예제 #1
0
function events_list(){
	$sock=new sockets();
	
	
	$sock->getFrameWork("squid.php?access-real=yes&rp={$_POST["rp"]}&query=".urlencode($_POST["query"])."&SearchString={$_GET["SearchString"]}");
	$filename="/usr/share/artica-postfix/ressources/logs/access.log.tmp";
	$dataZ=explode("\n",@file_get_contents($filename));
	$tpl=new templates();
	$data = array();
	$data['page'] = 1;
	$data['total'] = count($data);
	$data['rows'] = array();
	$today=date("Y-m-d");
	$tcp=new IP();
	
	$cachedT=$tpl->_ENGINE_parse_body("{cached}");
	$c=0;
	
	if(count($dataZ)==0){json_error_show("no data");}
	$logfileD=new logfile_daemon();
	krsort($dataZ);
	
	while (list ($num, $line) = each ($dataZ)){
		$TR=preg_split("/[\s]+/", $line);
		if(count($TR)<5){continue;}
		$c++;
		$color="black";
		$date=date("Y-m-d H:i:s",$TR[0]);
		$durationunit="s";
		$duration=$TR[1]/1000;
		if($duration<60){$duration=round($duration,2);}
		if($duration>60){$duration=round($duration/60,2);$durationunit="mn";}
		$ip=$TR[2];
		$zCode=explode("/",$TR[3]);
		$size=$TR[4];
		$PROTO=$TR[5];
		if($logfileD->CACHEDORNOT($zCode[0])){$color="#009223";}
		$codeToString=$logfileD->codeToString($zCode[1]);
		
		if($PROTO=="CONNECT"){$color="#BAB700";}
		if($zCode[1]>399){$color="#D0080A";}
		
		if(($PROTO=="GET") or ($PROTO=="POST")){
			if(preg_match("#TCP_REDIRECT#", $zCode[0])){
				$color="#A01E1E";
			}
		}
		
		
		$fontsize=14;
		if($_GET["minsize"]==1){
			$fontsize=12;
		}
		
		if($size>1024){$size=FormatBytes($size/1024);}else{$size="$size Bytes";}
		$date=str_replace($today." ", "", $date);
		$data['rows'][] = array(
				'id' => md5($line),
				'cell' => array(
						"<span style='font-size:{$fontsize}px;color:$color'>$date</span>",
						"<span style='font-size:{$fontsize}px;color:$color'>$ip/{$TR[7]}</span>",
						"<span style='font-size:{$fontsize}px;color:$color'>{$zCode[0]} - $codeToString</span>",
						"<span style='font-size:{$fontsize}px;color:$color'>{$PROTO}</span>",
						"<span style='font-size:{$fontsize}px;color:$color'>{$TR[6]}</span>",
						"<span style='font-size:{$fontsize}px;color:$color'>$size</span>",
						"<span style='font-size:{$fontsize}px;color:$color'>{$duration}$durationunit</span>",
						"$ip"
				)
		);
		
	}
	
	
	$data['total'] = $c;
	echo json_encode($data);
	
}
예제 #2
0
function events_list()
{
    $sock = new sockets();
    $sock->getFrameWork("squid.php?access-real=yes&ViaMaster=yes&rp={$_POST["rp"]}&query=" . urlencode($_POST["query"] . ""));
    $filename = "/usr/share/artica-postfix/ressources/logs/ViaMaster.log.tmp";
    $dataZ = explode("\n", @file_get_contents($filename));
    $tpl = new templates();
    $data = array();
    $data['page'] = 1;
    $data['total'] = count($data);
    $data['rows'] = array();
    $today = date("Y-m-d");
    $tcp = new IP();
    $cachedT = $tpl->_ENGINE_parse_body("{cached}");
    $c = 0;
    if (count($dataZ) == 0) {
        json_error_show("no data");
    }
    $logfileD = new logfile_daemon();
    while (list($num, $line) = each($dataZ)) {
        $TR = preg_split("/[\\s,]+/", $line);
        if (count($TR) < 5) {
            continue;
        }
        $c++;
        $color = "black";
        $date = date("Y-m-d H:i:s", $TR[0]);
        $durationunit = "s";
        $duration = $TR[1] / 1000;
        if ($duration < 60) {
            $duration = round($duration, 2);
        }
        if ($duration > 60) {
            $duration = round($duration / 60, 2);
            $durationunit = "mn";
        }
        $ip = $TR[2];
        $zCode = explode("/", $TR[3]);
        $size = $TR[4];
        $PROTO = $TR[5];
        if ($logfileD->CACHEDORNOT($zCode[0])) {
            $color = "#009223";
        }
        $codeToString = $logfileD->codeToString($zCode[1]);
        if ($PROTO == "CONNECT") {
            $color = "#BAB700";
        }
        if ($zCode[1] > 399) {
            $color = "#D0080A";
        }
        if ($size > 1024) {
            $size = FormatBytes($size / 1024);
        } else {
            $size = "{$size} Bytes";
        }
        $date = str_replace($today . " ", "", $date);
        $data['rows'][] = array('id' => md5($line), 'cell' => array("<span style='font-size:14px;color:{$color}'>{$date}</span>", "<span style='font-size:14px;color:{$color}'>{$ip}/{$TR[10]}</span>", "<span style='font-size:14px;color:{$color}'>{$zCode[0]} - {$codeToString}</span>", "<span style='font-size:14px;color:{$color}'>{$PROTO}</span>", "<span style='font-size:14px;color:{$color}'>{$TR[6]}</span>", "<span style='font-size:14px;color:{$color}'>{$size}</span>", "<span style='font-size:14px;color:{$color}'>{$duration}{$durationunit}</span>", "{$ip}", ""));
    }
    if ($c == 0) {
        json_error_show("no event");
    }
    $data['total'] = $c;
    echo json_encode($data);
}
예제 #3
0
function ParseSizeBuffer($buffer)
{
    if (!class_exists("class.logfile_daemon.inc")) {
        include_once "/usr/share/artica-postfix/ressources/class.logfile_daemon.inc";
    }
    $re = explode(":::", $buffer);
    $mac = trim(strtolower($re[0]));
    if ($mac == "-") {
        $mac == null;
    }
    $mac = str_replace("-", ":", $mac);
    if ($mac == "00:00:00:00:00:00") {
        $mac = null;
    }
    $ipaddr = trim($re[1]);
    // uid
    $uid = $re[2];
    $uid2 = $re[3];
    if ($uid == "-") {
        $uid = null;
    }
    if ($uid2 == "-") {
        $uid2 = null;
    }
    if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $uid2)) {
        $uid2 = null;
    }
    if ($uid == null) {
        if ($uid2 != null) {
            $uid = $uid2;
        }
    }
    $zdate = $re[4];
    $xtime = time();
    $SUFFIX_DATE = date("YmdH", $xtime);
    $logzdate = date("Y-m-d H:i:s", $xtime);
    $proto = $re[5];
    $uri = $re[6];
    $code_error = $re[8];
    $SIZE = $re[9];
    $SquidCode = $re[10];
    $UserAgent = urldecode($re[11]);
    $Forwarded = $re[12];
    $sitename = trim($re[13]);
    $hostname = $re[14];
    $response_time = $re[15];
    $MimeType = $re[16];
    $uid = str_replace("%20", " ", $uid);
    $uid = str_replace("%25", "-", $uid);
    if ($uid == "-") {
        $uid = null;
    }
    $Forwarded = str_replace("%25", "", $Forwarded);
    //events("MimeType: ......: $MimeType");
    if (strpos($uid, '$') > 0) {
        if (substr($uid, strlen($uid) - 1, 1) == "\$") {
            $uid = null;
        }
    }
    if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $uid)) {
        $uid = null;
    }
    if (!preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $ipaddr)) {
        eventsfailed("***** WRONG LINE ipaddr:{$ipaddr} column 13 " . @implode(" | ", $re) . "*****");
        return;
    }
    if ($sitename == "-") {
        $h = parse_url($uri);
        if (isset($h["host"])) {
            $sitename = $h["host"];
        }
        if ($sitename == "-") {
            eventsfailed("***** WRONG SITENAME {$sitename} column 13 " . @implode(" | ", $re) . "*****");
            eventsfailed("{$buffer}");
            eventsfailed("*");
            $GLOBALS["REFUSED_REQUESTS"] = $GLOBALS["REFUSED_REQUESTS"] + 1;
            return;
        }
        if ($sitename == null) {
            eventsfailed("***** WRONG SITENAME {$sitename} column 13 " . @implode(" | ", $re) . "*****");
            eventsfailed("{$buffer}");
            eventsfailed("*");
            $GLOBALS["REFUSED_REQUESTS"] = $GLOBALS["REFUSED_REQUESTS"] + 1;
            return;
        }
    }
    if (strpos($sitename, ":") > 0) {
        $XA = explode(":", $sitename);
        $sitename = $XA[0];
    }
    if ($sitename == "127.0.0.1") {
        $GLOBALS["REFUSED_REQUESTS"] = $GLOBALS["REFUSED_REQUESTS"] + 1;
        if ($GLOBALS["VERBOSE"]) {
            events("127.0.0.1 -> uid = null -> SKIP");
        }
        return;
    }
    if ($Forwarded == "unknown") {
        $Forwarded = null;
    }
    if ($Forwarded == "-") {
        $Forwarded = null;
    }
    if ($Forwarded == "0.0.0.0") {
        $Forwarded = null;
    }
    if ($Forwarded == "255.255.255.255") {
        $Forwarded = null;
    }
    if (strlen($Forwarded) > 4) {
        $ipaddr = $Forwarded;
        $mac = null;
    }
    $ipaddr = str_replace("%25", "-", $ipaddr);
    $mac = str_replace("%25", "-", $mac);
    if ($mac == "-") {
        $mac = null;
    }
    if ($ipaddr == "127.0.0.1" or $ipaddr == "::") {
        if ($uid == null) {
            $GLOBALS["REFUSED_REQUESTS"] = $GLOBALS["REFUSED_REQUESTS"] + 1;
            if ($GLOBALS["VERBOSE"]) {
                events("127.0.0.1 -> uid = null -> SKIP");
            }
            return;
        }
    }
    if (preg_match("#([0-9:a-z]+)\$#", $mac, $z)) {
        $mac = $z[1];
    }
    if ($GLOBALS["VERBOSE"]) {
        events("ITEM: DATE......: {$logzdate}");
        events("ITEM: MAC.......: {$mac}");
        events("ITEM: IP........: {$ipaddr}");
        events("ITEM: Size......: {$SIZE}");
        events("ITEM: SQUID CODE: {$SquidCode}");
        events("ITEM: HTTP CODE.: {$code_error}");
        events("ITEM: uid.......: {$uid}");
        events("ITEM: uri.......: {$uri}");
        events("ITEM: UserAgent.: {$UserAgent}");
        events("ITEM: Forwarded.: {$Forwarded}");
        events("ITEM: SiteName..: {$sitename}");
    }
    if ($UserAgent != null) {
        UserAuthDB($mac, $ipaddr, $uid, $hostname, $UserAgent);
    } else {
        events("No UserAgents in {$buffer}");
    }
    $GLOBALS["COUNT_HASH_TABLE"] = $GLOBALS["COUNT_HASH_TABLE"] + 1;
    $arrayURI = parse_url($uri);
    $sitename = $arrayURI["host"];
    if (strpos($sitename, ":")) {
        $xtr = explode(":", $sitename);
        $sitename = $xtr[0];
        if (preg_match("#^www\\.(.+)#", $sitename, $rz)) {
            $sitename = $rz[1];
        }
    }
    $TimeCache = date("YmdH");
    if (!isset($GLOBALS["FAMLILYSITE"][$sitename])) {
        $fam = new squid_familysite();
        $GLOBALS["FAMLILYSITE"][$sitename] = $fam->GetFamilySites($sitename);
    }
    $FamilySite = $GLOBALS["FAMLILYSITE"][$sitename];
    $TablePrimaireHour = "squidhour_" . $TimeCache;
    $TableSizeHours = "sizehour_" . $TimeCache;
    $TableCacheHours = "cachehour_" . $TimeCache;
    $tableYoutube = "youtubehours_" . $TimeCache;
    $tableSearchWords = "searchwords_" . $TimeCache;
    $tableQuotaTemp = "quotatemp_" . $TimeCache;
    $category = null;
    if ($GLOBALS["DisableLogFileDaemonCategories"] == 0) {
        if ($GLOBALS["VERBOSE"]) {
            $time_start = microtime(true);
        }
        $category = ufdbcat($sitename);
        if ($GLOBALS["VERBOSE"]) {
            $time_end = microtime(true);
            $time_calc = $time_end - $time_start;
        }
        if ($GLOBALS["VERBOSE"]) {
            events("{$sitename} = {$category} {$time_calc}ms");
        }
    }
    $logfile_daemon = new logfile_daemon();
    $cached = $logfile_daemon->CACHEDORNOT($SquidCode);
    $SearchWords = $logfile_daemon->SearchWords($uri);
    $GLOBALS["ACCEPTED_REQUESTS"] = $GLOBALS["ACCEPTED_REQUESTS"] + 1;
    $MAIN["TIMESTAMP"] = time();
    $MAIN["URI"] = $uri;
    $MAIN["sitename"] = $sitename;
    $MAIN["SIZE"] = $SIZE;
    $MAIN["CACHED"] = $cached;
    $MAIN["IPADDR"] = $ipaddr;
    $MAIN["CATEGORY"] = $category;
    $MAIN["MIMETYPE"] = $MimeType;
    $MAIN["FAMILYSITE"] = $GLOBALS["FAMLILYSITE"][$sitename];
    $MAIN["MAC"] = $mac;
    $MAIN["UID"] = $uid;
    $MAIN["USERAGENT"] = $UserAgent;
    $MAIN["SQUID_CODE"] = $SquidCode;
    $MAIN["RESPONSE_TIME"] = $response_time;
    $MAIN["PROTO"] = $proto;
    $MAIN["HTTP_CODE"] = $code_error;
    if ($hostname != null) {
        $MAIN["HOSTNAME"] = $hostname;
    }
    if (is_array($SearchWords)) {
        $MAIN["WORDS"] = $SearchWords["WORDS"];
    }
    $md5 = md5(serialize($MAIN));
    berekley_add($md5, base64_encode(serialize($MAIN)));
    return;
    if (!isset($GLOBALS["RTTCREATED"][$TimeCache])) {
        events("Creating RTTH_{$TimeCache} table...");
        if (create_tables($TimeCache)) {
            $GLOBALS["RTTCREATED"][$TimeCache] = true;
        }
    }
    $sql = "INSERT IGNORE INTO `squidlogs`.`RTTH_{$TimeCache}` (`xtime`,`sitename`,`ipaddr`,`uid`,`MAC`,`size`) VALUES('{$xtime}','{$FamilySite}','{$ipaddr}','{$uid}','{$mac}','{$SIZE}')";
    if ($GLOBALS["VERBOSE"]) {
        $time_start = microtime(true);
    }
    if (!SEND_MYSQL($sql)) {
        @file_put_contents("/var/log/squid/mysql-rtterrors/" . md5($sql), serialize(array("TABLE" => "RTTH_{$TimeCache}", "CMD" => $sql)));
    }
    if ($GLOBALS["VERBOSE"]) {
        $time_end = microtime(true);
        $time_calc = $time_end - $time_start;
    }
    if ($GLOBALS["VERBOSE"]) {
        events("RTTH_{$TimeCache} {$time_calc}ms DisableLogFileDaemonMySQL={$GLOBALS["DisableLogFileDaemonMySQL"]}");
    }
    $uri = xmysql_escape_string2($uri);
    if (!isset($GLOBALS["CODE_TO_STRING"][$code_error])) {
        $GLOBALS["CODE_TO_STRING"][$code_error] = $logfile_daemon->codeToString($code_error);
    }
    $zMD5 = md5("{$uri}{$xtime}{$mac}{$ipaddr}");
    $TYPE = $GLOBALS["CODE_TO_STRING"][$code_error];
    $cached = $GLOBALS["CACHEDX"][$SquidCode];
    $UserAgent = xmysql_escape_string2($UserAgent);
    if ($GLOBALS["VERBOSE"]) {
        $time_start = microtime(true);
    }
    $sql = "INSERT IGNORE INTO `{$TableSizeHours}` (`zDate`,`size`,`cached`) VALUES ('{$logzdate}','{$SIZE}','{$cached}')";
    if (!SEND_MYSQL($sql)) {
        @file_put_contents("/var/log/squid/mysql-rtterrors/" . md5($sql), serialize(array("TimeCache" => $TimeCache, "TABLE" => $TableSizeHours, "CMD" => $sql)));
    }
    if ($GLOBALS["VERBOSE"]) {
        $time_end = microtime(true);
        $time_calc = $time_end - $time_start;
    }
    if ($GLOBALS["VERBOSE"]) {
        events("{$TableSizeHours} = {$time_calc}ms");
    }
    $sql = "INSERT IGNORE INTO `{$tableQuotaTemp}` (`xtime`,`keyr`,`ipaddr`,`familysite`,`servername`,`uid`,`MAC`,`size`) VALUES \n\t('{$logzdate}','{$zMD5}','{$ipaddr}','{$FamilySite}','{$FamilySite}','{$uid}','{$mac}','{$SIZE}')";
    if (!SEND_MYSQL($sql)) {
        @file_put_contents("/var/log/squid/mysql-rtterrors/" . md5($sql), serialize(array("TimeCache" => $TimeCache, "TABLE" => $tableQuotaTemp, "CMD" => $sql)));
    }
    $sql = "INSERT IGNORE INTO `{$TablePrimaireHour}` (`sitename`,`uri`,`TYPE`,`REASON`,`CLIENT`,`hostname`,`zDate`,`zMD5`,`uid`,`QuerySize`,`cached`,`MAC`,`category`) VALUES ('{$sitename}','{$uri}','{$TYPE}','{$TYPE}','{$ipaddr}','{$hostname}','{$logzdate}','{$zMD5}','{$uid}','{$SIZE}','{$cached}','{$mac}','{$category}')";
    if (!SEND_MYSQL($sql)) {
        @file_put_contents("/var/log/squid/mysql-rtterrors/" . md5($sql), serialize(array("TABLE" => $TablePrimaireHour, "CMD" => $sql)));
    }
    $sql = "INSERT IGNORE INTO `{$TableCacheHours}` (`zDate`,`size`,`cached`,`familysite`) VALUES ('{$logzdate}','{$SIZE}','{$cached}','{$FamilySite}')";
    if (!SEND_MYSQL($sql)) {
        @file_put_contents("/var/log/squid/mysql-rtterrors/" . md5($sql), serialize(array("TimeCache" => $TimeCache, "TABLE" => $TableCacheHours, "CMD" => $sql)));
    }
    if (strpos(" {$uri}", "youtube") > 0) {
        $VIDEOID = $logfile_daemon->GetYoutubeID($uri);
        if ($VIDEOID != null) {
            $sql = "INSERT IGNORE INTO `{$tableYoutube}` (`zDate`,`ipaddr`,`hostname`,`uid`,`MAC` ,`account`,`youtubeid`) VALUES ('{$logzdate}','{$ipaddr}','','{$uid}','{$mac}','0','{$VIDEOID}')";
            events_youtube($sql);
            if (!SEND_MYSQL($sql)) {
                @file_put_contents("/var/log/squid/mysql-rtterrors/" . md5($sql), serialize(array("TimeCache" => $TimeCache, "TABLE" => $tableYoutube, "CMD" => $sql)));
            }
        }
    }
    if (is_array($SearchWords)) {
        $words = xmysql_escape_string2($SearchWords["WORDS"]);
        $sql = "INSERT IGNORE INTO `{$tableSearchWords}` (`zmd5`,`sitename`,`zDate`,`ipaddr`,`hostname`,`uid`,`MAC`,`account`,`familysite`,`words`) VALUES ('{$zMD5}','{$sitename}','{$logzdate}','{$ipaddr}','{$hostname}','{$uid}','{$mac}','0','{$FamilySite}','{$words}')";
        if (!SEND_MYSQL($sql)) {
            @file_put_contents("/var/log/squid/mysql-rtterrors/" . md5($sql), serialize(array("TimeCache" => $TimeCache, "TABLE" => $tableYoutube, "CMD" => $sql)));
        }
    }
    if (count($GLOBALS["CACHE_SQL"]) > 2) {
        events("CACHE_SQL = " . count($GLOBALS["CACHE_SQL"] . " seems 2 minutes"));
        empty_TableHash();
    }
    $dd = date("Hi");
    if (count($GLOBALS["CACHE_SQL"][$dd]) > 1000) {
        events("CACHE_SQL[{$dd}] = " . count($GLOBALS["CACHE_SQL"][$dd]));
        empty_TableHash();
    }
    return;
    $GLOBALS["RTTHASH"][$SUFFIX_DATE][] = array("TIME" => $xtime, "MAC" => $mac, "IPADDR" => $ipaddr, "SIZE" => $SIZE, "SQUID_CODE" => $SquidCode, "HTTP_CODE" => $code_error, "UID" => $uid, "URI" => $uri, "USERAGENT" => $UserAgent, "SITENAME" => $sitename, "HOSTNAME" => $hostname, "RESPONSE_TIME" => $response_time);
    $GLOBALS["ACCEPTED_REQUESTS"] = $GLOBALS["ACCEPTED_REQUESTS"] + 1;
    if (count($GLOBALS["RTTHASH"][$SUFFIX_DATE]) > 50) {
        if ($GLOBALS["VERBOSE"]) {
            events("-> empty_TableHash()");
        }
        empty_TableHash();
    }
    if ($GLOBALS["VERBOSE"]) {
        events("---------------------- DONE ----------------------");
    }
}
function parse_realtime_hash()
{
    @mkdir("/var/log/squid/mysql-rtcaches", 0755, true);
    @mkdir("/var/log/squid/mysql-rttime", 0755, true);
    $GLOBALS["TablePrimaireHour"] = array();
    $GLOBALS["TABLES_PRIMAIRES_SEARCHWORDS"] = array();
    $GLOBALS["MacResolvFrfomIP"] = null;
    $GLOBALS["MacResolvInterface"] = null;
    $WORKDIR = "/var/log/squid/mysql-rthash";
    $GLOBALS["MacResolvInterface"] = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/MacResolvInterface"));
    $GLOBALS["EnableMacAddressFilter"] = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableMacAddressFilter"));
    if (!is_numeric($GLOBALS["EnableMacAddressFilter"])) {
        $GLOBALS["EnableMacAddressFilter"] = 1;
    }
    $EnableRemoteSyslogStatsAppliance = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableRemoteSyslogStatsAppliance"));
    $DisableArticaProxyStatistics = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/DisableArticaProxyStatistics"));
    $EnableRemoteStatisticsAppliance = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableRemoteStatisticsAppliance"));
    $SquidActHasReverse = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/SquidActHasReverse"));
    if (!is_numeric($EnableRemoteStatisticsAppliance)) {
        $EnableRemoteStatisticsAppliance = 0;
    }
    if (!is_numeric($DisableArticaProxyStatistics)) {
        $DisableArticaProxyStatistics = 0;
    }
    if (!is_numeric($EnableRemoteSyslogStatsAppliance)) {
        $EnableRemoteSyslogStatsAppliance = 0;
    }
    if (!is_numeric($SquidActHasReverse)) {
        $SquidActHasReverse = 0;
    }
    @mkdir($WORKDIR, 0755, true);
    chown($WORKDIR, "squid");
    chgrp($WORKDIR, "squid");
    if (!($handle = opendir("/var/log/squid/mysql-rthash"))) {
        return;
    }
    $GLOBALS["LOG_HOSTNAME"] = false;
    $EnableProxyLogHostnames = intval(trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableProxyLogHostnames")));
    if ($EnableProxyLogHostnames == 1) {
        $GLOBALS["LOG_HOSTNAME"] = true;
    }
    $GLOBALS["IPCACHE"] = unserialize(@file_get_contents("/etc/squid3/IPCACHE.db"));
    $GLOBALS["SitenameResolved"] = unserialize(@file_get_contents("/etc/squid3/SitenameResolved.db"));
    $GLOBALS["GetFamilySites"] = unserialize(@file_get_contents("/etc/squid3/GetFamilySites.db"));
    $GLOBALS["USERSDB"] = unserialize(@file_get_contents("/etc/squid3/usersMacs.db"));
    $GLOBALS["KEYUSERS"] = unserialize(@file_get_contents("/etc/squid3/KEYUSERS.db"));
    $GLOBALS["CACHEARP"] = unserialize(@file_get_contents("/etc/squid3/CACHEARP.db"));
    if ($GLOBALS["MacResolvInterface"] != null) {
        $GLOBALS["MacResolvFrfomIP"] = ethToIp();
    }
    $GLOBALS["UserAgents"] = array();
    $q = new mysql_squid_builder();
    $logfileD = new logfile_daemon();
    $IpClass = new IP();
    $CountDeFiles = 0;
    $AA = 0;
    $countDeFiles = 0;
    while (false !== ($filename = readdir($handle))) {
        if ($filename == ".") {
            continue;
        }
        if ($filename == "..") {
            continue;
        }
        $filepath = "{$WORKDIR}/{$filename}";
        events("parse_realtime_hash():: Scanning {$WORKDIR}/{$filename}");
        $content = unserialize(@file_get_contents($filepath));
        $CountDeFiles++;
        @unlink($filepath);
        while (list($SUFFIX_TABLE, $Arrayz) = each($content)) {
            while (list($index, $rows) = each($Arrayz)) {
                $AA++;
                $cached = 0;
                $hostname = null;
                $SUFFIX_DATE = $SUFFIX_TABLE;
                $key = null;
                $xtime = $rows["TIME"];
                $sitename = $rows["SITENAME"];
                $mac = $rows["MAC"];
                $uid = $rows["UID"];
                $ipaddr = $rows["IPADDR"];
                if (isset($rows["HOSTNAME"])) {
                    $hostname = $rows["HOSTNAME"];
                }
                $SquidCode = $rows["SQUID_CODE"];
                $SIZE = $rows["SIZE"];
                $uri = $rows["URI"];
                $zMD5 = md5(serialize($rows));
                $UserAgent = $rows["USERAGENT"];
                $code_error = $rows["HTTP_CODE"];
                if ($IpClass->isValid($uid)) {
                    $uid = null;
                }
                $RESPONSE_TIME = $rows["RESPONSE_TIME"];
                if ($GLOBALS["VERBOSE"]) {
                    echo "Scanning {$SUFFIX_DATE} {$xtime} {$ipaddr} {$sitename}\n";
                }
                if (isset($GLOBALS["ZMD5"][$zMD5])) {
                    events("{$uri} - md5 = {$zMD5} is the same !!!");
                }
                $GLOBALS["ZMD5"][$zMD5] = true;
                if ($mac == null) {
                    if ($GLOBALS["EnableMacAddressFilter"] == 1) {
                        $mac = IpToMac($ipaddr);
                    }
                }
                if ($uid == null) {
                    if ($mac != null) {
                        if (isset($GLOBALS["USERSDB"]["MACS"][$mac])) {
                            $uid = $GLOBALS["USERSDB"]["MACS"][$mac]["UID"];
                        }
                    }
                }
                if (strpos("   {$sitename}", "www.") > 0) {
                    if (preg_match("#^www\\.(.+)#", $sitename, $re)) {
                        $sitename = $re[1];
                    }
                }
                if ($IpClass->isValid($sitename)) {
                    if (!isset($GLOBALS["SitenameResolved"][$sitename])) {
                        $GLOBALS["SitenameResolved"][$sitename] = gethostbyaddr2($sitename);
                    }
                    if ($GLOBALS["SitenameResolved"][$sitename] != null) {
                        $sitename = $GLOBALS["SitenameResolved"][$sitename];
                    }
                }
                if (!isset($GLOBALS["GetFamilySites"][$sitename])) {
                    $GLOBALS["GetFamilySites"][$sitename] = x_GetFamilySites($sitename);
                    if ($GLOBALS["GetFamilySites"][$sitename] == null) {
                        $GLOBALS["GetFamilySites"][$sitename] = $sitename;
                    }
                }
                $familysite = $GLOBALS["GetFamilySites"][$sitename];
                if ($familysite == "localhost") {
                    continue;
                }
                if ($uid != null) {
                    $key = "uid";
                }
                if ($key == null) {
                    if ($mac != null) {
                        $key = "MAC";
                    }
                }
                if ($key == null) {
                    if ($ipaddr != null) {
                        $key = "ipaddr";
                    }
                }
                if ($key == null) {
                    continue;
                }
                $hour = date("H", $xtime);
                $date = date("Y-m-d H:i:s", $xtime);
                if ($GLOBALS["VERBOSE"]) {
                    echo "Date: {$date}: {$familysite} {$uid}/{$ipaddr}\n";
                }
                $uri = trim($uri);
                if ($uri == null) {
                    continue;
                }
                if ($uid == null) {
                    $uid = x_MacToUid($mac);
                }
                if ($uid == null) {
                    $uid = x_IpToUid($ipaddr);
                }
                if ($hostname == null) {
                    $hostname = x_MacToHost($mac);
                }
                if ($hostname == null) {
                    $hostname = x_IpToHost($ipaddr);
                }
                if (trim($hostname) == null) {
                    if ($GLOBALS["LOG_HOSTNAME"]) {
                        $hostname = gethostbyaddr2($ipaddr);
                    }
                }
                if (preg_match("#(.+?):(.+)#", $SquidCode, $re)) {
                    $SquidCode = $re[1];
                }
                if ($logfileD->CACHEDORNOT($SquidCode)) {
                    $cached = 1;
                }
                if ($GLOBALS["VERBOSE"]) {
                    echo "[" . __LINE__ . "]: Uri <{$uri}> Squid code={$SquidCode} cached={$cached}  Client = {$uid}/{$mac}/{$hostname} [{$ipaddr}] , Size={$SIZE} bytes\n";
                }
                //events("$familysite - Squid code=$SquidCode cached=$cached  Client = $uid/$mac/$hostname [$ipaddr] , Size=$SIZE bytes");
                $KeyUser = md5($uid . $hostname . $ipaddr . $mac . $UserAgent);
                $UserAgent = x_mysql_escape_string2($UserAgent);
                if (!isset($GLOBALS["KEYUSERS"][$KeyUser])) {
                    $GLOBALS["UserAutDB"][] = "('{$KeyUser}','{$mac}','{$ipaddr}','{$uid}','{$hostname}','{$UserAgent}')";
                    //$sql="INSERT IGNORE INTO UserAutDB (zmd5,MAC,ipaddr,uid,hostname,UserAgent) VALUES ('$KeyUser','$mac','$ipaddr','$uid','$hostname','$UserAgent')";
                }
                if ($UserAgent != null) {
                    $GLOBALS["UserAgents"][] = "('{$UserAgent}')";
                }
                $catz = new mysql_catz();
                $category = x_mysql_escape_string2($catz->GetMemoryCache($sitename, true));
                events("RTTHASH:: {$sitename} Category = `{$category}`");
                $TablePrimaireHour = "squidhour_" . $SUFFIX_DATE;
                $TableSizeHours = "sizehour_" . $SUFFIX_DATE;
                $TableCacheHours = "cachehour_" . $SUFFIX_DATE;
                $tableYoutube = "youtubehours_" . $SUFFIX_DATE;
                $tableSearchWords = "searchwords_" . $SUFFIX_DATE;
                $sitename = x_mysql_escape_string2($sitename);
                $uri = substr($uri, 0, 254);
                $uri = x_mysql_escape_string2($uri);
                $uriT = x_mysql_escape_string2($uri);
                $hostname = x_mysql_escape_string2($hostname);
                $TYPE = $logfileD->codeToString($code_error);
                $REASON = $TYPE;
                if ($mac != null) {
                    $GLOBALS["macscan"][] = "('{$mac}','{$ipaddr}')";
                }
                $GLOBALS["TablePrimaireHour"][$TablePrimaireHour][] = "('{$sitename}','{$uriT}','{$TYPE}','{$REASON}','{$ipaddr}','{$hostname}','{$date}','{$zMD5}','{$uid}','{$SIZE}','{$cached}','{$mac}','{$category}')";
                //$sql="INSERT IGNORE INTO `$TableSizeHours` (`zDate`,`size`,`cached`) VALUES('$date','$SIZE','$cached')";
                $GLOBALS["TABLES_PRIMAIRES_SIZEHOUR"][$TableSizeHours][] = "('{$date}','{$SIZE}','{$cached}')";
                if ($SIZE > 0) {
                    $GLOBALS["TABLES_PRIMAIRES_CACHEHOUR"][$TableCacheHours][] = "('{$date}','{$SIZE}','{$cached}','{$familysite}')";
                }
                if (strpos(" {$uri}", "youtube") > 0) {
                    $VIDEOID = $logfileD->GetYoutubeID($uri);
                    if ($VIDEOID != null) {
                        events("YOUTUBE:: {$date}: {$ipaddr} {$uid} {$mac} [{$VIDEOID}]");
                        $sql = "INSERT IGNORE INTO `{$tableYoutube}`\n\t\t\t\t\t(`zDate`,`ipaddr`,`hostname`,`uid`,`MAC` ,`account`,`youtubeid`)\n\t\t\t\t\tVALUES ('{$date}','{$ipaddr}','','{$uid}','{$mac}','0','{$VIDEOID}')";
                        $rand = rand(100, 65000);
                        @file_put_contents("/var/log/squid/mysql-queue/YoutubeRTT." . time() . ".{$rand}.sql", $sql);
                    }
                }
                $SearchWords = $logfileD->SearchWords($uri);
                if (is_array($SearchWords)) {
                    $words = x_mysql_escape_string2($SearchWords["WORDS"]);
                    $GLOBALS["TABLES_PRIMAIRES_SEARCHWORDS"][$tableSearchWords][] = "('{$zMD5}','{$sitename}','{$date}','{$ipaddr}','{$hostname}','{$uid}','{$mac}','0','{$familysite}','{$words}')";
                }
                //
                $timekey = date('YmdH', $xtime);
                $stime = date("Y-m-d H:i:s", $xtime);
                $table = "quotatemp_{$timekey}";
                $keyr2 = md5("{$stime}{$date}{$uid}{$ipaddr}{$mac}{$sitename}");
                $GLOBALS["TABLES_PRIMAIRES_QUOTATEMP"][$table][] = "('{$stime}','{$keyr2}','{$ipaddr}','{$familysite}','{$familysite}','{$uid}','{$mac}','{$SIZE}')";
            }
        }
    }
    events("{$WORKDIR} -> {$AA} elements scanned");
    if (count($GLOBALS["UserAgents"]) > 0) {
        $q = new mysql_squid_builder();
        $q->QUERY_SQL("INSERT IGNORE INTO `UserAgents` (`pattern`) VALUES " . @implode(",", $GLOBALS["UserAgents"]));
        $GLOBALS["UserAgents"] = array();
    }
    if ($CountDeFiles > 0) {
        $GLOBALS["PARSE_SECOND_TIME"] = true;
        events(__FUNCTION__ . "():: {$CountDeFiles} parsed files");
        @file_put_contents("/etc/squid3/IPCACHE.db", serialize($GLOBALS["IPCACHE"]));
        @file_put_contents("/etc/squid3/SitenameResolved.db", serialize($GLOBALS["SitenameResolved"]));
        @file_put_contents("/etc/squid3/GetFamilySites.db", serialize($GLOBALS["GetFamilySites"]));
        @file_put_contents("/etc/squid3/KEYUSERS.db", unserialize($GLOBALS["KEYUSERS"]));
        @file_put_contents("/etc/squid3/CACHEARP.db", serialize($GLOBALS["CACHEARP"]));
        PurgeMemory();
        empty_TablePrimaireHour();
    }
}
function parseline($buffer)
{
    $logfile_daemon = new logfile_daemon();
    $return = array();
    $ipaddr = null;
    if (strpos($buffer, " TAG_NONE/") > 0) {
        return;
    }
    if (strpos($buffer, " TAG_NONE_ABORTED/000") > 0) {
        return;
    }
    if (strpos($buffer, " TCP_REDIRECT_TIMEDOUT/") > 0) {
        return;
    }
    if (strpos($buffer, " TCP_TUNNEL/200 0 CONNECT") > 0) {
        return;
    }
    if (strpos($buffer, " TCP_MISS_ABORTED/000") > 0) {
        return;
    }
    if (strpos($buffer, " TAG_NONE_TIMEDOUT/200 0") > 0) {
        return;
    }
    if (preg_match("#^([0-9\\.]+)\\s+([0-9\\-]+)\\s+(.*?)\\s+([A-Z_]+)\\/([0-9]+)\\s+([0-9]+)\\s+([A-Z_]+)\\s+(.*?)\\s+(.*?)\\s+([A-Z_]+)\\/(.*?)\\s+#is", $buffer, $re)) {
        $cached = 0;
        $time = round($re[1]);
        $hostname = $re[3];
        $SquidCode = $re[4];
        $code_error = $re[5];
        $size = $re[6];
        $proto = $re[7];
        $uri = $re[8];
        $uid = $re[9];
        $basenameECT = $re[10];
        $remote_ip = $re[11];
        if ($hostname == "127.0.0.1") {
            return array();
        }
        if (intval($size) == 0) {
            if ($GLOBALS["VERBOSE"]) {
                echo "{$buffer} SIZE=0;\n";
                print_r($re);
            }
        }
        if (trim($uid) == "-") {
            $uid = null;
        }
        if (preg_match("#^[0-9\\.]+\$#", $hostname)) {
            $ipaddr = $hostname;
            $hostname = null;
        }
        if (preg_match("#^(.+?)\\\\(.+)#", $uid, $ri)) {
            $uid = $ri[2];
        }
        $cached = $logfile_daemon->CACHEDORNOT($SquidCode);
        $arrayURI = parse_url($uri);
        $sitename = $arrayURI["host"];
        if (strpos($sitename, ":")) {
            $xtr = explode(":", $sitename);
            $sitename = $xtr[0];
            if (preg_match("#^www\\.(.+)#", $sitename, $rz)) {
                $sitename = $rz[1];
            }
        }
        $category = $GLOBALS["MYSQL_CATZ"]->GET_CATEGORIES($sitename);
        $familysite = $GLOBALS["SQUID_FAMILY_CLASS"]->GetFamilySites($sitename);
        if (is_numeric($familysite)) {
            if ($GLOBALS["VERBOSE"]) {
                echo "familysite = {$familysite} ??? numeric ??? " . __LINE__ . "\n";
            }
        }
        $return = array("TIME" => $time, "IPADDR" => $ipaddr, "CACHED" => $cached, "UID" => $uid, "HOSTNAME" => $hostname, "SITENAME" => $sitename, "FAMILYSITE" => $familysite, "CATEGORY" => $category, "ERRCODE" => $code_error, "SIZE" => $size, "PROTO" => $proto, "URI" => $uri, "REMOTE" => $remote_ip);
        return $return;
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "NO MATCH\n{$buffer}\n";
    }
}
예제 #6
0
function events_list()
{
    $sock = new sockets();
    $catz = new mysql_catz();
    $sock->getFrameWork("squid.php?access-real=yes&rp={$_POST["rp"]}&query=" . urlencode($_POST["query"]) . "&SearchString={$_GET["SearchString"]}");
    $filename = "/usr/share/artica-postfix/ressources/logs/access.log.tmp";
    $dataZ = explode("\n", @file_get_contents($filename));
    $tpl = new templates();
    $data = array();
    $data['page'] = 1;
    $data['total'] = count($data);
    $data['rows'] = array();
    $today = date("Y-m-d");
    $tcp = new IP();
    $cachedT = $tpl->_ENGINE_parse_body("{cached}");
    $unknown = $tpl->javascript_parse_text("{unknown}");
    $c = 0;
    if (count($dataZ) == 0) {
        json_error_show("no data");
    }
    $zcat = new squid_familysite();
    $logfileD = new logfile_daemon();
    krsort($dataZ);
    $IP = new IP();
    while (list($num, $line) = each($dataZ)) {
        $TR = preg_split("/[\\s]+/", $line);
        if (count($TR) < 5) {
            continue;
        }
        $c++;
        $color = "black";
        $date = date("Y-m-d H:i:s", $TR[0]);
        $durationunit = "s";
        $duration = $TR[1] / 1000;
        if ($duration < 60) {
            $duration = round($duration, 2);
        }
        if ($duration > 60) {
            $duration = round($duration / 60, 2);
            $durationunit = "mn";
        }
        $ip = $TR[2];
        $zCode = explode("/", $TR[3]);
        $size = $TR[4];
        $PROTO = $TR[5];
        if ($logfileD->CACHEDORNOT($zCode[0])) {
            $color = "#009223";
        }
        $codeToString = $logfileD->codeToString($zCode[1]);
        $port = null;
        $infos = null;
        $prefix = null;
        $query = null;
        $scheme = null;
        if ($PROTO == "CONNECT") {
            $color = "#BAB700";
            $PROTO = "SSL";
            $scheme = "https";
        }
        if ($zCode[1] > 399) {
            $color = "#D0080A";
        }
        if ($zCode[1] == 307) {
            $color = "#F59C44";
        }
        if ($PROTO == "GET" or $PROTO == "POST") {
            if (preg_match("#TCP_REDIRECT#", $zCode[0])) {
                $color = "#A01E1E";
            }
        }
        $URL = $TR[6];
        $SOURCE_URL = $URL;
        $fontsize = 14;
        if ($_GET["minsize"] == 1) {
            $fontsize = 12;
        }
        $user = "******";
        if ($user == "-") {
            $user = null;
        }
        if ($user != null) {
            $user = "******";
        }
        if (!isset($parse["scheme"])) {
            if ($PROTO == "SSL") {
                $GET_URL = "https://{$SOURCE_URL}";
            }
        } else {
            $GET_URL = $SOURCE_URL;
        }
        $parse = parse_url($URL);
        if ($scheme == null) {
            $scheme = $parse["scheme"];
        }
        $hostname = $parse["host"];
        if (preg_match("#(.+?):([0-9]+)#", $hostname, $re)) {
            $hostname = $re[1];
            $port = $re[2];
        }
        if ($IP->isValid($hostname)) {
            $parse["query"] = null;
            $parse["path"] = null;
            $TT = explode(".", $hostname);
            $net = $TT[0] . "." . $TT[1] . "." . $TT[2];
            $infos = "&nbsp;(<a href=\"http://www.tcpiputils.com/browse/ip-address/{$hostname}\" style='text-decoration:underline;color:black' target=_new>TCP Utils</a>&nbsp;|&nbsp<a href=\"https://db-ip.com/all/{$net}\" style='text-decoration:underline;color:black' target=_new>Subnet</a>)";
        }
        $path = $parse["path"];
        $query = $parse["query"];
        $familysite = $zcat->GetFamilySites($hostname);
        $familysite = str_replace("'", "`", $familysite);
        $familysiteEnc = urlencode($familysite);
        if ($familysite != $hostname) {
            $prefix = str_replace(".{$familysite}", "", $hostname);
            if ($prefix != "www") {
                $prefix = "<a href=\"javascript:blur();\"\n\t\t\t\tOnClick=\"javascript:Loadjs('squid.access.webfilter.tasks.php?familysite={$hostname}')\"\n\t\t\t\tstyle='text-decoration:underline;font-size:{$fontsize}px;color:{$color};font-weight:bold'>{$prefix}</a>";
            }
        }
        $familysite = "<a href=\"javascript:blur();\" \n\t\tOnClick=\"javascript:Loadjs('squid.access.webfilter.tasks.php?familysite={$familysiteEnc}')\"\n\t\tstyle='text-decoration:underline;font-size:{$fontsize}px;color:{$color}'>{$familysite}</a>";
        $URL = "{$scheme}://";
        if ($prefix != null) {
            $URL = $URL . "{$prefix}.";
        }
        $URL = $URL . "{$familysite}";
        if ($port != null) {
            $URL = $URL . ":{$port}";
        }
        if (!isset($_GET["categories-scan"])) {
            if ($path != null) {
                $URL = $URL . $path;
            }
            if ($query != null) {
                $URL = $URL . "?{$query}";
            }
        } else {
            $category = $catz->GET_CATEGORIES($hostname);
            if ($category == null) {
                $category = " ({$unknown})";
            } else {
                $category = " ({$category})";
            }
            $URL = $URL . $category;
        }
        $TR[6] = $URL;
        $link = "<a href=\"{$GET_URL}\" target=_new><img src='img/icon-link.png'></a>";
        if ($size > 1024) {
            $size = FormatBytes($size / 1024);
        } else {
            $size = "{$size} Bytes";
        }
        $date = str_replace($today . " ", "", $date);
        $data['rows'][] = array('id' => md5($line), 'cell' => array("<span style='font-size:{$fontsize}px;color:{$color}'>{$date}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$ip}{$user}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$zCode[0]} - {$codeToString}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$PROTO}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$TR[6]}{$infos}</span>", "<center style='font-size:{$fontsize}px;color:{$color}'>{$link}</center>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$size}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$duration}{$durationunit}</span>", "{$ip}"));
    }
    $data['total'] = $c;
    echo json_encode($data);
}
예제 #7
0
function events_list()
{
    $sock = new sockets();
    if (!isset($_POST["rp"])) {
        $_POST["rp"] = 50;
    }
    $sock->getFrameWork("squid.php?squidtail-real=yes&rp={$_POST["rp"]}&query=" . urlencode($_POST["query"]) . "&SearchString={$_GET["SearchString"]}");
    $filename = "/usr/share/artica-postfix/ressources/logs/squidtail.log.tmp";
    $dataZ = explode("\n", @file_get_contents($filename));
    $tpl = new templates();
    $data = array();
    $data['page'] = 1;
    $data['total'] = count($data);
    $data['rows'] = array();
    $today = date("Y-m-d");
    $tcp = new IP();
    $cachedT = $tpl->_ENGINE_parse_body("{cached}");
    $c = 0;
    if (count($dataZ) == 0) {
        json_error_show("no data");
    }
    $logfileD = new logfile_daemon();
    krsort($dataZ);
    $c = 0;
    while (list($num, $line) = each($dataZ)) {
        $xusers = array();
        $c++;
        $re = explode(":::", $line);
        if (preg_match("#^.*?\\):\\s+(.+)#", trim($re[0]), $rz)) {
            $re[0] = $rz[1];
        }
        $color = "black";
        $mac = trim(strtolower($re[0]));
        if ($mac == "-") {
            $mac == null;
        }
        $mac = str_replace("-", ":", $mac);
        if ($mac == "00:00:00:00:00:00") {
            $mac = null;
        }
        $ipaddr = trim($re[1]);
        if (!isset($GLOBALS["USER_MEM"])) {
            $GLOBALS["USER_MEM"] = 0;
        }
        $uid = $re[2];
        $uid2 = $re[3];
        if ($uid == "-") {
            $uid = null;
        }
        if ($uid2 == "-") {
            $uid2 = null;
        }
        if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $uid2)) {
            $uid2 = null;
        }
        if ($uid == null) {
            if ($uid2 != null) {
                $uid = $uid2;
            }
        }
        $zdate = $re[4];
        $xtime = strtotime($zdate);
        if (!is_numeric($xtime)) {
            continue;
        }
        $SUFFIX_DATE = date("YmdH", $xtime);
        $logzdate = date("Y-m-d H:i:s", $xtime);
        $proto = $re[5];
        $uri = $re[6];
        $code_error = $re[8];
        $SIZE = $re[9];
        $SquidCode = $re[10];
        $UserAgent = urldecode($re[11]);
        $Forwarded = $re[12];
        $sitename = trim($re[13]);
        $hostname = trim($re[14]);
        $response_time = $re[15];
        $MimeType = trim($re[16]);
        $sni = trim($re[17]);
        $proxyname = trim($re[18]);
        $uid = trim(strtolower(str_replace("%20", " ", $uid)));
        $uid = str_replace("%25", "-", $uid);
        if ($uid == "-") {
            $uid = null;
        }
        $Forwarded = str_replace("%25", "", $Forwarded);
        if ($sni == "-") {
            $sni = null;
        }
        if ($logfileD->CACHEDORNOT($SquidCode)) {
            $color = "#009223";
        }
        $codeToString = $logfileD->codeToString($code_error);
        if ($proto == "CONNECT") {
            $color = "#BAB700";
            $proto = "SSL/HTTPS";
        }
        if ($code_error > 399) {
            $color = "#D0080A";
        }
        if ($code_error == 307) {
            $color = "#F59C44";
        }
        if ($proto == "GET" or $proto == "POST") {
            if (preg_match("#TCP_REDIRECT#", $SquidCode)) {
                $color = "#A01E1E";
            }
        }
        if (strpos($uid, '$') > 0) {
            if (substr($uid, strlen($uid) - 1, 1) == "\$") {
                $uid = null;
            }
        }
        if ($sni != null) {
            if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $sitename)) {
                $sitename = $sni;
            }
        }
        if ($proxyname != null) {
            if (preg_match("#proxyname=(.+)#", $proxyname, $re)) {
                $proxyname = $re[1];
            }
        }
        if ($sitename == "-") {
            $h = parse_url($uri);
            if (isset($h["host"])) {
                $sitename = $h["host"];
            }
        }
        if (strpos($sitename, ":") > 0) {
            $XA = explode(":", $sitename);
            $sitename = $XA[0];
        }
        if ($Forwarded == "unknown") {
            $Forwarded = null;
        }
        if ($Forwarded == "-") {
            $Forwarded = null;
        }
        if ($Forwarded == "0.0.0.0") {
            $Forwarded = null;
        }
        if ($Forwarded == "255.255.255.255") {
            $Forwarded = null;
        }
        if (strlen($Forwarded) > 4) {
            $ipaddr = $Forwarded;
            $mac = null;
        }
        $ipaddr = str_replace("%25", "-", $ipaddr);
        $mac = str_replace("%25", "-", $mac);
        if ($mac == "-") {
            $mac = null;
        }
        if ($mac == "00:00:00:00:00:00") {
            $mac = null;
        }
        if (preg_match("#([0-9:a-z]+)\$#", $mac, $z)) {
            $mac = $z[1];
        }
        $xusers[] = $ipaddr;
        if ($mac != null) {
            $xusers[] = "{$mac}";
        }
        if ($uid != null) {
            $xusers[] = "{$uid}";
        }
        $SquidCode = str_replace(":HIER_DIRECT", "", $SquidCode);
        if ($SIZE > 1024) {
            $size = FormatBytes($SIZE / 1024);
        } else {
            $SIZE = "{$SIZE} Bytes";
        }
        $date = str_replace($today . " ", "", $date);
        $data['rows'][] = array('id' => md5($line), 'cell' => array("<span style='font-size:{$fontsize}px;color:{$color}'>{$logzdate}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$proxyname}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>" . @implode("&nbsp;|&nbsp;", $xusers) . "</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$SquidCode}/{$code_error}/{$proto}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$uri}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$size}</span>", "<span style='font-size:{$fontsize}px;color:{$color}'>{$duration}{$durationunit}</span>", "{$ip}"));
    }
    $data['total'] = $c;
    echo json_encode($data);
}
예제 #8
0
function ParseSizeBuffer($buffer)
{
    $proxyname = null;
    if (!class_exists("class.logfile_daemon.inc")) {
        include_once "/usr/share/artica-postfix/ressources/class.logfile_daemon.inc";
    }
    $re = explode(":::", $buffer);
    if (preg_match("#^.*?\\):\\s+(.+)#", trim($re[0]), $rz)) {
        $re[0] = $rz[1];
    }
    if ($GLOBALS["VERBOSE"]) {
        events($buffer);
    }
    if ($GLOBALS["VERBOSE"]) {
        events("ITEM: MAC......: {$re[0]} [" . __LINE__ . "]");
    }
    $mac = trim(strtolower($re[0]));
    if ($mac == "-") {
        $mac == null;
    }
    $mac = str_replace("-", ":", $mac);
    if ($mac == "00:00:00:00:00:00") {
        $mac = null;
    }
    $ipaddr = trim($re[1]);
    if (!isset($GLOBALS["USER_MEM"])) {
        $GLOBALS["USER_MEM"] = 0;
    }
    // uid
    $uid = $re[2];
    $uid2 = $re[3];
    if ($uid == "-") {
        $uid = null;
    }
    if ($uid2 == "-") {
        $uid2 = null;
    }
    if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $uid2)) {
        $uid2 = null;
    }
    if ($uid == null) {
        if ($uid2 != null) {
            $uid = $uid2;
        }
    }
    $zdate = $re[4];
    $xtime = time();
    $SUFFIX_DATE = date("YmdH", $xtime);
    $logzdate = date("Y-m-d H:i:s", $xtime);
    $proto = $re[5];
    $uri = $re[6];
    $code_error = $re[8];
    $SIZE = $re[9];
    $SquidCode = $re[10];
    $UserAgent = urldecode($re[11]);
    $Forwarded = $re[12];
    $sitename = trim($re[13]);
    $hostname = trim($re[14]);
    $response_time = $re[15];
    $MimeType = trim($re[16]);
    $sni = trim($re[17]);
    $proxyname = trim($re[18]);
    $OUGROUP = trim($re[19]);
    $uid = trim(strtolower(str_replace("%20", " ", $uid)));
    $uid = str_replace("%25", "-", $uid);
    if ($uid == "-") {
        $uid = null;
    }
    $Forwarded = str_replace("%25", "", $Forwarded);
    //events("MimeType: ......: $MimeType");
    if ($sni == "-") {
        $sni = null;
    }
    if (strpos($uid, '$') > 0) {
        if (substr($uid, strlen($uid) - 1, 1) == "\$") {
            $uid = null;
        }
    }
    if ($sni != null) {
        if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $sitename)) {
            $sitename = $sni;
        }
    }
    if ($proxyname != null) {
        if (preg_match("#proxyname=(.+)#", $proxyname, $re)) {
            $GLOBALS["REMOTE_PROXY_NAME"] = $re[1];
        }
    } else {
        $GLOBALS["REMOTE_PROXY_NAME"] = $GLOBALS["MYHOSTNAME"];
    }
    $GLOBALS["REMOTE_PROXY_NAME"] = str_replace("proxyname=", "", $GLOBALS["REMOTE_PROXY_NAME"]);
    if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $uid)) {
        $uid = null;
    }
    if (!preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $ipaddr)) {
        eventsfailed("***** WRONG LINE ipaddr:{$ipaddr} column 13 " . @implode(" | ", $re) . "*****");
        return;
    }
    if ($sitename == "-") {
        $h = parse_url($uri);
        if (isset($h["host"])) {
            $sitename = $h["host"];
        }
        if ($sitename == "-") {
            eventsfailed("***** WRONG SITENAME \"{$sitename}\" column 13 " . @implode(" | ", $re) . "*****");
            eventsfailed("{$buffer}");
            eventsfailed("*");
            $GLOBALS["REFUSED_REQUESTS"] = $GLOBALS["REFUSED_REQUESTS"] + 1;
            return;
        }
        if ($sitename == null) {
            eventsfailed("***** WRONG SITENAME \"{$sitename}\" column 13 " . @implode(" | ", $re) . "*****");
            eventsfailed("{$buffer}");
            eventsfailed("*");
            $GLOBALS["REFUSED_REQUESTS"] = $GLOBALS["REFUSED_REQUESTS"] + 1;
            return;
        }
    }
    if (strpos($sitename, ":") > 0) {
        $XA = explode(":", $sitename);
        $sitename = $XA[0];
    }
    if ($sitename == "127.0.0.1") {
        $GLOBALS["REFUSED_REQUESTS"] = $GLOBALS["REFUSED_REQUESTS"] + 1;
        if ($GLOBALS["VERBOSE"]) {
            events("127.0.0.1 -> uid = null -> SKIP");
        }
        return;
    }
    if ($GLOBALS["ResolvIPStatistics"] == 1) {
        if (preg_match("#^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\$#", $sitename)) {
            $sitename = xRESOLV($sitename);
        }
    }
    if ($Forwarded == "unknown") {
        $Forwarded = null;
    }
    if ($Forwarded == "-") {
        $Forwarded = null;
    }
    if ($Forwarded == "0.0.0.0") {
        $Forwarded = null;
    }
    if ($Forwarded == "255.255.255.255") {
        $Forwarded = null;
    }
    if (strlen($Forwarded) > 4) {
        $ipaddr = $Forwarded;
        $mac = null;
    }
    $ipaddr = str_replace("%25", "-", $ipaddr);
    $mac = str_replace("%25", "-", $mac);
    if ($mac == "-") {
        $mac = null;
    }
    if ($ipaddr == "127.0.0.1" or $ipaddr == "::") {
        if ($uid == null) {
            $GLOBALS["REFUSED_REQUESTS"] = $GLOBALS["REFUSED_REQUESTS"] + 1;
            if ($GLOBALS["VERBOSE"]) {
                events("127.0.0.1 -> uid = null -> SKIP");
            }
            return;
        }
    }
    if (preg_match("#([0-9:a-z]+)\$#", $mac, $z)) {
        $mac = $z[1];
    }
    if ($SIZE == 0) {
        return;
    }
    if ($GLOBALS["VERBOSE"]) {
        events("ITEM: DATE......: {$logzdate}");
        events("ITEM: MAC.......: {$mac}");
        events("ITEM: IP........: {$ipaddr}");
        events("ITEM: Size......: {$SIZE}");
        events("ITEM: SQUID CODE: {$SquidCode}");
        events("ITEM: HTTP CODE.: {$code_error}");
        events("ITEM: uid.......: {$uid}");
        events("ITEM: uri.......: {$uri}");
        events("ITEM: UserAgent.: {$UserAgent}");
        events("ITEM: Forwarded.: {$Forwarded}");
        events("ITEM: SiteName..: {$sitename}");
        events("ITEM: ProxyName.: {$GLOBALS["REMOTE_PROXY_NAME"]}");
    }
    $GLOBALS["COUNT_HASH_TABLE"] = $GLOBALS["COUNT_HASH_TABLE"] + 1;
    $arrayURI = parse_url($uri);
    $sitename = $arrayURI["host"];
    if (strpos($sitename, ":")) {
        $xtr = explode(":", $sitename);
        $sitename = $xtr[0];
        if (preg_match("#^www\\.(.+)#", $sitename, $rz)) {
            $sitename = $rz[1];
        }
    }
    //	$uid=UID_MEM_CACHE($uid,$mac,$ipaddr);
    $TimeCache = date("YmdH");
    $logfile_daemon = new logfile_daemon();
    $cached = $logfile_daemon->CACHEDORNOT($SquidCode);
    if ($GLOBALS["DEBUG_MEM"]) {
        events("RTT: {$sitename} - {$SquidCode} = {$cached}");
    }
    $GLOBALS["ACCEPTED_REQUESTS"] = $GLOBALS["ACCEPTED_REQUESTS"] + 1;
    if (!isset($GLOBALS["CATEGORIES"][$sitename])) {
        $GLOBALS["CATEGORIES"][$sitename] = $GLOBALS["MYSQL_CATZ"]->GET_CATEGORIES($sitename);
    }
    $MAIN["TIMESTAMP"] = time();
    $MAIN["URI"] = $uri;
    $MAIN["sitename"] = $sitename;
    $familysite = $GLOBALS["SQUID_FAMILY_CLASS"]->GetFamilySites($sitename);
    $category = $GLOBALS["CATEGORIES"][$sitename];
    $MAIN["SIZE"] = intval($SIZE);
    $MAIN["CACHED"] = $cached;
    if ($GLOBALS["UserAgentsStatistics"] == 1) {
        UserAgentsStatistics($UserAgent, $mac, $uid, $SIZE);
    } else {
        if ($GLOBALS["DEBUG_USERAGENT"]) {
            events("UserAgentsStatistics is disabled...");
        }
    }
    CachedSizeMem($MAIN["CACHED"], $MAIN["SIZE"]);
    CachedUserMem($sitename, $SIZE, $mac, $uid, $ipaddr, $category, $familysite, $OUGROUP);
}