function UFDBGUARD_COMPILE_SINGLE_DB($path)
{
$timeStart = time();
$OriginalDirename = dirname($path);
$unix = new unix();
$path = str_replace(".ufdb", "", $path);
$pidpath = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . md5($path) . ".pid";
$pid = @file_get_contents($pidpath);
if ($unix->process_exists($pid)) {
events_ufdb_tail("Check \"{$path}\"... Already process PID \"{$pid}\" running task has been aborted");
return;
}
$category = null;
$ufdbGenTable = $unix->find_program("ufdbGenTable");
if (!is_file($ufdbGenTable)) {
writelogs("ufdbGenTable no such binary", __FUNCTION__, __FILE__, __LINE__);
return;
}
events_ufdb_tail("Check \"{$path}\"...", __LINE__);
if (preg_match("#\\/var\\/lib\\/squidguard\\/(.+?)\\/(.+?)/(.+?)\$#", $path, $re)) {
$category = $re[2];
$domain_path = "/var/lib/squidguard/{$re[1]}/{$re[2]}/domains";
}
if ($category == null) {
if (preg_match("#\\/var\\/lib\\/squidguard\\/(.+?)\\/domains#", $path, $re)) {
$category = $re[1];
$domain_path = "/var/lib/squidguard/{$re[1]}/domains";
}
}
if (preg_match("#web-filter-plus\\/BL\\/(.+?)\\/domains#", $path, $re)) {
$category = $re[1];
$domain_path = "/var/lib/squidguard/web-filter-plus/BL/{$category}/domains";
}
if (preg_match("#blacklist-artica\\/(.+?)\\/(.+?)\\/domains#", $path, $re)) {
events_ufdb_tail("find double category \"{$re[1]}-{$re[2]}\"...", __LINE__);
$category = "{$re[1]}-{$re[2]}";
$domain_path = "/var/lib/squidguard/blacklist-artica/{$re[1]}/{$re[2]}/domains";
}
if (preg_match("#blacklist-artica\\/sex\\/(.+?)\\/domains#", $path, $re)) {
$category = $re[1];
$domain_path = "/var/lib/squidguard/blacklist-artica/sex/{$category}/domains";
}
if ($category == null) {
events_ufdb_tail("exec.squidguard.php:: \"{$path}\" cannot understand...");
}
events_ufdb_tail("exec.squidguard.php:: Found category \"{$category}\"", __LINE__);
if (!is_file($path)) {
events_ufdb_tail("exec.squidguard.php:{$category}: \"{$path}\" no such file, build it", __LINE__);
@file_put_contents($domain_path, " ");
}
$category_compile = substr($category, 0, 15);
if (strlen($category_compile) > 15) {
$category_compile = str_replace("recreation_", "recre_", $category_compile);
$category_compile = str_replace("automobile_", "auto_", $category_compile);
$category_compile = str_replace("finance_", "fin_", $category_compile);
if (strlen($category_compile) > 15) {
$category_compile = str_replace("_", "", $category_compile);
if (strlen($category_compile) > 15) {
$category_compile = substr($category_compile, strlen($category_compile) - 15, 15);
}
}
}
events_ufdb_tail("exec.squidguard.php:: category \"{$category}\" retranslated to \"{$category_compile}\"", __LINE__);
if (is_file("{$domain_path}.ufdb")) {
events_ufdb_tail("exec.squidguard.php:: removing \"{$domain_path}.ufdb\" ...");
@unlink("{$domain_path}.ufdb");
}
if (!is_file($domain_path)) {
events_ufdb_tail("exec.squidguard.php:: {$domain_path} no such file, create an empty one", __LINE__);
@mkdir(dirname($domain_path), 0755, true);
@file_put_contents($domain_path, "#");
}
$urlcmd = null;
$d = " -d {$domain_path}";
if (is_file("{$OriginalDirename}/urls")) {
$urlssize = @filesize("{$OriginalDirename}/urls");
events_ufdb_tail("exec.squidguard.php:: {$OriginalDirename}/urls {$urlssize} bytes...", __LINE__);
if ($urlssize > 50) {
$urlcmd = " -u {$OriginalDirename}/urls";
}
}
$NICE = EXEC_NICE();
$cmd = "{$NICE}{$ufdbGenTable} -n -D -W -t {$category_compile}{$d}{$urlcmd} 2>&1";
events_ufdb_tail("exec.squidguard.php:{$category}:{$cmd}");
$time = time();
exec($cmd, $results);
exec($cmd, $results);
while (list($a, $b) = each($results)) {
if (strpos($b, "is not added because it was already matched")) {
continue;
}
if (strpos($b, "has optimised subdomains")) {
continue;
}
events_ufdb_tail("exec.squidguard.php:{$category}:{$b}");
}
$tookrecompile = $unix->distanceOfTimeInWords($time, time());
events_ufdb_tail("exec.squidguard.php:{$category_compile}: execution {$tookrecompile}", __LINE__);
events_ufdb_tail("exec.squidguard.php:{$category}:done..");
$user = GetSquidUser();
$chown = $unix->find_program("chown");
if (is_file($chown)) {
events_ufdb_tail("exec.squidguard.php:{$category}:{$chown} -R {$user} {$OriginalDirename}");
shell_exec("{$chown} -R {$user} {$OriginalDirename}/*");
shell_exec("{$chown} -R {$user} /var/log/squid/*");
}
$sock = new sockets();
$took = $unix->distanceOfTimeInWords($timeStart, time());
$sock->TOP_NOTIFY("{$OriginalDirename} webfiltering database ({$category}) was recompiled took {$took} hard compilation took: {$tookrecompile}", "info");
}
function clean_squid_stats_dbs()
{
$sock = new sockets();
$DisableArticaProxyStatistics = $sock->GET_INFO("DisableArticaProxyStatistics");
$CleanArticaSquidDatabases = $sock->GET_INFO("CleanArticaSquidDatabases");
if (!is_numeric($DisableArticaProxyStatistics)) {
$DisableArticaProxyStatistics = 0;
}
if (!is_numeric($CleanArticaSquidDatabases)) {
$CleanArticaSquidDatabases = 0;
}
if (!$GLOBALS["FORCE"]) {
if ($CleanArticaSquidDatabases == 0) {
echo "Option is not activated...\n";
return;
}
}
$q = new mysql_squid_builder();
$tables = $q->LIST_TABLES_DAYS();
$rows = 0;
$count_tables = 0;
while (list($num, $table) = each($tables)) {
$rows = $rows + $q->COUNT_ROWS($table);
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
$q->DELETE_TABLE($table);
}
$tables = $q->LIST_TABLES_DAYS_BLOCKED();
while (list($num, $table) = each($tables)) {
$rows = $rows + $q->COUNT_ROWS($table);
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
$q->DELETE_TABLE($table);
}
$tables = $q->LIST_TABLES_MEMBERS();
while (list($num, $table) = each($tables)) {
$rows = $rows + $q->COUNT_ROWS($table);
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
$q->DELETE_TABLE($table);
}
$tables = $q->LIST_TABLES_MONTH();
while (list($num, $table) = each($tables)) {
$rows = $rows + $q->COUNT_ROWS($table);
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
$q->DELETE_TABLE($table);
}
$tables = $q->LIST_TABLES_WEEKS();
while (list($num, $table) = each($tables)) {
$rows = $rows + $q->COUNT_ROWS($table);
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
$q->DELETE_TABLE($table);
}
$q = new mysql_catz();
$tables = $q->LIST_TABLES_CATEGORIES();
while (list($num, $table) = each($tables)) {
$rows = $rows + $q->COUNT_ROWS($table);
if ($GLOBALS["VERBOSE"]) {
echo " Delete table {$table} {$rows} rows \n";
}
$count_tables++;
$q->DELETE_TABLE($table);
}
$q = new mysql();
if ($q->DATABASE_EXISTS("catz")) {
$q->DELETE_DATABASE("catz");
}
if ($count_tables > 0) {
mysql_admin_mysql(1, "Restarting MySQL service...", null, __FILE__, __LINE__);
shell_exec("/etc/init.d/mysql restart");
}
$sock->TOP_NOTIFY("{$count_tables} statistics tables as been deleted with {$rows} rows", "info");
//print_r($tables);
}
function rebuild_default_cache()
{
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = @file_get_contents($pidfile);
if ($pid < 100) {
$pid = null;
}
$unix = new unix();
$sock = new sockets();
if ($unix->process_exists($pid, basename(__FILE__))) {
if ($GLOBALS["VERBOSE"]) {
echo "Already executed pid {$pid}\n";
}
die;
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
$t = time();
$squid = new squidbee();
shell_exec($unix->LOCATE_PHP5_BIN() . " " . basename(__FILE__) . "/exec.squid.php --build >/dev/null 2>&1");
$cache_dir = $squid->CACHE_PATH;
$mv = $unix->find_program("mv");
$rm = $unix->find_program("rm");
$chmod = $unix->find_program("chmod");
$chown = $unix->find_program("chown");
$php5 = $unix->LOCATE_PHP5_BIN();
writelogs("{$cache_dir} to delete...", __FUNCTION__, __FILE__, __LINE__);
$t = time();
@unlink("/etc/artica-postfix/squid.lock");
@file_put_contents("/etc/artica-postfix/squid.lock", time());
$squidbin = $unix->find_program("squid");
if (!is_file($squidbin)) {
$squidbin = $unix->find_program("squid3");
}
if (!is_file($squidbin)) {
writelogs("squid, no such binary file", __FUNCTION__, __FILE__, __LINE__);
@unlink("/etc/artica-postfix/squid.lock");
return;
}
writelogs("Stopping squid", __FUNCTION__, __FILE__, __LINE__);
$sock->TOP_NOTIFY("Proxy is stopped to rebuild default cache...", "info");
shell_exec("/etc/init.d/artica-postfix stop squid-cache");
$cachesRename = "{$cache_dir}-delete-{$t}";
exec("{$mv} {$cache_dir} {$cachesRename} 2>&1", $results);
writelogs("re-create {$cache_dir}", __FUNCTION__, __FILE__, __LINE__);
@mkdir($cache_dir, 0755, true);
@chown($cache_dir, "squid");
@chgrp($cache_dir, "squid");
exec("{$squidbin} -z 2>&1", $results);
while (list($num, $ligne) = each($results)) {
writelogs("{$ligne}", __FUNCTION__, __FILE__, __LINE__);
}
shell_exec("{$chown} -R squid:squid {$cache_dir}");
shell_exec("{$chown} -R 0755 {$cache_dir}");
@unlink("/etc/artica-postfix/squid.lock");
writelogs("starting squid", __FUNCTION__, __FILE__, __LINE__);
shell_exec("/etc/init.d/artica-postfix start squid-cache");
$sock->TOP_NOTIFY("Proxy was restarted to rebuild default cache...", "info");
for ($i = 0; $i < 60; $i++) {
$array = $unix->squid_get_cache_infos();
if (count($array) > 0) {
break;
}
writelogs("Waiting 1s to squid be ready...", __FUNCTION__, __FILE__, __LINE__);
sleep(1);
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --cache-infos --force");
writelogs("Deleting {$cachesRename}", __FUNCTION__, __FILE__, __LINE__);
shell_exec("{$rm} -rf {$cachesRename}");
$took = $unix->distanceOfTimeInWords($t, time());
$sock->TOP_NOTIFY("Default Proxy cache was rebuilded took: {$took}", "info");
}
function ApplyConfig($smooth = false)
{
if (function_exists("WriteToSyslogMail")) {
WriteToSyslogMail("Invoke ApplyConfig function", basename(__FILE__));
}
$unix = new unix();
$ulimit = $unix->find_program("ulimit");
if (is_file($ulimit)) {
shell_exec("{$ulimit} -HSd unlimited");
} else {
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid ulimit no such binary...\n";
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply kernel settings\n";
build_progress("{reconfigure} Kernel values", 46);
kernel_values();
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply Checks security limits\n";
build_progress("{reconfigure} Security limits", 47);
security_limit();
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances...\n";
build_progress("{reconfigure} checks remote appliances", 48);
remote_appliance_restore_tables();
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances done...\n";
$nohup = $unix->find_program("nohup");
$php5 = $unix->LOCATE_PHP5_BIN();
$squidbin = $unix->find_program("squid");
$SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH();
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid loading libraires...\n";
$sock = new sockets();
$squid = new squidbee();
if (!is_file($squidbin)) {
$squidbin = $unix->find_program("squid3");
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid binary: `{$squidbin}`\n";
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Conf..: `{$SQUID_CONFIG_PATH}`\n";
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid php...: `{$php5}`\n";
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid nohup.: `{$nohup}`\n";
$DenySquidWriteConf = $sock->GET_INFO("DenySquidWriteConf");
if (!is_numeric($DenySquidWriteConf)) {
$DenySquidWriteConf = 0;
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `DenySquidWriteConf` = {$DenySquidWriteConf}\n";
@copy("/etc/artica-postfix/settings/Daemons/SquidNudityScanParams", "/etc/squid3/SquidNudityScanParams");
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `NudeBooster`\n";
build_progress("{reconfigure} Nude booster", 49);
NudeBooster();
if (!is_dir("/usr/share/squid-langpack")) {
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Templates from MySQL\n";
$unix->THREAD_COMMAND_SET("{$php5} " . __FILE__ . " --tpl-save");
}
$EnableRemoteStatisticsAppliance = 0;
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build blocked Websites list...\n";
build_progress("{reconfigure} Whitelisted browsers", 50);
acl_whitelisted_browsers();
build_progress("{reconfigure} allowed browsers", 51);
acl_allowed_browsers();
echo "Starting......: " . date("H:i:s") . " Checking wrapzap\n";
build_progress("{reconfigure} wrapzap", 52);
wrapzap();
build_progress("{reconfigure} Mime.conf", 53);
mime_conf();
build_progress("{reconfigure} Blocked websites", 54);
$squid->BuildBlockedSites();
build_progress("{reconfigure} FTP clients ACLs", 55);
acl_clients_ftp();
build_progress("{reconfigure} Dynamic rules caches", 56);
echo "Starting......: " . date("H:i:s") . " [SYS]: Dynamic rules caches...\n";
dyn_caches();
build_progress("{reconfigure} Webfiltering whitelisted", 57);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build url_rewrite_access deny...\n";
urlrewriteaccessdeny();
echo "Starting......: " . date("H:i:s") . " [SYS]:Squid building main configuration done\n";
if ($GLOBALS["NOAPPLY"]) {
$DenySquidWriteConf = 0;
}
if ($DenySquidWriteConf == 0) {
@mkdir("/tmp", 0755, true);
$squid->CURRENT_PROGRESS = 79;
$squid->MAX_PROGRESS = 79;
$conf = $squid->BuildSquidConf();
$conf = str_replace("\n\n", "\n", $conf);
build_progress("{writing_configuration}", 79);
@file_put_contents("/tmp/squid.conf", $conf);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity of the configuration file with /tmp/squid.conf...\n";
$GLOBALS["SQUID_PATTERN_ERROR"] = array();
CheckConfig("/tmp/squid.conf");
if (count($GLOBALS["SQUID_PATTERN_ERROR"]) > 0) {
echo "Starting......: " . date("H:i:s") . " [SYS]: Some errors are detected and cleaned\n";
squid_admin_mysql(1, "Some errors has been detected in settings", "Please check theses values:\n" . @implode("\n", $GLOBALS["SQUID_PATTERN_ERROR"]));
$conf = @file_get_contents("/tmp/squid.conf");
}
exec("{$squidbin} -f /tmp/squid.conf -k parse 2>&1", $results);
while (list($index, $ligne) = each($results)) {
if (strpos($ligne, "| WARNING:") > 0) {
continue;
}
if (preg_match("#ERROR: Failed#", $ligne)) {
build_progress("{operation_failed} !!!", 110);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid `{$ligne}`, aborting configuration, keep the old one...\n";
echo "<div style='font-size:16px;font-weight:bold;color:#E71010'>{$ligne}</div>";
$sock->TOP_NOTIFY("{$ligne}", "error");
return;
}
if (preg_match("#Segmentation fault#", $ligne)) {
build_progress("{operation_failed} Segmentation fault !!!", 110);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid `{$ligne}`, aborting configuration, keep the old one...\n";
echo "<div style='font-size:16px;font-weight:bold;color:#E71010'>{$ligne}</div>";
$sock->TOP_NOTIFY("{$ligne}", "error");
return;
}
if (preg_match("#(unrecognized|FATAL|Bungled)#", $ligne)) {
build_progress("{operation_failed} Bungled !!!", 110);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid `{$ligne}`, aborting configuration, keep the old one...\n";
echo "<div style='font-size:16px;font-weight:bold;color:#E71010'>{$ligne}</div>";
if (preg_match("#line ([0-9]+):#", $ligne, $ri)) {
$Buggedline = $ri[1];
$tt = explode("\n", @file_get_contents("/tmp/squid.conf"));
echo "<HR>";
for ($i = $Buggedline - 2; $i < $Buggedline + 2; $i++) {
$lineNumber = $i + 1;
$colorbugged = "black";
if (trim($tt[$i]) == null) {
continue;
}
if ($lineNumber == $Buggedline) {
$colorbugged = "#E71010";
}
echo "<div style='font-size:12px;font-weight:bold;color:{$colorbugged}'>[line:{$lineNumber}]: {$tt[$i]}</div>";
}
}
echo "<HR>";
$sock->TOP_NOTIFY("{$ligne}", "error");
return;
}
if (preg_match("#strtokFile:\\s+(.+?)\\s+not found#", $ligne, $re)) {
$filename = trim($re[1]);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid missing {$filename}, create an empty one\n";
@mkdir(dirname($filename), 0755, true);
@file_put_contents($filename, "");
@chown($filename, "squid");
@chgrp($filename, "squid");
continue;
}
if (preg_match("#Processing:\\s+#", $ligne)) {
continue;
}
if (preg_match("#Warning: empty ACL#", $ligne)) {
continue;
}
if (preg_match("#searching predictable#", $ligne)) {
continue;
}
if (preg_match("#is a subnetwork of#", $ligne)) {
continue;
}
if (preg_match("#You should probably#", $ligne)) {
continue;
}
if (preg_match("#Startup:\\s+#", $ligne)) {
continue;
}
echo "Starting......: " . date("H:i:s") . " [SYS]: {$ligne}\n";
}
@file_put_contents("/etc/artica-postfix/settings/Daemons/GlobalSquidConf", $conf);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity OK...\n";
if ($GLOBALS["NOAPPLY"]) {
echo "Starting......: " . date("H:i:s") . " [SYS]: WARNING \"NOAPPLY\" Artica is denied to apply settings...\n";
return true;
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Writing configuration file \"{$SQUID_CONFIG_PATH}\" " . strlen($conf) . " bytes...\n";
@file_put_contents($SQUID_CONFIG_PATH, $conf);
@mkdir("/etc/squid3", 0755, true);
if ($SQUID_CONFIG_PATH != "/etc/squid3/squid.conf") {
@file_put_contents("/etc/squid3/squid.conf", $conf);
}
$sock->TOP_NOTIFY("{squid_parameters_was_saved}", "info");
$cmd = $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --templates --noreload";
$unix->THREAD_COMMAND_SET($cmd);
}
build_progress("{checking}: squidclamav", 79);
if (!$smooth) {
squidclamav();
}
build_progress("{checking}: wrapzap", 79);
if (!$smooth) {
wrapzap();
}
build_progress("{checking}: Cerificates", 79);
if (!$smooth) {
certificate_generate();
}
$cmd = $nohup . " " . $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --cache-infos --force >/dev/null 2>&1 &";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
shell_exec($cmd);
shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.syslog-engine.php --rsylogd >/dev/null 2>&1 &");
shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.squid.watchdog.php --init >/dev/null 2>&1 &");
if (!$smooth) {
build_progress("{checking}: Check Files And Security", 79);
CheckFilesAndSecurity();
}
return true;
}
function rebuildcaches()
{
$logFile = "/usr/share/artica-postfix/ressources/logs/web/rebuild-cache.txt";
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = @file_get_contents($pidfile);
if ($pid < 100) {
$pid = null;
}
$unix = new unix();
$sock = new sockets();
if ($unix->process_exists($pid, basename(__FILE__))) {
ouputz("Already process exists {$pid}, aborting", __LINE__);
die;
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
@unlink($logFile);
ouputz("Please wait, rebuild caches....", __LINE__);
$t = time();
ouputz("Listing caches....", __LINE__);
$array = ListCaches();
$mv = $unix->find_program("mv");
$rm = $unix->find_program("rm");
$php5 = $unix->LOCATE_PHP5_BIN();
ouputz(count($array) . " caches to delete...", __LINE__);
if (count($array) == 0) {
ouputz("Fatal, unable to list available caches...", __LINE__);
squid_admin_mysql(0, "Fatal, unable to list available caches", null, __FILE__, __LINE__);
@unlink("/etc/artica-postfix/squid.lock");
die;
}
$t = time();
@unlink("/etc/artica-postfix/squid.lock");
@file_put_contents("/etc/artica-postfix/squid.lock", time());
$squidbin = $unix->LOCATE_SQUID_BIN();
if (!is_file($squidbin)) {
ouputz("squid, no such binary file", __LINE__);
@unlink("/etc/artica-postfix/squid.lock");
return;
}
squid_admin_mysql(1, "Stopping Proxy service in order to rebuild caches", null, __FILE__, __LINE__);
ouputz("Stopping squid, please wait...", __LINE__);
if (function_exists("debug_backtrace")) {
$trace = debug_backtrace();
if (isset($trace[1])) {
$sourcefunction = $trace[1]["function"];
$sourceline = $trace[1]["line"];
$executed = "Executed by {$sourcefunction}() line {$sourceline}\nusing argv:{$GLOBALS["ARGVS"]}\n";
}
}
squid_admin_notifs("Asking to Stop Squid for rebuilding caches\n" . @implode("\n", $GLOBALS["LOGS"]) . "\n{$executed}", __FUNCTION__, __FILE__, __LINE__, "proxy");
shell_exec("/etc/init.d/squid stop --force --script=" . basename(__FILE__));
if ($GLOBALS["REPORT"]) {
while (list($cache_dir, $ligne) = each($array)) {
$DIRARRAY = $unix->DIR_STATUS($cache_dir);
$size = $array["SIZE"];
$used = $array["USED"];
$pourc = $array["POURC"];
$mounted = $array["MOUNTED"];
$logs[] = "{$cache_dir} size: {$size}, used:{$used} {$pourc}% mounted on {$mounted}";
}
squid_admin_mysql(2, "Report on caches status", @implode("\n", $logs), __FILE__, __LINE__);
}
while (list($cache_dir, $ligne) = each($array)) {
if (preg_match("#MemBooster#", $cache_dir)) {
squid_admin_mysql(1, "Removing cache {$cache_dir}", null, __FILE__, __LINE__);
ouputz("Removing {$cache_dir} content...", __LINE__);
squid_admin_mysql(2, "Removing cache {$cache_dir} done", null, __FILE__, __LINE__);
shell_exec("{$rm} -rf {$cache_dir}/*");
continue;
}
$DISK_STATUS = $unix->DF_SATUS_K($cache_dir);
$DIRECTORY_SIZE = $unix->DIRSIZE_BYTES($cache_dir) / 1024 / 1024;
$AIVA = $DISK_STATUS["AIVA"] * 1024;
if ($AIVA < 10) {
ouputz("Removing {$cache_dir} '{$DIRECTORY_SIZE}'M Available {$AIVA}M", __LINE__);
shell_exec("{$rm} -rf {$cache_dir}");
ouputz("re-create {$cache_dir}", __LINE__);
squid_admin_mysql(2, "Re-create {$cache_dir}", null, __FILE__, __LINE__);
@mkdir($cache_dir, 0755, true);
@chown($cache_dir, "squid");
@chgrp($cache_dir, "squid");
continue;
}
$DIRECTORY_SIZE_NEC = $DIRECTORY_SIZE * 2;
if ($AIVA < $DIRECTORY_SIZE_NEC) {
ouputz("Removing {$cache_dir} '{$DIRECTORY_SIZE}'M Available {$AIVA}M", __LINE__);
shell_exec("{$rm} -rf {$cache_dir}");
ouputz("re-create {$cache_dir}", __LINE__);
squid_admin_mysql(2, "Re-create {$cache_dir}", null, __FILE__, __LINE__);
@mkdir($cache_dir, 0755, true);
@chown($cache_dir, "squid");
@chgrp($cache_dir, "squid");
continue;
}
$cachesRename[] = "{$cache_dir}-delete-{$t}";
ouputz("Moving {$cache_dir} to {$cache_dir}-delete-{$t}...", __LINE__);
exec("{$mv} {$cache_dir} {$cache_dir}-delete-{$t} 2>&1", $results);
$results = array();
while (list($num, $ll) = each($results)) {
ouputz("{$ligne}", __LINE__);
}
ouputz("re-create {$cache_dir}", __LINE__);
squid_admin_mysql(2, "Re-create {$cache_dir}", null, __FILE__, __LINE__);
@mkdir($cache_dir, 0755, true);
@chown($cache_dir, "squid");
@chgrp($cache_dir, "squid");
}
$su = $unix->find_program("su");
$results = array();
ouputz("Building new caches {$su} -c \"{$squidbin} -z\" squid", __LINE__);
exec("{$su} -c \"{$squidbin} -z\" squid 2>&1", $results);
while (list($num, $ligne) = each($results)) {
ouputz("{$ligne}", __LINE__);
}
ouputz("Remove lock file...", __LINE__);
@unlink("/etc/artica-postfix/squid.lock");
ouputz("Starting squid, please wait...", __LINE__);
if (function_exists("debug_backtrace")) {
$trace = debug_backtrace();
if (isset($trace[1])) {
$sourcefunction = $trace[1]["function"];
$sourceline = $trace[1]["line"];
$executed = "Executed by {$sourcefunction}() line {$sourceline}\nusing argv:{$GLOBALS["ARGVS"]}\n";
}
}
squid_admin_notifs("Asking to start squid after rebuilding caches...\n{$executed}", __FUNCTION__, __FILE__, __LINE__, "proxy");
squid_admin_mysql(2, "Starting Proxy Service", null, __FILE__, __LINE__);
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.watchdog.php --start");
for ($i = 0; $i < 60; $i++) {
$array = $unix->squid_get_cache_infos();
if (count($array) > 0) {
break;
}
ouputz("Waiting {$i}s/60 to Squid-cache be ready...", __LINE__);
sleep(1);
}
ouputz("Done... Squid-cache seems to be ready...", __LINE__);
squid_admin_mysql(2, "Reloading {$squidbin} cache", null, __FILE__, __LINE__);
ouputz("Reloading {$squidbin} cache", __LINE__);
$results = array();
squid_watchdog_events("Reconfiguring Proxy parameters...");
if (function_exists("debug_backtrace")) {
$trace = debug_backtrace();
if (isset($trace[1])) {
$file = basename($trace[1]["file"]);
$function = $trace[1]["function"];
$line = $trace[1]["line"];
$called = "Called by {$function}() from line {$line}";
}
}
$cmd = "/etc/init.d/squid reload --script=" . basename(__FILE__) . " >/dev/null";
shell_exec($cmd);
$NICE = $unix->EXEC_NICE();
$nohup = $unix->find_program("nohup");
ouputz("Refresh caches information, please wait...", __LINE__);
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --cache-infos --force");
if (is_array($cachesRename)) {
reset($cachesRename);
while (list($index, $cache_dir) = each($cachesRename)) {
$cmd = "{$nohup} {$NICE} {$rm} -rf {$cache_dir} >/dev/null 2>&1 &";
squid_admin_mysql(2, "Ask to delete old cache dir {$cache_dir} done", "{$called}", __FILE__, __LINE__);
ouputz("Deleting {$cache_dir} {$cmd}", __LINE__);
shell_exec($cmd);
}
}
$took = $unix->distanceOfTimeInWords($t, time());
squid_admin_mysql(2, "All Proxy caches was rebuilded took: {$took}", "{$called}", __FILE__, __LINE__);
$sock->TOP_NOTIFY("All Proxy caches was rebuilded took: {$took}", "info");
}
function ApplyConfig($smooth = false)
{
if (function_exists("WriteToSyslogMail")) {
WriteToSyslogMail("Invoke ApplyConfig function", basename(__FILE__));
}
$unix = new unix();
$ulimit = $unix->find_program("ulimit");
if (is_file($ulimit)) {
shell_exec("{$ulimit} -HSd unlimited");
} else {
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid ulimit no such binary...\n";
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply kernel settings\n";
build_progress("{reconfigure} Kernel values", 46);
kernel_values();
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply Checks security limits\n";
build_progress("{reconfigure} Security limits", 47);
security_limit();
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances...\n";
build_progress("{reconfigure} checks remote appliances", 48);
remote_appliance_restore_tables();
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances done...\n";
$nohup = $unix->find_program("nohup");
$php5 = $unix->LOCATE_PHP5_BIN();
$squidbin = $unix->find_program("squid");
$SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH();
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid loading libraires...\n";
$sock = new sockets();
$squid = new squidbee();
if (!is_file($squidbin)) {
$squidbin = $unix->find_program("squid3");
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid binary: `{$squidbin}`\n";
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Conf..: `{$SQUID_CONFIG_PATH}`\n";
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid php...: `{$php5}`\n";
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid nohup.: `{$nohup}`\n";
$DenySquidWriteConf = $sock->GET_INFO("DenySquidWriteConf");
if (!is_numeric($DenySquidWriteConf)) {
$DenySquidWriteConf = 0;
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `DenySquidWriteConf` = {$DenySquidWriteConf}\n";
@copy("/etc/artica-postfix/settings/Daemons/SquidNudityScanParams", "/etc/squid3/SquidNudityScanParams");
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `NudeBooster`\n";
build_progress("{reconfigure} Nude booster", 49);
NudeBooster();
if (!is_dir("/usr/share/squid-langpack")) {
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Templates from MySQL\n";
$unix->THREAD_COMMAND_SET("{$php5} " . __FILE__ . " --tpl-save");
}
$EnableRemoteStatisticsAppliance = 0;
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build blocked Websites list...\n";
if (!is_dir("/etc/squid3/artica-meta")) {
@mkdir("/etc/squid3/artica-meta", 0755, true);
}
if (!is_file("/etc/squid3/artica-meta/whitelist-net.db")) {
@touch("/etc/squid3/artica-meta/whitelist-net.db");
}
if (!is_file("/etc/squid3/artica-meta/whitelist-domains.db")) {
@touch("/etc/squid3/artica-meta/whitelist-domains.db");
}
build_progress("{reconfigure} Whitelisted browsers", 50);
acl_whitelisted_browsers();
build_progress("{reconfigure} allowed browsers", 51);
acl_allowed_browsers();
echo "Starting......: " . date("H:i:s") . " Checking wrapzap\n";
build_progress("{reconfigure} wrapzap", 52);
wrapzap();
build_progress("{reconfigure} Mime.conf", 53);
mime_conf();
build_progress("{reconfigure} Blocked websites", 54);
$squid->BuildBlockedSites();
build_progress("{reconfigure} FTP clients ACLs", 55);
acl_clients_ftp();
build_progress("{checking_wccp_mode}", 55);
system("{$php5} /usr/share/artica-postfix/exec.squid.wccp.php --squid");
build_progress("{reconfigure} Dynamic rules caches", 56);
echo "Starting......: " . date("H:i:s") . " [SYS]: Dynamic rules caches...\n";
dyn_caches();
build_progress("{reconfigure} Webfiltering whitelisted", 57);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build url_rewrite_access deny...\n";
urlrewriteaccessdeny();
echo "Starting......: " . date("H:i:s") . " [SYS]:Squid building main configuration done\n";
build_progress("{reconfigure} Check files and security", 58);
CheckFilesAndSecurity();
$tar = $unix->find_program("tar");
if ($GLOBALS["NOAPPLY"]) {
$DenySquidWriteConf = 0;
}
if ($DenySquidWriteConf == 0) {
@mkdir("/tmp", 0755, true);
$squid->CURRENT_PROGRESS = 79;
$squid->MAX_PROGRESS = 79;
$conf = $squid->BuildSquidConf();
$conf = str_replace("\n\n", "\n", $conf);
build_progress("{writing_configuration}", 79);
@file_put_contents("/tmp/squid.conf", $conf);
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity of the configuration file with /tmp/squid.conf...\n";
$GLOBALS["SQUID_PATTERN_ERROR"] = array();
$squid_checks = new squid_checks("/tmp/squid.conf");
if (!$squid_checks->squid_parse()) {
build_progress("{checking}: {failed}", 110);
return;
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity OK...\n";
if ($GLOBALS["NOAPPLY"]) {
echo "Starting......: " . date("H:i:s") . " [SYS]: WARNING \"NOAPPLY\" Artica is denied to apply settings...\n";
return true;
}
echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Writing configuration file \"{$SQUID_CONFIG_PATH}\" " . strlen($conf) . " bytes...\n";
@file_put_contents($SQUID_CONFIG_PATH, $conf);
@mkdir("/etc/squid3", 0755, true);
if ($SQUID_CONFIG_PATH != "/etc/squid3/squid.conf") {
@file_put_contents("/etc/squid3/squid.conf", $conf);
}
$sock->TOP_NOTIFY("{squid_parameters_was_saved}", "info");
$cmd = $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --templates --noreload";
$unix->THREAD_COMMAND_SET($cmd);
}
build_progress("{checking}: squidclamav", 79);
if (!$smooth) {
squidclamav();
}
build_progress("{checking}: wrapzap", 79);
if (!$smooth) {
wrapzap();
}
build_progress("{checking}: Cerificates", 79);
if (!$smooth) {
certificate_generate();
}
$cmd = $nohup . " " . $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --cache-infos --force >/dev/null 2>&1 &";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
shell_exec($cmd);
shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.syslog-engine.php --rsylogd >/dev/null 2>&1 &");
if (!$smooth) {
build_progress("{checking}: Check Files And Security", 79);
CheckFilesAndSecurity();
}
if (is_file("/root/squid-good.tgz")) {
@unlink("/root/squid-good.tgz");
}
chdir("/etc/squid3");
shell_exec("cd /etc/squid3");
shell_exec("tar -czf /root/squid-good.tgz *");
chdir("/root");
shell_exec("cd /root");
return true;
}
function defragMylsql($innodb_file_pertable = 0)
{
$users = new usersMenus();
$tmpfile = "/home/mysqldump/all-database.sql";
$sock = new sockets();
$sock->SET_INFO("DisableMySqlTemp", 0);
$unix = new unix();
$MyPidFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($MyPidFile);
if ($unix->process_exists($pid, basename(__FILE__))) {
system_admin_events("Error, PID {$pid} already exists in memory, aborting", __FUNCTION__, __FILE__, __LINE__, "mysql");
die;
}
$mysqldump = $unix->find_program("mysqldump");
if (!is_file($mysqldump)) {
system_admin_events("Error, mysqldump no such binary, aborting", __FUNCTION__, __FILE__, __LINE__, "mysql");
die;
}
if (is_file("{$tmpfile}")) {
system_admin_events("{$tmpfile} exists, skip export task and run importation...", __FUNCTION__, __FILE__, __LINE__, "mysql");
Dumpimport($innodb_file_pertable);
return;
}
$sock->SET_INFO("DisableMySqlTemp", 0);
$q = new mysql();
$mysql_admin = $q->mysql_admin;
$mysql_server_ok = false;
$mysql_server = $q->mysql_server;
if ($mysql_server == "127.0.0.1") {
$mysql_server_ok = true;
}
if ($mysql_server == "localhost") {
$mysql_server_ok = true;
}
if (!$mysql_server_ok) {
system_admin_events("Error, {$mysql_server} not supported or remote server, aborting", __FUNCTION__, __FILE__, __LINE__, "mysql");
die;
}
if (trim($mysql_admin) == null) {
system_admin_events("Error, unable to get mysql_admin credentials", __FUNCTION__, __FILE__, __LINE__, "mysql");
die;
}
if ($innodb_file_pertable == 1) {
system_admin_events("INFO, The MySQL will be turned to innodb_file_per_table", __FUNCTION__, __FILE__, __LINE__, "mysql");
}
$password = $q->mysql_password;
if ($password != null) {
$passwordcmdline = " -p{$password}";
}
if ($users->ZARAFA_INSTALLED) {
system_admin_events("Starting launching the zarafa backup....", __FUNCTION__, __FILE__, __LINE__, "mysql");
shell_exec($unix->LOCATE_PHP5_BIN() . " " . dirname(__FILE__) . "/exec.zarafa-backup.php --exec");
}
@mkdir("/home/mysqldump", 0755, true);
$tmpfile = "/home/mysqldump/all-database.sql";
$tmpError = "/home/mysqldump/all-database.errors";
@unlink($tmpError);
@unlink($tmpfile);
$t = time();
system_admin_events("Starting dump all databases and tables with username {$mysql_admin}", __FUNCTION__, __FILE__, __LINE__, "mysql");
$cmdline = "{$mysqldump} -u {$mysql_admin}{$passwordcmdline} --add-drop-database --opt --all-databases --log-error={$tmpError} >{$tmpfile}";
if ($GLOBALS["VERBOSE"]) {
echo $cmdline . "\n";
}
shell_exec($cmdline);
$f = file($tmpError);
$filesize = $unix->file_size($tmpfile);
$filesizeText = FormatBytes($filesize / 1024);
$t2 = time();
$took = $unix->distanceOfTimeInWords($t, $t2, true);
system_admin_events("finish dump all databases and tables filesize={$filesizeText} took: {$took}", __FUNCTION__, __FILE__, __LINE__, "mysql");
while (list($index, $line) = each($f)) {
if (preg_match("#error:\\s+([0-9]+)#i", $line)) {
system_admin_events("Failed with error {$line}", __FUNCTION__, __FILE__, __LINE__, "mysql");
return;
}
}
if ($filesize < 500) {
system_admin_events("Failed empty dump file...", __FUNCTION__, __FILE__, __LINE__, "mysql");
return;
}
Dumpimport();
$took = $unix->distanceOfTimeInWords($t, time(), true);
system_admin_events("Defrag the entire Mysql done took:{$took}", __FUNCTION__, __FILE__, __LINE__, "mysql");
$sock->TOP_NOTIFY("Defrag the entire Mysql done took:{$took}", "info");
}
