function l7filter()
{
$snmpd = $GLOBALS["CLASS_UNIX"]->find_program("l7-filter");
if (!is_file($snmpd)) {
$l[] = "";
$l[] = "[APP_l7FILTER]";
$l[] = "service_name=APP_l7FILTER";
$l[] = "running=0\ninstalled=0";
$l[] = "";
return @implode("\n", $l);
}
$enabled = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("EnableL7Filter"));
$master_pid = l7filter_pid();
$l[] = "";
$l[] = "[APP_l7FILTER]";
$l[] = "service_name=APP_l7FILTER";
$l[] = "master_version=" . l7filter_version();
$l[] = "service_cmd=/etc/init.d/l7filter";
$l[] = "service_disabled={$enabled}";
$l[] = "family=system";
$l[] = "pid_path={$pid_path}";
$l[] = "watchdog_features=1";
if ($enabled == 0) {
return implode("\n", $l);
return;
}
if (!$GLOBALS["CLASS_UNIX"]->process_exists($master_pid)) {
if (!$GLOBALS["DISABLE_WATCHDOG"]) {
$cmd = trim("{$GLOBALS["NICE"]}{$GLOBALS["PHP5"]} " . dirname(__FILE__) . "/exec.l7filter.php --start");
shell_exec2($cmd);
}
$l[] = "running=0\ninstalled=1";
$l[] = "";
return implode("\n", $l);
} else {
if ($enabled == 0) {
shell_exec2("{$GLOBALS["nohup"]} /etc/init.d/l7filter stop >/dev/null 2>&1 &");
}
}
$l[] = "running=1";
$l[] = GetMemoriesOf($master_pid);
$l[] = "";
return implode("\n", $l);
return;
}
function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$Masterbin = $unix->find_program("l7-filter");
$modprobe = $unix->find_program("modprobe");
if (!is_file($Masterbin)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, Not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$pid = PID_NUM();
$EnableL7Filter = intval($sock->GET_INFO("EnableL7Filter"));
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
}
if ($EnableL7Filter == 0) {
stop();
}
return;
}
if ($EnableL7Filter == 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableL7Filter)\n";
}
return;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
build();
$version = l7filter_version();
$f[] = $nohup;
$f[] = $Masterbin;
$f[] = "-f /etc/l7-protocols/l7filter.conf";
$f[] = "-p /etc/l7-protocols";
$f[] = "-q 2";
$cmd = @implode(" ", $f) . " >/dev/null 2>&1 &";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
}
shell_exec($cmd);
for ($i = 1; $i < 5; $i++) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
}
sleep(1);
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
break;
}
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} loading Firewall modules\n";
}
shell_exec("{$modprobe} ip_conntrack_netlink");
shell_exec("{$modprobe} nf_conntrack_ipv4");
add_iptables_rules();
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
}
}
}
