function proxy_pac()
{
$SessionCache = 0;
if (!$GLOBALS["VERBOSE"]) {
header("content-type: application/x-ns-proxy-autoconfig");
}
header("Date: " . gmdate('D, d M Y H:i:s \\G\\M\\T', time()));
header("Last-Modified: " . gmdate('D, d M Y H:i:s \\G\\M\\T', time()));
header("Expires: " . gmdate('D, d M Y H:i:s \\G\\M\\T', time() + 60 * 30));
header('Content-Transfer-Encoding: binary');
if (!$GLOBALS["VERBOSE"]) {
header("Content-Disposition: attachment; filename=\"proxy.pac\"");
}
if ($GLOBALS["VERBOSE"]) {
unset($_SESSION["PROXY_PAC_CACHE"]);
}
if (!isset($_SESSION["PROXY_PAC_CACHE"])) {
if (!class_exists("sockets")) {
LoadIncludes();
}
$sock = new sockets();
$SessionCache = intval($sock->GET_INFO("ProxyPacCacheTime"));
$ProxyPacLockScript = intval($sock->GET_INFO("ProxyPacLockScript"));
if ($SessionCache == 0) {
$SessionCache = 10;
}
$_SESSION["PROXY_PAC_CACHE"] = $SessionCache;
$_SESSION["PROXY_PAC_LOCK"] = $ProxyPacLockScript;
} else {
$SessionCache = intval($_SESSION["PROXY_PAC_CACHE"]);
$ProxyPacLockScript = intval($_SESSION["PROXY_PAC_LOCK"]);
}
if ($ProxyPacLockScript == 1) {
$ProxyPacLockScriptContent = @file_get_contents("/etc/artica-postfix/settings/Daemons/ProxyPacLockScriptContent");
header("Content-Length: " . filesize($ProxyPacLockScriptContent));
echo $ProxyPacLockScriptContent . "\n";
return;
}
if (intval($SessionCache == 0)) {
$SessionCache = 10;
}
if (!is_numeric($GLOBALS["PROXY_PAC_DEBUG"])) {
$GLOBALS["PROXY_PAC_DEBUG"] = 0;
}
$IPADDR = GET_REMOTE_ADDR();
$HTTP_USER_AGENT = trim($GLOBALS["HTTP_USER_AGENT"]);
if (strpos($IPADDR, ",") > 0) {
$FR = explode(",", $IPADDR);
$IPADDR = trim($FR[0]);
}
$KEYMd5 = md5($HTTP_USER_AGENT . $IPADDR);
$CACHE_FILE = dirname(__FILE__) . "/ressources/logs/proxy.pacs/{$KEYMd5}";
if (!$GLOBALS["VERBOSE"]) {
if (is_file($CACHE_FILE)) {
packsyslog("connection FROM {$IPADDR} [{$HTTP_USER_AGENT}] (cached)");
$time = pac_file_time_min($CACHE_FILE);
if ($time < $SessionCache) {
header("Content-Length: " . filesize($CACHE_FILE));
@readfile($CACHE_FILE);
return;
}
@unlink($CACHE_FILE);
}
}
if (!class_exists("sockets")) {
LoadIncludes();
}
$sock = new sockets();
$ClassiP = new IP();
if (!$GLOBALS["VERBOSE"]) {
$GLOBALS["PROXY_PAC_DEBUG"] = $sock->GET_INFO("ProxyPacDynamicDebug");
}
$q = new mysql_squid_builder();
if (!$ClassiP->isIPAddress($IPADDR)) {
$GLOBALS["HOSTNAME"] = $IPADDR;
$IPADDR = gethostbyname($IPADDR);
} else {
$GLOBALS["HOSTNAME"] = gethostbyaddr($IPADDR);
}
$GLOBALS["IPADDR"] = $IPADDR;
//srcdomain
pack_debug("Connection FROM: {$IPADDR} [ {$HTTP_USER_AGENT} ] ", __FUNCTION__, __LINE__);
$sql = "SELECT * FROM wpad_rules ORDER BY zorder";
$results = $q->QUERY_SQL($sql);
if (mysql_num_rows($results) == 0) {
die;
}
$date = date("Y-m-d H:i:s");
$md5 = md5("{$date}{$IPADDR}{$HTTP_USER_AGENT}");
$HTTP_USER_AGENT = mysql_escape_string2($HTTP_USER_AGENT);
$DenyDnsResolve = intval($sock->GET_INFO("DenyDnsResolve"));
while ($ligne = mysql_fetch_assoc($results)) {
$rulename = $ligne["rulename"];
$ID = $ligne["ID"];
pack_debug("Parsing rule: \"{$rulename}\" ID:{$ID}", __FUNCTION__, __LINE__);
if (!client_matches($ID)) {
pack_debug("client_matches() resturn false,No source match rule {$rulename} ID {$ID}, check other rule", __FUNCTION__, __LINE__);
continue;
}
pack_debug("{$rulename} matches source {$GLOBALS["IPADDR"]} building script..", __FUNCTION__, __LINE__);
$f = array();
$f[] = "function FindProxyForURL(url, host) {";
$f[] = "\turl = url.toLowerCase();";
$f[] = "\thost = host.toLowerCase();";
if ($DenyDnsResolve == 0) {
$f[] = "\tvar hostIP = dnsResolve(host);";
} else {
$f[] = "\tvar hostIP = host;";
}
$f[] = "\tvar myip=myIpAddress();";
$f[] = "\tvar DestPort=GetPort(url);";
$f[] = "\tvar PROTO='';";
$f[] = "\tif (url.substring(0, 5) == 'http:' ){ PROTO='HTTP'; }";
$f[] = "\tif (url.substring(0, 6) == 'https:' ){ PROTO='HTTPS'; }";
$f[] = "\tif (url.substring(0, 4) == 'ftp:' ){ PROTO='FTP'; }";
pack_debug("{$rulename}/{$ID} building build_whitelist({$ID})", __FUNCTION__, __LINE__);
$f[] = build_whitelist($ID);
pack_debug("{$rulename}/{$ID} building build_subrules({$ID})", __FUNCTION__, __LINE__);
$f[] = build_subrules($ID);
pack_debug("{$rulename}/{$ID} building build_proxies({$ID})", __FUNCTION__, __LINE__);
$f[] = build_proxies($ID);
$f[] = "}\r\n";
$f[] = "function GetPort(TestURL){";
$f[] = "\tTestURLRegex = /^[^:]*\\:\\/\\/([^\\/]*).*/;";
$f[] = "\tTestURLMatch = TestURL.replace(TestURLRegex, \"\$1\");";
$f[] = "\tTestURLLower = TestURLMatch.toLowerCase();";
$f[] = "\tTestURLLowerRegex = /^([^\\.]*)[^\\:]*(.*)/;";
$f[] = "\tNewPort=TestURLLower.replace(TestURLLowerRegex, \"\$2\");";
$f[] = "\tif (NewPort == \"\"){";
$f[] = "\t\tNewPort=\":80\";";
$f[] = "\t}";
$f[] = "\treturn NewPort;";
$f[] = "}";
$f[] = "\r\n\r\n";
$script = @implode("\r\n", $f);
pack_debug("SUCCESS {$rulename} sends script " . strlen($script) . " bytes to client", __FUNCTION__, __LINE__);
if ($GLOBALS["VERBOSE"]) {
echo "<textarea style='width:100%;height:450px'>{$script}</textarea>";
return;
}
header("Content-Length: " . strlen($script));
echo $script;
packsyslog("Connection FROM: {$IPADDR} [ {$HTTP_USER_AGENT} ] sends script " . strlen($script), __FUNCTION__, __LINE__);
@mkdir(dirname($CACHE_FILE), 0755, true);
file_put_contents($CACHE_FILE, $script);
if (!is_file($CACHE_FILE)) {
packsyslog("FAILED {$CACHE_FILE}, permission denied");
pack_error("FAILED {$CACHE_FILE}, permission denied", __FUNCTION__, __LINE__);
}
$script = mysql_escape_string2(base64_encode($script));
$q->QUERY_SQL("INSERT IGNORE INTO `wpad_events` (`zmd5`,`zDate`,`ruleid`,`ipaddr`,`browser`,`script`,`hostname`) VALUES('{$md5}','{$date}','{$ID}','{$IPADDR}','{$HTTP_USER_AGENT}','{$script}','{$GLOBALS["HOSTNAME"]}')");
if (!$q->ok) {
writelogs("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__);
}
$q->QUERY_SQL("DELETE FROM `wpad_events` WHERE zDate<DATE_SUB(NOW(),INTERVAL 7 DAY)");
if (!$q->ok) {
writelogs("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__);
}
return;
}
$q->QUERY_SQL("INSERT IGNORE INTO `wpad_events` (`zmd5`,`zDate`,`ruleid`,`ipaddr`,`browser`,`hostname`) VALUES('{$md5}','{$date}','0','{$IPADDR}','{$HTTP_USER_AGENT}','{$GLOBALS["HOSTNAME"]}')");
if (!$q->ok) {
writelogs("{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__);
}
}
$GLOBALS["debug"] = true;
$GLOBALS["DEBUG"] = true;
ini_set('html_errors', 0);
ini_set('display_errors', 1);
ini_set('error_reporting', E_ALL);
}
if (preg_match("#--nowachdog#", $GLOBALS["COMMANDLINE"])) {
$GLOBALS["DISABLE_WATCHDOG"] = true;
}
if (preg_match("#--force#", $GLOBALS["COMMANDLINE"])) {
$GLOBALS["FORCE"] = true;
}
if ($GLOBALS["VERBOSE"]) {
echo "LoadIncludes();\n";
}
LoadIncludes();
// $GLOBALS["PHP5"]= $GLOBALS["nohup"] $GLOBALS["DISABLE_WATCHDOG"]
$sock = new sockets();
$GLOBALS["CLASS_SOCKETS"] = $sock;
$DisableArticaStatusService = $sock->GET_INFO("DisableArticaStatusService");
if (!is_numeric($DisableArticaStatusService)) {
$DisableArticaStatusService = 0;
}
$unix = new unix();
if (is_file("/etc/artica-postfix/FROM_ISO")) {
if ($unix->file_time_min("/etc/artica-postfix/FROM_ISO") < 1) {
die;
}
}
$GLOBALS["NMAP_INSTALLED"] = false;
$GLOBALS["ArticaWatchDogList"] = unserialize(base64_decode($sock->GET_INFO("ArticaWatchDogList")));
