function start($port_id) { $unix = new unix(); $squid = new squidbee(); $q = new mysql_squid_builder(); $INCLUDE = false; $GLOBALS["OUTPUT"] = true; $f = explode("\n", @file_get_contents("/etc/squid3/squid.conf")); build_progress_bandwidth("{limit_rate} {analyze}", 20); while (list($www, $line) = each($f)) { if (!preg_match("#acls_bandwidth\\.conf#", $line)) { continue; } echo "Include OK\n"; $INCLUDE = TRUE; break; } if (!$INCLUDE) { echo "Include False, reconfigure\n"; build_progress_bandwidth("{limit_rate} {reconfigure}", 80); $php = $unix->LOCATE_PHP5_BIN(); system("{$php} /usr/share/artica-postfix/exec.squid.php --build --force"); build_progress_bandwidth("{limit_rate} {done}", 100); return; } $md51 = md5_file("/etc/squid3/acls_bandwidth.conf"); build_progress_bandwidth("{limit_rate} {reconfigure}", 50); $band = new squid_bandwith_builder(); if (!$band->compile()) { build_progress_bandwidth("{limit_rate} {failed}", 110); return; } $md52 = md5_file("/etc/squid3/acls_bandwidth.conf"); if ($md51 == $md52) { build_progress_bandwidth("{limit_rate} {done} {unmodified}", 100); return; } $squid_checks = new squid_checks(); if (!$squid_checks->squid_parse()) { build_progress_bandwidth("{limit_rate} {failed}", 110); return; } $squidbin = $unix->LOCATE_SQUID_BIN(); build_progress_bandwidth("{limit_rate} {reloading}", 97); system("{$squidbin} -k reconfigure"); if (is_file("/root/squid-good.tgz")) { @unlink("/root/squid-good.tgz"); } chdir("/etc/squid3"); shell_exec("cd /etc/squid3"); shell_exec("tar -czf /root/squid-good.tgz *"); chdir("/root"); shell_exec("cd /root"); build_progress_bandwidth("{limit_rate} {done} OK", 100); // FATAL: No valid signing SSL certificate }
function start_squid($aspid = false) { $GLOBALS["LOGS"] = array(); $suffix = null; if ($GLOBALS["MONIT"]) { $suffix = " (by system monitor)"; } if ($GLOBALS["BY_CACHE_LOGS"]) { $suffix = " (by cache.log monitor)"; } if ($GLOBALS["BY_STATUS"]) { $suffix = " (by Artica monitor)"; } if ($GLOBALS["BY_CLASS_UNIX"]) { $suffix = " (by Artica class.unix.inc)"; } if ($GLOBALS["BY_FRAMEWORK"]) { $suffix = " (by Artica framework)"; } if ($GLOBALS["BY_OTHER_SCRIPT"]) { $suffix = " (by other script)"; } if ($GLOBALS["BY_ARTICA_INSTALL"]) { $suffix = " (by artica-install)"; } if ($GLOBALS["BY_FORCE_RECONFIGURE"]) { $suffix = " (after building settings)"; } $unix = new unix(); $php = $unix->LOCATE_PHP5_BIN(); $nohup = $unix->find_program("nohup"); $sock = new sockets(); $reconfigure = false; $SQUIDEnable = $sock->GET_INFO("SQUIDEnable"); $NtpdateAD = $sock->GET_INFO("NtpdateAD"); if (!is_numeric($SQUIDEnable)) { $SQUIDEnable = 1; } $kill = $unix->find_program("kill"); if (!is_numeric($NtpdateAD)) { $NtpdateAD = 0; } $su_bin = $unix->find_program("su"); $sysctl = $unix->find_program("sysctl"); $squidbin = $unix->LOCATE_SQUID_BIN(); if (!is_file($squidbin)) { build_progress_start("Not installed", 110); if ($GLOBALS["OUTPUT"]) { echo "Restart......: Squid-cache, not installed\n"; } return; } if ($GLOBALS["MONIT"]) { if (function_exists("debug_backtrace")) { $trace = debug_backtrace(); if (isset($trace[1])) { $file = basename($trace[1]["file"]); $function = $trace[1]["function"]; $line = $trace[1]["line"]; $called = "Called by {$function}() from line {$line}"; } } $pid = SQUID_PID(); if ($unix->process_exists($pid)) { $ps = $unix->find_program("ps"); $grep = $unix->find_program("grep"); exec("{$ps} aux|{$grep} squid 2>&1", $results); squid_admin_mysql(2, "Monit ordered to start squid but squid is still in memory PID {$pid} ??", "I cannot accept this order, see details\n" . @implode("\n", $results), __FILE__, __LINE__); $squidpidfile = $unix->LOCATE_SQUID_PID(); @file_put_contents($squidpidfile, $pid); return; } squid_admin_mysql(1, "Monit ordered to start squid", $called, __FILE__, __LINE__); } if ($SQUIDEnable == 0) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Squid is disabled...\n"; } build_progress_start("Proxy service is disabled", 110); return; } if (is_file("/etc/init.d/iptables-transparent")) { shell_exec("/etc/init.d/iptables-transparent start"); } if (is_file("/etc/artica-postfix/squid.lock")) { $time = $unix->file_time_min("/etc/artica-postfix/squid.lock"); if ($time < 60) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Proxy is locked (since {$time}Mn...\n"; } build_progress_start(" Proxy is locked (since {$time}Mn", 110); return; } @unlink("/etc/artica-postfix/squid.lock"); } $pids = $unix->PIDOF_PATTERN_ALL("exec.squid.watchdog.php --start"); if (count($pids) > 2) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Too many instances " . count($pids) . " starting squid, kill them!\n"; } $mypid = getmypid(); while (list($pid, $ligne) = each($pids)) { if ($pid == $mypid) { continue; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " killing {$pid}\n"; } unix_system_kill_force($pid); } } if (!$aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($time < 5) { build_progress_start("Task Already running PID {$pid} since {$time}mn", 110); Events("Task Already running PID {$pid} since {$time}mn"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Already task running PID {$pid} since {$time}mn, Aborting operation (" . __LINE__ . ")\n"; } return; } squid_admin_mysql(0, "Too long time for artica task PID {$pid} running since {$time}mn", "Process will be killed"); Tosyslog("Too long time for artica task PID {$pid} running since {$time}mn -> kill"); unix_system_kill_force($pid); } @file_put_contents($pidfile, getmypid()); } $squidbin = $unix->find_program("squid"); if (!is_file($squidbin)) { $squidbin = $unix->find_program("squid3"); } if (!is_file($squidbin)) { build_progress_start("Not installed", 110); system_admin_events("Squid not seems to be installed", __FUNCTION__, __FILE__, __LINE__, "proxy"); return; } @chmod($squidbin, 0755); $sock = new sockets(); $DisableForceFCK = intval($sock->GET_INFO("DisableForceFCK")); if ($DisableForceFCK == 0) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Will force a checkdisk At next reboot\n"; } @touch("/forcefsck"); } $pid = SQUID_PID(); if ($unix->process_exists($pid)) { $time = $unix->PROCCESS_TIME_MIN($pid); build_progress_start("Proxy service already running since {$time}Mn", 50); if ($GLOBALS["START_PROGRESS"]) { $php = $unix->LOCATE_PHP5_BIN(); build_progress_start("Removing caches...", 55); @unlink("/usr/share/artica-postfix/ressources/databases/ALL_SQUID_STATUS"); build_progress_start("Building caches...", 70); system("{$php} /usr/share/artica-postfix/exec.status.php --all-squid"); if (!is_file("/usr/share/artica-postfix/ressources/databases/ALL_SQUID_STATUS")) { build_progress_start("Fatal!! Watchdog issue!!", 110); return; } build_progress_start("{done}", 100); } return; } build_progress_start("Preparing proxy service", 50); start_prepare(); $squid_checks = new squid_checks(); $squid_checks->squid_parse(); build_progress_start("{starting_proxy_service}", 60); $pid = SQUID_PID(); if ($GLOBALS["CRASHED"]) { for ($i = 0; $i < 10; $i++) { sleep(1); $pid = SQUID_PID(); if ($unix->process_exists($pid)) { continue; } break; } squid_admin_mysql(2, "No need to start Proxy service after a crash", "It seems the watchdog detect a crash but after 10s the proxy still running\nOperation is aborted", __FILE__, __LINE__); return; } build_progress_start("Tuning network", 70); $unix->TCP_TUNE_SQUID_DEFAULT(); $t1 = time(); build_progress_start("Checking caches", 71); SendLogs("Checking caches..."); $cacheBooster = new squidbooster(); $cacheBooster->cache_booster(); build_progress_start("Checking caches", 73); CheckStoreDirs(true); SendLogs("Checking caches done..."); build_progress_start("Checking Ports", 75); SendLogs("Checking Ports..."); $array = CheckAllports(); SendLogs("Checking " . count($array) . " ports"); while (list($port, $ligne) = each($array)) { $portZ = $unix->PIDOF_BY_PORT($port); SendLogs("Checking port {$port} - " . count($portZ) . " process(es)"); if (count($portZ) > 0) { while (list($pid, $ligne) = each($portZ)) { SendLogs("Checking port {$port} - killing pid {$pid}"); shell_exec("kill -9 {$pid} >/dev/null 2>&1"); } } } build_progress_start("Checking SHM", 75); system("{$php} /usr/share/artica-postfix/exec.squid.smp.php"); SendLogs("Starting squid {$squidbin}...."); $echo = $unix->find_program("echo"); $size = round(@filesize("/var/log/squid/cache.log") / 1024, 2) / 1024; if ($size > 50) { squid_admin_mysql(2, "Cleaning cache.log {$size}MB", null, __FILE__, __LINE__); @copy("/var/log/squid/cache.log", "/var/log/squid/cache.log." . time()); shell_exec("{$echo} \" \"> /var/log/squid/cache.log 2>&1"); } @chmod($squidbin, 0755); @chmod("/var/log/squid", 0755); if (is_link("/var/log/squid")) { @chmod(readlink("/var/log/squid"), 0755); } squid_admin_mysql(1, "Starting Squid-cache service {$suffix}", @implode("\n", $GLOBALS["LOGS"]), __FILE__, __LINE__); build_progress_start("Remove SystemV5 Memory", 80); kill_shm(); CHECK_WIFIDOG_IPTABLES_RULES(); $PIDFILE = $unix->LOCATE_SQUID_PID(); $f = array(); $f[] = "#! /bin/sh"; $f[] = ". /lib/lsb/init-functions"; $f[] = "PATH=/bin:/usr/bin:/sbin:/usr/sbin"; $f[] = "DAEMON=\"{$squidbin}\""; $f[] = "CONFIG=\"/etc/squid3/squid.conf\""; $f[] = "SQUID_ARGS=\"-YC -f \$CONFIG\""; $f[] = "PIDFILE=\"{$PIDFILE}\""; $f[] = ""; $f[] = "KRB5RCACHETYPE=none"; $f[] = "KRB5_KTNAME=/etc/squid3/PROXY.keytab"; $f[] = "export KRB5RCACHETYPE"; $f[] = "export KRB5_KTNAME"; $f[] = ""; $f[] = ""; $f[] = "umask 027"; $f[] = "ulimit -n 65535"; $f[] = "start-stop-daemon --start --pidfile \$PIDFILE --exec \$DAEMON -- \$SQUID_ARGS"; $f[] = "status=\$?"; $f[] = "if [ \$status -eq 0 ]"; $f[] = "\tthen"; $f[] = "\t echo \"Success starting Proxy service\""; $f[] = "\tfi "; $f[] = "exit 0\n"; @file_put_contents("/usr/sbin/squid-start", @implode("\n", $f)); $f = array(); @chmod("/usr/sbin/squid-start", 0755); exec("/usr/sbin/squid-start 2>&1", $GLOBALS["LOGS"]); $PRC = 40; $MAXPRC = 60; $AB = 0; $TESTFAILED = false; while (list($index, $line) = each($GLOBALS["LOGS"])) { if (preg_match("#FATAL: Bungled#", $line)) { squid_admin_mysql(1, "Alert: Bungled configuration when starting Proxy", $line, __FILE__, __LINE__); $TESTFAILED = true; break; } } if ($TESTFAILED) { $TESTFAILED = false; if (!is_file("/etc/artica-postfix/SQUID_TEST_FAILED")) { build_progress_start("Reconfigure Proxy service", 80); system("{$php} /usr/share/artica-postfix/exec.squid.php --build --force"); } $GLOBALS["LOGS"] = array(); exec("{$squidbin} -f /etc/squid3/squid.conf 2>&1", $GLOBALS["LOGS"]); while (list($index, $line) = each($GLOBALS["LOGS"])) { if (preg_match("#FATAL: Bungled#", $line)) { squid_admin_mysql(1, "Alert: Bungled configuration after reconfiguring Proxy", $line, __FILE__, __LINE__); $TESTFAILED = true; break; } } } if ($TESTFAILED) { @touch("/etc/artica-postfix/SQUID_TEST_FAILED"); build_progress_start("Start Proxy service {failed}", 110); die; } @unlink("/etc/artica-postfix/SQUID_TEST_FAILED"); for ($i = 0; $i < 10; $i++) { $PRC++; if ($PRC > $MAXPRC - 1) { $PRC = $MAXPRC - 1; } build_progress_start("{starting_service} {$i}/10", 85); build_progress_restart("{starting_service}", $PRC); $pid = SQUID_PID(); if ($unix->process_exists($pid)) { SendLogs("Starting squid started pid {$pid}..."); break; } ToSyslog("Starting squid waiting {$i}/10s"); SendLogs("Starting squid waiting {$i}/10s"); sleep(1); } if (!$unix->process_exists($pid)) { build_progress_start("{failed}", 110); SendLogs("Starting Squid failed to start..."); ToSyslog("Starting Squid failed to start..."); if (function_exists("debug_backtrace")) { $trace = debug_backtrace(); if (isset($trace[1])) { $sourcefunction = $trace[1]["function"]; $sourceline = $trace[1]["line"]; $executed = "Executed by {$sourcefunction}() line {$sourceline}\nusing argv:{$GLOBALS["ARGVS"]}\n"; } } squid_admin_mysql(0, "Squid failed to start {$suffix}", @implode("\n", $GLOBALS["LOGS"]) . "\n{$executed}"); system_admin_events("Starting Squid failed to start\n" . @implode("\n", $GLOBALS["LOGS"]), __FUNCTION__, __FILE__, __LINE__, "proxy"); return; } SendLogs("Starting Squid Tests if it listen all connections...."); for ($i = 0; $i < 10; $i++) { build_progress_start("{checking} {$i}/10", 90); if (is_started()) { SendLogs("Starting squid listen All connections OK"); break; } SendLogs("Starting squid listen All connections... waiting {$i}/10"); sleep(1); } $took = $unix->distanceOfTimeInWords($t1, time()); $nohup = $unix->find_program("nohup"); SendLogs("Starting Squid success to start PID {$pid}..."); if (function_exists("debug_backtrace")) { $trace = debug_backtrace(); if (isset($trace[1])) { $sourcefunction = $trace[1]["function"]; $sourceline = $trace[1]["line"]; $executed = "Executed by {$sourcefunction}() line {$sourceline}\nusing argv:{$GLOBALS["ARGVS"]}\n"; } } $php5 = $unix->LOCATE_PHP5_BIN(); taskset(); build_progress_start("Restarting cache-tail", 91); shell_exec("{$nohup} /etc/init.d/cache-tail restart >/dev/null 2>&1 &"); build_progress_start("Restarting access-tail", 92); shell_exec("{$nohup} /etc/init.d/squid-tail restart >/dev/null 2>&1 &"); build_progress_start("Restarting auth-tail", 93); shell_exec("{$nohup} /etc/init.d/auth-tail restart >/dev/null 2>&1 &"); build_progress_start("{done}", 100); system_admin_events("Starting Squid success to start PID {$pid} took {$took}\n" . @implode("\n", $GLOBALS["LOGS"]), __FUNCTION__, __FILE__, __LINE__, "proxy"); SendLogs("Starting Squid done..."); if (is_file("/usr/share/artica-postfix/ressources/databases/ALL_SQUID_STATUS")) { @unlink("/usr/share/artica-postfix/ressources/databases/ALL_SQUID_STATUS"); } }
function start() { $unix = new unix(); $squid = new squidbee(); $q = new mysql_squid_builder(); $INCLUDE = false; $f = explode("\n", @file_get_contents("/etc/squid3/squid.conf")); build_progress_ecap("{ecap_plugins} {analyze}", 20); while (list($www, $line) = each($f)) { if (!preg_match("#acls_ecap\\.conf#", $line)) { continue; } echo "Include OK\n"; $INCLUDE = TRUE; break; } if (!$INCLUDE) { echo "Include False, reconfigure\n"; build_progress_ecap("{ecap_plugins} {reconfigure}", 80); $php = $unix->LOCATE_PHP5_BIN(); system("{$php} /usr/share/artica-postfix/exec.squid.php --build --force"); build_progress_ecap("{ecap_plugins} {done}", 100); return; } $md51 = md5_file("/etc/squid3/acls_ecap.conf"); build_progress_ecap("{ecap_plugins} {reconfigure}", 50); $band = new squid_ecap_builder(); if (!$band->compile()) { build_progress_ecap("{ecap_plugins} {failed}", 110); return; } build_progress_ecap("{ecap_plugins} {reconfigure} ICAP services", 80); $icap = new icap(); $icap->build_services(); build_progress_ecap("{ecap_plugins} ICAP services {done}", 85); $md52 = md5_file("/etc/squid3/acls_ecap.conf"); if ($md51 == $md52) { build_progress_ecap("{ecap_plugins} {done} {unmodified}", 100); return; } $squidbin = $unix->LOCATE_SQUID_BIN(); build_progress_ecap("{ecap_plugins} {reloading}", 97); $squid_checks = new squid_checks(); if (!$squid_checks->squid_parse()) { build_progress_ecap("{ecap_plugins} {failed}", 110); return; } system("{$squidbin} -k reconfigure"); build_progress_ecap("{ecap_plugins} {done} OK", 100); // FATAL: No valid signing SSL certificate }
function build_sequence() { $unix = new unix(); $php = $unix->LOCATE_PHP5_BIN(); $sock = new sockets(); $HyperCacheStoreID = intval($sock->GET_INFO("HyperCacheStoreID")); $HyperCacheLicensedMode = intval($sock->GET_INFO("HyperCacheLicensedMode")); if ($HyperCacheLicensedMode == 0) { if ($HyperCacheStoreID == 1) { build_progress(10, "{checking_plugin}"); build_sequence_plugin(); return; } } build_progress(10, "{checking_license_status}"); if (!HyperCache()) { if ($HyperCacheStoreID == 0) { if (!verify_proxy_configuration()) { build_progress(50, "{reconfigure_proxy_service}"); system("{$php} /usr/share/artica-postfix/exec.squid.php --build --force"); build_progress(100, "{checking_license_status} {success} {disabled}"); return; } build_progress(100, "{checking_license_status} {success} {disabled}"); return; } build_progress(110, "{checking_license_status} {failed}"); return; } build_progress(15, "{update_websites_list}"); HyperCache_websites(); build_progress(20, "{verify_the_license}"); HyperCache_create_license(); build_progress(30, "{verify_proxy_configuration}"); if (!verify_proxy_configuration()) { build_progress(50, "{reconfigure_proxy_service}"); system("{$php} /usr/share/artica-postfix/exec.squid.php --build --force"); build_progress(70, "{verify_proxy_configuration}"); if (!verify_proxy_configuration()) { build_progress(110, "{verify_proxy_configuration} {failed}"); return; } system("/etc/artica-postfix/artica-status restart --force"); } $HyperCacheSquid = new HyperCacheSquid(); $HyperCacheSquid->build(); $squid_checks = new squid_checks(); if (!$squid_checks->squid_parse()) { build_progress("{reconfigure_proxy_service} {failed}", 110); return; } $squidbin = $unix->LOCATE_SQUID_BIN(); system("{$squidbin} -k reconfigure"); build_progress(100, "{verify_proxy_configuration} {success}"); }
function ApplyConfig($smooth = false) { if (function_exists("WriteToSyslogMail")) { WriteToSyslogMail("Invoke ApplyConfig function", basename(__FILE__)); } $unix = new unix(); $ulimit = $unix->find_program("ulimit"); if (is_file($ulimit)) { shell_exec("{$ulimit} -HSd unlimited"); } else { echo "Starting......: " . date("H:i:s") . " [SYS]: Squid ulimit no such binary...\n"; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply kernel settings\n"; build_progress("{reconfigure} Kernel values", 46); kernel_values(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid apply Checks security limits\n"; build_progress("{reconfigure} Security limits", 47); security_limit(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances...\n"; build_progress("{reconfigure} checks remote appliances", 48); remote_appliance_restore_tables(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Remote appliances done...\n"; $nohup = $unix->find_program("nohup"); $php5 = $unix->LOCATE_PHP5_BIN(); $squidbin = $unix->find_program("squid"); $SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH(); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid loading libraires...\n"; $sock = new sockets(); $squid = new squidbee(); if (!is_file($squidbin)) { $squidbin = $unix->find_program("squid3"); } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid binary: `{$squidbin}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Conf..: `{$SQUID_CONFIG_PATH}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid php...: `{$php5}`\n"; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid nohup.: `{$nohup}`\n"; $DenySquidWriteConf = $sock->GET_INFO("DenySquidWriteConf"); if (!is_numeric($DenySquidWriteConf)) { $DenySquidWriteConf = 0; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `DenySquidWriteConf` = {$DenySquidWriteConf}\n"; @copy("/etc/artica-postfix/settings/Daemons/SquidNudityScanParams", "/etc/squid3/SquidNudityScanParams"); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking `NudeBooster`\n"; build_progress("{reconfigure} Nude booster", 49); NudeBooster(); if (!is_dir("/usr/share/squid-langpack")) { echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Checking Templates from MySQL\n"; $unix->THREAD_COMMAND_SET("{$php5} " . __FILE__ . " --tpl-save"); } $EnableRemoteStatisticsAppliance = 0; echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build blocked Websites list...\n"; if (!is_dir("/etc/squid3/artica-meta")) { @mkdir("/etc/squid3/artica-meta", 0755, true); } if (!is_file("/etc/squid3/artica-meta/whitelist-net.db")) { @touch("/etc/squid3/artica-meta/whitelist-net.db"); } if (!is_file("/etc/squid3/artica-meta/whitelist-domains.db")) { @touch("/etc/squid3/artica-meta/whitelist-domains.db"); } build_progress("{reconfigure} Whitelisted browsers", 50); acl_whitelisted_browsers(); build_progress("{reconfigure} allowed browsers", 51); acl_allowed_browsers(); echo "Starting......: " . date("H:i:s") . " Checking wrapzap\n"; build_progress("{reconfigure} wrapzap", 52); wrapzap(); build_progress("{reconfigure} Mime.conf", 53); mime_conf(); build_progress("{reconfigure} Blocked websites", 54); $squid->BuildBlockedSites(); build_progress("{reconfigure} FTP clients ACLs", 55); acl_clients_ftp(); build_progress("{checking_wccp_mode}", 55); system("{$php5} /usr/share/artica-postfix/exec.squid.wccp.php --squid"); build_progress("{reconfigure} Dynamic rules caches", 56); echo "Starting......: " . date("H:i:s") . " [SYS]: Dynamic rules caches...\n"; dyn_caches(); build_progress("{reconfigure} Webfiltering whitelisted", 57); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Build url_rewrite_access deny...\n"; urlrewriteaccessdeny(); echo "Starting......: " . date("H:i:s") . " [SYS]:Squid building main configuration done\n"; build_progress("{reconfigure} Check files and security", 58); CheckFilesAndSecurity(); $tar = $unix->find_program("tar"); if ($GLOBALS["NOAPPLY"]) { $DenySquidWriteConf = 0; } if ($DenySquidWriteConf == 0) { @mkdir("/tmp", 0755, true); $squid->CURRENT_PROGRESS = 79; $squid->MAX_PROGRESS = 79; $conf = $squid->BuildSquidConf(); $conf = str_replace("\n\n", "\n", $conf); build_progress("{writing_configuration}", 79); @file_put_contents("/tmp/squid.conf", $conf); echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity of the configuration file with /tmp/squid.conf...\n"; $GLOBALS["SQUID_PATTERN_ERROR"] = array(); $squid_checks = new squid_checks("/tmp/squid.conf"); if (!$squid_checks->squid_parse()) { build_progress("{checking}: {failed}", 110); return; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Check validity OK...\n"; if ($GLOBALS["NOAPPLY"]) { echo "Starting......: " . date("H:i:s") . " [SYS]: WARNING \"NOAPPLY\" Artica is denied to apply settings...\n"; return true; } echo "Starting......: " . date("H:i:s") . " [SYS]: Squid Writing configuration file \"{$SQUID_CONFIG_PATH}\" " . strlen($conf) . " bytes...\n"; @file_put_contents($SQUID_CONFIG_PATH, $conf); @mkdir("/etc/squid3", 0755, true); if ($SQUID_CONFIG_PATH != "/etc/squid3/squid.conf") { @file_put_contents("/etc/squid3/squid.conf", $conf); } $sock->TOP_NOTIFY("{squid_parameters_was_saved}", "info"); $cmd = $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --templates --noreload"; $unix->THREAD_COMMAND_SET($cmd); } build_progress("{checking}: squidclamav", 79); if (!$smooth) { squidclamav(); } build_progress("{checking}: wrapzap", 79); if (!$smooth) { wrapzap(); } build_progress("{checking}: Cerificates", 79); if (!$smooth) { certificate_generate(); } $cmd = $nohup . " " . $unix->LOCATE_PHP5_BIN() . " " . __FILE__ . " --cache-infos --force >/dev/null 2>&1 &"; if ($GLOBALS["VERBOSE"]) { echo "{$cmd}\n"; } shell_exec($cmd); shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.syslog-engine.php --rsylogd >/dev/null 2>&1 &"); if (!$smooth) { build_progress("{checking}: Check Files And Security", 79); CheckFilesAndSecurity(); } if (is_file("/root/squid-good.tgz")) { @unlink("/root/squid-good.tgz"); } chdir("/etc/squid3"); shell_exec("cd /etc/squid3"); shell_exec("tar -czf /root/squid-good.tgz *"); chdir("/root"); shell_exec("cd /root"); return true; }
function xstart() { $unix = new unix(); $php = $unix->LOCATE_PHP5_BIN(); build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 15); $extern = new external_acls_squid(); $extern->Build(); if (!checkIntegrated()) { build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 30); $squid_access_manager = new squid_access_manager(); $squid_access_manager->build_all(); build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 40); $squid = new squidbee(); $icap = new icap(); $icap->build_services(); build_progress("{starting} {reconfigure_proxy_service}", 50); system("{$php} /usr/share/artica-postfix/exec.squid.php --build --force"); if (!checkIntegrated()) { build_progress("Missing CONF files:{failed}", 110); return; } build_progress("{done} {GLOBAL_ACCESS_CENTER}", 100); return; } build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 20); $external_acls_squid = new external_acls_squid(); $external_acls_squid->Build(); build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 30); $GLOBALS["aclGen"] = new squid_acls(); $GLOBALS["aclGen"]->Build_Acls(true); $ACLS_TO_ADD = @implode("\n", $GLOBALS["aclGen"]->acls_array); @file_put_contents("/etc/squid3/acls_center.conf", $ACLS_TO_ADD); build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 50); $squid_access_manager = new squid_access_manager(); $squid_access_manager->build_all(); build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 55); $squid_childs = new squid_childs(); $squid_childs->build(); build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 60); $squid = new squidbee(); $q = new squid_freewebs(); $icap = new icap(); $icap->build_services(); build_progress("{starting} {GLOBAL_ACCESS_CENTER}", 60); if ($GLOBALS["NOCHECK"]) { return true; } $squid_checks = new squid_checks(); if (!$squid_checks->squid_parse()) { build_progress("{failed}", 110); return; } build_progress("{done} {reloading_proxy_service}", 100); $squidbin = $unix->find_program("squid"); system("{$squidbin} -f /etc/squid3/squid.conf -k reconfigure"); }