function build_rules() { $q = new mysql_squid_builder(); $unix = new unix(); $SQUID_BIN = $unix->LOCATE_SQUID_BIN(); build_progress("{IT_charter}", 25); $sql = "SELECT ID,title FROM itcharters WHERE enabled=1"; $results = $q->QUERY_SQL($sql); if (!$q->ok) { build_progress("{IT_charter} {mysql_error}", 110); echo $q->mysql_error; return; } if (mysql_num_rows($results) == 0) { @unlink("/etc/squid3/itCharts.enabled.db"); squid_admin_mysql(1, "Reloading Proxy service (itCharts)", null, __FILE__, __LINE__); build_progress("{IT_charter} {reload_proxy_service}", 90); system("{$SQUID_BIN} -f /etc/squid3/squid.conf -k reconfigure"); build_progress("{IT_charter} {done} 0 {item}", 100); return; } while ($ligne = mysql_fetch_assoc($results)) { build_progress("{$ligne["title"]}", 50); echo "{$ligne["ID"]}: {$ligne["title"]}\n"; $MAIN[$ligne["ID"]] = $ligne["title"]; } @file_put_contents("/etc/squid3/itCharts.enabled.db", serialize($MAIN)); squid_admin_mysql(1, "Reloading Proxy service (itCharts)", null, __FILE__, __LINE__); build_progress("{IT_charter} {reload_proxy_service}", 90); system("{$SQUID_BIN} -f /etc/squid3/squid.conf -k reconfigure"); build_progress("{IT_charter} {done} " . count($MAIN) . " {items}", 100); }
function ReloadMacHelpers($output = false) { @mkdir("/var/log/squid/reload", 0755, true); $unix = new unix(); $pgrep = $unix->find_program("pgrep"); $rm = $unix->find_program("rm"); shell_exec("{$rm} /var/log/squid/reload/*.ufdbgclient.php"); if (is_file("/var/log/squid/UfdbguardCache.db")) { @unlink("/var/log/squid/UfdbguardCache.db"); } exec("{$pgrep} -l -f \"ufdbgclient.php\" 2>&1", $results); while (list($index, $ligne) = each($results)) { if (preg_match("#pgrep#", $ligne)) { continue; } if (!preg_match("#^([0-9]+)\\s+#", $ligne, $re)) { continue; } $PIDS[] = $re[1]; echo "Starting......: " . date("H:i:s") . " [INIT]: Webfilter client reloading PID {$re[1]}\n"; @touch("/var/log/squid/reload/{$re[1]}.ufdbgclient.php"); @chown("/var/log/squid/reload/{$re[1]}.ufdbgclient.php", "squid"); @chgrp("/var/log/squid/reload/{$re[1]}.ufdbgclient.php", "squid"); } squid_admin_mysql(2, count($PIDS) . " Artica helper(s) was reloaded", null, __FILE__, __LINE__); }
function start() { $unix = new unix(); $unix->ToSyslog("[START_STOP]: Server is started..."); squid_admin_mysql(0, "Server is is started!", "This a notification that notice a system start procedure on the server", __FILE__, __LINE__); $sock = new sockets(); system_admin_mysql(0, "Server is started!", "This a notification that notice a system start procedure on the server", __FILE__, __LINE__); }
function start() { $pidtime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time"; $pidFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $unix = new unix(); $pid = $unix->get_pid_from_file($pidFile); if ($unix->process_exists($pid)) { return; } @file_put_contents($pidFile, getmypid()); $time = $unix->file_time_min($pidtime); if ($time < 5) { return; } @file_put_contents($pidtime, time()); $free = $unix->find_program("free"); $echo = $unix->find_program("echo"); $sync = $unix->find_program("sync"); $swapoff = $unix->find_program("swapoff"); $swapon = $unix->find_program("swapon"); exec("{$free} 2>&1", $results); $used = 0; $total = 0; while (list($num, $ligne) = each($results)) { if (preg_match("#Swap:\\s+([0-9]+)\\s+([0-9]+)\\s+([0-9]+)#", $ligne, $re)) { $total = $re[1]; $used = $re[2]; } } if (!is_numeric($total)) { return; } if ($total == 0) { return; } if ($used == 0) { return; } if ($total == $used) { return; } $tot1 = $used / $total; $tot1 = $tot1 * 100; if ($GLOBALS["VERBOSE"]) { echo "Swap:{$used}/{$total} - {$tot1}\n"; } $perc = round($tot1); if ($GLOBALS["VERBOSE"]) { echo "Swap:{$used}/{$total} {$perc}%\n"; } $t = time(); $GLOBALS["ALL_SCORES"]++; shell_exec("{$swapoff} -a && {$swapon} -a"); $usedTXT = FormatBytes($used); $report = $unix->ps_mem_report(); $distance = $unix->distanceOfTimeInWords($t, time(), true); squid_admin_mysql(0, "System swap exceed rule: {$perc}%", "Used {$usedTXT}\nSystem cache was flushed took {$distance}\nThis means you did have enough memory for this computer.\n{$report}", __FILE__, __LINE__); }
function restart() { $unix = new unix(); $nohup = $unix->find_program("nohup"); $php5 = $unix->LOCATE_PHP5_BIN(); shell_exec("{$php5} /usr/share/artica-postfix/exec.initslapd.php --haarp"); squid_admin_mysql(0, "Framework order to restart Haarp", ""); shell_exec("{$nohup} /etc/init.d/haarp restart >/dev/null 2>&1 &"); shell_exec("{$nohup} /etc/init.d/artica-status reload >/dev/null 2>&1 &"); }
function Parseline($buffer) { $buffer = trim($buffer); if ($buffer == null) { return null; } if (strpos($buffer, "init urllist") > 0) { return; } if (strpos($buffer, "init expressionlist") > 0) { return; } if (strpos($buffer, "init domainlist") > 0) { return; } if (preg_match('#INFO: loading dbfile (.+)#', $buffer, $re)) { events("LOADING {$re['1']}"); $GLOBALS[__FILE__]["DBFILE"] = trim($re[1]); return null; } if (preg_match("#FATAL: Error db_open: Unknown error#", $buffer, $re)) { events("ERROR ON {$GLOBALS[__FILE__]["DBFILE"]} : {$buffer}"); if (basename($GLOBALS[__FILE__]["DBFILE"]) == "urls.db") { events("urls.db -> create " . dirname($GLOBALS[__FILE__]["DBFILE"]) . "/urls it and recompile it"); @file_put_contents(dirname($GLOBALS[__FILE__]["DBFILE"]) . "/urls", "www." . md5(time()) . ".bv"); } $file = "/etc/artica-postfix/croned.1/squidguard." . md5($GLOBALS[__FILE__]["DBFILE"]) . ".error"; if (IfFileTime($file)) { $cmd = LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.squidguard.php --compile-single \"{$GLOBALS[__FILE__]["DBFILE"]}\" &"; events("{$cmd}"); shell_exec($cmd); WriteFileCache($file); } return null; } if (preg_match("#\\]\\s+(.+?):\\s+Cannot allocate memory#", $buffer, $re)) { events("ERROR ON {$re[1]} : Cannot allocate memory -> create it"); @file_put_contents($re[1], "www." . md5(time()) . ".bv"); squid_admin_mysql(1, "Web filtering: Cannot allocate memory", "{$buffer}"); return null; } if (preg_match("#\\]\\s+(.+?):\\s+No such file or directory#", $buffer, $re)) { events("ERROR ON {$re[1]} : No such file or directory -> create it"); @file_put_contents($re[1], "www.nodomain.bv"); return null; } if (strpos($buffer, "ERROR: Going into emergency mode") > 0) { events("ERROR: Going into emergency mode"); squid_admin_mysql(1, "Web filtering: turn to emergency mode", "{$buffer}\nPlease contact your support to fix this problem\ncurrently, no filtering urls will be enabled"); send_email_events("squidguard: squidguard turn to emergency mode", "SquidGuard claim\n{$buffer}\nPlease contact your support to fix this problem\ncurrently, no filtering urls will be enabled", "proxy"); return; } events("Not filtered: {$buffer}"); }
function build($uri) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $unix = new unix(); $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { die; } @file_put_contents($pidfile, getmypid()); $echo = $unix->find_program("echo"); $curl = $unix->find_program("curl"); $squidbin = $unix->LOCATE_SQUID_BIN(); $curl = $unix->find_program("curl"); @unlink("/var/log/squid/request.debug"); $DirFinal = "/usr/share/artica-postfix/ressources/support/" . time(); @mkdir($DirFinal, 0755, true); $SquidMgrListenPort = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/SquidMgrListenPort")); shell_exec("{$echo} \"Proxy address 127.0.0.1:{$SquidMgrListenPort}\" > /var/log/squid/request.debug 2>&1"); shell_exec("{$echo} \"Url to test: {$uri} \" >> /var/log/squid/request.debug 2>&1"); progress("{rotate_logs_files}", 30); shell_exec("{$echo} \"Rotate & turn to debug... \" >> /var/log/squid/request.debug 2>&1"); @copy("/var/log/squid/access.log", "/var/log/squid/access.log." . time()); shell_exec("{$squidbin} -k rotate >> /var/log/squid/request.debug 2>&1"); progress("{turn_to_debug}", 35); shell_exec("{$squidbin} -k debug >/dev/null 2>&1"); sleep(4); progress("{send_query}", 40); $cmd = "{$curl} --head --verbose --trace-time --proxy http://127.0.0.1:{$SquidMgrListenPort} --url {$uri} >> /var/log/squid/request.debug 2>&1"; shell_exec("{$echo} \"{$cmd}\" >> /var/log/squid/request.debug 2>&1"); shell_exec($cmd); sleep(4); progress("{return_back_to_normal}", 40); LogsThisDebug("************************************************************"); squid_admin_mysql(1, "Reconfiguring proxy service", null, __FILE__, __LINE__); shell_exec("/etc/init.d/squid reload --script=" . basename(__FILE__) . " >> /var/log/squid/request.debug 2>&1"); LogsThisDebug("************************************************************"); sleep(1); @copy("/var/log/squid/cache.log", "{$DirFinal}/cache.log"); progress("{compressing_package}", 90); $tar = $unix->find_program("tar"); $rm = $unix->find_program("rm"); $filename = "request.tar.gz"; @unlink("/usr/share/artica-postfix/ressources/support/{$filename}"); @copy("/var/log/squid/request.debug", "{$DirFinal}/request.debug"); @unlink("/var/log/squid/request.debug"); chdir($DirFinal); $cmd = "{$tar} -cvzf /usr/share/artica-postfix/ressources/support/{$filename} * 2>&1"; exec($cmd, $results); @chmod("/usr/share/artica-postfix/ressources/support/{$filename}", 0755); shell_exec("{$rm} -rf {$DirFinal}"); LogsThisDebug("*********************************************************"); $c = 0; progress("{success}", 100); }
function init() { $unix = new unix(); $rm = $unix->find_program("rm"); shell_exec("{$rm} -rf /var/lib/squid/session/ssl >/dev/null 2>&1"); @mkdir("/var/lib/squid/session/ssl", 0755, true); @chown("/var/lib/squid/session/ssl", "squid"); @chgrp("/var/lib/squid/session/ssl", "squid"); $sslcrtd_program = $unix->squid_locate_generic_bin("ssl_crtd"); $chown = $unix->find_program("chown"); exec("{$sslcrtd_program} -c -s /var/lib/squid/session/ssl/ssl_db 2>&1", $results); shell_exec("{$chown} -R squid:squid /var/lib/squid/session"); squid_admin_mysql(1, "SSL database initialized", @implode("\n", $results), __FILE__, __LINE__); }
function build_whitelist() { build_progress_wb("{compiling}", 30); urlrewriteaccessdeny(); build_progress_wb("{compiling}", 35); urlrewriteaccessdeny_squid(); build_progress_wb("{compiling}", 40); build_blacklists(); $unix = new unix(); $php5 = $unix->LOCATE_PHP5_BIN(); $squidbin = $unix->LOCATE_SQUID_BIN(); squid_admin_mysql(2, "Reloading proxy service for whitelist domains", null, __FILE__, __LINE__); build_progress_wb("{reloading}", 90); system("{$squidbin} -k reconfigure"); build_progress_wb("{done}", 100); }
function xfiledesc() { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pidTime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time"; $unix = new unix(); $pid = @file_get_contents($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { squid_admin_mysql(0, "Cannot change file descriptors (PID {$pid} already executed)", null, __FILE__, __LINE__); die; } @file_put_contents($pidfile, getmypid()); $TimePid = $unix->file_time_min($pidTime); if ($TimePid < 5) { squid_admin_mysql(0, "Cannot change file descriptors ( require 5mn, current {$TimePid}mn)", null, __FILE__, __LINE__); die; } @unlink($pidTime); @file_put_contents($pidTime, time()); $squid = new squidbee(); $sock = new sockets(); $sysctl = $unix->find_program("sysctl"); $t = time(); if (!is_numeric($squid->max_filedesc)) { $squid->max_filedesc = 8192; } exec("{$sysctl} -n fs.file-max", $results); $file_max = intval(trim(@implode("", $results))); $file_max_org = $file_max; $max_filedesc = intval($squid->max_filedesc); if ($max_filedesc == 0) { $max_filedesc = 8192; } $new_max_filedesc = $max_filedesc + 1000; echo "Current System: {$file_max}, Proxy {$max_filedesc}\n"; if ($new_max_filedesc > $file_max - 100) { $file_max = $file_max + 1000; shell_exec("{$sysctl} -w fs.file-max={$file_max}"); $unix->sysctl("fs.file-max", $file_max); } $squid->max_filedesc = $new_max_filedesc; $squid->SaveToLdap(true); $php = $unix->LOCATE_PHP5_BIN(); shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --force"); squid_admin_mysql(0, "Restarting Proxy service to increase file descriptors from {$max_filedesc}/{$file_max_org} to {$new_max_filedesc}/{$file_max}", null, __FILE__, __LINE__); shell_exec("/etc/init.d/squid restart --force"); }
function pgsql() { if (extension_loaded('pgsql')) { return; } $unix = new unix(); $FileTime = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".time"; if ($unix->file_time_min($FileTime) < 15) { return; } @unlink($FileTime); @file_put_contents($FileTime, time()); squid_admin_mysql(1, "Installing missing package php5-pgsql", null, __FILE__, __LINE__); $unix->DEBIAN_INSTALL_PACKAGE("php5-pgsql"); system("/usr/share/artica-postfix/exec.php.ini.php"); system("/etc/init.d/artica-webconsole restart"); system("/etc/init.d/artica-status restart"); }
function build_whitelist() { $sock = new sockets(); $EnableTransparent27 = intval($sock->GET_INFO("EnableTransparent27")); $PrivoxyEnabled = intval($sock->GET_INFO("PrivoxyEnabled")); build_progress_wb("{compiling}", 30); urlrewriteaccessdeny(); build_progress_wb("{compiling}", 35); urlrewriteaccessdeny_squid(); build_progress_wb("{compiling}", 40); @unlink("/var/log/squid/ufdbgclient.black.db"); @file_put_contents("/etc/squid3/ip-blacklists.db", "#"); @file_put_contents("/etc/squid3/www-blacklists.db", "#"); build_blacklists(true); build_progress_wb("{compiling}", 50); $unix = new unix(); if ($PrivoxyEnabled == 1) { build_progress_wb("{compiling} {APP_PRIVOXY}", 55); shell_exec("/etc/init.d/privoxy restart"); build_progress_wb("{compiling} {APP_PRIVOXY} {done}", 60); } build_progress_wb("{reloading}", 65); system("/etc/init.d/squid reload --script=" . basename(__FILE__)); $sock = new sockets(); $EnableTransparent27 = intval($sock->GET_INFO("EnableTransparent27")); $PrivoxyEnabled = intval($sock->GET_INFO("PrivoxyEnabled")); if ($EnableTransparent27 == 1) { build_progress_wb("{reloading} NAT", 70); system("/etc/init.d/squid-nat reload --script=" . basename(__FILE__)); } $php5 = $unix->LOCATE_PHP5_BIN(); $squidbin = $unix->LOCATE_SQUID_BIN(); squid_admin_mysql(2, "Reloading proxy service for whitelist domains", null, __FILE__, __LINE__); build_progress_wb("{reloading}", 90); system("{$squidbin} -k reconfigure"); build_progress_wb("{done}", 100); }
function RestartDedicatedServices($aspid = false) { $unix = new unix(); if ($aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = @file_get_contents($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); echo "Starting......: " . date("H:i:s") . " RestartDedicatedServices already executed PID: {$pid} since {$time}Mn\n"; if ($time < 120) { if (!$GLOBALS["FORCE"]) { die; } } unix_system_kill_force($pid); } @file_put_contents($pidfile, getmypid()); } $nohup = $unix->find_program("nohup"); $php = $unix->LOCATE_PHP5_BIN(); $squidbin = $unix->LOCATE_SQUID_BIN(); $unix->THREAD_COMMAND_SET("{$php} /usr/share/artica-postfix/exec.web-community-filter.php --register"); events("Starting artica"); echo "Starting......: " . date("H:i:s") . " nightly builds starting artica...\n"; @file_put_contents("/usr/share/artica-postfix/download_progress", 45); system("/etc/init.d/artica-postfix start"); echo "Starting......: " . date("H:i:s") . " nightly builds building init scripts\n"; @file_put_contents("/usr/share/artica-postfix/download_progress", 50); system("{$php} /usr/share/artica-postfix/exec.initslapd.php --force >/dev/null 2>&1"); echo "Starting......: " . date("H:i:s") . " nightly builds updating network\n"; @file_put_contents("/usr/share/artica-postfix/download_progress", 55); system("{$php} /usr/share/artica-postfix/exec.virtuals-ip.php >/dev/null 2>&1"); system("{$php} /usr/share/artica-postfix/exec.monit.php --build >/dev/null 2>&1"); echo "Starting......: " . date("H:i:s") . " nightly builds purge and clean....\n"; @file_put_contents("/usr/share/artica-postfix/download_progress", 60); shell_exec("{$nohup} /etc/init.d/slapd start >/dev/null 2>&1 &"); shell_exec("{$nohup} /etc/init.d/artica-webconsole start >/dev/null 2>&1 &"); if (is_file("/etc/init.d/nginx")) { shell_exec("{$nohup} /etc/init.d/nginx reload >/dev/null 2>&1 &"); } shell_exec("{$nohup} /etc/init.d/auth-tail restart >/dev/null 2>&1 &"); shell_exec("{$nohup} /etc/init.d/artica-framework restart >/dev/null 2>&1 &"); shell_exec("{$nohup} /usr/share/artica-postfix/bin/process1 -perm >/dev/null 2>&1 &"); shell_exec("{$nohup} /usr/share/artica-postfix/bin/artica-make --empty-cache >/dev/null 2>&1 &"); shell_exec("{$nohup} /etc/init.d/monit restart >/dev/null 2>&1 &"); shell_exec("{$nohup} /etc/init.d/artica-status restart --force >/dev/null 2>&1 &"); shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.squid.php --build-schedules >/dev/null 2>&1 &"); shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.schedules.php --defaults >/dev/null 2>&1 &"); if (is_file($squidbin)) { squid_admin_mysql(1, "Reconfiguring proxy service", null, __FILE__, __LINE__); $cmd = "/etc/init.d/squid reload --script=" . basename(__FILE__) . " >/dev/null 2>&1 &"; shell_exec($cmd); } events("done"); @file_put_contents("/usr/share/artica-postfix/download_progress", 100); echo "Starting......: " . date("H:i:s") . " Done you can close the screen....\n"; _artica_update_event(2, "RestartDedicatedServices(): finish", null, __FILE__, __LINE__); }
public function CheckDefaultSchedules() { $allminutes = "1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59"; if (!$this->TABLE_EXISTS('webfilters_schedules', $this->database)) { $sql = "CREATE TABLE `squidlogs`.`webfilters_schedules` (\n\t\t\t`ID` INT UNSIGNED AUTO_INCREMENT PRIMARY KEY ,\n\t\t\t`TimeText` VARCHAR( 128 ) NOT NULL ,\n\t\t\t`TimeDescription` VARCHAR( 128 ) NOT NULL ,\n\t\t\t`TaskType` SMALLINT( 1 ) NOT NULL ,\n\t\t\t`enabled` SMALLINT( 1 ) NOT NULL ,\n\t\t\tINDEX ( `TaskType` , `TimeDescription`,`enabled`)\n\t\t\t) ENGINE=MYISAM;"; $this->QUERY_SQL($sql, $this->database); if (!$this->ok) { writelogs("Fatal!!! {$this->mysql_error}", __CLASS__ . "/" . __FUNCTION__, __FILE__, __LINE__); return; } } $update = false; $array[1] = array("TimeText" => "0 0,3,5,7,9,11,13,15,17,19,23 * * *", "TimeDescription" => "Check update each 3H"); $array[6] = array("TimeText" => "20,40,59 * * * *", "TimeDescription" => "each 20mn"); $array[8] = array("TimeText" => "30 5,10,15,20 * * *", "TimeDescription" => "each 5 hours"); $array[9] = array("TimeText" => "0 3 * * *", "TimeDescription" => "each day at 03:00"); $array[10] = array("TimeText" => "0 5 * * *", "TimeDescription" => "each day at 05:00"); $array[11] = array("TimeText" => "0 1 * * *", "TimeDescription" => "each day at 01:00"); $array[25] = array("TimeText" => "30 2 * * *", "TimeDescription" => "each day at 02:30"); $array[2] = array("TimeText" => "0 * * * *", "TimeDescription" => "Each hour"); $array[3] = array("TimeText" => "0 3 * * *", "TimeDescription" => "each day at 03:00"); $array[15] = array("TimeText" => "0 * * * *", "TimeDescription" => "Calculate cache performance each hour"); $array[16] = array("TimeText" => "30 5,10,15,20 * * *", "TimeDescription" => "each 5 hours"); $array[17] = array("TimeText" => "30 * * * *", "TimeDescription" => "each 1h30"); $array[21] = array("TimeText" => "0 2,4,6,8,10,12,14,16,18,20,22 * * *", "TimeDescription" => "Check AD server each 2H"); $array[28] = array("TimeText" => "10,20,30,40,50 * * * *", "TimeDescription" => "check thumbnails queue each 10mn"); $array[29] = array("TimeText" => "30 6 * * *", "TimeDescription" => "Update infected uris Each day at 06h30"); $array[30] = array("TimeText" => "30 4 * * *", "TimeDescription" => "Update precompiled databases Each day at 04h30"); $array[31] = array("TimeText" => "0,5,10,15,20,25,30,35,40,45,50,55 * * * *", "TimeDescription" => "Check queue requests each 5mn"); $array[32] = array("TimeText" => "0,10,20,30,40,50 * * * *", "TimeDescription" => "Check framework requests each 10mn"); $array[37] = array("TimeText" => "* * * * *", "TimeDescription" => "Inject into Mysql each minute"); $array[38] = array("TimeText" => "* * * * *", "TimeDescription" => "Inject into Mysql each minute"); $array[40] = array("TimeText" => "10 * * * *", "TimeDescription" => "Each hour +10mn"); $array[42] = array("TimeText" => "30 4 * * *", "TimeDescription" => "Compile Toulouse databases tables Each day at 04h30"); $array[43] = array("TimeText" => "30 3 * * *", "TimeDescription" => "Lost tables Each day at 03h30"); $array[46] = array("TimeText" => "7,22,37,52 * * * *", "TimeDescription" => "each 15mn"); $array[47] = array("TimeText" => "30 2 * * *", "TimeDescription" => "Daily Purge Statistics at 2h30"); $array[51] = array("TimeText" => "30 5 * * *", "TimeDescription" => "Restart Web Filtering service each day at 05h30"); $array[52] = array("TimeText" => "0,5,10,15,20,25,30,35,40,45,50,55 * * * *", "TimeDescription" => "Generate Proxy status each 5mn"); $array[53] = array("TimeText" => "0 1 * * *", "TimeDescription" => "Generate Statistics, each day at 01h00"); $array[56] = array("TimeText" => "59 23 * * *", "TimeDescription" => "each day at 23:59"); $array[57] = array("TimeText" => "30 3 * * *", "TimeDescription" => "each day at 03:30"); $array[60] = array("TimeText" => "0,6,11,16,21,26,31,36,41,46,51,56 * * * *", "TimeDescription" => "each 5 minutes"); $this->tasks_disabled[6] = true; $this->tasks_disabled[2] = true; $this->tasks_disabled[9] = true; $this->tasks_disabled[10] = true; $this->tasks_disabled[11] = true; $this->tasks_disabled[15] = true; $this->tasks_disabled[16] = true; $this->tasks_disabled[23] = true; $this->tasks_disabled[25] = true; $this->tasks_disabled[28] = true; $this->tasks_disabled[34] = true; $this->tasks_disabled[36] = true; $this->tasks_disabled[40] = true; $this->tasks_disabled[43] = true; $this->tasks_disabled[44] = true; $this->tasks_disabled[49] = true; $this->tasks_disabled[50] = true; $this->tasks_disabled[55] = true; while (list($TaskType, $content) = each($array)) { if ($GLOBALS["VERBOSE"]) { echo "<strong style='color:blue'>{$TaskType}</strong>\n"; } if (isset($this->tasks_disabled[$TaskType])) { if ($this->tasks_disabled[$TaskType]) { if ($GLOBALS["VERBOSE"]) { echo "<strong style='color:#d32d2d'>{$TaskType} tasks_disabled</strong>\n"; } continue; } } $ligne = mysql_fetch_array($this->QUERY_SQL("SELECT ID FROM webfilters_schedules WHERE TaskType={$TaskType}")); if ($ligne["ID"] > 0) { if ($GLOBALS["VERBOSE"]) { echo "<strong style='color:#d32d2d'>{$TaskType} Already saved as {$ligne["ID"]}</strong>\n"; } continue; } $sql = "INSERT IGNORE INTO webfilters_schedules (TimeDescription,TimeText,TaskType,enabled) \n\t\t\t\t\tVALUES('{$content["TimeDescription"]}','{$content["TimeText"]}','{$TaskType}',1)"; if (function_exists("squid_admin_mysql")) { squid_admin_mysql(1, "Task type {$TaskType} is not added into scheduler or removed [add it]", "{$content["TimeDescription"]}", __FILE__, __LINE__); } $this->QUERY_SQL($sql); if (!$this->ok) { squid_admin_mysql(1, "Task type {$TaskType} MySQL error", "{$sql}\n{$q->mysql_error}\n", __FILE__, __LINE__); continue; } $update = true; } if ($update) { $sock = new sockets(); $sock->getFrameWork("squid.php?build-schedules=yes"); } }
function ucarp_down() { $unix = new unix(); $interface = $_GET["ucarp-down"]; $master = $_GET["master"]; $NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES(true); if (!isset($NETWORK_ALL_INTERFACES[$interface])) { writelogs_framework("Interface {$interface} not up [OK]", __FUNCTION__, __FILE__, __LINE__); return; } $nohup = $unix->find_program("nohup"); $MN = unserialize(@file_get_contents("/usr/share/ucarp/ETH_LIST")); while (list($eth, $line) = each($MN)) { writelogs_framework("Interface {$eth} down [OK]", __FUNCTION__, __FILE__, __LINE__); $cmd = "{$nohup} /usr/share/ucarp/vip-eth0-down.sh >/dev/null 2>&1"; writelogs_framework($cmd, __FUNCTION__, __FILE__, __LINE__); shell_exec($cmd); squid_admin_mysql(0, "Master [{$master}]: Ordered to shutdown {$interface} [OK]", null, __FILE__, __LINE__); echo "<articadatascgi>DOWN_OK</articadatascgi>"; } }
function stop_ufdbguard($aspid = false) { $unix = new unix(); if (!$aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service Already Artica task running PID {$pid} since {$time}mn\n"; } return; } @file_put_contents($pidfile, getmypid()); } $pid = ufdbguard_pid(); if (!$unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service already stopped...\n"; } return; } $pid = ufdbguard_pid(); $nohup = $unix->find_program("nohup"); $php5 = $unix->LOCATE_PHP5_BIN(); $kill = $unix->find_program("kill"); squid_admin_mysql(0, "Stopping Web Filtering engine service", "", __FILE__, __LINE__); if ($GLOBALS["OUTPUT"]) { echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service Shutdown pid {$pid}...\n"; } unix_system_kill($pid); for ($i = 0; $i < 5; $i++) { $pid = ufdbguard_pid(); if (!$unix->process_exists($pid)) { break; } if ($GLOBALS["OUTPUT"]) { echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service waiting pid:{$pid} {$i}/5...\n"; } sleep(1); } $pid = ufdbguard_pid(); if (!$unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service success...\n"; } return; } if ($GLOBALS["OUTPUT"]) { echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service shutdown - force - pid {$pid}...\n"; } unix_system_kill_force($pid); for ($i = 0; $i < 5; $i++) { $pid = ufdbguard_pid(); if (!$unix->process_exists($pid)) { break; } if ($GLOBALS["OUTPUT"]) { echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service waiting pid:{$pid} {$i}/5...\n"; } sleep(1); } if ($unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service failed...\n"; } return; } }
function inject_stored_items($nopid = false) { $unix = new unix(); $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; if (system_is_overloaded(basename(__FILE__))) { $php = $unix->LOCATE_PHP5_BIN(); ufdbguard_admin_events("Overloaded system... ask to run this task later...", __FUNCTION__, __FILE__, __LINE__, "proxy"); $unix->THREAD_COMMAND_SET("{$php} " . __FILE__ . " --inject"); } if (!$nopid) { $pid = @file_get_contents($pidfile); $myfile = basename(__FILE__); if ($unix->process_exists($pid, $myfile)) { ufdbguard_admin_events("Task already running PID: {$pid}, aborting current task", __FUNCTION__, __FILE__, __LINE__, "proxy"); return; } } $mypid = getmypid(); @file_put_contents($pidfile, $mypid); $t1 = time(); $file = "/var/cache/purge.calculated.db"; if (!is_file($file)) { echo "{$file} no such file\n"; return; } $q = new mysql_blackbox(); if (!$q->TABLE_EXISTS("cacheitems_localhost")) { $q->build_cached_items_table("localhost"); } $BIGARRAY = inject_stored_array(); $prefix = "INSERT IGNORE INTO cacheitems_localhost(sitename,familysite,size,items) VALUES "; $q->QUERY_SQL("TRUNCATE TABLE cacheitems_localhost"); $f = array(); $c = 0; while (list($sitename, $array) = each($BIGARRAY)) { $c++; $f[] = "('{$sitename}','{$array["FAMILY"]}','{$array["SIZE"]}','{$array["ITEMS"]}')"; if (count($f) > 500) { $q->QUERY_SQL($prefix . @implode(",", $f)); if (!$q->ok) { squid_admin_mysql(0, "MySQL error!", $q->mysql_error, __FILE__, __LINE__); return; } } } if (count($f) > 0) { $q->QUERY_SQL($prefix . @implode(",", $f)); if (!$q->ok) { squid_admin_mysql(0, "MySQL error!", $q->mysql_error, __FILE__, __LINE__); return; } } $took = $unix->distanceOfTimeInWords($t1, time()); if ($c > 0) { squid_admin_mysql(2, "Sucess adding {$c} cached websites took:{$took}", null, __FILE__, __LINE__); } @unlink($file); }
function clean_mx_de($targetpath = null) { $unix = new unix(); $uri = "http://support.clean-mx.de/clean-mx/xmlphishing.php?"; $curl = new ccurl($uri); if (preg_match("#^--#", $targetpath)) { $targetpath = null; } if ($targetpath == null) { $targetpath = $unix->FILE_TEMP(); } echo "Target path: {$targetpath}\n"; if (!is_file($targetpath)) { $curl = new ccurl("{$uri}"); $curl->Timeout = 3600; if (!$curl->GetFile($targetpath)) { squid_admin_mysql(0, "Clean MX: Unable to download XML file {$curl->error}", null, __FILE__, __LINE__); @unlink($targetpath); } } $fp = @fopen($targetpath, "r"); if (!$fp) { if ($GLOBALS["DEBUG_GREP"]) { echo "{$targetpath} BAD FD\n"; } @unlink($targetpath); return array(); } $l = 0; $q = new mysql_squid_builder(); while (!feof($fp)) { $l++; $ligne = trim(fgets($fp)); if ($ligne == null) { continue; } if (!preg_match("#<url><\\!\\[CDATA\\[http:\\/\\/(.+?)\\]\\]><\\/url>#", $ligne, $re)) { continue; } $line = $re[1]; if (preg_match("#http:\\/\\/(.+?)#", $line, $re)) { $line = $re[1]; } if (preg_match("#https:\\/\\/(.+?)#", $line, $re)) { $line = $re[1]; } $line = mysql_escape_string2($line); $md5 = md5($line); $SQLZ[] = "('{$md5}',NOW(),'{$line}',1)"; if (count($SQLZ) > 500) { sleep(1); $q->QUERY_SQL($GLOBALS["PREFIX"] . @implode(",", $SQLZ)); if (!$q->ok) { echo $q->mysql_error; @fclose($fp); @unlink($targetpath); return; } } } @fclose($fp); @unlink($targetpath); if (count($SQLZ) > 0) { $q->QUERY_SQL($GLOBALS["PREFIX"] . @implode(",", $SQLZ)); } }
function parse_memory() { $unix = new unix(); $nginx = $unix->find_program("nginx"); $sock = new sockets(); $nginx = $unix->find_program("nginx"); if (!is_file($nginx)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, not installed\n"; } return; } $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pidtime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time"; $pidStampReload = $GLOBALS["pidStampReload"]; if (!$GLOBALS["VERBOSE"]) { echo "{$pidtime}\n"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx Already Artica task running PID {$pid} since {$time}mn\n"; } return; } $TimExec = $unix->file_time_min($pidtime); if ($TimExec < 5) { return; } } @file_put_contents($pidfile, getmypid()); @unlink($pidtime); @file_put_contents($pidtime, time()); $python = $unix->find_program("python"); $nice = $unix->EXEC_NICE(); exec("{$nice}{$python} /usr/share/artica-postfix/bin/ps_mem.py 2>&1", $results); $FOUND = false; while (list($index, $line) = each($results)) { $line = trim($line); if ($line == null) { continue; } if (!preg_match("#^[0-9\\.]+.*?=\\s+([0-9\\.]+)\\s+(.+?)\\s+nginx#", $line, $re)) { if ($GLOBALS["VERBOSE"]) { echo "Not found \"{$line}\"\n"; } continue; } $memoryValue = $re[1]; $unit = trim(strtolower($re[2])); echo "Found {$memoryValue} {$unit}\n"; if ($unit == "kib") { $memoryValue = $memoryValue / 1048.576; } if ($unit == "mib") { $memoryValue = $memoryValue * 1.048576; } if ($unit == "gib") { $memoryValue = $memoryValue * 1048.576; } $FOUND = true; break; } if (!$FOUND) { if ($GLOBALS["VERBOSE"]) { echo "Not found...\n"; } return; } $memoryValue = round($memoryValue, 2); $MaxMemory = max_memory(); $MaxMemoryReload = $MaxMemory / 2; $memoryValueInt = intval($memoryValue); echo "Nginx = {$memoryValue} MB INT({$memoryValueInt}) Reload on:{$MaxMemoryReload}MB; Restart on:{$MaxMemory}MB\n"; $ACTION_DONE = false; if ($MaxMemory > 0) { if ($memoryValueInt > 0) { if ($memoryValueInt > $MaxMemoryReload) { $StampTime = $unix->file_time_min($pidStampReload); if ($StampTime > 20) { squid_admin_mysql(1, "Reverse proxy reach medium memory {$memoryValueInt}MB Reload:{$MaxMemoryReload}MB [action=reload]", "The service will be restarted"); reload(true); @unlink($pidStampReload); @file_put_contents($pidStampReload, time()); $ACTION_DONE = true; } } if (!$ACTION_DONE) { if ($memoryValueInt > $MaxMemory) { squid_admin_mysql(0, "Reverse proxy reach max memory allowed {$memoryValueInt}MB MAX:{$MaxMemory}MB [action=restart]", "The service will be restarted"); stop(true); start(true); @unlink($pidStampReload); } } } } add_memory_value($memoryValue); }
function clean_space() { $unix = new unix(); $Pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $PidTime = "/etc/artica-postfix/pids/exec.clean.logs.php.clean_space.time"; // /etc/artica-postfix/pids/exec.clean.logs.php.squidClean.time $pid = $unix->get_pid_from_file($Pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { if ($GLOBALS["VERBOSE"]) { echo "Aborting Task already running pid {$pid} " . __FUNCTION__ . "()\n"; } return; } @file_put_contents($Pidfile, getmypid()); if (!$GLOBALS["VERBOSE"]) { $time = $unix->file_time_min($PidTime); if ($time < 240) { echo "Only each 240mn\n"; die; } } @unlink($PidTime); @file_put_contents($PidTime, time()); $unix = new unix(); $rm = $unix->find_program("rm"); $CLEANED = array(); $home_remove[] = "/home/bwm-ng"; $home_remove[] = "/home/ntopng"; $home_remove[] = "/home/c-icap"; $home_remove_files[] = "/home/artica/tmp"; $percent = $unix->DIRECTORY_USEPERCENT("/home"); if ($GLOBALS["VERBOSE"]) { echo "Percent {$percent}\n"; } if ($percent > 90) { while (list($a, $dirPath) = each($home_remove)) { if (!is_dir($dirPath)) { continue; } if (is_link($dirPath)) { continue; } if ($unix->DIRECTORY_MountedOnDirAndDismount($dirPath) > 0) { if ($unix->DIRECTORY_MountedOnDirAndDismount($dirPath) > 0) { continue; } } shell_exec("{$rm} -rf {$dirPath}/*"); $CLEANED[] = $dirPath; } while (list($a, $dirPath) = each($home_remove_files)) { if (!is_dir($dirPath)) { continue; } if (is_link($dirPath)) { continue; } if ($unix->DIRECTORY_MountedOnDirAndDismount($dirPath) > 0) { if ($unix->DIRECTORY_MountedOnDirAndDismount($dirPath) > 0) { continue; } } shell_exec("{$rm} -f {$dirPath}/*.tmp"); shell_exec("{$rm} -f {$dirPath}/*.log"); shell_exec("{$rm} -f {$dirPath}/*.txt"); shell_exec("{$rm} -f {$dirPath}/*.gz"); shell_exec("{$rm} -f {$dirPath}/*.tgz"); shell_exec("{$rm} -f {$dirPath}/artica-*"); $CLEANED[] = $dirPath; } if (count($CLEANED) > 0) { $percent2 = $unix->DIRECTORY_USEPERCENT("/home"); if ($percent2 < $percent) { squid_admin_mysql(2, "/home partition exceed 90% ({$percent}%) down to {$percent2}%", "Cleaned directories was " . @implode("\n", $CLEANED), __FILE__, __LINE__); } } else { squid_admin_mysql(2, "/home partition exceed 90% ({$percent}%)", null, __FILE__, __LINE__); } } }
function backup() { build_progress_idb("{backup_database}", 20); $unix = new unix(); $targetFilename = "/home/ArticaStatsBackup/backup.db"; $su = $unix->find_program("su"); @mkdir("/home/ArticaStatsBackup", 0777, true); @chmod("/home/ArticaStatsBackup", 0777); if (is_file($targetFilename)) { @unlink($targetFilename); } $InFluxBackupDatabaseDir = @file_get_contents("/etc/artica-postfix/settings/Daemons/InFluxBackupDatabaseDir"); if ($InFluxBackupDatabaseDir == null) { $InFluxBackupDatabaseDir = "/home/artica/influx/backup"; } $CompressFileName = "{$InFluxBackupDatabaseDir}/snapshot." . date("Y-m-d-H-i") . ".gz"; @mkdir($InFluxBackupDatabaseDir, 0755, true); if (is_file($CompressFileName)) { build_progress_idb("{backup_database} already exists", 110); } $cmdline = "{$su} -c \"/usr/local/ArticaStats/bin/pg_dumpall -c --if-exists -S ArticaStats -f {$targetFilename} -h /var/run/ArticaStats\" ArticaStats"; echo $cmdline . "\n"; exec($cmdline, $results); build_progress_idb("{backup_database}", 30); if (!is_file($targetFilename)) { echo "{$targetFilename} No such file\n"; while (list($num, $val) = each($results)) { echo "{$val}\n"; } build_progress_idb("{backup_database} {failed}", 110); return; } build_progress_idb("{compressing}", 50); echo "Compress {$targetFilename}\n"; echo "Destination {$CompressFileName}\n"; if (!$unix->compress($targetFilename, $CompressFileName)) { build_progress_idb("{compressing} {failed}", 110); squid_admin_mysql(0, "Snaphost BigData database {failed} ( compress )", null, __FILE__, __LINE__); @unlink($targetFilename); @unlink($CompressFileName); return; } @unlink($targetFilename); $size = FormatBytes(@filesize($CompressFileName) / 1024); squid_admin_mysql(2, "Backup [" . basename($CompressFileName) . "] BigData database ({$size}) done", null, __FILE__, __LINE__); build_progress_idb("{scanning}", 80); ScanBackup(); build_progress_idb("{backup_database} {success}", 100); }
function port1344_notavailable($buffer) { $EnableRemoteSyslogStatsAppliance = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableRemoteSyslogStatsAppliance")); $DisableArticaProxyStatistics = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/DisableArticaProxyStatistics")); $EnableKavICAPRemote = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableKavICAPRemote")); $kavicapserverEnabled = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/kavicapserverEnabled")); if (!is_numeric($DisableArticaProxyStatistics)) { $DisableArticaProxyStatistics = 0; } if (!is_numeric($EnableRemoteSyslogStatsAppliance)) { $EnableRemoteSyslogStatsAppliance = 0; } if (!is_numeric($EnableKavICAPRemote)) { $EnableKavICAPRemote = 0; } if (!is_numeric($kavicapserverEnabled)) { $kavicapserverEnabled = 0; } $Disabled = false; if (!is_file("/opt/kaspersky/kav4proxy/sbin/kav4proxy-kavicapserver")) { $Disabled = true; } if ($EnableRemoteSyslogStatsAppliance == 1) { $Disabled = true; } if ($EnableKavICAPRemote == 1) { $Disabled = true; } if ($kavicapserverEnabled == 0) { $Disabled = true; } events("Warning, Kaspersky ICAP server is down (port 1344). Disabled = {$Disabled}" . __LINE__); if ($Disabled) { squid_admin_mysql(2, "Kaspersky ICAP service down", "Squid-Cache claim\n{$buffer}\nBut it seems that the ICAP server is disabled...\nArtica will reconfigure the service"); squid_admin_notifs("Kaspersky ICAP service down!\nSquid-Cache claim\n{$buffer}\nBut it seems that the ICAP server is disabled...\nArtica will reconfigure the service", __FUNCTION__, __FILE__, __LINE__, "proxy"); shell_exec("{$GLOBALS["NOHUP"]} {$GLOBALS["PHP5"]} /usr/share/artica-postfix/exec.squid.php --build --force >/dev/null 2>&1 &"); return; } squid_admin_mysql(1, "Kaspersky ICAP service down", "Squid-Cache claim\n{$buffer}\nArtica will restart the Kaspersky ICAP server...\nArtica will reconfigure the service"); squid_admin_notifs("Kaspersky ICAP service down!\nSquid-Cache claim\n{$buffer}\nArtica will restart the Kaspersky ICAP server...\nArtica will reconfigure the service", __FUNCTION__, __FILE__, __LINE__, "proxy"); shell_exec("{$GLOBALS["NOHUP"]} /etc/init.d/artica-postfix restart kav4proxy >/dev/null 2>&1 &"); }
} include_once dirname(__FILE__) . '/framework/class.unix.inc'; if ($GLOBALS["DEBUG_INCLUDES"]) { echo basename(__FILE__) . "::frame.class.inc\n"; } include_once dirname(__FILE__) . '/framework/frame.class.inc'; include_once dirname(__FILE__) . '/ressources/class.mysql.inc'; include_once dirname(__FILE__) . '/ressources/class.squid.acls.inc'; $unix = new unix(); $NICE = $unix->EXEC_NICE(); $GetCachesInsquidConf = $unix->SQUID_CACHE_FROM_SQUIDCONF(); $chown = $unix->find_program("chown"); $chmod = $unix->find_program("chmod"); $t = time(); $c = 0; while (list($CacheDirectory, $type) = each($GetCachesInsquidConf)) { if (trim($CacheDirectory) == null) { continue; } if (!is_dir($CacheDirectory)) { continue; } $c++; $F[] = $CacheDirectory; shell_exec("{$NICE} {$chown} -R squid:squid {$CacheDirectory}"); shell_exec("{$NICE} {$chmod} -R 0755 {$CacheDirectory}"); } if ($c > 0) { $took = distanceOfTimeInWords($t, time(), true); squid_admin_mysql(2, "Privileges was reset on {$c} caches directories took {$took}", @implode("\n", $F), __FILE__, __LINE__); }
function exunlink() { $unix = new unix(); $sock = new sockets(); $net = new networking(); $WgetBindIpAddress = $sock->GET_INFO("WgetBindIpAddress"); $MAIN = unserialize(base64_decode($sock->GET_INFO("HASettings"))); $eth = $MAIN["eth"]; $t = time(); if (!is_numeric($MAIN["SLAVE_SSL"])) { $MAIN["SLAVE_SSL"] = 1; } $proto = "http"; if ($MAIN["SLAVE_SSL"] == 1) { $proto = "https"; } $MAIN = unserialize(base64_decode($sock->GET_INFO("HASettings"))); $eth = $MAIN["eth"]; $nic = new system_nic($eth); $MAIN["BALANCE_IP"] = $MAIN["first_ipaddr"]; $SEND_SETTING = base64_encode(serialize($MAIN)); $uri = "{$proto}://{$MAIN["SLAVE"]}:{$MAIN["SLAVE_PORT"]}/nodes.listener.php?ucarp2-remove={$SEND_SETTING}&continue=true"; build_progress("Notify {$MAIN["SLAVE"]}", 20); $curl = new ccurl($uri, true, $WgetBindIpAddress, true); $curl->NoHTTP_POST = true; if (!$curl->get()) { echo "{$curl->error}\n"; debug_curl($curl->CURL_ALL_INFOS); build_progress("{reboot_networks} {$MAIN["SLAVE"]}:{$MAIN["SLAVE_PORT"]} {failed}", 110); return; } if (!preg_match("#<RESULTS>(.+?)</RESULTS>#is", $curl->data, $re)) { echo "Please verify that both servers must have the same Artica version\n"; build_progress("{reboot_networks} {$MAIN["SLAVE"]}:{$MAIN["SLAVE_PORT"]} {protocol_error}", 110); return; } $array = unserialize(base64_decode($re[1])); if ($array["ERROR"]) { echo "{$array["ERROR_SHOW"]}\n"; build_progress("{reboot_networks} {$MAIN["SLAVE"]}:{$MAIN["SLAVE_PORT"]} {failed}", 110); return; } build_progress("{please_wait_reconfigure_network}", 80); $nic = new system_nic($eth); $nic->ucarp_enabled = 0; $nic->ucarp_vip = null; $nic->ucarp_vid = 0; $nic->ucarp_master = 0; $nic->NoReboot = true; if (isset($MAIN["first_ipaddr"])) { if ($MAIN["first_ipaddr"] != null) { $nic->IPADDR = $MAIN["first_ipaddr"]; } } if (!$nic->SaveNic()) { echo "Unable to save local settings\n"; build_progress("{saving_local_parameters} {failed}", 110); return; } //please_wait_reconfigure_network $sock->SET_INFO("HASettings", base64_encode(serialize(array()))); build_progress("{reboot_networks}", 75); $php = $unix->LOCATE_PHP5_BIN(); system("{$php} /usr/share/artica-postfix/exec.virtuals-ip.php --build --force"); build_progress("{reboot_networks}", 80); squid_admin_mysql(0, "Rebooting Network", null, __FILE__, __LINE__); system("/etc/init.d/artica-ifup --script=exec.failover.php/" . __FUNCTION__); build_progress("{starting_service}", 90); system("/etc/init.d/artica-failover stop"); sleep(3); build_progress("{done}", 100); }
function freewebs() { $unix = new unix(); $squidbin = $unix->LOCATE_SQUID_BIN(); if (!is_file($squidbin)) { return; } $q = new squid_freewebs(); exec("{$squidbin} -k reconfigure 2>&1", $results); squid_admin_mysql(1, "Reconfigure proxy service ( FreeWebs acls builder)", @implode("\n", $results), __FILE__, __LINE__); }
function SQUID_TEMPLATES() { squid_admin_mysql(1, "Launch Templates builder", null, __FILE__, __LINE__); NOHUP_EXEC(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.squid.php --templates --force"); }
function FreeMem($aspid = false, $SwapOffOn = array()) { $unix = new unix(); if (!$aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = @file_get_contents($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { if ($GLOBALS["VERBOSE"]) { echo "Already executed pid {$pid}\n"; } return; } } if (count($SwapOffOn) == 0) { $sock = new sockets(); $SwapOffOn = unserialize(base64_decode($sock->GET_INFO("SwapOffOn"))); if (!is_numeric($SwapOffOn["AutoMemWatchdog"])) { $SwapOffOn["AutoMemWatchdog"] = 1; } if (!is_numeric($SwapOffOn["AutoMemPerc"])) { $SwapOffOn["AutoMemPerc"] = 90; } if (!is_numeric($SwapOffOn["AutoMemInterval"])) { $SwapOffOn["AutoMemInterval"] = 180; } } $text[] = "Configuration was:"; $text[] = "--------------------------------------"; $text[] = "Free memory when Swap exceed {$SwapOffOn["AutoMemPerc"]}%"; $text[] = "Watchdog scanning interval: each {$SwapOffOn["AutoMemInterval"]}mn"; if (isset($SwapOffOn["CURRENT"])) { $text[] = $SwapOffOn["CURRENT"]; } $text[] = $unix->ps_mem_report(); $TOTAL_MEMORY_MB_FREE = $unix->TOTAL_MEMORY_MB_FREE(); $text[] = "{$TOTAL_MEMORY_MB_FREE}MB before operation"; $sync = $unix->find_program("sync"); $sysctl = $unix->find_program("sysctl"); $squid = $unix->LOCATE_SQUID_BIN(); shell_exec($sync); shell_exec("{$sysctl} -w vm.drop_caches=3"); shell_exec($sync); shell_exec("/etc/init.d/apache2 restart"); if (is_file("/etc/init.d/ssh")) { shell_exec("/etc/init.d/ssh restart"); } if ($unix->is_socket("/var/run/mysqld/mysqld.sock")) { $q = new mysql(); $q->EXECUTE_SQL("RESET QUERY CACHE;"); } if ($unix->is_socket("/var/run/mysqld/squid-db.sock")) { $q = new mysql_squid_builder(); $q->EXECUTE_SQL("RESET QUERY CACHE;"); } $TOTAL_MEMORY_MB_FREE2 = $unix->TOTAL_MEMORY_MB_FREE(); $text[] = "{$TOTAL_MEMORY_MB_FREE2}MB After operation"; $TOTAL_MEMORY_MB = $TOTAL_MEMORY_MB_FREE2 - $TOTAL_MEMORY_MB_FREE; $text[] = "{$TOTAL_MEMORY_MB}MB restored"; $FINAL_TEXT = @implode("\n", $text); system_admin_events("Free memory operation has been executed - {$TOTAL_MEMORY_MB}MB restored\n{$FINAL_TEXT}", __FUNCTION__, __FILE__, __LINE__); if (is_file($squid)) { squid_admin_mysql(1, "Swap exceed rule: Free memory operation has been executed - {$TOTAL_MEMORY_MB}MB restored", $FINAL_TEXT, __FILE__, __LINE__); } }
function xstart() { $curl = new ccurl(); $unix = new unix(); $Pidfile = "/etc/artica-postfix/pids/exec.abuse-ch.pid"; $PidTime = "/etc/artica-postfix/pids/exec.abuse-ch.time"; $pid = $unix->get_pid_from_file($Pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { if ($GLOBALS["VERBOSE"]) { echo "Aborting Task already running pid {$pid} " . __FUNCTION__ . "()\n"; } return; } @file_put_contents($Pidfile, getmypid()); if (!$GLOBALS["VERBOSE"]) { $time = $unix->file_time_min($PidTime); if ($time < 10) { echo "Only each 10mn\n"; die; } @unlink($PidTime); @file_put_contents($PidTime, time()); } $curl = new ccurl("http://articatech.net/WebfilterDBS/ransomwaretracker.txt"); $tmpfile = $unix->TEMP_DIR(); if (!$curl->GetFile("{$tmpfile}/ransomwaretracker.txt")) { squid_admin_mysql(0, "ransomwaretracker.txt unable to get index file", $curl->error, __FILE__, __LINE__); return; } $array = unserialize(@file_get_contents("{$tmpfile}/ransomwaretracker.txt")); $TIME = $array["TIME"]; if (!isset($array["MD5"])) { squid_admin_mysql(0, "ransomwaretracker.txt corrupted file", $curl->error, __FILE__, __LINE__); return; } @unlink("{$tmpfile}/ransomwaretracker.txt"); $CurrentMD5 = @file_get_contents("/etc/artica-postfix/settings/Daemons/ransomwaretrackerMD5"); if ($CurrentMD5 == $array["MD5"]) { return; } $curl = new ccurl("http://articatech.net/WebfilterDBS/ransomwaretracker.gz"); if (!$curl->GetFile("{$tmpfile}/ransomwaretracker.gz")) { squid_admin_mysql(0, "ransomwaretracker.gz unable to get pattern file", $curl->error, __FILE__, __LINE__); return; } if (!$unix->uncompress("{$tmpfile}/ransomwaretracker.gz", "{$tmpfile}/ransomwaretracker.db")) { squid_admin_mysql(0, "ransomwaretracker.gz unable to extract file", $curl->error, __FILE__, __LINE__); return; } $ARRAY = unserialize(@file_get_contents("{$tmpfile}/ransomwaretracker.db")); if (!isset($ARRAY["URIS"])) { squid_admin_mysql(0, "ransomwaretracker.db corrupted database", $curl->error, __FILE__, __LINE__); return; } if (is_file("/etc/squid3/ransomwaretracker.db")) { @unlink("/etc/squid3/ransomwaretracker.db"); } @copy("{$tmpfile}/ransomwaretracker.db", "/etc/squid3/ransomwaretracker.db"); if (!is_file("/etc/artica-postfix/settings/Daemons/RansomwareReloaded")) { squid_admin_mysql(1, "Reloading Proxy service for updating Ranswomware function", null, __FILE__, __LINE__); $squid = $unix->LOCATE_SQUID_BIN(); shell_exec("{$squid} -f /etc/squid3/squid.conf -k reconfigure"); @touch("/etc/artica-postfix/settings/Daemons/RansomwareReloaded"); } squid_admin_mysql(2, "Success updating ranswomware database v{$TIME}", null, __FILE__, __LINE__); }
function support_step2() { $files[] = "/var/log/squid/cache.log"; $files[] = "/var/log/syslog"; $files[] = "/var/log/messages"; $files[] = "/var/log/auth.log"; $files[] = "/var/log/squid/access.log"; $files[] = "/var/log/squid/external-acl.log"; $files[] = "/var/log/squid/logfile_daemon.debug"; $files[] = "/var/log/php.log"; $files[] = "/var/log/mail.log"; $files[] = "/var/log/squid.watchdog.log"; $files[] = "/var/log/squid/ufdbguardd.log"; $files[] = "/var/log/samba/log.winbindd"; $files[] = "/etc/samba/smb.conf"; $files[] = "/var/log/samba/log.nmbd"; $files[] = "/var/log/samba/log.smbd"; $files[] = "/var/run/mysqld/mysqld.err"; $files[] = "/etc/init.d/artica-ifup"; $files[] = "/var/log/net-start.log"; $files[] = "/var/log/artica-ufdb.log"; $files[] = "/var/log/artica-meta.log"; $files[] = "/var/log/webfiltering-update.log"; $files[] = "{$GLOBALS["ARTICALOGDIR"]}/ufdbguard-tail.debug"; $unix = new unix(); $cp = $unix->find_program("cp"); $dmesg = $unix->find_program("dmesg"); @mkdir("/usr/share/artica-postfix/ressources/support", 0755, true); shell_exec("{$dmesg} >/usr/share/artica-postfix/ressources/support/dmesg.txt"); progress("{get_all_logs}", 45); if (is_dir("/etc/squid3")) { @mkdir("/usr/share/artica-postfix/ressources/support/etc-squid3", 0755, true); $cmd = "/bin/cp -rf /etc/squid3/* /usr/share/artica-postfix/ressources/support/etc-squid3/"; shell_exec("{$cmd}"); } $squidbin = $unix->LOCATE_SQUID_BIN(); progress("{get_all_logs}", 46); if (is_file("/tmp/squid.conf")) { if (is_file($squidbin)) { shell_exec("{$squidbin} -f /tmp/squid.conf -k parse >/etc-squid3/tmp.squid.conf.log 2>&1"); } @copy("/tmp/squid.conf", "/usr/share/artica-postfix/ressources/support/etc-squid3/tmp.squid.conf"); } progress("{get_all_logs}", 47); if (is_dir("/etc/postfix")) { @mkdir("/usr/share/artica-postfix/ressources/support/etc-postfix", 0755, true); $cmd = "/bin/cp -rf /etc/postfix/* /usr/share/artica-postfix/ressources/support/etc-postfix/"; shell_exec("{$cmd}"); } progress("{get_all_logs}", 48); while (list($a, $b) = each($files)) { if (is_file($b)) { progress("{get_all_logs}:" . basename($b), 48); $destfile = basename("{$b}.gz"); $unix->compress($b, "/usr/share/artica-postfix/ressources/support/{$destfile}"); } } progress("{get_all_logs} lshw", 49); $lshw = $unix->find_program("lshw"); exec("{$lshw} -class network 2>&1", $results); progress("{get_all_logs} ifconfig", 50); $ifconfig = $unix->find_program("ifconfig"); exec("{$ifconfig} -a 2>&1", $results); $results[] = "\n\t***************\n"; progress("{get_all_logs} IP", 50); $ip = $unix->find_program("ip"); exec("{$ip} link show 2>&1", $results); $results[] = "\n\t***************\n"; progress("{get_all_logs} Route", 50); exec("{$ip} route 2>&1", $results); $results[] = "\n\t***************\n"; $f = explode("\n", @file_get_contents("/etc/iproute2/rt_tables")); while (list($a, $line) = each($f)) { if (!preg_match("#^([0-9]+)\\s+(.+)#", $line, $re)) { continue; } $table_num = $re[1]; $tablename = $re[2]; if ($table_num == 0) { continue; } if ($table_num > 252) { continue; } $results[] = "\n\t***** Table route {$table_num} named {$tablename} *****\n"; exec("{$ip} route show table {$table_num} 2>&1", $results); $results[] = "\n\t***************\n"; } progress("{get_all_logs} uname", 51); $unix = new unix(); $uname = $unix->find_program("uname"); $results[] = "{$uname} -a:"; exec("{$uname} -a 2>&1", $results); $results[] = "\n"; $results[] = "/bin/bash --version:"; exec("/bin/bash --version 2>&1", $results); $results[] = "\n"; progress("{get_all_logs} gdb", 52); $gdb = $unix->find_program("gdb"); if (is_file($gdb)) { $results[] = "{$gdb} --version:"; exec("{$gdb} --version 2>&1", $results); } else { $results[] = "gdb no such binary...."; } $results[] = "\n"; $smbd = $unix->find_program("smbd"); if (is_file($smbd)) { $results[] = "{$smbd} -V:"; exec("{$smbd} -V 2>&1", $results); } else { $results[] = "smbd no such binary...."; } $results[] = "\n"; progress("{get_all_logs} {$squidbin}", 53); if (is_file($squidbin)) { $results[] = "{$squidbin} -v:"; exec("{$squidbin} -v 2>&1", $results); squid_watchdog_events("Reconfiguring Proxy parameters..."); exec("/etc/init.d/squid reload --script=" . basename(__FILE__) . " 2>&1", $results); squid_admin_mysql(2, "Framework executed to reconfigure squid-cache", @implode("\n", $results)); } else { $results[] = "squid no such binary...."; } $results[] = "\n"; progress("{get_all_logs}", 54); if (is_file($squidbin)) { $results[] = "{$squidbin} -v:"; exec("{$squidbin} -v 2>&1", $results); squid_watchdog_events("Reconfiguring Proxy parameters..."); exec("/etc/init.d/squid reload --script=" . basename(__FILE__) . " 2>&1", $results); squid_admin_mysql(2, "Framework executed to reconfigure squid-cache", @implode("\n", $results)); shell_exec("{$squidbin} -f /etc/squid3/squid.conf -k check -X >/usr/share/artica-postfix/ressources/support/squid-conf-check.txt"); if (is_file("/tmp/squid.conf")) { shell_exec("{$squidbin} -f /tmp/squid.conf -k check -X >/usr/share/artica-postfix/ressources/support/squid-temp-check.txt"); } } else { $results[] = "squid3 no such binary...."; } progress("{get_all_logs} DF", 55); $results[] = "\n"; $df = $unix->find_program("df"); if (is_file($df)) { $results[] = "{$df} -h:"; exec("{$df} -h 2>&1", $results); } else { $results[] = "{$df} no such binary...."; } progress("{get_all_logs}", 56); @file_put_contents("/usr/share/artica-postfix/ressources/support/generated.versions.txt", @implode("\n", $results)); }
function ufdb_smtp() { $unix = new unix(); $q = new mysql_squid_builder(); $sock = new sockets(); if (!$q->TABLE_EXISTS("ufdb_smtp")) { return; } if ($q->COUNT_ROWS("ufdb_smtp") == 0) { return; } $SquidGuardWebSMTP = unserialize(base64_decode($sock->GET_INFO("SquidGuardWebSMTP"))); if (!isset($SquidGuardWebSMTP["MaxError"])) { $SquidGuardWebSMTP["MaxError"] = 5; } if ($SquidGuardWebSMTP["MaxError"] == 0) { $SquidGuardWebSMTP["MaxError"] = 5; } $sql = "SELECT * FROM ufdb_smtp"; $results = $q->QUERY_SQL($sql); if (!$q->ok) { return; } $sock = new sockets(); $SquidGuardWebSMTP = unserialize(base64_decode($sock->GET_INFO("SquidGuardWebSMTP"))); if ($SquidGuardWebSMTP["smtp_server_name"] == null) { return; } //`zDate`,`Subject`,`content`,`sender`,`URL`,`REASONGIVEN`,`retrytime`) VALUES while ($ligne = mysql_fetch_assoc($results)) { $zmd5 = $ligne["zmd5"]; $Subject = $ligne["Subject"]; $smtp_sender = $ligne["sender"]; $recipient = $SquidGuardWebSMTP["smtp_recipient"]; $smtp_senderTR = explode("@", $recipient); $instance = $smtp_senderTR[1]; $SquidGuardIPWeb = $ligne["SquidGuardIPWeb"]; $ticket = $ligne["ticket"]; $main_array = urlencode($ligne["main_array"]); if ($smtp_sender == null) { $smtp_sender = $SquidGuardWebSMTP["smtp_sender"]; } $body = array(); $body[] = "Return-Path: <{$smtp_sender}>"; $body[] = "Date: " . date("D, d M Y H:i:s") . " +0100 (CET)"; $body[] = "From: {$smtp_sender}"; $body[] = "Subject: {$Subject}"; $body[] = "To: {$recipient}"; $body[] = ""; $body[] = ""; $body[] = "Request time: {$ligne["zDate"]}"; $body[] = "URL: {$ligne["URL"]}"; $body[] = "Reason: {$ligne["REASONGIVEN"]}"; $body[] = "SMTP retry: {$ligne["retrytime"]}"; if ($ticket == 1) { $body[] = ""; $body[] = "****************** RELEASE THIS WEBSITE ******************"; $body[] = ""; $body[] = "If your are agree to release this website, click on the link bellow in order to create the rule."; $body[] = "{$SquidGuardIPWeb}?release-ticket=yes&serialize={$main_array}"; $body[] = ""; $body[] = "***********************************************************"; $body[] = ""; } $body[] = $ligne["content"]; $body[] = ""; $body[] = ""; $finalbody = @implode("\r\n", $body); ufdb_smtp_logs("Send to {$smtp_sender}", __FUNCTION__, __LINE__); $msmtp = new squidguard_msmtp($smtp_sender, $finalbody); $MaxError = $msmtp->MaxError; if ($msmtp->Send()) { ufdb_smtp_logs("Send Success, delete {$zmd5}", __FUNCTION__, __LINE__); $q->QUERY_SQL("DELETE FROM ufdb_smtp WHERE `zmd5`='{$zmd5}'"); if (!$q->ok) { ufdb_smtp_logs("{$q->mysql_error}", __FUNCTION__, __LINE__); } if ($q->COUNT_ROWS("ufdb_smtp") == 0) { break; } continue; } $retrytime = $ligne["retrytime"] + 1; ufdb_smtp_logs("{$zmd5}: Retry +1 = {$retrytime} Max:{$MaxError}", __FUNCTION__, __LINE__); if ($retrytime >= $MaxError) { squid_admin_mysql(1, "Timed out {$Subject} to {$SquidGuardWebSMTP["smtp_server_name"]} retry({$retrytime}/{$MaxError})", $msmtp->logs, __FILE__, __LINE__); $q->QUERY_SQL("DELETE FROM ufdb_smtp WHERE `zmd5`='{$zmd5}'"); continue; } squid_admin_mysql(1, "Unable to send {$Subject} to {$SquidGuardWebSMTP["smtp_server_name"]} retry({$retrytime}/{$MaxError})", $msmtp->logs, __FILE__, __LINE__); $q->QUERY_SQL("UPDATE ufdb_smtp SET `retrytime`='{$retrytime}' WHERE `zmd5`='{$zmd5}'"); if (!$q->ok) { ufdb_smtp_logs("{$q->mysql_error}", __FUNCTION__, __LINE__); } } $q->QUERY_SQL("DELETE FROM ufdb_smtp WHERE `retrytime`={$MaxError}"); $q->QUERY_SQL("DELETE FROM ufdb_smtp WHERE `retrytime`>" . $MaxError); }