOSE"]) { echo "{$cmd}\n"; } shell_exec($cmd); shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.syslog-engine.php --rsylogd >/dev/null 2>&1 &"); if (!$smooth) { build_progress("{checking}: Check Files And Security", 79); CheckFilesAndSecurity(); } if (is_file("/root/squid-good.tgz")) { @unlink("/root/squid-good.tgz"); } chdir("/etc/squid3"); shell_exec("cd /etc/squid3"); shell_exec("tar -czf /root/squid-good.tgz *"); chdir("/root"); shell_exec("cd /root"); return true; }
function defragMylsql($innodb_file_pertable = 0) { $users = new usersMenus(); $tmpfile = "/home/mysqldump/all-database.sql"; $sock = new sockets(); $sock->SET_INFO("DisableMySqlTemp", 0); $unix = new unix(); $MyPidFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($MyPidFile); if ($unix->process_exists($pid, basename(__FILE__))) { system_admin_events("Error, PID {$pid} already exists in memory, aborting", __FUNCTION__, __FILE__, __LINE__, "mysql"); die; } $mysqldump = $unix->find_program("mysqldump"); if (!is_file($mysqldump)) { system_admin_events("Error, mysqldump no such binary, aborting", __FUNCTION__, __FILE__, __LINE__, "mysql"); die; } if (is_file("{$tmpfile}")) { system_admin_events("{$tmpfile} exists, skip export task and run importation...", __FUNCTION__, __FILE__, __LINE__, "mysql"); Dumpimport($innodb_file_pertable); return; } $sock->SET_INFO("DisableMySqlTemp", 0); $q = new mysql(); $mysql_admin = $q->mysql_admin; $mysql_server_ok = false; $mysql_server = $q->mysql_server; if ($mysql_server == "127.0.0.1") { $mysql_server_ok = true; } if ($mysql_server == "localhost") { $mysql_server_ok = true; } if (!$mysql_server_ok) { system_admin_events("Error, {$mysql_server} not supported or remote server, aborting", __FUNCTION__, __FILE__, __LINE__, "mysql"); die; } if (trim($mysql_admin) == null) { system_admin_events("Error, unable to get mysql_admin credentials", __FUNCTION__, __FILE__, __LINE__, "mysql"); die; } if ($innodb_file_pertable == 1) { system_admin_events("INFO, The MySQL will be turned to innodb_file_per_table", __FUNCTION__, __FILE__, __LINE__, "mysql"); } $password = $q->mysql_password; if ($password != null) { $passwordcmdline = " -p{$password}"; } if ($users->ZARAFA_INSTALLED) { system_admin_events("Starting launching the zarafa backup....", __FUNCTION__, __FILE__, __LINE__, "mysql"); shell_exec($unix->LOCATE_PHP5_BIN() . " " . dirname(__FILE__) . "/exec.zarafa-backup.php --exec"); } @mkdir("/home/mysqldump", 0755, true); $tmpfile = "/home/mysqldump/all-database.sql"; $tmpError = "/home/mysqldump/all-database.errors"; @unlink($tmpError); @unlink($tmpfile); $t = time(); system_admin_events("Starting dump all databases and tables with username {$mysql_admin}", __FUNCTION__, __FILE__, __LINE__, "mysql"); $cmdline = "{$mysqldump} -u {$mysql_admin}{$passwordcmdline} --add-drop-database --opt --all-databases --log-error={$tmpError} >{$tmpfile}"; if ($GLOBALS["VERBOSE"]) { echo $cmdline . "\n"; } shell_exec($cmdline); $f = file($tmpError); $filesize = $unix->file_size($tmpfile); $filesizeText = FormatBytes($filesize / 1024); $t2 = time(); $took = $unix->distanceOfTimeInWords($t, $t2, true); system_admin_events("finish dump all databases and tables filesize={$filesizeText} took: {$took}", __FUNCTION__, __FILE__, __LINE__, "mysql"); while (list($index, $line) = each($f)) { if (preg_match("#error:\\s+([0-9]+)#i", $line)) { system_admin_events("Failed with error {$line}", __FUNCTION__, __FILE__, __LINE__, "mysql"); return; } } if ($filesize < 500) { system_admin_events("Failed empty dump file...", __FUNCTION__, __FILE__, __LINE__, "mysql"); return; } Dumpimport(); $took = $unix->distanceOfTimeInWords($t, time(), true); system_admin_events("Defrag the entire Mysql done took:{$took}", __FUNCTION__, __FILE__, __LINE__, "mysql"); $sock->TOP_NOTIFY("Defrag the entire Mysql done took:{$took}", "info"); }