Пример #1
0
function BuildClientRoute($id){
	sleep(5);
	$unix=new unix();
	$main_path="/etc/artica-postfix/openvpn/clients";
	$ip_tool=$unix->find_program("ip");
	$bridge=OpenVPNCLientIsOnTap($id);
	if(!$bridge){
		$dev=OpenVPNCLientStartGetDev($id);
	}else{
		$dev=OpenVPNCLientStartGetTAPDev($id);		
	}
	
echo "Starting......: OpenVPN client $id, DEV:$dev\n";
exec("$ip_tool route",$results);
if($bridge){
	echo "Starting......: OpenVPN Tap $dev, cleaning bad route\n";
	
	while (list ($num, $ligne) = each ($results) ){
		if(preg_match("#^([0-9\.]+)\/([0-9]+)\s+via\s+[0-9\.]+\s+dev\s+$dev#",$ligne,$re)){
			echo "Starting......: OpenVPN Tap {$re[0]} must be cleaned\n";
			system("$ip_tool route del {$re[0]}");
		}
	}
}

	echo "Starting......: OpenVPN dev:$dev, finding correct route\n";
	reset($results);
	while (list ($num, $ligne) = each ($results) ){
		if(preg_match("#^([0-9\.]+)\/([0-9]+)\s+dev\s+$dev\s+proto\s+kernel\s+scope\s+link\s+src\s+([0-9\.]+)#",$ligne,$re)){
			$IP_TO_ROUTE=$re[3];
			echo "Starting......: OpenVPN others routes match $dev $IP_TO_ROUTE\n";
			break;
		}
	
	}

	$routes=OpenVpnClientGetRoutes("$main_path/$id");
	$localnets=getLocalNets();
	//print_r($routes);
	//print_r($localnets);
	if(count($routes)==0){echo "Starting......: OpenVPN no routes to add\n";return;}
	while (list ($ip_start, $netmask) = each ($routes) ){
		if($localnets[$ip_start]<>null){
			echo "Starting......: OpenVPN skipping route $ip_start\n";
			continue;
		}
		
		if(!preg_match("#[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+#",$ip_start)){
			echo "Starting......: OpenVPN skipping route $ip_start/$netmask\n";
			continue;
		}
		
		if(!preg_match("#[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+#",$netmask)){
			echo "Starting......: OpenVPN skipping route $ip_start/$netmask\n";
			continue;
		}		
		
		echo "Starting......: OpenVPN adding route $ip_start/$netmask\n";
		$cmd="$ip_tool route add $ip_start/$netmask dev $dev proto kernel scope link src $IP_TO_ROUTE >/dev/null 2>&1";
		if($GLOBALS["VERBOSE"]){echo __FUNCTION__." $cmd\n";}
		shell_exec2($cmd);
	}
	
	
}
Пример #2
0
function kav4proxy_license()
{
    $unix = new unix();
    $tmpstr = $unix->FILE_TEMP();
    $php5 = $unix->LOCATE_PHP5_BIN();
    $nohup = $unix->find_program("nohup");
    $kav4proxyCache = "/etc/artica-postfix/KAV4PROXY_LICENSE_INFO";
    $cmd = "/opt/kaspersky/kav4proxy/bin/kav4proxy-licensemanager";
    if ($_GET["type"] == "milter") {
        kavmilter_license();
        return;
    }
    if ($_GET["type"] == "kas") {
        kasmilter_license();
        return;
    }
    if (!is_file($kav4proxyCache)) {
        shell_exec2("{$nohup} {$php5} /usr/share/artica-postfix/exec.kav4proxy.php --license >/dev/null 2>&1 &");
    }
    $results = explode("\n", @file_get_contents($kav4proxyCache));
    $results[] = "--------------------------------------------------------------";
    $results[] = basename($cmd);
    $results[] = "--------------------------------------------------------------";
    echo "<articadatascgi>" . base64_encode(implode("\n", $results)) . "</articadatascgi>";
}
Пример #3
0
function HasGateway_iptables($IPTABLES_ETH)
{
    $unix = new unix();
    $iptables = $unix->find_program("iptables");
    if (!is_file($iptables)) {
        echo "Starting......: " . date("H:i:s") . " hamachi `iptables`, no such binary\n";
        return false;
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "Starting......: " . date("H:i:s") . " hamachi: hook the {$IPTABLES_ETH} nic\n";
    }
    shell_exec2("{$iptables} -A INPUT -i ham0 -j ACCEPT -m comment --comment \"ArticaHamachi\"");
    shell_exec2("{$iptables} -A FORWARD -i ham0 -j ACCEPT -m comment --comment \"ArticaHamachi\"");
    shell_exec2("{$iptables} -A OUTPUT -o ham0 -j ACCEPT -m comment --comment \"ArticaHamachi\"");
    shell_exec2("{$iptables} -t nat -A POSTROUTING -o {$IPTABLES_ETH} -j MASQUERADE -m comment --comment \"ArticaHamachi\"");
    shell_exec2("{$iptables} -A INPUT -i {$IPTABLES_ETH} -j ACCEPT -m comment --comment \"ArticaHamachi\"");
    shell_exec2("{$iptables} -A FORWARD -i {$IPTABLES_ETH} -j ACCEPT -m comment --comment \"ArticaHamachi\"");
    shell_exec2("{$iptables} -A OUTPUT -o {$IPTABLES_ETH} -j ACCEPT -m comment --comment \"ArticaHamachi\"");
    shell_exec2("{$iptables} -t nat -A POSTROUTING -o ham0 -j MASQUERADE -m comment --comment \"ArticaHamachi\"");
    echo "Starting......: " . date("H:i:s") . " hamachi prerouting success from ham0 -> {$IPTABLES_ETH}...\n";
}
Пример #4
0
function Parseline($buffer)
{
    $buffer = trim($buffer);
    $GLOBALS["COUNT-LINES"]++;
    if ($GLOBALS["COUNT-LINES"] > 5000) {
        $GLOBALS["TOTAL-LINES"] = $GLOBALS["TOTAL-LINES"] + $GLOBALS["COUNT-LINES"];
        $distanceInSeconds = round(abs(time() - $GLOBALS["COUNT-LINES-TIME"]));
        $distanceInMinutes = round($distanceInSeconds / 60);
        events("{$GLOBALS["TOTAL-LINES"]} Parsed...");
        if ($distanceInMinutes > 2) {
            events("{$GLOBALS["TOTAL-LINES"]} Check size...");
            $GLOBALS["COUNT-LINES-TIME"] = time();
            shell_exec($GLOBALS["CLEANCMD"]);
            $GLOBALS["COUNT-LINES"] = 0;
        }
    }
    if (strpos($buffer, '):  operation="file_perm" pid=') > 0) {
        return;
    }
    $dust = new syslogger();
    if (strpos($buffer, "]: [DEBUG]") > 0) {
        return;
    }
    if ($dust->MailDustbin($buffer)) {
        return;
    }
    //kernel dustbin
    if (strpos($buffer, "ext4_dx_add_entry: Directory index full") > 0) {
        return true;
    }
    if (strpos($buffer, "] ll header:") > 0) {
        return true;
    }
    if (strpos($buffer, "exec.squid.watchdog.php") > 0) {
        return true;
    }
    if (strpos($buffer, "using local addresses only for domain") > 0) {
        return true;
    }
    //squid dustbin
    if (strpos($buffer, "Load average increasing, re-enabling all cpus for irq balancing") > 0) {
        return true;
    }
    if (strpos($buffer, "artica-watchdog[") > 0) {
        return true;
    }
    if (strpos($buffer, "exec.syslog-engine.php") > 0) {
        return true;
    }
    if (strpos($buffer, "exec.postfix-logger.php") > 0) {
        return true;
    }
    if (strpos($buffer, "]: WARNING: ") > 0) {
        return true;
    }
    if (strpos($buffer, " epmd running") > 0) {
        return true;
    }
    if (strpos($buffer, "#]: Startup: Initializing") > 0) {
        return true;
    }
    if (strpos($buffer, "]: Reconfiguring Squid Cache") > 0) {
        return true;
    }
    if (strpos($buffer, "]: Closing HTTP port") > 0) {
        return true;
    }
    if (strpos($buffer, "]: Processing Configuration File:") > 0) {
        return true;
    }
    if (strpos($buffer, "]: Startup: Initialized") > 0) {
        return true;
    }
    if (strpos($buffer, "]: Warning: empty ACL") > 0) {
        return true;
    }
    if (strpos($buffer, "]: Accepting HTTP Socket connections") > 0) {
        return true;
    }
    if (strpos($buffer, " RELEASE ") > 0) {
        return true;
    }
    if (strpos($buffer, " SWAPOUT ") > 0) {
        return true;
    }
    if (strpos($buffer, "RELEASE -1 FFFFFFFF") > 0) {
        return true;
    }
    //Postfix dustbin
    if (preg_match("#Do you need to run.+?sa-update#", $buffer)) {
        amavis_sa_update($buffer);
        return;
    }
    if (strpos($buffer, " fcrontab[") > 0) {
        return true;
    }
    if (strpos($buffer, "exec.mailarchive.php") > 0) {
        return true;
    }
    if (strpos($buffer, "Orphan Comm::Connection: local=") > 0) {
        return true;
    }
    if (strpos($buffer, "class.mysql.squid.builder.php") > 0) {
        return true;
    }
    if (strpos($buffer, "Orphans since last started") > 0) {
        return true;
    }
    if (strpos($buffer, "general, No Profile configured! Allowing") > 0) {
        return true;
    }
    if (strpos($buffer, "general, KHSE: no threat detected in") > 0) {
        return true;
    }
    if (preg_match("#exec.dstat.top.php#", $buffer)) {
        return true;
    }
    if (preg_match("#artica-filter#", $buffer)) {
        return true;
    }
    if (preg_match("#postfix\\/#", $buffer)) {
        return true;
    }
    if (preg_match("#CRON\\[#", $buffer)) {
        return true;
    }
    if (preg_match("#: CACHEMGR:#", $buffer)) {
        return true;
    }
    if (preg_match("#exec\\.postfix-logger\\.php:#", $buffer)) {
        return true;
    }
    if (preg_match("#artica-install\\[#", $buffer)) {
        return true;
    }
    // monit dustbin
    if (preg_match("#monitor action done#", $buffer)) {
        return true;
    }
    if (preg_match("#monitor service.+?on user request#", $buffer)) {
        return true;
    }
    if (preg_match("#CRON\\[.+?\\(root\\).+CMD#", $buffer)) {
        return true;
    }
    if (preg_match("#winbindd\\[.+?winbindd_listen_fde_handler#", $buffer)) {
        return true;
    }
    if (strpos($buffer, "Other action already in progress -- please try again later") > 0) {
        return true;
    }
    if (strpos($buffer, "class.cronldap.inc") > 0) {
        return true;
    }
    if (strpos($buffer, "Awakened by User defined") > 0) {
        return true;
    }
    if (strpos($buffer, ": Checking summary") > 0) {
        return true;
    }
    //Zarafa dustbin
    if (strpos($buffer, ": End of session (logoff)") > 0) {
        return true;
    }
    if (strpos($buffer, " receives session ") > 0) {
        return true;
    }
    if (strpos($buffer, ": Disconnecting client") > 0) {
        return true;
    }
    if (strpos($buffer, "  thread exiting") > 0) {
        return true;
    }
    if (strpos($buffer, ": Accepted connection from") > 0) {
        return true;
    }
    if (strpos($buffer, ": Not authorized for command: CAPA") > 0) {
        return true;
    }
    if (strpos($buffer, ": Starting worker process for") > 0) {
        return true;
    }
    // **************** peut être utilisé ???
    if (strpos($buffer, "User supplied password using program zarafa-gateway") > 0) {
        return true;
    }
    if (strpos($buffer, "authenticated through User supplied password using program") > 0) {
        return true;
    }
    if (strpos($buffer, "authenticated through Pipe socket using program") > 0) {
        return true;
    }
    if (strpos($buffer, "conntrack-tools[") > 0) {
        return true;
    }
    if (strpos($buffer, "]: (root) CMD (") > 0) {
        return true;
    }
    if (strpos($buffer, "]: MemoryInstances") > 0) {
        return true;
    }
    if (strpos($buffer, "]: launch_all_status(") > 0) {
        return true;
    }
    if (strpos($buffer, "]: PROCESS IN MEMORY") > 0) {
        return true;
    }
    if (strpos($buffer, ">/dev/null 2>&1 &") > 0) {
        return true;
    }
    if (strpos($buffer, "executed...end") > 0) {
        return true;
    }
    if (strpos($buffer, "requests per minute") > 0) {
        return true;
    }
    if (strpos($buffer, "Ask all status to MONIT") > 0) {
        return true;
    }
    if (strpos($buffer, "exec.status.php[") > 0) {
        return true;
    }
    if (preg_match("#slapd.+?conn=[0-9]+\\s+fd=.+?closed#", $buffer)) {
        return true;
    }
    if (strpos($buffer, "msmtp: ") > 0) {
        return true;
    }
    if (strpos($buffer, "*system*awstats") > 0) {
        return true;
    }
    if (strpos($buffer, "extra modules loaded after daemonizing/chrooting") > 0) {
        return;
    }
    if (strpos($buffer, "/etc/cron.d/awstats") > 0) {
        return;
    }
    if (strpos($buffer, "emailrelay:") > 0) {
        return;
    }
    if (strpos($buffer, "pptpd-logwtmp.so loaded") > 0) {
        return;
    }
    if (strpos($buffer, "Reinitializing monit daemon") > 0) {
        return;
    }
    if (strpos($buffer, "Monit reloaded") > 0) {
        return;
    }
    if (strpos($buffer, "Tarticaldap.logon") > 0) {
        return;
    }
    if (strpos($buffer, "pulseaudio[") > 0) {
        return;
    }
    if (strpos($buffer, "exec: /usr/bin/php5") > 0) {
        return;
    }
    if (strpos($buffer, "Found decoder for ") > 0) {
        return;
    }
    if (strpos($buffer, "Internal decoder for ") > 0) {
        return;
    }
    if (strpos($buffer, "Loaded Icons") > 0) {
        return;
    }
    if (strpos($buffer, "CP ConfReq") > 0) {
        return;
    }
    if (strpos($buffer, "CP ConfAck") > 0) {
        return;
    }
    if (strpos($buffer, "CP EchoReq") > 0) {
        return;
    }
    if (strpos($buffer, "/usr/sbin/cron") > 0) {
        return;
    }
    if (strpos($buffer, "no IPv6 routers present") > 0) {
        return;
    }
    if (strpos($buffer, "AM.PDP-SOCK") > 0) {
        return;
    }
    if (strpos($buffer, "disconnect from unknown") > 0) {
        return;
    }
    //amavis - Mail Dutdsbin
    //LDAP Dustbin
    if (strpos($buffer, "SEARCH RESULT tag=") > 0) {
        return;
    }
    if (strpos($buffer, 'SRCH base="cn=') > 0) {
        return;
    }
    if (strpos($buffer, 'ACCEPT from IP=') > 0) {
        return;
    }
    if (strpos($buffer, 'closed (connection lost)') > 0) {
        return;
    }
    //automount dustbin
    if (strpos($buffer, "handle_packet: type") > 0) {
        return;
    }
    if (strpos($buffer, "dev_ioctl_send_fail: token") > 0) {
        return;
    }
    if (strpos($buffer, "lookup_mount: lookup(ldap)") > 0) {
        return;
    }
    if (strpos($buffer, "handle_packet_missing_indirect: token") > 0) {
        return;
    }
    if (strpos($buffer, "getuser_func: called with context") > 0) {
        return;
    }
    if (strpos($buffer, "attempting to mount entry /automounts") > 0) {
        return;
    }
    if (strpos($buffer, "lookup_one: lookup(ldap)") > 0) {
        return;
    }
    if (strpos($buffer, "do_bind: lookup(ldap):") > 0) {
        return;
    }
    if (strpos($buffer, "sun_mount: parse") > 0) {
        return;
    }
    if (strpos($buffer, "]: failed to mount /") > 0) {
        return;
    }
    if (strpos($buffer, "]: do_mount:") > 0) {
        return;
    }
    if (strpos($buffer, "]: parse_mount: parse") > 0) {
        return;
    }
    if (strpos($buffer, "mount_mount: mount(generic):") > 0) {
        return;
    }
    if (strpos($buffer, ">> Error connecting to") > 0) {
        return;
    }
    if (strpos($buffer, ">> Refer to the mount") > 0) {
        return;
    }
    if (strpos($buffer, "getpass_func: context (nil)") > 0) {
        return;
    }
    //ROOT Dustbin
    if (strpos($buffer, "(root) CMD") > 0) {
        return;
    }
    if (strpos($buffer, "RELOAD (/etc/cron") > 0) {
        return;
    }
    //Cyrus DUSTBIN
    //pdns dustbin
    if (strpos($buffer, "question for '") > 0) {
        return;
    }
    if (strpos($buffer, "answer to question '") > 0) {
        return;
    }
    if (strpos($buffer, "failed (res=3)") > 0) {
        return;
    }
    if (preg_match("#pdns_recursor\\[[0-9]+\\]: \\[[0-9]+\\]\\s+#", $buffer)) {
        return;
    }
    //roundcube dustbin
    if (strpos($buffer, "IMAP Error: Empty password") > 0) {
        return;
    }
    //monit dustbin
    if (strpos($buffer, "Monit has not changed") > 0) {
        return;
    }
    if (strpos($buffer, ": synchronized to ") > 0) {
        return;
    }
    if (strpos($buffer, "monit HTTP server stopped") > 0) {
        return;
    }
    if (strpos($buffer, "Shutting down monit HTTP server") > 0) {
        return;
    }
    if (strpos($buffer, "Starting monit HTTP server at") > 0) {
        return;
    }
    if (strpos($buffer, "Reinitializing monit - Control") > 0) {
        return;
    }
    //squid dustbin:
    if (strpos($buffer, "Unlinkd pipe opened on FD") > 0) {
        return;
    }
    if (strpos($buffer, "Beginning Validation Procedure") > 0) {
        return;
    }
    //EMAILRELAY DUSTBIN
    if (strpos($buffer, "emailrelay: info: failing file") > 0) {
        return;
    }
    if (strpos($buffer, "emailrelay: info: no more messages to send") > 0) {
        return;
    }
    if (strpos($buffer, "emailrelay: warning: cannot do tls") > 0) {
        return;
    }
    if (strpos($buffer, "]: monit daemon at") > 0) {
        return;
    }
    if (strpos($buffer, "artica-ldap[") > 0) {
        return;
    }
    if (strpos($buffer, "want to change spamassassin settings but not installed") > 0) {
        return;
    }
    //SAMBA DUSTBIN
    if (strpos($buffer, "smb_register_idmap") > 0) {
        return;
    }
    if (strpos($buffer, "could not find idmap alloc module ad") > 0) {
        return;
    }
    if (strpos($buffer, "Idmap module nss already registered") > 0) {
        return;
    }
    if (strpos($buffer, "'winbindd' process PID changed to") > 0) {
        return;
    }
    if (strpos($buffer, "idmap_alloc module tdb already registered") > 0) {
        return;
    }
    if (strpos($buffer, "ad_idmap_cached_connection_internal") > 0) {
        return;
    }
    if (strpos($buffer, "idmap_ad_unixids_to_sids") > 0) {
        return;
    }
    if (strpos($buffer, "libads/kerberos.c:") > 0) {
        return;
    }
    if (strpos($buffer, "initialize_winbindd_cache") > 0) {
        return;
    }
    if (strpos($buffer, "winbindd/winbindd_group.c") > 0) {
        return;
    }
    if (strpos($buffer, "winbindd/winbindd_util.c") > 0) {
        return;
    }
    if (strpos($buffer, "smb_register_idmap_alloc") > 0) {
        return;
    }
    if (strpos($buffer, "Idmap module passdb already registered") > 0) {
        return;
    }
    if (strpos($buffer, "Cleaning up brl and lock database after unclean shutdown") > 0) {
        return;
    }
    if (strpos($buffer, "winbindd_sig_term_handler") > 0) {
        return;
    }
    if (strpos($buffer, "wins_registration_timeout") > 0) {
        return;
    }
    if (strpos($buffer, ":   netbios connect:") > 0) {
        return;
    }
    if (strpos($buffer, "cleanup_timeout_fn") > 0) {
        return;
    }
    if (strpos($buffer, "struct wbint_Gid2Sid") > 0) {
        return;
    }
    if (strpos($buffer, ":   doing parameter") > 0) {
        return;
    }
    if (strpos($buffer, "param/loadparm.c") > 0) {
        return;
    }
    if (strpos($buffer, ":   wins_registration_timeout:") > 0) {
        return;
    }
    if (strpos($buffer, "src: struct server_id") > 0) {
        return;
    }
    if (strpos($buffer, "dest: struct server_id") > 0) {
        return;
    }
    if (strpos($buffer, "messages: struct messaging_rec") > 0) {
        return;
    }
    if (strpos($buffer, "ndr/ndr.c") > 0) {
        return;
    }
    if (strpos($buffer, "smbd/reply.c") > 0) {
        return;
    }
    if (strpos($buffer, "lib/smbldap.c") > 0) {
        return;
    }
    if (strpos($buffer, "srvsvc_NetShare") > 0) {
        return;
    }
    if (strpos($buffer, "]:   Global parameter") > 0) {
        return;
    }
    if (strpos($buffer, "STYPE_IPC_HIDDEN") > 0) {
        return;
    }
    if (strpos($buffer, "STYPE_DISKTREE") > 0) {
        return;
    }
    if (strpos($buffer, ": NTLMSSP_") > 0) {
        return;
    }
    if (strpos($buffer, "MSG_SMB_UNLOCK") > 0) {
        return;
    }
    if (strpos($buffer, ":           messages: ARRAY(") > 0) {
        return;
    }
    if (strpos($buffer, "struct messaging_array") > 0) {
        return;
    }
    if (strpos($buffer, ":                   msg_version              :") > 0) {
        return;
    }
    if (strpos($buffer, ":           num_messages             :") > 0) {
        return;
    }
    if (strpos($buffer, ":                   sid                      :") > 0) {
        return;
    }
    if (strpos($buffer, ":               sid                      :") > 0) {
        return;
    }
    if (strpos($buffer, ":                       id                       :") > 0) {
        return;
    }
    if (strpos($buffer, ":               dom_name                 :") > 0) {
        return;
    }
    if (strpos($buffer, ":                   msg_version              :") > 0) {
        return;
    }
    if (strpos($buffer, ":                   buf                      :") > 0) {
        return;
    }
    if (strpos($buffer, ":               result                   :") > 0) {
        return;
    }
    if (strpos($buffer, ":               gid                      :") > 0) {
        return;
    }
    if (strpos($buffer, "server_unc") > 0) {
        return;
    }
    if (strpos($buffer, "union ntlmssp_AvValue") > 0) {
        return;
    }
    if (strpos($buffer, "MsvAvNbDomainName") > 0) {
        return;
    }
    if (strpos($buffer, "NegotiateFlags") > 0) {
        return;
    }
    if (strpos($buffer, "AvDnsComputerName") > 0) {
        return;
    }
    if (strpos($buffer, "Version: struct VERSION") > 0) {
        return;
    }
    if (strpos($buffer, "array: ARRAY(") > 0) {
        return;
    }
    if (strpos($buffer, "info_ctr") > 0) {
        return;
    }
    if (strpos($buffer, "init_sam_from_ldap: Entry found") > 0) {
        return;
    }
    //Snort dustbin
    //pdns_recursor[23651]: stats: 600 questions, 665 cache entries, 29 negative entries, 0% cache hits"
    // check_ntlm_password:  Authentication for user [root] -> [root] FAILED with error NT_STATUS_WRONG_PASSWORD
    if (strpos($buffer, "]: last message repeated") > 0) {
        return;
    }
    //pdns dustbin
    if (strpos($buffer, "Looking for CNAME") > 0) {
        return;
    }
    if (strpos($buffer, "No CNAME cache hit of") > 0) {
        return;
    }
    if (strpos($buffer, "Found cache hit") > 0) {
        return;
    }
    if (strpos($buffer, ": Resolved '") > 0) {
        return;
    }
    if (strpos($buffer, ": Trying IP") > 0) {
        return;
    }
    if (strpos($buffer, ".: Got 1 answers") > 0) {
        return;
    }
    if (strpos($buffer, ": accept answer") > 0) {
        return;
    }
    if (strpos($buffer, ": determining status") > 0) {
        return;
    }
    if (strpos($buffer, ": got negative caching") > 0) {
        return;
    }
    if (strpos($buffer, ": No cache hit for") > 0) {
        return;
    }
    if (strpos($buffer, ": Checking if we have NS") > 0) {
        return;
    }
    if (strpos($buffer, ": no valid/useful NS") > 0) {
        return;
    }
    if (strpos($buffer, ": NS (with ip, or non-glue)") > 0) {
        return;
    }
    if (strpos($buffer, ": We have NS in cache") > 0) {
        return;
    }
    if (strpos($buffer, ".: Nameservers:") > 0) {
        return;
    }
    if (strpos($buffer, ": Trying to resolve NS") > 0) {
        return;
    }
    if (strpos($buffer, ".: got NS record") > 0) {
        return;
    }
    if (strpos($buffer, ".: status=") > 0) {
        return;
    }
    if (strpos($buffer, ".: Starting additional") > 0) {
        return;
    }
    if (strpos($buffer, ".: Done with additional") > 0) {
        return;
    }
    if (strpos($buffer, ".: Found cache CNAME hit") > 0) {
        return;
    }
    if (strpos($buffer, ".: answer is in") > 0) {
        return;
    }
    if (strpos($buffer, "is negatively cached via") > 0) {
        return;
    }
    if (strpos($buffer, ".: within bailiwick") > 0) {
        return;
    }
    if (strpos($buffer, "]: Query: '") > 0) {
        return;
    }
    if (strpos($buffer, "bdb_equality_candidates:") > 0) {
        return;
    }
    if (strpos($buffer, "Cache consultations done") > 0) {
        return;
    }
    if (strpos($buffer, ".: Entire record") > 0) {
        return;
    }
    if (strpos($buffer, "got upwards/level NS record") > 0) {
        return;
    }
    if (strpos($buffer, "), rcode=0, in") > 0) {
        return;
    }
    if (strpos($buffer, "]    ns1.") > 0) {
        return;
    }
    if (strpos($buffer, "error resolving, possible error: Connection refused") > 0) {
        return;
    }
    if (strpos($buffer, "Failed to resolve via any of the") > 0) {
        return;
    }
    if (strpos($buffer, "failed (res=-1)") > 0) {
        return;
    }
    if (strpos($buffer, "question answered from packet cache from") > 0) {
        return;
    }
    if (strpos($buffer, ": timeout resolving") > 0) {
        return;
    }
    if (strpos($buffer, ": query throttled") > 0) {
        return;
    }
    if (strpos($buffer, "]: Invalid query packet") > 0) {
        return;
    }
    if (strpos($buffer, 'BIND dn="cn=') > 0) {
        return;
    }
    if (strpos($buffer, 'RESULT tag=') > 0) {
        return;
    }
    if (strpos($buffer, 'SRCH base="') > 0) {
        return;
    }
    if (strpos($buffer, 'SRCH attr=') > 0) {
        return;
    }
    if (strpos($buffer, 'MOD attr=') > 0) {
        return;
    }
    if (strpos($buffer, 'MOD dn=') > 0) {
        return;
    }
    if (strpos($buffer, ' UNBIND') > 0) {
        return;
    }
    if (strpos($buffer, ": connection_input: conn=") > 0) {
        return;
    }
    if (strpos($buffer, "attr=dNSTTL aRecord nSRecord cNAMERecord") > 0) {
        return;
    }
    if (strpos($buffer, ": monit HTTP server started") > 0) {
        return;
    }
    if (strpos($buffer, "Awakened by the") > 0) {
        return;
    }
    //nginx
    if (preg_match("#nginx:.*?notice.+?gracefully shutting down#", $buffer)) {
        squid_admin_mysql(1, "Reverse Proxy service gracefully shutting down", $buffer, __FILE__, __LINE__);
        return;
    }
    if (preg_match("#nginx:.+?start worker processes#", $buffer)) {
        squid_admin_mysql(2, "Reverse Proxy service starting", $buffer, __FILE__, __LINE__);
        return;
    }
    if (preg_match("#nginx:.*?:\\s+reconfiguring#", $buffer)) {
        squid_admin_mysql(1, "Reverse Proxy service was reconfigured", $buffer, __FILE__, __LINE__);
        return;
    }
    if (preg_match("#wifidog.*?Failed to open HTML message file#", $buffer)) {
        squid_admin_mysql(1, "Creating HTML message for the Hotspot", null, __FILE__, __LINE__);
        shell_exec2("{$GLOBALS["LOCATE_PHP5_BIN"]} {$GLOBALS["BASE_ROOT"]}/hostpot.php --templates >/dev/null 2>&1");
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} {$GLOBALS["BASE_ROOT"]}/exec.wifidog.php --restart");
        return;
    }
    if (preg_match("#wifidog\\[.*?Removing Firewall rules#", $buffer, $re)) {
        squid_admin_mysql(1, "HotSpot is stopped", null, __FILE__, __LINE__);
        return;
    }
    //Crash kernel
    if (preg_match("#nf_queue: full at [0-9]+ entries,\\s+dropping packets#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/nf_queue.full";
        if (IfFileTime($file, 5)) {
            system_admin_events("Fatal! nf_queue is full\n{$buffer}\nYou should consider increase your hardware memory and CPU\nor disable Network application detection", __FUNCTION__, __FILE__, __LINE__, "system");
            if ($GLOBALS["SQUID_INSTALLED"]) {
                squid_admin_mysql(0, "Fatal! nf_queue is full", "{$buffer}\nYou should consider increase your hardware memory and CPU\nor disable Network application detection", __FILE__, __LINE__);
            }
        }
        return;
    }
    if (preg_match("#glibc detected.*?\\/(.+?):\\s+(.+?):#", $buffer, $re)) {
        system_admin_events("Fatal! Crash {$re[1]} {$re[2]} [action=Run Sync]\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "system");
        if ($GLOBALS["SQUID_INSTALLED"]) {
            squid_admin_mysql(0, "Fatal! Crash {$re[1]} {$re[2]} [action=Run Sync]", $buffer, __FILE__, __LINE__);
        }
        shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["SYNC_BIN"]} >/dev/null 2>&1 &");
        return;
    }
    if (preg_match("#kernel:\\[.*?general protection fault:\\s+[0-9]+\\s+\\[\\#([0-9]+)\\]\\s+SMP#", $buffer, $re)) {
        if ($GLOBALS["SQUID_INSTALLED"]) {
            squid_admin_mysql(0, "Kernel crash !! general protection fault on SMP processor", $buffer, __FILE__, __LINE__);
        }
        system_admin_events("Kernel crash !! general protection fault on SMP Processor\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "system");
        return;
    }
    if (preg_match("#kernel:.*?squid\\[.*?segfault at.*?error.*?in squid#", $buffer)) {
        squid_admin_mysql(0, "Fatal, proxy service was crashed !!!", "Here it is the report\n{$buffer}\nService is automatically started\n", __FILE__, __LINE__);
        shell_exec(trim("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.squid.watchdog.php --start --crashed --cache-logs >/dev/null 2>&1 &"));
        return;
    }
    if (preg_match("#class\\.sockets\\.inc.*?Fatal ERROR 500#", $buffer)) {
        shell_exec(trim("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.framework.php --restart >/dev/null 2>&1 &"));
        return;
    }
    if (strpos($buffer, "rdpproxy:") > 0) {
        if (!isset($GLOBALS["CLASS_RDPPROXY_MONITOR"])) {
            $GLOBALS["CLASS_RDPPROXY_MONITOR"] = new rdpproxy_monitor();
        }
        $GLOBALS["CLASS_RDPPROXY_MONITOR"]->parse($buffer);
        return;
    }
    if (strpos($buffer, "C-ICAP") > 0) {
        if ($GLOBALS["CLASS_C_ICAP_MONITOR"]->parse($buffer)) {
            return;
        }
    }
    //UCARP
    if (preg_match("#ucarp\\[.*?Switching to state:\\s+BACKUP#", $buffer)) {
        if (!is_file("/usr/share/ucarp/Master")) {
            foreach (glob("/usr/share/ucarp/vip-*-down.sh") as $filename) {
                $tt[] = $filename;
                shell_exec("{$GLOBALS["nohup"]} {$filename} >/dev/null 2>&1 &");
            }
            squid_admin_mysql(0, "FailOver: Slave switch to backup mode", "Executed\n" . @implode("\n", $tt), __FILE__, __LINE__);
        } else {
            squid_admin_mysql(0, "FailOver: Master shutdown connections transfered to slave", "\n", __FILE__, __LINE__);
        }
        return;
    }
    if (preg_match("#ucarp\\[.*?Switching to state:\\s+MASTER#", $buffer)) {
        if (!is_file("/usr/share/ucarp/Master")) {
            squid_admin_mysql(0, "FailOver: Slave switch to Master mode and accept connections", "\n", __FILE__, __LINE__);
        } else {
            squid_admin_mysql(0, "FailOver: Master return back and accept connections", "\n", __FILE__, __LINE__);
        }
        return;
    }
    // SHOREWALL
    if (preg_match("#Shorewall:(.+?)2(.+?):(.+?):IN=(.*?)\\s+OUT=(.*?)\\s+MAC=(.*?)\\s+SRC=(.*?)\\s+DST=(.*?)\\s+.*?PROTO=(.*?)\\s+.*?DPT=([0-9]+)#", $buffer, $re)) {
        $ZONE_FROM = $re[1];
        $ZONE_TO = $re[2];
        $ACTION = $re[2];
        $NIC_IN = $re[4];
        $NIC_OUT = $re[5];
        $MAC_SRC = strtolower($re[6]);
        $IP_SRC = $re[7];
        $IP_DST = $re[8];
        $PROTO = $re[9];
        $PORT = $re[10];
        $DATE = date("Y-m-d H:i:s");
        $currentHour = date("YmdH");
        if (!isset($GLOBALS["MYSQL_SHOREWALL"])) {
            $GLOBALS["MYSQL_SHOREWALL"] = new mysql_shorewall();
        }
        if (!isset($GLOBALS["MYSQL_SHOREWALL_T"][date("YmdH")])) {
            $GLOBALS["MYSQL_SHOREWALL"]->BuildHourTable();
        }
        $sql = "INSERT IGNORE INTO `FWH_{$currentHour}` (`ZDATE`,`ZONE_FROM`,`ZONE_TO`,`ACTION`,`NIC_IN`,`NIC_OUT`,`MAC_SRC`,`IP_SRC`,`IP_DST`,`PROTO`,`PORT`) VALUES\n\t('{$DATE}','{$ZONE_FROM}','{$ZONE_TO}','{$ACTION}','{$NIC_IN}','{$NIC_OUT}','{$MAC_SRC}','{$IP_SRC}','{$IP_DST}','{$PROTO}','{$PORT}')";
        $GLOBALS["MYSQL_SHOREWALL"]->QUERY_SQL($sql);
        if (count($GLOBALS["MYSQL_SHOREWALL_T"]) > 10) {
            unset($GLOBALS["MYSQL_SHOREWALL_T"]);
        }
        return;
    }
    if (preg_match("#kernel:.*?:\\s+(.+?):\\s+link down#", $buffer, $re)) {
        system_admin_events("{$re[1]}: Network Interface Down\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "network");
        squid_admin_mysql(0, "{$re[1]}: Network Interface Down", $buffer, __FILE__, __LINE__);
        return;
    }
    if (preg_match("#kernel:.*?\\]\\s+ADDRCONF.*?:\\s+(.+?):\\s+link is not ready#", $buffer, $re)) {
        system_admin_events("{$re[1]}: Network Interface not ready\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "network");
        squid_admin_mysql(0, "{$re[1]}: Network Interface not ready", $buffer, __FILE__, __LINE__);
        return;
    }
    if (preg_match("#kernel:.*?\\]\\s+ADDRCONF.*?:\\s+(.+?):\\s+link becomes ready#", $buffer, $re)) {
        system_admin_events("{$re[1]}: Network Interface becomes ready\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "network");
        squid_admin_mysql(0, "{$re[1]}: Network Interface becomes ready", $buffer, __FILE__, __LINE__);
        return;
    }
    if (preg_match("#kernel:.*?:\\s+(.+?):\\s+link up#", $buffer, $re)) {
        system_admin_events("{$re[1]}: Network Interface Up\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "network");
        squid_admin_mysql(2, "{$re[1]}: Network Interface Up", $buffer, __FILE__, __LINE__);
        return;
    }
    if (preg_match("#FATAL ERROR: unable to open remote file .*?framework\\.sock#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/lighttpd.framework.sock.error";
        if (IfFileTime($file, 1)) {
            system_admin_events("Framework issue, restarting framework service\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "artica");
            $cmd = "{$GLOBALS["nohup"]} /etc/init.d/artica-framework restart >/dev/null 2>&1 &";
            shell_exec($cmd);
        }
        return;
    }
    if (preg_match("#lighttpd\\[.*?connect failed: No such file or directory on unix:\\/var\\/run\\/php-fpm\\.sock#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/lighttpd.phpfpm.sock.error";
        if (IfFileTime($file, 1)) {
            system_admin_events("PHP-FPM issue, starting PHP-FPM service\n{$buffer}", __FUNCTION__, __FILE__, __LINE__, "artica");
            $cmd = "{$GLOBALS["nohup"]} /etc/init.d/php5-fpm start >/dev/null 2>&1 &";
            shell_exec($cmd);
        }
        return;
    }
    // LIGTTPD
    if (preg_match("#lighttpd.*?connections\\.c.*?SSL.*?error.*?Broken pipe#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/lighttpd.connections.Broken.pipe";
        if (IfFileTime($file, 2)) {
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/artica-webconsole restart >/dev/null 2>&1 &");
        }
        return;
    }
    if (dhcpd($buffer)) {
        return;
    }
    if (preg_match("#squid.*?\\[[0-9]+\\]:#", $buffer)) {
        squid_parser($buffer);
        return;
    }
    if (preg_match("#\\(squid-.*?\\):#", $buffer)) {
        squid_parser($buffer);
        return;
    }
    if (preg_match("#nss_wins.*?\\[[0-9]+\\]:#", $buffer)) {
        nss_parser($buffer);
        return;
    }
    if (preg_match("#haproxy.*?\\[[0-9]+\\]:#", $buffer)) {
        haproxy_parser($buffer);
        return;
    }
    if (preg_match("#kernel.*?\\[#", $buffer)) {
        Kernel_parser($buffer);
        return;
    }
    if (preg_match("#coova-chilli.+?net\\.c.*?Cannot assign requested address.*?ioctl.*?SIOCSIFFLAGS#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/coova-chilli.SIOCSIFFLAGS";
        if (IfFileTime($file, 5)) {
            events("HotSpot Failed to bin address, disable hotSpot system!");
            system_admin_events("HotSpot Failed to bin address, disable hotSpot system!", __FUNCTION__, __FILE__, __LINE__, "system");
            @file_put_contents("/etc/artica-postfix/settings/Daemons/EnableChilli", 0);
            ToSyslog("kernel: [  Artica-Net] Start Network [artica-ifup] (" . basename(__FILE__) . "/" . __LINE__ . ")");
            $cmd = "{$GLOBALS["nohup"]} /etc/init.d/artica-ifup start >/dev/null 2>&1 &";
            shell_exec($cmd);
            $cmd = "{$GLOBALS["nohup"]} /etc/init.d/chilli stop >/dev/null 2>&1 &";
            shell_exec($cmd);
            WriteFileCache($file);
            return;
        }
        events("{$buffer} = > TIMEOUT ... ");
        return;
    }
    if (preg_match("#'apache' total mem amount of ([0-9]+)([a-zA-Z])+\\s+matches resource limit#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/apache.matches.resource.limit";
        if (IfFileTime($file, 5)) {
            $unit = strtolower($re[2]);
            if ($unit == "kb") {
                $size = $re[1];
                $size = round($size / 1024, 2);
                $cmd = "{$GLOBALS["nohup"]} /etc/init.d/artica-postfix restart apachesrc >/dev/null 2>&1 &";
                events("{$size}M {$buffer} = {$cmd} ... ");
                shell_exec($cmd);
                WriteFileCache($file);
                return;
            }
            events("{$buffer} = > TIMEOUT ... ");
            return;
        }
    }
    if (preg_match("#connect failed: No such file or directory on unix:\\/var\\/run\\/php-fpm\\.sock#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/lighttpd.php-fpm.sock.No.such.file.directory.0";
        if (IfFileTime($file, 1)) {
            $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.initslapd.php --phppfm-fix >/dev/null 2>&1 &";
            events("{$buffer} = {$cmd} ... ");
            shell_exec($cmd);
            WriteFileCache($file);
            return;
        }
        events("{$buffer} = > TIMEOUT ... ");
        return;
    }
    if (preg_match("#lighttpd.*?mod_fastcgi.*?connect failed:\\s+No such file or directory on unix:\\/var\\/run\\/php-fpm\\.sock#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/lighttpd.php-fpm.sock.No.such.file.directory";
        if (IfFileTime($file, 1)) {
            $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.initslapd.php --phppfm-fix >/dev/null 2>&1 &";
            events("{$buffer} = {$cmd} ... ");
            shell_exec($cmd);
            WriteFileCache($file);
            return;
        }
        events("{$buffer} = > TIMEOUT ... ");
        return;
    }
    if (preg_match("#haarp.*?munmap_chunk.*?invalid pointer#", $buffer)) {
        $GLOBALS["HAARP_FATAL"]++;
        if (haarp_remove()) {
            return;
        }
        $file = "/etc/artica-postfix/croned.1/haarp.invalid.pointer";
        events("invalid pointer haarp:" . __LINE__);
        squid_admin_mysql(1, "Haarp issue: {$GLOBALS["HAARP_FATAL"]}/5 invalid pointer", "Proxy service have issues with haarp,\n{$buffer}\n the service will be restarted", __FILE__, __LINE__);
        if (IfFileTime($file, 3)) {
            squid_admin_notifs("Warning, Haarp issues.\nProxy service have issues with haarp,\n{$buffer}\n the service will be restarted");
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/haarp start >/dev/null 2>&1 &");
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#kernel:\\s+\\[.*?haarp.*?general protection.*?libmysqlclient\\.#", $buffer)) {
        $GLOBALS["HAARP_FATAL"]++;
        if (haarp_remove()) {
            return;
        }
        $file = "/etc/artica-postfix/croned.1/haarp.general.protection";
        events("general protection haarp:" . __LINE__);
        squid_admin_mysql(1, "Haarp issue: {$GLOBALS["HAARP_FATAL"]}/5 general protection libmysqlclient", "Proxy service have issues with haarp,\n{$buffer}\n the service will be restarted", __FILE__, __LINE__);
        if (IfFileTime($file, 1)) {
            squid_admin_notifs("Warning, Haarp issues.\nProxy service have issues with haarp,\n{$buffer}\n the service will be restarted");
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/haarp start >/dev/null 2>&1 &");
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#monit\\[.+?APP_UFDBGUARD.+?start:#", $buffer)) {
        return;
    }
    if (preg_match("#monit\\[.+?system statistic error.+?cannot get real memory buffers amount#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/squid.Failed.to.make.swap.directory";
        if (IfFileTime($file, 10)) {
            email_events("Watchdog failed, cannot get real memory buffers amount", "monit claim \"{$buffer}\" Artica will install the latest monit version....", 'system');
            shell_exec("{$GLOBALS["nohup"]} /usr/share/artica-postfix/bin/artica-make APP_MONIT >/dev/null 2>&1 &");
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#squid\\.monitrc:.*?syntax error#", $buffer)) {
        $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.squid.php --watchdog-config >/dev/null 2>&1 &";
        events("{$buffer} Monit = {$cmd} ... ");
        shell_exec($cmd);
        return;
    }
    if (preg_match("#artica-cron\\[.+?: Could not add job : serial queue is full#", $buffer)) {
        $cmd = "{$GLOBALS["nohup"]} /etc/init.d/artica-postfix restart fcron >/dev/null 2>&1 &";
        events("{$buffer} fcron CMD = {$cmd} ... ");
        shell_exec($cmd);
        return;
    }
    if (preg_match("#cron\\[.+?Fork error : could not exec.+?Cannot allocate memory#", $buffer)) {
        if ($GLOBALS["NOOUTOFMEMORYREBOOT"] != 1) {
            $uptime = $GLOBALS["CLASS_UNIX"]->uptime();
            exec("{$GLOBALS["PS_BIN"]} aux 2>&1", $resultsa);
            email_events("Memory full: System will be rebooted after running after {$uptime}", "System claim \"{$buffer}\" the operating system will be rebooted ({$reboot}).", 'proxy');
            if ($GLOBALS["SQUID_INSTALLED"]) {
                squid_admin_mysql(0, "Memory full: System will be rebooted after running after {$uptime}", "System claim \"{$buffer}\" the operating system will be rebooted\n" . @implode("\n", $resultsa), __FILE__, __LINE__);
            }
            UcarpDown();
            shell_exec("{$GLOBALS["SHUTDOWN_BIN"]} -rF now");
            return;
        }
    }
    if (preg_match("#monit: Error reading pid from file '(.+?)\\/ufdbguardd.pid'#", $buffer, $re)) {
        $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.squidguard.php --ufdbguard-start >/dev/null 2>&1 &";
        events("{$buffer} Monit CMD = {$cmd} ... ");
        shell_exec($cmd);
        return;
    }
    if (preg_match("#Cannot open.*?\\/var\\/log\\/squid\\/store\\.log.*?No space left on device#is", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/varlogfull";
        if (IfFileTime($file, 5)) {
            $results[] = "\n\n--------------   SPACE AVAILABLE   -------------\n\n";
            exec("{$GLOBALS["DF_BIN"]} -h 2>&1", $results);
            $results[] = "\n\n--------------   INODES AVAILABLE   -------------\n\n";
            exec("{$GLOBALS["DF_BIN"]} -i 2>&1", $results);
            squid_admin_mysql(0, "Fatal: no space left on log partition", "A specific procedure as been executed to make more free space.\nHere it is the current status\n" . @implode("\n", $results), __FILE__, __LINE__);
            $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.varlog-urgency.php --squid >/dev/null 2>&1 &";
            shell_exec($cmd);
            WriteFileCache($file);
        }
    }
    if (preg_match("#\\(squid-.+?Failed to make swap directory\\s+(.+?):\\s+\\(13\\)\\s+Permission denied#i", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/squid.Failed.to.make.swap.directory";
        if (IfFileTime($file, 10)) {
            $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.squid.php --reconfigure-squid >/dev/null 2>&1 &";
            events("--> Repair squid dir '{$re[1]}'... {$cmd}");
            @mkdir($re[1], 0755, true);
            @chmod($re[1], 0755);
            @chown($re[1], "squid");
            @chgrp($re[1], "squid");
            shell_exec($cmd);
            WriteFileCache($file);
        }
        return;
    }
    if (strpos($buffer, "DETECTED IN") > 0) {
        if (preg_match("#KHSE: THREAT\\s+(.+?)\\s+DETECTED IN\\s+(.+)#", $buffer, $re)) {
            $user = "******";
            $local_ip = "unknown";
            $rulename = "Antivirus KSE";
            $category = "KSE_THREAT";
            $public_ip = "unknown";
            $virus = $re[1];
            $uri = $re[2];
            if (preg_match("#(|http|https|ftp|ftps)://(.+)#", $uri, $re)) {
                $www = $re[2];
            }
            if (preg_match("#^www\\.(.+)#", $www, $re)) {
                $www = $re[1];
            }
            if (strpos($www, "/") > 0) {
                $tb = explode("/", $www);
                $www = $tb[0];
            }
            $date = time();
            $table = date('Ymd') . "_blocked";
            $md5 = md5("{$date},{$local_ip},{$rulename},{$category},{$www},{$public_ip}");
            $sql = "('{$local_ip}','{$www}','{$category}','{$rulename}','{$public_ip}','THREAT {$virus} DETECTED','Security issue','unknown')";
            if (!is_dir("{$GLOBALS["ARTICALOGDIR"]}/ufdbguard-queue")) {
                @mkdir("{$GLOBALS["ARTICALOGDIR"]}/ufdbguard-queue", 0755, true);
            }
            @file_put_contents("{$GLOBALS["ARTICALOGDIR"]}/ufdbguard-queue/{$md5}.sql", $sql);
            eventsAuth("[KHSE]: blocked THREAT {$virus} DETECTED IN {$uri}");
            return;
        }
    }
    $auth = new auth_tail();
    if ($auth->ParseLog($buffer)) {
        return;
    }
    $auth = null;
    // ---------------------- DANSGUARDIAN ---------------------------------
    if (strpos($buffer, "dansguardian[") > 0) {
        if (preg_match("#dansguardian\\[.+?:\\s+[0-9\\.]+\\s+[0-9:]+\\s+(.+?)\\s+([0-9\\.]+)\\s+(.+?)\\s+\\*([A-Z]+)\\*\\s+(.+?):\\s+(.+?)\\s+([A-Z]+)\\s+[0-9]+\\s+[0-9]+\\s+(.+?)\\s+([0-9]+)#", $buffer, $re)) {
            $array["userid"] = trim($re[1]);
            $array["ipaddr"] = $re[2];
            $array["uri"] = $re[3];
            $array["EVENT"] = $re[4];
            $array["WHY"] = trim($re[5]);
            $array["EXPLAIN"] = $re[6];
            $array["BLOCKTYPE"] = $re[8];
            $array["RULEID"] = $re[9];
            $array["TIME"] = date('Y-m-d H:i:s');
            eventsAuth("[Dansguardian]: blocked {$array["uri"]} {$array["BLOCKTYPE"]} {$array["RULEID"]}");
            @file_put_contents("{$GLOBALS["ARTICALOGDIR"]}/dansguardian-stats4/" . md5(serialize($array)), serialize($array));
        }
        return;
    }
    // Samba/Winbind **********************************************************************************************************************************************
    if (preg_match("#winbindd\\[.+?Connection to LDAP server failed for the\\s+[0-9]+\\s+try#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/samba." . md5("winbindd\\[.+?Connection to LDAP server failed for the\\s+[0-9]+\\s+try") . ".error";
        system_admin_events("winbindd connection to LDAP failed, update password...", __FUNCTION__, __FILE__, __LINE__, "samba");
        if (IfFileTime($file, 5)) {
            system_admin_events("winbindd connection to LDAP failed, update password...", __FUNCTION__, __FILE__, __LINE__, "samba");
            shell_exec("{$GLOBALS["nohup"]} /usr/share/artica-postfix/exec.samba.php --smbpasswd >/dev/null 2>&1 &");
        }
        return true;
    }
    if (preg_match("#net:\\s+ads_keytab_add_entry: unable to determine machine account's dns name in AD#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/samba." . md5("net:\\s+ads_keytab_add_entry: unable to determine machine account's dns name in AD") . ".error";
        if (IfFileTime($file, 10)) {
            email_events("Active Directory: Unable to determine machine account's dns name in AD", "System claims:\n{$buffer}\nThere is link problem with your Active Directory", 'system');
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match("#winbindd\\[.*?Could not fetch our SID - did we join#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/ntlm.samba.could.not.fetch.our.SID.join.error";
        if (IfFileTime($file, 3)) {
            squid_admin_mysql(0, "NTLM: not joinded", $buffer, __FILE__, __LINE__);
            $cmd = "{$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.kerbauth.php --join";
            events("Active Directory: NTLM:: not joinded -> {$cmd}");
            shell_exec("{$GLOBALS["nohup"]} {$cmd} >/dev/null 2>&1 &");
            WriteFileCache($file);
        } else {
            events("Active Directory: NTLM: not joinded -> WAIT");
        }
        return;
    }
    if (preg_match("#\\(ntlm_auth\\): could not obtain winbind domain name\\!#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/ntlm.samba.could.not.obtain.winbind.domain.name.error";
        if (IfFileTime($file, 3)) {
            squid_admin_mysql(0, "NTLM: could not obtain winbind domain name", $buffer, __FILE__, __LINE__);
            $cmd = "{$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.kerbauth.php --join";
            events("Active Directory: NTLM:: could not obtain winbind domain name -> {$cmd}");
            shell_exec("{$GLOBALS["nohup"]} {$cmd} >/dev/null 2>&1 &");
            WriteFileCache($file);
        } else {
            events("Active Directory: NTLM:: could not obtain winbind domain name -> WAIT");
        }
        return;
    }
    if (preg_match("#smbd\\[.+?:.+?PANIC\\s+\\(pid.+?:\\s+internal error#", $buffer, $re)) {
        email_events("Samba: SMBD daemon has crashed", "Samba claims:\n{$buffer}\nArtica cannot do something, please try to re-install samba...", 'samba');
        return;
    }
    if (preg_match("#kerberos_kinit_password\\s+(.+?)\\s+failed:\\s+Preauthentication failed#i", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/samba." . md5("kerberos_kinit_password+Preauthentication failed") . ".error";
        if (IfFileTime($file, 2)) {
            squid_admin_mysql(0, "NTLM: Preauthentication failed", $buffer, __FILE__, __LINE__);
            $cmd = "{$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.kerbauth.php --ping --force";
            email_events("Active Directory: Preauthentication failed", "System claims:\n{$buffer}\nThere is link problem with your Active Directory\nArtica will try to relink the system by executing {$cmd} --verbose\nbut you should try to investigate if this server is able to resolve the Active Directory server", 'system');
            events("Active Directory: Preauthentication failed -> {$cmd}");
            shell_exec("{$GLOBALS["nohup"]} {$cmd} >/dev/null 2>&1 &");
            $cmd = "{$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.kerbauth.php --join";
            events("Active Directory: Preauthentication failed -> {$cmd}");
            shell_exec("{$GLOBALS["nohup"]} {$cmd} >/dev/null 2>&1 &");
            @unlink($file);
            WriteFileCache($file);
        }
        return true;
    }
    // **********************************************************************************************************************************************
    if (preg_match("#dnsmasq.+? failed to read\\s+(.+?):\\s+Permission denied#", $buffer, $re)) {
        if (!isset($GLOBALS["aa-complain"])) {
            $GLOBALS["aa-complain"] = $GLOBALS["CLASS_UNIX"]->find_program("aa-complain");
        }
        if (!isset($GLOBALS["dnsmasq_bin"])) {
            $GLOBALS["dnsmasq_bin"] = $GLOBALS["CLASS_UNIX"]->find_program("dnsmasq");
        }
        $targetedfile = $re[1];
        $file = "/etc/artica-postfix/croned.1/dnsmasq." . md5($targetedfile) . ".Permission.denied";
        events("dnsmasq {$targetedfile} -> Permission denied");
        if (IfFileTime($file, 10)) {
            events("dnsmasq {$targetedfile} -> chmod 755");
            if (is_file($GLOBALS["aa-complain"])) {
                events("dnsmasq {$GLOBALS["aa-complain"]}  -> {$GLOBALS["dnsmasq_bin"]}");
                shell_exec("{$GLOBALS["aa-complain"]} {$GLOBALS["dnsmasq_bin"]}");
            }
            email_events("dnsmasq: Permission denied on {$targetedfile}", "dnmasq claims:\n{$buffer}\nArtica will change permission of this file to 0755 in order to fix this issue and put it into aa-complain mode", 'system');
            shell_exec("/bin/chmod 755 \"{$targetedfile}\"");
            shell_exec(trim("{$GLOBALS["nohup"]} /etc/init.d/dnsmasq restart >/dev/null 2>&1 &"));
            @unlink($file);
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#pam_ldap: error trying to bind \\(Invalid credentials\\)#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/pam_ldap.Invalid.credentials";
        if (IfFileTime($file, 10)) {
            email_events("pam_ldap: system unable to contact the LDAP server", "system claims:\n{$buffer}\nArtica will reconfigure nss-ldap system\nSome systems request rebooting\nto be sure, reboot your server", 'system');
            shell_exec(trim("{$GLOBALS["nohup"]} /usr/share/artica-postfix/bin/artica-install --nsswitch >/dev/null 2>&1 &"));
            @unlink($file);
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#net:\\s+failed to bind to server.+?Error: Invalid credentials#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/net.Invalid.credentials";
        if (IfFileTime($file, 10)) {
            email_events("Samba/net: system unable to contact the LDAP server", "Samba/net claims:\n{$buffer}\nArtica will reconfigure samba system\n", 'system');
            shell_exec(trim("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.samba.php --build >/dev/null 2>&1 &"));
            @unlink($file);
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#pdns.+?:\\s+\\[LdapBackend\\] Unable to search LDAP directory: Starting LDAP search: Can't contact LDAP server#", $buffer, $re)) {
        events("--> PDNS LDAP FAILED");
        $file = "/etc/artica-postfix/croned.1/pdns.Can.t.contact.LDAP.server";
        if (IfFileTime($file, 10)) {
            email_events("PowerDNS: DNS server is unable to contact the LDAP server", "PDNS claims:\n{$buffer}\nArtica will restart PowerDNS service", 'system');
            shell_exec(trim("{$GLOBALS["nohup"]} /etc/init.d/pdns restart >/dev/null 2>&1 &"));
            @unlink($file);
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#pdns_recursor\\[.*?Failed to update \\. records, RCODE=([0-9]+)#", $buffer, $re)) {
        events("--> Failed to update \\. records, RCODE={$re[1]}");
        $file = "/etc/artica-postfix/croned.1/pdns.failed.to.update.record.{$re[1]}";
        if (IfFileTime($file, 2)) {
            shell_exec(trim("{$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.initslapd.php --pdns-recursor >/dev/null 2>&1"));
            shell_exec(trim("{$GLOBALS["nohup"]} /etc/init.d/pdns-recursor restart >/dev/null 2>&1 &"));
        }
        return;
    }
    if (preg_match("#pdns(?:\\[\\d{1,5}\\])?: Not authoritative for '.*',.*sending servfail to\\s+(.+?)\\s+\\(recursion was desired\\)#", $buffer, $re)) {
        events("--> PDNS Hack {$re[2]}");
        if ($GLOBALS["PDNS_HACK"] == 1) {
            $GLOBALS["PDNS_HACK_DB"][$re[2]] = $GLOBALS["PDNS_HACK_DB"][$re[2]] + 1;
            if ($GLOBALS["PDNS_HACK_DB"][$re[2]] > $GLOBALS["PDNS_HACK_MAX"]) {
                events("--> PDNS Hack {$re[2]} will be banned");
                @file_put_contents("{$GLOBALS["ARTICALOGDIR"]}/pdns-hack-queue/" . time(), $re[2]);
                unset($GLOBALS["PDNS_HACK_DB"][$re[2]]);
            }
        }
        return;
    }
    if (preg_match("#auditd\\[.+?Unable to set audit pid, exiting#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/Unable.to.set.audit.pid";
        if (IfFileTime($file, 10)) {
            email_events("Auditd: cannot start", "auditd claims:\n{$buffer}\nIt seems that Auditd cannot start, if you run this computer on an OpenVZ VPS server, be sure that your Administrator has enabled audtid capability\n\t\t\tTake a look here http://bugzilla.openvz.org/show_bug.cgi?id=1157\n\t\t\t\nthis notification is not a good information.\nthe Auditd feature is now disabled\n", 'system');
            @unlink($file);
            @file_put_contents("/etc/artica-postfix/settings/Daemons/EnableAuditd", "0");
            shell_exec(trim("{$GLOBALS["nohup"]} /etc/init.d/artica-postfix stop auditd >/dev/null 2>&1 &"));
            WriteFileCache($file);
            return;
        }
    }
    if (preg_match("#snort\\[[0-9]+\\]:\\s+\\[.+?\\]\\s+(.+?)\\s+\\[Classification: (.+?)\\]\\s+\\[Priority:\\s+([0-9]+)\\]:\\/s+\\{(.+?)\\}\\s+(.+?):([0-9]+)\\s+->\\s+(.+?):([0-9]+)#", $buffer, $re)) {
        $md5 = md5($buffer);
        $filename = "{$GLOBALS["ARTICALOGDIR"]}/snort-queue/" . time() . ".{$md5}.snort";
        @file_put_contents($filename, serialize($re));
        return;
    }
    if (preg_match("#snort\\[.+?:\\s+Can.+?t acquire.+?cooked-mode frame doesn.+?t have room for sll header#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/snort.cant.bind";
        if (IfFileTime($file, 10)) {
            email_events("SNORT: Fatal error: could not acquire the network", "snort claims:\n{$buffer}\nIt seems that snort is unable to hook your Interface Card, perhaps your server running in a Xen environnement or any virtual system\nthis notification is not a good information.\nYou should remove the IDS feature from Artica or remove SNORT package\nYour system cannot support IDS system.\nsee http://seclists.org/snort/2011/q2/52\nhttp://support.citrix.com/article/CTX116204", 'system');
            @unlink($file);
            WriteFileCache($file);
            return;
        }
    }
    if (preg_match("#.+?roundcube-(.+?): FAILED login for (.+?) from ([0-9\\.]+)#", $buffer, $re)) {
        Roundcubehack($re[1], $re[2], $re[3]);
        return;
    }
    if (preg_match("#net:\\s+failed to bind to server ldap.+?localhost#", $buffer)) {
        events("--> exec.samba.php --fix-etc-hosts");
        shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.samba.php --fix-etc-hosts >/dev/null 2>&1 &");
        $file = "/etc/artica-postfix/croned.1/net-ldap-bind";
        if (IfFileTime($file, 5)) {
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/slapd restart --framework=" . basename(__FILE__) . " >/dev/null 2>&1 &");
            WriteFileCache($file);
            return;
        }
    }
    if (preg_match("#(winbindd|smbd)\\[.+?failed to bind to server.+?Invalid credentials#", $buffer)) {
        events("SAMBA: Invalid credentials");
        $file = "/etc/artica-postfix/croned.1/samba-ldap-credentials";
        if (IfFileTime($file, 5)) {
            if (is_file("/var/lib/samba/winbindd_idmap.tdb")) {
                @unlink("/var/lib/samba/winbindd_idmap.tdb");
            }
            if (is_file("/var/lib/samba/group_mapping.ldb")) {
                @unlink("/var/lib/samba/group_mapping.ldb");
            }
            email_events("Samba: could not connect to ldap Invalid credentials", "samba claims:\n{$buffer}\nArtica will try to reconfigure password and restart Samba", 'system');
            shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.samba.php --fix-etc-hosts >/dev/null 2>&1 &");
            @unlink($file);
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/artica-postfix restart samba >/dev/null 2>&1 &");
            WriteFileCache($file);
        }
        return;
    }
    // -------------------------------------------------------------------------------------------------------------------------------------------------
    if (preg_match("#failed due to\\s+\\[winbind client not authorized to use winbindd_pam_auth_crap\\.\\s+Ensure permissions on.+?are set correctly#", $buffer)) {
        events("SQUID: winbindd_pam_auth_crap --> exec.kerbauth.php --winbindfix");
        $file = "/etc/artica-postfix/croned.1/winbindd_pam_auth_crap";
        if (IfFileTime($file, 5)) {
            squid_admin_mysql(0, "NTLM: client not authorized to use winbindd_pam_auth_crap", $buffer, __FILE__, __LINE__);
            shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.kerbauth.php --winbindfix");
            @unlink($file);
            WriteFileCache($file);
        }
        return;
    }
    // -------------------------------------------------------------------------------------------------------------------------------------------------
    if (preg_match("#smbd\\[.+?:\\s+smbd_open_once_socket: open_socket_in: Address already in use#", $buffer)) {
        events("SMBD: smbd_open_once_socket: open_socket_in: Address already in use");
        $file = "/etc/artica-postfix/croned.1/smbd_open_once_socket.open_socket_in.Address.already.in.use";
        if (IfFileTime($file, 10)) {
            email_events("Samba: try to bind ipv6 and ipv4, fixed", "samba claims:\n{$buffer}\n\t\t\tArtica will do \"sysctl net.ipv6.bindv6only=1\" to fix this issue (see https://bugzilla.redhat.com/show_bug.cgi?id=726936)", 'system');
            shell_exec("{$GLOBALS["sysctl"]} net.ipv6.bindv6only=1");
            @unlink($file);
            WriteFileCache($file);
        }
        return;
    }
    // -------------------------------------------------------------------------------------------------------------------------------------------------
    if (preg_match("#winbindd.+?Could not receive trustdoms#", $buffer)) {
        events("WINBIND: Could not receive trustdoms");
        $file = "/etc/artica-postfix/croned.1/Could.not.receive.trustdoms";
        if (IfFileTime($file, 5)) {
            events("WINBIND: Could not receive trustdoms -> restart Winbind");
            if (function_exists("WriteToSyslogMail")) {
                WriteToSyslogMail("restart winbindd", basename(__FILE__));
            }
            email_events("Samba: Could not receive trustdoms", "samba claims:\n{$buffer}\nArtica will try to restart winbindd service", 'system');
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/winbind restart >/dev/null 2>&1 &");
            @unlink($file);
        }
        WriteFileCache($file);
        return;
    }
    if (preg_match("#winbindd\\[.+?ADS uninitialized: No logon servers#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/winbindd-No-logon-servers";
        events("WINBINDD: ADS uninitialized: No logon servers");
        if ($GLOBALS["EnableKerbAuth"] == 1) {
            if (IfFileTime($file, 3)) {
                squid_admin_mysql(0, "NTLM: No logon servers", $buffer, __FILE__, __LINE__);
                events("WINBINDD: EnableKerbAuth:: exec.kerbauth.php --build (do nothing new patch 2012-05-04)");
                //shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.kerbauth.php --build &");
                WriteFileCache($file);
            }
            return;
        }
    }
    if (preg_match("#lessfs\\[.+?send_backlog : failed to connect to the slave#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/lessfs.1";
        if (IfFileTime($file, 5)) {
            email_events("lessFS: Replication deduplication to connect to the slave ", "lessFS claims:\n{$buffer}\nPlease check communications with the slave", 'system');
            WriteFileCache($file);
            return;
        }
    }
    if (preg_match("#lessfs\\[.+?send_backlog : invalid message size#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/lessfs.2";
        if (IfFileTime($file, 5)) {
            email_events("lessFS: Replication deduplication failed to replicate ", "lessFS claims:\n{$buffer}\nPlease check communications with the slave", 'system');
            WriteFileCache($file);
            return;
        }
    }
    if (preg_match("#lessfs\\[.+?replication_worker : replication is disabled, disconnect#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/lessfs.2";
        if (IfFileTime($file, 5)) {
            email_events("lessFS: Replication deduplication failed: Slave is disabled ", "lessFS claims:\n{$buffer}\nPlease check communications with the slave", 'system');
            WriteFileCache($file);
            return;
        }
    }
    if (preg_match("#lessfs\\[.+?Could not recover database : (.+?)#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/lessfs.3";
        if (IfFileTime($file, 5)) {
            email_events("lessFS: database {$re[1]} corrupted !!", "lessFS claims:\n{$buffer}\nArtica will try to repair it...", 'system');
            shell_exec("lessfsck -o -f -t -c /etc/lessfs.cfg &");
        }
    }
    if (preg_match("#automount\\[.+?mount.+?unknown filesystem type.+?ext4#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/automount.unknown.filesystem.type.ext4";
        if (IfFileTime($file, 15)) {
            email_events("automount: Failed to mount EXT4 !", "automount claims:\n{$buffer}\nYou should upgrade your system in order to obtain the last kernel that enables ext4", 'system');
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#automount\\[.+?mount.+?failed to mount\\s+(.+?)\\s+on\\s+(.+)\$#", $buffer, $re)) {
        $mount_dir = $re[1];
        $mount_dest = $re[2];
        $md5 = md5("{$mount_dir}{$mount_dest}");
        $file = "/etc/artica-postfix/croned.1/automount.{$md5}";
        if (IfFileTime($file, 15)) {
            email_events("automount: Failed to mount {$mount_dir} ", "automount claims:\n{$buffer}\nCheck your connexions settings on automount section", 'system');
            WriteFileCache($file);
        }
        return;
    }
    if (preg_match("#modprobe: WARNING: Error inserting\\s+(.+?)\\s+\\(.+?\\):\\s+No such device#", $buffer, $re)) {
        email_events("kernel: missing {$re[1]} module", "modprobe claims:\n{$buffer}\nTry to find the right package that store {$re[2]} file", 'VPN');
        return;
    }
    if (preg_match("#pptp_callmgr.+?Could not open control connection to\\s+([0-9\\.]+)#", $buffer, $re)) {
        vpn_msql_events("VPN connexion failed to {$re[1]}, unable to create connection tunnel", $buffer, "{$re[1]}");
        email_events("VPN connexion failed to {$re[1]}, unable to create connection tunnel ", "{$buffer}", 'VPN');
        return;
    }
    if (preg_match("#pppd\\[.+?Can.+?t open options file.+?ppp\\/peers\\/(.+?):\\s+No such file or directory#", $buffer, $re)) {
        email_events("VPN connexion failed for {$re[1]} connection,No such file", "pptp clients claims {$buffer}\\artica will try to rebuild connections", "VPN");
        vpn_msql_events("VPN (PPTPD) failed for {$re[1]} connection,No such file", $buffer, "{vpn_server}");
        shell_exec(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.pptpd.php --clients &");
        return;
    }
    if (preg_match("#pppd\\[.+?peer refused to authenticate: terminating link#", $buffer, $re)) {
        vpn_msql_events("VPN (PPTPD) authentification failed from remote host", $buffer, "{vpn_server}");
        return;
    }
    if (preg_match("#pppd\\[.+?peer refused to authenticate#", $buffer, $re)) {
        vpn_msql_events("VPN (PPTPD) failed peer refused to authenticate", $buffer, "{vpn_server}");
        return;
    }
    if (preg_match("#pppd\\[.+?MS-CHAP authentication failed: E=691 Authentication failure#", $buffer, $re)) {
        vpn_msql_events("VPN (CLIENT) failed server refused to authenticate (Authentication failure)", $buffer, "{vpn_server}");
        return;
    }
    if (preg_match("#pppd\\[.+?MPPE required but not available#", $buffer, $re)) {
        vpn_msql_events("VPN (PPTPD) authentification failed MPPE required", $buffer, "{vpn_server}");
        return;
    }
    if (preg_match("#pptpd\\[.+?CTRL: Client\\s+(.+?)\\s+control connection finished#", $buffer, $re)) {
        vpn_msql_events("VPN (PPTPD) connection closed for {$re[1]}", $buffer, "{vpn_server}");
        return;
    }
    if (preg_match("#pppd\\[.+?pptpd-logwtmp\\.so ip-up ppp[0-9]+\\s+(.+?)\\s+([0-9\\.]+)#", $buffer, $re)) {
        vpn_msql_events("VPN (PPTPD) connection open for {$re[1]} ({$re[2]})", "{$buffer}", '{vpn_server}');
        return;
    }
    if (preg_match("#slapd\\[(.+?)\\]:.+?OpenLDAP: slapd\\s+([0-9\\.]+)#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/openldap-started";
        events("OpenLDAP service version {$re[2]} successfully started PID {$re[1]}", "{$buffer}", 'system');
        return;
    }
    if (preg_match("#monit\\[.+?Sendmail error:\\s+(.+)#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/monit-sendmail-failed-" . md5($re[1]);
        if (IfFileTime($file, 10)) {
            events("MONIT -> SENDMAIL FAILED");
            //email_events("Monit is unable to send notifications","Monit claim \"$buffer\"\ntry to analyze why postfix send this error:\n{$re[1]}",'system');
            WriteFileCache($file);
            return;
        }
    }
    if (strpos($buffer, "pam_ldap: ldap_simple_bind Can't contact LDAP server") > 0) {
        $file = "/etc/artica-postfix/croned.1/ldap-failed";
        if (IfFileTime($file, 10)) {
            events("pam_ldap -> LDAP FAILED");
            email_events("LDAP server is unavailable", "System claim \"{$buffer}\" artica will try to restart LDAP server ", 'system');
            WriteFileCache($file);
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/slapd restart --framework=" . basename(__FILE__) . " >/dev/null 2>&1 &");
            return;
        }
    }
    if (preg_match("#net:\\s+failed to bind to server.+?Error:\\s+Can.?t\\s+contact LDAP server#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/ldap-failed";
        if (IfFileTime($file, 10)) {
            events("NET -> LDAP FAILED");
            email_events("LDAP server is unavailable", "System claim \"{$buffer}\" artica will try to restart LDAP server ", 'system');
            WriteFileCache($file);
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/slapd restart --framework=" . basename(__FILE__) . " >/dev/null 2>&1 &");
            return;
        }
    }
    if (preg_match("#winbindd\\[.+?failed to bind to server\\s+(.+?)\\s+with dn.+?Error: Can.+?contact LDAP server#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/ldap-failed";
        if (IfFileTime($file, 10)) {
            events("winbindd -> LDAP FAILED");
            email_events("LDAP server is unavailable", "Samba claim \"{$buffer}\" artica will try to restart LDAP server ", 'system');
            WriteFileCache($file);
            shell_exec("{$GLOBALS["nohup"]} /etc/init.d/slapd restart --framework=" . basename(__FILE__) . " >/dev/null 2>&1 &");
            return;
        }
    }
    if (preg_match("#smbd\\[.+?User\\s+(.+?)with invalid SID\\s+(.+?)\\s+in passdb#", $buffer, $re)) {
        events("SAMBA Invalid SID for {$re[1]}");
        $md5 = md5("{$re[1]}{$re[2]}");
        $file = "/etc/artica-postfix/croned.1/samba.invalid.sid.{$md5}";
        if (IfFileTime($file)) {
            $unix = new unix();
            $localsid = $unix->GET_LOCAL_SID();
            $cmd = LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.samba.synchronize.php";
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET($cmd);
            email_events("Samba invalid SID for {$re[1]}", "Samba claim \"{$buffer}\"\nUser:{$re[1]} with sid {$re[2]} has this server has the SID {$localsid}\nArtica will re-sync accounts", 'system');
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match("#smbd\\[.+?sid\\s+(.+?)\\s+does not belong to our domain#", $buffer, $re)) {
        events("SAMBA Invalid global SID for {$re[1]}");
        $md5 = md5("{$re[1]}");
        $file = "/etc/artica-postfix/croned.1/samba.invalid.sid.{$md5}";
        if (IfFileTime($file)) {
            $unix = new unix();
            $localsid = $unix->GET_LOCAL_SID();
            email_events("Samba global invalid SID for {$re[1]}", "Samba claim \"{$buffer}\"\n{$re[1]} has this server has the real SID {$localsid}\nTry to rebuild the configuration trough artica web Interface", 'system');
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match("#NetBIOS name\\s+(.+?)\\s+is too long. Truncating to (.+?)#", $buffer, $re)) {
        events("SAMBA NetBIOS name {$re[1]} is too long");
        $file = "/etc/artica-postfix/croned.1/NetBIOSNameTooLong";
        if (IfFileTime($file)) {
            email_events("Samba NetBIOS name {$re[1]} is too long", "Samba claim \"{$buffer}\" \nYou should change your server hostname", 'system');
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match('#net:\\s+WARNING:\\s+Ignoring invalid value.+?Bad Pasword#', $buffer, $re)) {
        events("SAMBA unknown parameter Bad Pasword");
        $file = "/etc/artica-postfix/croned.1/SambaBadPasword";
        if (IfFileTime($file)) {
            email_events("Samba unknown parameter \"Bad Pasword\"", "Samba claim \"{$buffer}\" Artica will reconfigure samba", 'system');
            shell_exec(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.samba.php --reconfigure &");
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match('#smbd\\[.+Ignoring unknown parameter\\s+"hide_unwriteable_files"#', $buffer, $re)) {
        events("SAMBA unknown parameter hide_unwriteable_files");
        $file = "/etc/artica-postfix/croned.1/hide_unwriteable_files";
        if (IfFileTime($file)) {
            email_events("Samba unknown parameter hide_unwriteable_files", "Samba claim \"{$buffer}\" Artica will correct the configuration file", 'system');
            shell_exec(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.samba.php --fix-HideUnwriteableFiles &");
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match('#load_usershare_shares: directory\\s+(.+?)\\s+is not owned by root or does not have the sticky bit#', $buffer, $re)) {
        events("SAMBA load_usershare_shares {$re[1]}");
        $file = "/etc/artica-postfix/croned.1/load_usershare_shares";
        if (IfFileTime($file)) {
            email_events("Samba load_usershare_shares permissions issues", "Samba claim \"{$buffer}\" Artica will correct the filesystem directory", 'system');
            shell_exec("chmod 1775 {$re['1']}/ &");
            shell_exec("chmod chmod +t {$re['1']}/ &");
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match("#amavis\\[.+?:\\s+\\(.+?\\)TROUBLE\\s+in child_init_hook:#", $buffer, $re)) {
        events("AMAVIS TROUBLE in child_init_hook");
        $file = "/etc/artica-postfix/croned.1/amavis." . md5("AMAVIS:TROUBLE in child_init_hook");
        if (IfFileTime($file)) {
            email_events("Amavis child error", "Amavis claim \"{$buffer}\" the amavis daemon will be restarted", 'postfix');
            shell_exec('/etc/init.d/amavis restart &');
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match("#amavis\\[.+?:\\s+\\(.+?\\)_DIE:\\s+Suicide in child_init_hook#", $buffer, $re)) {
        events("AMAVIS TROUBLE in child_init_hook");
        $file = "/etc/artica-postfix/croned.1/amavis." . md5("AMAVIS:TROUBLE in child_init_hook");
        if (IfFileTime($file)) {
            email_events("Amavis child error", "Amavis claim \"{$buffer}\" the amavis daemon will be restarted", 'postfix');
            shell_exec('/etc/init.d/amavis restart &');
            WriteFileCache($file);
        }
        return true;
    }
    if (preg_match("#smbd_audit:\\s+(.+?)\\|(.+?)\\|(.+?)\\|(.+?)\\|(.+?)\\|(.+?)\\|(.+?)\\|(.+?)\$#", $buffer, $re)) {
        events("{$re[5]}/{$re[8]} in xapian queue");
        WriteXapian("{$re[5]}/{$re[8]}");
        return true;
    }
    if (preg_match("#dansguardian.+?:\\s+Error connecting to proxy#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/squid.tostart.error";
        if (IfFileTime($file, 2)) {
            events("Squid not available...! Artica will start squid");
            email_events("Proxy error", "DansGuardian claim \"{$buffer}\", Artica will start squid ", 'system');
            $GLOBALS["CLASS_UNIX"]->RECONFIGURE_SQUID();
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET('/etc/init.d/artica-postfix start dansguardian');
            WriteFileCache($file);
            return;
        } else {
            events("Proxy error, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#zarafa-server.+?INNODB engine is disabled#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/zarafa.INNODB.engine";
        if (IfFileTime($file, 2)) {
            events("Zarafa innodb errr");
            WriteFileCache($file);
            return;
        } else {
            events("Zarafa innodb err, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#zarafa-spooler\\[.+?Unable to open admin session.*?Error ([0-9a-zA-Z]+)#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/zarafa.Unable.to.open.admin.session";
        events("Unable to open admin session `{$re[1]}` line:" . __LINE__);
        if (IfFileTime($file, 3)) {
            $restartZarafa = false;
            if (preg_match("#0x80040115#", $buffer)) {
                events("{$re[1]}: Restart required...");
                $restartZarafa = true;
                $restartaction = "\nServer will be restarted...\n";
            } else {
                events("{$re[1]}: Restart NOT required...");
            }
            email_events("zarafa Spooler service error connecting to zarafa server ({$re[1]})", "Zarafa claim \"{$buffer}\"{$restartaction} ", 'system');
            WriteFileCache($file);
            if ($restartZarafa) {
                events("\"{$GLOBALS["nohup"]} /etc/init.d/zarafa-server restart >/dev/null 2>&1 &\" line:" . __LINE__);
                shell_exec("{$GLOBALS["nohup"]} /etc/init.d/zarafa-server restart >/dev/null 2>&1 &");
            }
        }
        return;
    }
    if (preg_match("#(.+?)\\[.+?segfault at.+?error.+?in.+?\\[#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/segfault.{$re[1]}";
        if (IfFileTime($file, 10)) {
            events("{$re[1]}: segfault");
            email_events("{$re[1]}: segfault", "Kernel claim \"{$buffer}\" ", 'system');
            WriteFileCache($file);
            return;
        }
    }
    if (preg_match("#kernel:.+?Out of memory:\\s+kill\\s+process\\s+#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/kernel.Out.of.memory";
        if (!is_numeric($GLOBALS["NOOUTOFMEMORYREBOOT"])) {
            $GLOBALS["NOOUTOFMEMORYREBOOT"] = 0;
        }
        if (IfFileTime($file, 1)) {
            if ($GLOBALS["NOOUTOFMEMORYREBOOT"] != 1) {
                events("Out of memory -> REBOOT !!!");
                $uptime = $GLOBALS["CLASS_UNIX"]->uptime();
                email_events("Out of memory: reboot action performed Uptime:{$uptime}", "Kernel claim \"{$buffer}\" the server will be rebooted", 'system');
                WriteFileCache($file);
                if ($GLOBALS["SQUID_INSTALLED"]) {
                    squid_admin_mysql(0, "Memory full: System will be rebooted after running after {$uptime}", "System claim \"{$buffer}\" the operating system will be rebooted", __FILE__, __LINE__);
                }
                UcarpDown();
                shell_exec("{$GLOBALS["SHUTDOWN_BIN"]} -rF now");
                return;
            } else {
                email_events("Out of memory: your system hang !", "Kernel claim \"{$buffer}\" I suggest rebooting the system", 'system');
                WriteFileCache($file);
            }
        }
    }
    if (preg_match("#kernel:\\s+\\[.+?Out of memory\\s+\\(oom_kill_allocating_task#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/kernel.Out.of.memory";
        if (!is_numeric($GLOBALS["NOOUTOFMEMORYREBOOT"])) {
            $GLOBALS["NOOUTOFMEMORYREBOOT"] = 0;
        }
        if (IfFileTime($file, 1)) {
            if ($GLOBALS["NOOUTOFMEMORYREBOOT"] != 1) {
                events("Out of memory -> REBOOT !!!");
                $uptime = $GLOBALS["CLASS_UNIX"]->uptime();
                email_events("Out of memory: reboot action performed uptime:{$uptime}", "Kernel claim \"{$buffer}\" the server will be rebooted", 'system');
                WriteFileCache($file);
                if ($GLOBALS["SQUID_INSTALLED"]) {
                    squid_admin_mysql(0, "Memory full: System will be rebooted after running after {$uptime}", "System claim \"{$buffer}\" the operating system will be rebooted", __FILE__, __LINE__);
                }
                UcarpDown();
                shell_exec("{$GLOBALS["SHUTDOWN_BIN"]} -rF now");
                return;
            } else {
                email_events("Out of memory: your system hang !", "Kernel claim \"{$buffer}\" I suggest rebooting the system", 'system');
                WriteFileCache($file);
            }
        }
    }
    if (preg_match("#kernel:.+?ata.+?status:\\s+{\\s+DRDY#", $buffer, $re)) {
        if ($GLOBALS["NODRYREBOOT"] == 1) {
            events("Hard Disk problem: -> reboot banned");
            return;
        }
        $file = "/etc/artica-postfix/croned.1/kernel.DRDY";
        if (IfFileTime($file, 5)) {
            events("DRDY -> REBOOT !!!");
            exec("/bin/dmesg 2>&1", $results);
            $array["buffer"] = $buffer;
            $array["dmsg"] = $results;
            @mkdir("/etc/artica-postfix/reboot", 644, true);
            @file_put_contents("/etc/artica-postfix/reboot/" . time(), serialize($array));
            email_events("Hard Disk issue: reboot action performed", "Kernel claim \"{$buffer}\" the server will be rebooted\n" . @implode("\n", $results), 'system');
            if ($GLOBALS["SQUID_INSTALLED"]) {
                squid_admin_mysql(0, "Memory full: System will be rebooted after running after {$uptime}", "System claim \"{$buffer}\" the operating system will be rebooted", __FILE__, __LINE__);
            }
            UcarpDown();
            shell_exec("{$GLOBALS["SHUTDOWN_BIN"]} -rF now");
            return;
        }
    }
    if (preg_match("#winbindd\\[.+?resolve_name: unknown name switch type lmhost#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/winbindd.lmhost.failed";
        if (IfFileTime($file, 10)) {
            events("winbindd -> lmhost failed");
            WriteFileCache($file);
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET("{$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.samba.php --fix-lmhost");
            return;
        }
    }
    if (preg_match("#nmbd\\[.+?become_logon_server_success: Samba is now a logon server for workgroup (.+?)\\s+on subnet\\s+([A-Z0-9\\._-]+)#", $buffer, $re)) {
        email_events("Samba (file sharing) started domain {$re[1]}/{$re[2]}", "Samba notice: \"{$buffer}\"", 'system');
        return;
    }
    if (preg_match("#zarafa-server.+?Unable to connect to database.+?MySQL server on.+?([0-9\\.]+)#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/zarafa.MYSQL.CONNECT";
        if (IfFileTime($file, 2)) {
            events("Zarafa Mysql Error errr");
            email_events("MailBox server unable connect to database", "Zarafa server  claim \"{$buffer}\" ", 'mailbox');
            WriteFileCache($file);
            return;
        } else {
            events("MailBox server unable connect to database but take action after 10mn");
            return;
        }
    }
    if (preg_match("#winbindd:\\s+Exceeding\\s+[0-9]+\\s+client\\s+connections.+?no idle connection found#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/Winbindd.connect.error";
        if (IfFileTime($file, 2)) {
            events("winbindd Error connections");
            email_events("Winbindd exceeding connections", "Samba server  claim \"{$buffer}\" \nArtica will restart samba", 'system');
            shell_exec('/etc/init.d/artica-postfix restart samba &');
            WriteFileCache($file);
            return;
        } else {
            events("Winbindd exceeding connections take action after 10mn");
            return;
        }
    }
    // -------------------------------------------------------------------- MONIT
    if (preg_match("#'(.+?)'\\s+total mem amount of\\s+([0-9]+).+?matches resource limit#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/mem.globalmem.monit";
        if (IfFileTime($file, 10)) {
            $processname = $re[1];
            if (preg_match("#mysqlmulti([0-9]+)#", $processname, $ri)) {
                $tt = unserialize(@file_get_contents("/etc/artica-postfix/mysql_multi_names.cache"));
                $instancenem = $tt[$ri[1]];
                $re[1] = "Mysql Instance {$ri[1]} ({$instancenem})";
            }
            events("{$re[1]} limit memory exceed");
            shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.watchdog.php --mem >/dev/null 2>&1 &");
            system_admin_events("{$re[1]}: memory limit", "Monitor claim \"{$buffer}\"\n" . @implode("\n", $psarr), __FUNCTION__, __FILE__, __LINE__, "watchdog");
            WriteFileCache($file);
            return;
        } else {
            events("{$re[1]} limit memory exceed, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#monit\\[.+?'(.+?)'\\s+trying to restart#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/restart.{$re[1]}.monit";
        if (IfFileTime($file, 5)) {
            events("{$re[1]} was restarted");
            $processname = $re[1];
            if (preg_match("#mysqlmulti([0-9]+)#", $processname, $ri)) {
                $tt = unserialize(@file_get_contents("/etc/artica-postfix/mysql_multi_names.cache"));
                $instancenem = $tt[$ri[1]];
                $re[1] = "Mysql Instance {$ri[1]} ({$instancenem})";
            }
            WriteFileCache($file);
            return;
        } else {
            events("{$re[1]}: stopped, try to restart, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#monit\\[.+?mem usage of\\s+([0-9\\.]+)%\\s+matches resource limit#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/mem.usage.monit";
        if (IfFileTime($file, 15)) {
            events("{$re[1]}% limit memory exceed");
            shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.watchdog.php --mem >/dev/null 2>&1 &");
            system_admin_events("{$re[1]}% memory limit\nMonitor claim \"{$buffer}\"\n", __FUNCTION__, __FILE__, __LINE__, "watchdog");
            WriteFileCache($file);
            return;
        } else {
            events("{$re[1]}% limit memory exceed, but take action after 15mn");
            return;
        }
    }
    if (preg_match("#monit\\[.+?'(.+?)'\\s+process is not running#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/restart.{$re[1]}.monit";
        if (IfFileTime($file, 5)) {
            events("{$re[1]} was stopped");
            $processname = $re[1];
            if (preg_match("#mysqlmulti([0-9]+)#", $processname, $ri)) {
                $tt = unserialize(@file_get_contents("/etc/artica-postfix/mysql_multi_names.cache"));
                $instancenem = $tt[$ri[1]];
                $re[1] = "Mysql Instance {$ri[1]} ({$instancenem})";
            }
            WriteFileCache($file);
            return;
        } else {
            events("{$re[1]}: stopped, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#pdns\\[.+?:\\s+binding UDP socket to.+?Address already in use#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/restart.pdns.bind.error";
        if (IfFileTime($file, 5)) {
            events("PowerDNS: Unable to bind UDP socket");
            email_events("PowerDNS: Unable to bind UDP socket", "Artica will restart PowerDNS", 'system');
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET('/etc/init.d/artica-postfix restart pdns');
            WriteFileCache($file);
            return;
        } else {
            events("PowerDNS: Unable to bind UDP socket: but take action after 10mn");
            return;
        }
    }
    //pdns_recursor[5011]: Failed to update . records, RCODE=2
    if (preg_match("#pdns_recursor\\[.+?:\\s+Failed to update \\. records, RCODE=2#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/restart.pdns.RCODE2.error";
        if (IfFileTime($file, 5)) {
            events("PowerDNS: Unable to query Public DNS");
            //email_events("PowerDNS: Unable to query Public DNS","PowerDNS claim: $buffer,It seems that your Public DNS are not available or network is down",'system');
            WriteFileCache($file);
            return;
        } else {
            events("PowerDNS: Unable to query Public DNS: but take action after 10mn");
            return;
        }
    }
    if (preg_match("#cpu system usage of ([0-9\\.]+)% matches#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/cpu.system.monit";
        if (IfFileTime($file, 15)) {
            events("cpu exceed");
            system_admin_events("CPU warning {$re[1]}%\nMonitor claim \"{$buffer}\"", __FUNCTION__, __FILE__, __LINE__, "watchdog");
            shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.watchdog.php --cpu >/dev/null 2>&1 &");
            WriteFileCache($file);
            return;
        } else {
            events("cpu exceed, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#monit.+?loadavg.+?of\\s+([0-9\\.]+)\\s+matches resource limit#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/load.system.monit";
        if (IfFileTime($file, 15)) {
            events("Load exceed");
            system_admin_events("Load warning {$re[1]}\nMonitor claim \"{$buffer}\"", __FUNCTION__, __FILE__, __LINE__, "watchdog");
            shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . dirname(__FILE__) . "/exec.watchdog.php --loadavg >/dev/null 2>&1 &");
            WriteFileCache($file);
            return;
        } else {
            events("Load exceed, but take action after 15mn");
            return;
        }
    }
    if (preg_match("#monit.+?'(.+)'\\s+start:#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/monit.start.{$re[1]}";
        if (IfFileTime($file, 5)) {
            events("{$re[1]} start");
            WriteFileCache($file);
            return;
        } else {
            events("{$re[1]} start, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#monit\\[.+?:\\s+'(.+?)'\\s+process is running with pid\\s+([0-9]+)#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/monit.run.{$re[1]}";
        if (IfFileTime($file, 5)) {
            events("{$re[1]} running");
            WriteFileCache($file);
            return;
        } else {
            events("{$re[1]} running, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#nmbd.+?:\\s+Cannot sync browser lists#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/samba.CannotSyncBrowserLists.error";
        if (IfFileTime($file)) {
            events("Samba cannot sync browser list, remove /var/lib/samba/wins.dat");
            @unlink("/var/lib/samba/wins.dat");
            WriteFileCache($file);
        } else {
            events("Samba error:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#freshclam.+?:\\s+Database updated \\(([0-9]+)\\s+signatures\\) from .+?#", $buffer, $re)) {
        email_events("ClamAV Database Updated {$re[1]} signatures", "{$buffer}", 'update');
        shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . basename(__FILE__) . "/exec.clamavsig.php >/dev/null 2>&1 &");
        return;
    }
    if (preg_match("#freshclam\\[.+?:\\s+Database updated\\s+\\(#", $buffer, $re)) {
        shell_exec("{$GLOBALS["nohup"]} {$GLOBALS["LOCATE_PHP5_BIN"]} " . basename(__FILE__) . "/exec.clamavsig.php >/dev/null 2>&1 &");
    }
    if (preg_match("#freshclam.+?Can.+?t\\s+connect to port\\s+([0-9]+)\\s+of\\s+host\\s+(.+?)\\s+#", $buffer, $re)) {
        $host = $re[2] . ":" . $re[1];
        $file = "/etc/artica-postfix/croned.1/freshclam.error." . md5($host);
        if (IfFileTime($file)) {
            email_events("Unable to update ClamAV Databases from {$host}", "freshclam claim {$buffer}\nCheck is this server hav access to Internet\nCheck your proxy configuration", 'update');
            WriteFileCache($file);
            return;
        } else {
            events("KAV4PROXY error:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#KASERROR.+?NOLOGID.+?Can.+?find user mailflt3#", $buffer)) {
        $file = "/etc/artica-postfix/croned.1/KASERROR.NOLOGID.mailflt3";
        if (IfFileTime($file)) {
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET('/usr/share/artica-postfix/bin/artica-install --mailflt3');
            WriteFileCache($file);
            return;
        } else {
            events("KASERROR error:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#lmtp.+?status=deferred.+?lmtp\\]:.+?(No such file or directory|Too many levels of symbolic links)#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/cyrus.lmtp.failed";
        if (IfFileTime($file)) {
            email_events("cyrus-imapd socket error", "Postfix claim \"{$buffer}\", Artica will restart cyrus", 'system');
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET('/usr/share/artica-postfix/bin/artica-install --cyrus-checkconfig');
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET('/etc/init.d/cyrus-imapd restart');
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET("{$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.postfix.main.cf.php --imap-sockets");
            cyrus_socket_error($buffer, $re[1] . "lmtp");
            WriteFileCache($file);
            return;
        } else {
            events("CYRUS error:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#rsyncd\\[.+?:\\s+recv.+?\\[(.+?)\\].+?([0-9]+)\$#", $buffer, $re)) {
        $file = md5($buffer);
        @mkdir('{$GLOBALS["ARTICALOGDIR"]}/rsync', null, true);
        $f["IP"] = $re[1];
        $f["DATE"] = date('Y-m-d H:00:00');
        $f["SIZE"] = $re[2];
        @file_put_contents("{$GLOBALS["ARTICALOGDIR"]}/rsync/{$file}", serialize($f));
    }
    if (preg_match("#kavmilter.+?Can.+?t load keys: No active key#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/kavmilter.key.failed";
        if (IfFileTime($file)) {
            email_events("Kaspersky Antivirus Mail license error", "KavMilter claim \"{$buffer}\"", 'system');
            WriteFileCache($file);
            return;
        } else {
            events("Kaspersky Antivirus Mail license error:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#kavmd.+?Can.+?t load keys:.+?#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/kavmd.key.failed";
        if (IfFileTime($file)) {
            email_events("Kaspersky Antivirus Mail license error", "Kaspersky Antivirus Mail claim \"{$buffer}\"", 'system');
            WriteFileCache($file);
            return;
        } else {
            events("Kaspersky Antivirus Mail license error:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#kavmd.+?ERROR Engine problem#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/kavmd.engine.failed";
        if (IfFileTime($file)) {
            email_events("Kaspersky Antivirus Mail Engine error", "Kaspersky Antivirus Mail claim \"{$buffer}\"", 'system');
            WriteFileCache($file);
            return;
        } else {
            events("Kaspersky Antivirus Mail Engine error:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#kavmilter.+?WARNING.+?Your AV signatures are older than#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/kavmilter.upd.failed";
        if (IfFileTime($file)) {
            email_events("Kaspersky Antivirus Mail AV signatures are older", "KavMilter claim \"{$buffer}\"", 'system');
            WriteFileCache($file);
            return;
        } else {
            events("Kaspersky Antivirus update license error:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#dansguardian.+?Error compiling regexp#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/dansguardian.compiling.regexp";
        if (IfFileTime($file)) {
            email_events("Dansguardian failed to start", "Dansguardian claim \"{$buffer}\"", 'system');
            WriteFileCache($file);
            return;
        } else {
            events("Dansguardian failed to start:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#kavmilter.+?Invalid value specified for SendmailPath#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/kavmilter.SendmailPath.Invalid";
        if (IfFileTime($file)) {
            events("Check SendmailPath for kavmilter");
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET("{$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.kavmilter.php --SendmailPath");
            WriteFileCache($file);
            return;
        } else {
            events("Check SendmailPath for kavmilter:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#KAVMilter Error.+?Group.+?Default.+?has error#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/kavmilter.Default.error";
        if (IfFileTime($file)) {
            events("Check Group default for kavmilter");
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET("{$GLOBALS["LOCATE_PHP5_BIN"]} /usr/share/artica-postfix/exec.kavmilter.php --default-group");
            WriteFileCache($file);
            return;
        } else {
            events("Check Group default for kavmilter:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#kavmilter.+?Message INFECTED from (.+?)\\(remote:\\[(.+?)\\).+?with\\s+(.+?)\$#", $buffer, $re)) {
        events("KAVMILTER INFECTION <{$re[1]}> {$re[2]}");
        infected_queue("kavmilter", trim($re[1]), trim($re[2]), trim($re[3]));
        return;
    }
    if (preg_match("#pdns\\[.+?\\[LdapBackend.+?Ldap connection to server failed#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/pdns.ldap.error";
        if (IfFileTime($file)) {
            events("PDNS LDAP FAILED");
            email_events("PowerDNS ldap connection failed", "PowerDNS claim \"{$buffer}\"", 'system');
            WriteFileCache($file);
            return;
        } else {
            events("PDNS FAILED:{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#master.+?cannot find executable for service.+?sieve#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/cyrus.sieve.error";
        if (IfFileTime($file)) {
            events("Check sieve path");
            $GLOBALS["CLASS_UNIX"]->THREAD_COMMAND_SET("/usr/share/artica-postfix/bin/artica-install --reconfigure-cyrus");
            WriteFileCache($file);
            return;
        } else {
            events("Check sieve path error :{$buffer}, but take action after 10mn");
            return;
        }
    }
    if (preg_match("#smbd\\[.+?write_data: write failure in writing to client 0.0.0.0. Error Connection reset by peer#", $buffer, $re)) {
        $file = "/etc/artica-postfix/croned.1/samba.Error.Connection.reset.by.peer.error";
        if (IfFileTime($file)) {
            events("Check sieve Error Connection reset by peer");
            $text[] = "Your MS Windows computers should not have access to the server cause network generic errors";
            $text[] = "- Check these parameters:";
            $text[] = "- Check if Apparmor or SeLinux are disabled on the server.";
            $text[] = "- Check your hard drives by this command-line: hdparm -tT /dev/sda(0-9)";
            $text[] = "- Check that 137|138|139|445 ports is open from workstation to this server";
            $text[] = "- Check network switch or hub connection between this server and your workstations.";
            $text[] = "- Try to add this registry key [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Disk]\n\t\"TimeOutValue\"=dword:0000003c";
            email_events("Samba network error", "Samba claim \"{$buffer}\"\n" . implode("\n", $text), 'system');
            WriteFileCache($file);
            return;
        } else {
            events("Check sieve Error Connection reset by peer :{$buffer}, but take action after 10mn");
            return;
        }
    }
    $mem = round(memory_get_usage() / 1024 / 1000, 2);
    events_not_filtered("Not Filtered:\"{$buffer}\" (line " . __LINE__ . ") memory: {$mem}MB");
}
Пример #5
0
function load_stats()
{
    events("************************ SCHEDULE ****************************", __FUNCTION__, __LINE__);
    if (!isset($GLOBALS["CLASS_SOCKETS"])) {
        $GLOBALS["CLASS_SOCKETS"] = new sockets();
    }
    if (!isset($GLOBALS["CLASS_UNIX"])) {
        $unix = new unix();
    } else {
        $unix = $GLOBALS["CLASS_UNIX"];
    }
    $time = time();
    $BASEDIR = "/usr/share/artica-postfix";
    $hash_mem = array();
    @mkdir("/var/log/artica-postfix/sys_alerts", 0755, true);
    $NtpdateAD = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("NtpdateAD"));
    $NTPDClientEnabled = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("NTPDClientEnabled"));
    $SquidPerformance = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("SquidPerformance"));
    if ($NtpdateAD == 1) {
        $NTPDClientEnabled = 1;
    }
    // NTP CLIENT *****************************************************************************
    if ($NTPDClientEnabled == 1) {
        $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.squid.watchdog.php.start_watchdog.ntp.time");
        $NTPDClientPool = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("NTPDClientPool"));
        if ($NTPDClientPool == 0) {
            $NTPDClientPool = 120;
        }
        if ($time_file > $NTPDClientPool) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.ntpdate.php >/dev/null 2>&1 &");
        }
    }
    // ****************************************************************************************
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.syslog-engine.php.load_stats.time");
    events("exec.syslog-engine.php --load-stats = {$time_file}/5mn");
    if ($time_file > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.syslog-engine.php --load-stats >/dev/null 2>&1 &");
    }
    // ****************************************************************************************
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.philesight.php.scan_directories.time");
    if ($time_file > 60) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.philesight.php --directories >/dev/null 2>&1 &");
    }
    // ****************************************************************************************
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.seeker.php.xtart.time");
    events("seeker: {$time_file}mn/30mn");
    $GLOBALS["CLASS_UNIX"]->events("seeker: {$time_file}mn/30mn (/etc/artica-postfix/pids/exec.seeker.php.xtart.time)", "/var/log/seeker.log", false, __FUNCTION__, __LINE__, basename(__FILE__));
    if ($time_file > 5) {
        events("************ Executing seeker... ************");
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.seeker.php >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/croned.1/cron.notifs.php.time");
    if ($time_file > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/cron.notifs.php >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.cleanfiles.php.time");
    if ($time_file > 120) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.cleanfiles.php >/dev/null 2>&1 &");
    }
    $timefile = $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.clean.logs.php.CleanLogs.time");
    if ($time_file > 240) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.clean.logs.php --clean-tmp >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.squid.watchdog.php.CHECK_DNS_SYSTEMS.time");
    events("CHECK_DNS_SYSTEMS: {$time_file}mn", __FUNCTION__, __LINE__);
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.clean.logs.php.clean_space.time");
    events("clean_space: {$time_file}mn", __FUNCTION__, __LINE__);
    if ($time_file > 240) {
        $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.clean.logs.php --clean-space >/dev/null 2>&1 &";
        events($cmd, __FUNCTION__, __LINE__);
        shell_exec2("{$cmd}");
    }
    $kill = $GLOBALS["CLASS_UNIX"]->find_program("kill");
    $pgrep = $GLOBALS["CLASS_UNIX"]->find_program("pgrep");
    exec("pgrep -l -f \"exec.schedules.php --run\" 2>&1", $results);
    while (list($index, $line) = each($results)) {
        if (preg_match("#pgrep#", $line)) {
            continue;
        }
        if (!preg_match("#^([0-9]+)\\s+#", $line, $re)) {
            continue;
        }
        $pid = $re[1];
        $TTL = $GLOBALS["CLASS_UNIX"]->PROCCESS_TIME_MIN($pid);
        events("{$line} -> {$TTL}Mn");
        if ($TTL < 420) {
            continue;
        }
        ToSyslog("Killing exec.schedules.php PID {$pid}");
        unix_system_kill_force($pid);
    }
    events("************************ SCHEDULE ****************************", __FUNCTION__, __LINE__);
}
function ACTION_NETWORK()
{
    $unix = new unix();
    $clear = $unix->find_program("clear");
    if (is_file($clear)) {
        system("{$clear}");
    }
    $users = new usersMenus();
    $q = new mysql();
    if (!$q->BD_CONNECT(true)) {
        echo "There is an issue while connecting to MySQL\n{$q->mysql_error}\nPress Key to exit.\n";
        $line = fgets(STDIN);
        return;
    }
    $DEFAULT = null;
    $net = new networking();
    $interfaces = $net->Local_interfaces();
    unset($interfaces["lo"]);
    if (isset($interfaces["eth0"])) {
        $DEFAULT = "eth0";
    }
    while (list($num, $letter) = each($interfaces)) {
        $int[] = "\"{$num}\"";
    }
    if ($DEFAULT == null) {
        $DEFAULT = $int[0];
    }
    $q->BuildTables();
    echo "This wizard will help to configure network.\n";
    echo "Press q letter to exit or any key to continue:";
    $answer = trim(strtolower(fgets(STDIN)));
    if ($answer == "q") {
        return;
    }
    if (is_file($clear)) {
        system("{$clear}");
    }
    echo "Give here the interface name of the network interface\n";
    echo "you need to setup.\n\n";
    echo "Should be one of :" . @implode(", ", $int) . "\n";
    echo "Default: [{$DEFAULT}]\n";
    $NIC = trim(strtolower(fgets(STDIN)));
    if ($NIC == null) {
        $NIC = $DEFAULT;
    }
    if (!preg_match("#([a-z])([0-9+)\$#", $NIC)) {
        $NIC = $DEFAULT;
    }
    $ETH_IP = trim(ASK_ETH_IP($NIC));
    $GATEWAY = trim(ASK_GATEWAY($NIC));
    $NETMASK = trim(ASK_NETMASK($NIC));
    $DNS = trim(ASK_DNS1($NIC));
    if (is_file($clear)) {
        system("{$clear}");
    }
    echo "Your Settings:\n";
    echo "Interface.........: \"{$NIC}\"\n";
    echo "IP address........: \"{$ETH_IP}\"\n";
    echo "Gateway...........: \"{$GATEWAY}\"\n";
    echo "Netmask...........: \"{$NETMASK}\"\n";
    echo "DNS server 1......: \"{$DNS}\"\n";
    echo "\n";
    //ini_set('display_errors', 1);ini_set('error_reporting', E_ALL);ini_set('error_prepend_string',null);ini_set('error_append_string',null);
    echo "If your are agree with these settings\n";
    echo "Press any key to apply settings or press \"q\" to return to menu.\n";
    $answer = trim(strtolower(fgets(STDIN)));
    if ($answer == "q") {
        return;
    }
    echo "5%] Please Wait, saving configuration...\n";
    $nics = new system_nic($NIC);
    $nics->eth = $NIC;
    $nics->IPADDR = $ETH_IP;
    $nics->NETMASK = $NETMASK;
    $nics->GATEWAY = $GATEWAY;
    $nics->DNS1 = $DNS;
    $nics->dhcp = 0;
    $nics->metric = 1;
    $nics->defaultroute = 1;
    $nics->enabled = 1;
    echo "7%] Please Wait, saving Networks parameters to MySQL DB...\n";
    if (!$nics->SaveNic()) {
        echo "There is an issue while saving your settings\n";
        echo "Press any key to exit.\n";
        $answer = trim(strtolower(fgets(STDIN)));
        return;
    }
    echo "10%] Please Wait, building configuration....\n";
    $php = $unix->LOCATE_PHP5_BIN();
    $nohup = $unix->find_program("nohup");
    $php5 = $php;
    shell_exec2("{$php5} " . dirname(__FILE__) . " /exec.virtuals-ip.php --build --force >/dev/null 2>&1");
    echo "20%] Please Wait, apply network configuration....\n";
    shell_exec2("{$php5} /usr/share/artica-postfix/exec.initslapd.php");
    shell_exec2("/etc/init.d/artica-ifup start");
    echo "30%] Please Wait, restarting services....\n";
    $unix->THREAD_COMMAND_SET("{$php5} /usr/share/artica-postfix/exec.postfix.maincf.php --reconfigure");
    $unix->THREAD_COMMAND_SET("/usr/share/artica-postfix/bin/artica-install --reconfigure-cyrus");
    shell_exec2("{$nohup} /etc/init.d/artica-status reload >/dev/null 2>&1 &");
    shell_exec2("{$nohup} /etc/init.d/nginx restart >/dev/null 2>&1 &");
    shell_exec2("{$nohup} /etc/init.d/monit restart >/dev/null 2>&1 &");
    echo "30%] Please Wait, Changing IP address to {$NIC}....\n";
    $ifconfig = $unix->find_program("ifconfig");
    shell_exec2("{$ifconfig} {$NIC} down");
    shell_exec2("{$ifconfig} {$NIC} {$ETH_IP} netmask {$NETMASK} up");
    shell_exec2("/bin/ip route add 127.0.0.1 dev lo");
    if ($GATEWAY != "0.0.0.0") {
        echo "31%] Please Wait, Define default gateway to {$GATEWAY}....\n";
        shell_exec2("/sbin/route add {$GATEWAY} dev {$NIC}");
        $route = $unix->find_program("route");
        shell_exec("{$route} add -net 0.0.0.0 gw {$GATEWAY} dev {$NIC} metric 1");
    }
    echo "80%] Please Wait, Changing DNS to {$DNS}....\n";
    echo "81%] Please Wait, Loading DNS library\n";
    $GLOBALS["PROGRESS"] = true;
    $resolv = new resolv_conf();
    echo "92%] Set DNS1 to {$DNS}\n";
    $resolv->MainArray["DNS1"] = $DNS;
    $resolv->output = true;
    echo "93%] Saving config\n";
    $resolvDatas = $resolv->build();
    echo "94%] Saving /etc/resolv.conf\n";
    @file_put_contents("/etc/resolv.conf", $resolvDatas);
    echo "95%] Restarting Web Console\n";
    shell_exec2("{$nohup} /etc/init.d/artica-webconsole restart");
    echo "100%] Configuration done.\n";
    echo "Press any key to return to menu.";
    $answer = trim(strtolower(fgets(STDIN)));
    MAIN_MENU();
}
function squid_running_schedules()
{
    $TimeFile = "/etc/artica-postfix/pids/exec.squid.run.schedules.php.time";
    $pidfile = "/etc/artica-postfix/pids/exec.squid.run.schedules.php.pid";
    $unix = new unix();
    $pid = @file_get_contents($pidfile);
    if ($pid < 100) {
        $pid = null;
    }
    if ($unix->process_exists($pid, basename(__FILE__))) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        _statussquid("{$pid} already executed since {$timepid}Mn");
        if ($timepid < 5) {
            return;
        }
        $kill = $unix->find_program("kill");
        unix_system_kill_force($pid);
    }
    @file_put_contents($pidfile, getmypid());
    if (!$GLOBALS["VERBOSE"]) {
        $time = $unix->file_time_min($TimeFile);
        if ($time < 4) {
            _statussquid("Current {$time}Mn need 5Mn");
            return;
        }
    }
    @unlink($TimeFile);
    @file_put_contents($TimeFile, time());
    $BASEDIR = "/usr/share/artica-postfix";
    $SQUIDEnable = $GLOBALS["CLASS_SOCKETS"]->GET_INFO("SQUIDEnable");
    if (!is_numeric($SQUIDEnable)) {
        $SQUIDEnable = 1;
    }
    if (function_exists("systemMaxOverloaded")) {
        if (systemMaxOverloaded()) {
            _statussquid("Overloaded system, aborting...");
            return;
        }
    }
    if ($SQUIDEnable == 0) {
        return;
    }
    _statussquid("squid_running_schedules");
    shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.logfile_daemon-parse.php --tables-primaires >/dev/null 2>&1 &");
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.watchdog.php.start_watchdog.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/usr/share/artica-postfix/ressources/logs/web/ufdb.rules_toolbox_left.html";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/dansguardian2.mainrules.php rules-toolbox-left >/dev/null 2>&1 &");
    }
    $filetimeF = "/usr/share/artica-postfix/ressources/logs/web/squid_mem_status.html";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --mem-status >/dev/null 2>&1 &");
    }
    $filetimeF = "/usr/share/artica-postfix/ressources/logs/web/SQUID_MGR_INFO.DB";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 15) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --info >/dev/null 2>&1 &");
    }
    $filetimeF = "/usr/share/artica-postfix/ressources/logs/web/squid_stores_status.html";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 20) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --store-status >/dev/null 2>&1 &");
    }
    $filetimeF = '/etc/artica-postfix/pids/Winbindd_privileged_SQUID.time';
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 5) {
        $GLOBALS["CLASS_UNIX"]->Winbindd_privileged_SQUID();
        @unlink($filetimeF);
        @file_put_contents($filetimeF, time());
    }
    $filetimeF = '/etc/artica-postfix/pids/EnableKerbAuth.time';
    $EnableKerbAuth = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("EnableKerbAuth"));
    if ($EnableKerbAuth == 1) {
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 5) {
            @unlink($filetimeF);
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.kerbauth.php --pinglic >/dev/null 2>&1 &");
            @file_put_contents($filetimeF, time());
        }
    }
    $filetimeF = '/etc/artica-postfix/pids/DisableGoogleSSL.time';
    $DisableGoogleSSL = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("DisableGoogleSSL"));
    if ($DisableGoogleSSL == 1) {
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($GLOBALS["CLASS_UNIX"]->file_time_min($filetime) > 4320) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.nosslsearch.google.com.php --run >/dev/null 2>&1 &");
            @unlink($filetimeF);
            @file_put_contents($filetimeF, time());
        }
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.hours.php.RTTZ_WORKSHOURS.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 60) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.hours.php --rtt >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.hours.php.tables_hours.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 60) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.hours.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.php.Defaultschedules.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 120) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.php --defaults-schedules");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.central.php.import.statistics.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 120) {
        @unlink("/etc/artica-postfix/pids/exec.squid.stats.central.php.import.statistics.time");
        @file_put_contents("/etc/artica-postfix/pids/exec.squid.stats.central.php.import.statistics.time", time());
        stats_admin_events(2, "Launching importation tables task", null, __FILE__, __LINE__);
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.central.php --import");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.not-categorized.php.not_categorized_scan.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 120) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.not-categorized.php --recategorize >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.totals.php.donnees_interface.pid";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 30) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.totals.php --interface >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.interface-size.php.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 14) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.interface-size.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.quota-week.parser.php.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 1880) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.quota-week.parser.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.mime.parser.php.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 19) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.mime.parser.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.mime.proto.php.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 19) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.mime.proto.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.hourly.tables.php.current_access_db.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 9) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.hourly.tables.php --current_access >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.hourly.tables.php.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 64) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.hourly.tables.php >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/exec.squid.stats.quotaday.php.start.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 61) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.quotaday.php >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/exec.squid.stats.quotaday.php.quotatemp.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 61) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.quotaday.php --quotatemp >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/exec.squid-searchwords.php.searchwords_hour.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 61) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid-searchwords.php --hour >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/YoutubeByHour.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 61) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.youtube.days.php --youtube-hours >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/exec.squid.stats.notcached-week.php.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 30) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.notcached-week.php >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/exec.squid.stats.protos.php.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 240) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.protos.php >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/exec.squid.php.rotate_logs.pid";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 60) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.php --rotate >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/exec.squid.rotate.php.build.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 120) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.rotate.php >/dev/null 2>&1 &");
    }
    $SquidEnforceRules = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/SquidEnforceRules"));
    if ($SquidEnforceRules == 1) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squidcache.php >/dev/null 2>&1 &");
    }
    $timefile = "/usr/share/artica-postfix/ressources/logs/web/squid_redirectors_status.db";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 10) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --redirector-array >/dev/null 2>&1 &");
    }
    $timefile = "/etc/artica-postfix/pids/exec.dansguardian.injector.php.ParseAllUfdbs.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.dansguardian.injector.php --blocked >/dev/null 2>&1 &");
    }
}
function squid_running_schedules()
{
    $TimeFile = "/etc/artica-postfix/pids/exec.squid.run.schedules.php.time";
    $pidfile = "/etc/artica-postfix/pids/exec.squid.run.schedules.php.pid";
    $unix = new unix();
    $pid = @file_get_contents($pidfile);
    if ($pid < 100) {
        $pid = null;
    }
    if ($unix->process_exists($pid, basename(__FILE__))) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        _statussquid("{$pid} already executed since {$timepid}Mn");
        if ($timepid < 5) {
            return;
        }
        $kill = $unix->find_program("kill");
        unix_system_kill_force($pid);
    }
    @file_put_contents($pidfile, getmypid());
    if (!$GLOBALS["VERBOSE"]) {
        $time = $unix->file_time_min($TimeFile);
        if ($time < 4) {
            _statussquid("Current {$time}Mn need 5Mn");
            return;
        }
    }
    @unlink($TimeFile);
    @file_put_contents($TimeFile, time());
    $StatsApplianceReceivers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/StatsApplianceReceivers"));
    $SquidPerformance = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/SquidPerformance"));
    $BASEDIR = "/usr/share/artica-postfix";
    $SQUIDEnable = $GLOBALS["CLASS_SOCKETS"]->GET_INFO("SQUIDEnable");
    if (!is_numeric($SQUIDEnable)) {
        $SQUIDEnable = 1;
    }
    if (function_exists("systemMaxOverloaded")) {
        if (systemMaxOverloaded()) {
            squid_admin_mysql(1, "{$GLOBALS["SYSTEM_INTERNAL_LOAD"]}: System is overloaded, Artica tasks as been aborted", null, __FILE__, __LINE__);
            _statussquid("Overloaded system, aborting...");
            return;
        }
    }
    if ($SQUIDEnable == 0) {
        return;
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.watchdog.php.start_watchdog.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/usr/share/artica-postfix/ressources/logs/web/squid_mem_status.html";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --mem-status >/dev/null 2>&1 &");
    }
    $filetimeF = "/usr/share/artica-postfix/ressources/logs/web/SQUID_MGR_INFO.DB";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 15) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --info >/dev/null 2>&1 &");
    }
    $filetimeF = "/usr/share/artica-postfix/ressources/logs/web/squid_stores_status.html";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 20) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --store-status >/dev/null 2>&1 &");
    }
    $filetimeF = '/etc/artica-postfix/pids/Winbindd_privileged_SQUID.time';
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 5) {
        $GLOBALS["CLASS_UNIX"]->Winbindd_privileged_SQUID();
        @unlink($filetimeF);
        @file_put_contents($filetimeF, time());
    }
    $filetimeF = '/etc/artica-postfix/pids/EnableKerbAuth.time';
    $EnableKerbAuth = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("EnableKerbAuth"));
    if ($EnableKerbAuth == 1) {
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 5) {
            @unlink($filetimeF);
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.kerbauth.php --pinglic >/dev/null 2>&1 &");
            @file_put_contents($filetimeF, time());
        }
    }
    $filetimeF = '/etc/artica-postfix/pids/DisableGoogleSSL.time';
    $EnableGoogleDNS = 1;
    $DisableGoogleSSL = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("DisableGoogleSSL"));
    $EnableGoogleSafeSearch = $GLOBALS["CLASS_SOCKETS"]->GET_INFO("EnableGoogleSafeSearch");
    if (!is_numeric($EnableGoogleSafeSearch)) {
        $EnableGoogleSafeSearch = 1;
    }
    if ($DisableGoogleSSL == 0) {
        if ($EnableGoogleSafeSearch == 0) {
            $EnableGoogleDNS = 0;
        }
    }
    if ($EnableGoogleDNS == 1) {
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($GLOBALS["CLASS_UNIX"]->file_time_min($filetime) > 4320) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.nosslsearch.google.com.php --run >/dev/null 2>&1 &");
            @unlink($filetimeF);
            @file_put_contents($filetimeF, time());
        }
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.php.Defaultschedules.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 120) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.php --defaults-schedules");
    }
    if ($SquidPerformance < 2) {
        $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.central.php.import.statistics.time";
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 120) {
            @unlink("/etc/artica-postfix/pids/exec.squid.stats.central.php.import.statistics.time");
            @file_put_contents("/etc/artica-postfix/pids/exec.squid.stats.central.php.import.statistics.time", time());
            stats_admin_events(2, "Launching importation tables task", null, __FILE__, __LINE__);
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.central.php --import");
        }
    }
    if ($SquidPerformance < 2) {
        $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.not-categorized.php.not_categorized_scan.time";
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 120) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.not-categorized.php --recategorize >/dev/null 2>&1 &");
        }
    }
    if ($SquidPerformance < 2) {
        $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.totals.php.donnees_interface.pid";
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 30) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.totals.php --interface >/dev/null 2>&1 &");
        }
    }
    if ($SquidPerformance < 2) {
        $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.quota-week.parser.php.time";
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 1880) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.quota-week.parser.php >/dev/null 2>&1 &");
        }
    }
    if ($SquidPerformance < 2) {
        $filetimeF = "/etc/artica-postfix/pids/exec.squid.stats.mime.proto.php.time";
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 19) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.mime.proto.php >/dev/null 2>&1 &");
        }
    }
    if ($SquidPerformance < 2) {
        $filetimeF = "/etc/artica-postfix/pids/YoutubeByHour.time";
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 61) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.stats.youtube.days.php --youtube-hours >/dev/null 2>&1 &");
        }
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.php.rotate_logs.pid";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 60) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.php --rotate >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.squid.rotate.php.build.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 120) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.rotate.php >/dev/null 2>&1 &");
    }
    if ($SquidPerformance < 3) {
        $SquidEnforceRules = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/SquidEnforceRules"));
        if ($SquidEnforceRules == 1) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squidcache.php >/dev/null 2>&1 &");
        }
    }
    $filetimeF = "/usr/share/artica-postfix/ressources/logs/web/squid_redirectors_status.db";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 10) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --redirector-array >/dev/null 2>&1 &");
    }
    if ($SquidPerformance < 2) {
        $filetimeF = "/etc/artica-postfix/pids/exec.squid.interface-size.php.CachedOrNot.time";
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 4) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.interface-size.php --cache-or-not >/dev/null 2>&1 &");
        }
    }
    $filetimeF = "/etc/artica-postfix/settings/Daemons/StatsApplianceReceivers";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 4) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.interface-size.php --stats-apps-clients >/dev/null 2>&1 &");
    }
    if ($StatsApplianceReceivers > 0) {
        $filetimeF = "/etc/artica-postfix/pids/exec.stats-appliance-clean.php.start_parse.time";
        $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
        _statussquid(basename($filetimeF) . ": {$filetime}Mn");
        if ($filetime > 59) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.stats-appliance-clean.php >/dev/null 2>&1 &");
        }
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.clean.varlog.php.varlog.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 15) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.clean.varlog.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.ufdb.parse-categories.php.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 60) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.ufdb.parse-categories.php >/dev/null 2>&1 &");
    }
    $filetimeF = "/etc/artica-postfix/pids/exec.mysqld.crash.php.check_crashed_squid.time";
    $filetime = $GLOBALS["CLASS_UNIX"]->file_time_min($filetimeF);
    _statussquid(basename($filetimeF) . ": {$filetime}Mn");
    if ($filetime > 120) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.mysqld.crash.php --crashed-squid >/dev/null 2>&1 &");
    }
    squid_tasks();
}
Пример #9
0
function BuildClientRoute($id)
{
    sleep(5);
    $unix = new unix();
    $main_path = "/etc/artica-postfix/openvpn/clients";
    $ip_tool = $unix->find_program("ip");
    $bridge = OpenVPNCLientIsOnTap($id);
    if (!$bridge) {
        $dev = OpenVPNCLientStartGetDev($id);
    } else {
        $dev = OpenVPNCLientStartGetTAPDev($id);
    }
    echo "Starting......: " . date("H:i:s") . " OpenVPN client {$id}, DEV:{$dev}\n";
    exec("{$ip_tool} route", $results);
    if ($bridge) {
        echo "Starting......: " . date("H:i:s") . " OpenVPN Tap {$dev}, cleaning bad route\n";
        while (list($num, $ligne) = each($results)) {
            if (preg_match("#^([0-9\\.]+)\\/([0-9]+)\\s+via\\s+[0-9\\.]+\\s+dev\\s+{$dev}#", $ligne, $re)) {
                echo "Starting......: " . date("H:i:s") . " OpenVPN Tap {$re[0]} must be cleaned\n";
                system("{$ip_tool} route del {$re[0]}");
            }
        }
    }
    echo "Starting......: " . date("H:i:s") . " OpenVPN dev:{$dev}, finding correct route\n";
    reset($results);
    while (list($num, $ligne) = each($results)) {
        if (preg_match("#^([0-9\\.]+)\\/([0-9]+)\\s+dev\\s+{$dev}\\s+proto\\s+kernel\\s+scope\\s+link\\s+src\\s+([0-9\\.]+)#", $ligne, $re)) {
            $IP_TO_ROUTE = $re[3];
            echo "Starting......: " . date("H:i:s") . " OpenVPN others routes match {$dev} {$IP_TO_ROUTE}\n";
            break;
        }
    }
    $routes = OpenVpnClientGetRoutes("{$main_path}/{$id}");
    $localnets = getLocalNets();
    //print_r($routes);
    //print_r($localnets);
    if (count($routes) == 0) {
        echo "Starting......: " . date("H:i:s") . " OpenVPN no routes to add\n";
        return;
    }
    while (list($ip_start, $netmask) = each($routes)) {
        if ($localnets[$ip_start] != null) {
            echo "Starting......: " . date("H:i:s") . " OpenVPN skipping route {$ip_start}\n";
            continue;
        }
        if (!preg_match("#[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+#", $ip_start)) {
            echo "Starting......: " . date("H:i:s") . " OpenVPN skipping route {$ip_start}/{$netmask}\n";
            continue;
        }
        if (!preg_match("#[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+#", $netmask)) {
            echo "Starting......: " . date("H:i:s") . " OpenVPN skipping route {$ip_start}/{$netmask}\n";
            continue;
        }
        echo "Starting......: " . date("H:i:s") . " OpenVPN adding route {$ip_start}/{$netmask}\n";
        $cmd = "{$ip_tool} route add {$ip_start}/{$netmask} dev {$dev} proto kernel scope link src {$IP_TO_ROUTE} >/dev/null 2>&1";
        if ($GLOBALS["VERBOSE"]) {
            echo __FUNCTION__ . " {$cmd}\n";
        }
        shell_exec2($cmd);
    }
}
Пример #10
0
function dnsseck()
{
    $unix = new unix();
    $pdnssec = $unix->find_program("pdnssec");
    if (!is_file($pdnssec)) {
        echo "Starting......: " . date("H:i:s") . " PowerDNS pdnssec no such binary !!!\n";
        return;
    }
    $sql = "SELECT id,name FROM domains";
    $q = new mysql();
    $results = $q->QUERY_SQL($sql, 'powerdns');
    if (!$q->ok) {
        echo "{$q->mysql_error}\n";
    }
    while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
        echo "Starting......: " . date("H:i:s") . " PowerDNS pdnssec checking zone {$ligne["name"]}\n";
        if (!dnsseck_is_crypto($ligne["id"])) {
            echo "Starting......: " . date("H:i:s") . " PowerDNS pdnssec securing zone {$ligne["name"]}\n";
            shell_exec2("{$pdnssec} add-zone-key {$ligne["name"]} ksk >/dev/null 2>&1");
            shell_exec2("{$pdnssec} set-presigned {$ligne["name"]} >/dev/null 2>&1");
            if (!dnsseck_is_crypto($ligne["id"], $ligne["name"])) {
                echo "Starting......: " . date("H:i:s") . " PowerDNS pdnssec securing zone {$ligne["name"]} Failed\n";
                continue;
            }
        }
        $DOMAINSZ[$ligne["name"]] = true;
        shell_exec2("{$pdnssec} secure-zone {$ligne["name"]} >/dev/null 2>&1");
    }
    if (count($DOMAINSZ) > 0) {
        while (list($domain, $line2) = each($DOMAINSZ)) {
            shell_exec2("{$pdnssec} rectify-zone {$domain} >/dev/null 2>&1");
            shell_exec2("{$pdnssec} set-nsec3 {$domain} '1 1 1 ab' >/dev/null 2>&1");
        }
        reset($DOMAINSZ);
        while (list($domain, $none) = each($DOMAINSZ)) {
            $zones = array();
            $ok = false;
            if ($GLOBALS["VERBOSE"]) {
                echo "Starting......: " . date("H:i:s") . " PowerDNS Execute `{$pdnssec} show-zone {$domain} 2>&1` in order to see results\n";
            }
            exec("{$pdnssec} show-zone {$domain} 2>&1", $zones);
            while (list($num1, $line2) = each($zones)) {
                if (preg_match("#Zone has.+?semantics#", $line2)) {
                    echo "Starting......: " . date("H:i:s") . " PowerDNS pdnssec checking zone {$domain} OK\n";
                    $ok = true;
                    break;
                }
            }
            if (!$ok) {
                echo "Starting......: " . date("H:i:s") . " PowerDNS pdnssec checking zone {$domain} not secure...\n";
            }
        }
    }
    shell_exec2("{$pdnssec} rectify-all-zones >/dev/null 2>&1");
}
Пример #11
0
function load_stats()
{
    events("************************ SCHEDULE ****************************", __FUNCTION__, __LINE__);
    if (!isset($GLOBALS["CLASS_SOCKETS"])) {
        $GLOBALS["CLASS_SOCKETS"] = new sockets();
    }
    if (!isset($GLOBALS["CLASS_UNIX"])) {
        $unix = new unix();
    } else {
        $unix = $GLOBALS["CLASS_UNIX"];
    }
    $array_load = sys_getloadavg();
    $internal_load = $array_load[0];
    $time = time();
    $BASEDIR = "/usr/share/artica-postfix";
    $hash_mem = array();
    $files = $unix->DirFiles("/usr/share/artica-postfix/bin");
    while (list($filename, $line) = each($files)) {
        @chmod("/usr/share/artica-postfix/bin/{$filename}", 0755);
        @chown("/usr/share/artica-postfix/bin/{$filename}", "root");
    }
    @chmod("/usr/share/artica-postfix/ressources/mem.pl", 0755);
    $datas = shell_exec(dirname(__FILE__) . "/mem.pl");
    if (preg_match('#T=([0-9]+) U=([0-9]+)#', $datas, $re)) {
        $ram_used = $re[2];
    }
    @mkdir("/var/log/artica-postfix/sys_loadavg", 0755, true);
    @mkdir("/var/log/artica-postfix/sys_mem", 0755, true);
    @mkdir("/var/log/artica-postfix/sys_alerts", 0755, true);
    @mkdir("/etc/artica-postfix/croned.1", 0755, true);
    @mkdir("/etc/artica-postfix/pids", 0755, true);
    events("Internal Load: {$internal_load} Ram used: {$ram_used}", __FUNCTION__, __LINE__);
    @file_put_contents("/var/log/artica-postfix/sys_loadavg/{$time}", $internal_load);
    @file_put_contents("/var/log/artica-postfix/sys_mem/{$time}", $ram_used);
    $NtpdateAD = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("NtpdateAD"));
    $NTPDClientEnabled = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("NTPDClientEnabled"));
    if ($NtpdateAD == 1) {
        $NTPDClientEnabled = 1;
    }
    if (system_is_overloaded(basename(__FILE__))) {
        $date = time();
        if (!is_file("/var/log/artica-postfix/sys_alerts/{$date}")) {
            $ps = $unix->find_program("ps");
            $load = $GLOBALS["SYSTEM_INTERNAL_LOAD"];
            if (!$unix->process_exists($GLOBALS["CLASS_UNIX"]->PIDOF_PATTERN("{$ps}"))) {
                $cmd = trim($GLOBALS["nohup"] . " {$GLOBALS["NICE"]} {$ps} auxww >/var/log/artica-postfix/sys_alerts/{$date}-{$load} 2>&1");
                shell_exec($cmd);
            }
        }
    } else {
        if (is_file("/etc/artica-postfix/WEBSTATS_APPLIANCE")) {
            shell_exec_time("exec.squid.php --ping-clients-proxy", 5);
        }
    }
    // NTP CLIENT *****************************************************************************
    if ($NTPDClientEnabled == 1) {
        $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.squid.watchdog.php.start_watchdog.ntp.time");
        $NTPDClientPool = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("NTPDClientPool"));
        if ($NTPDClientPool == 0) {
            $NTPDClientPool = 120;
        }
        if ($time_file > $NTPDClientPool) {
            shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.ntpdate.php >/dev/null 2>&1 &");
        }
    }
    // ****************************************************************************************
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.syslog-engine.php.load_stats.time");
    if ($time_file > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.syslog-engine.php --load-stats >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.mpstat.php.time");
    if ($time_file > 1) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.mpstat.php >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.philesight.php.scan_directories.time");
    if ($time_file > 60) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.philesight.php --directories >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.seeker.php.xtart.time");
    events("seeker: {$time_file}mn/30mn");
    $GLOBALS["CLASS_UNIX"]->events("seeker: {$time_file}mn/30mn (/etc/artica-postfix/pids/exec.seeker.php.xtart.time)", "/var/log/seeker.log", false, __FUNCTION__, __LINE__, basename(__FILE__));
    if ($time_file > 5) {
        events("************ Executing seeker... ************");
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.seeker.php >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/croned.1/cron.notifs.php.time");
    if ($time_file > 5) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/cron.notifs.php >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.cleanfiles.php.time");
    if ($time_file > 120) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.cleanfiles.php >/dev/null 2>&1 &");
    }
    $timefile = $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.clean.logs.php.CleanLogs.time");
    if ($time_file > 240) {
        shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.clean.logs.php --clean-tmp >/dev/null 2>&1 &");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.squid.watchdog.php.CHECK_DNS_SYSTEMS.time");
    events("CHECK_DNS_SYSTEMS: {$time_file}mn", __FUNCTION__, __LINE__);
    if ($time_file > 4) {
        $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.squid.watchdog.php --dns >/dev/null 2>&1 &";
        events($cmd, __FUNCTION__, __LINE__);
        shell_exec2("{$cmd}");
    }
    $time_file = $GLOBALS["CLASS_UNIX"]->file_time_min("/etc/artica-postfix/pids/exec.clean.logs.php.clean_space.time");
    events("clean_space: {$time_file}mn", __FUNCTION__, __LINE__);
    if ($time_file > 240) {
        $cmd = "{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} {$BASEDIR}/exec.clean.logs.php --clean-space >/dev/null 2>&1 &";
        events($cmd, __FUNCTION__, __LINE__);
        shell_exec2("{$cmd}");
    }
    $kill = $GLOBALS["CLASS_UNIX"]->find_program("kill");
    $pgrep = $GLOBALS["CLASS_UNIX"]->find_program("pgrep");
    exec("pgrep -l -f \"exec.schedules.php --run\" 2>&1", $results);
    while (list($index, $line) = each($results)) {
        if (preg_match("#pgrep#", $line)) {
            continue;
        }
        if (!preg_match("#^([0-9]+)\\s+#", $line, $re)) {
            continue;
        }
        $pid = $re[1];
        $TTL = $GLOBALS["CLASS_UNIX"]->PROCCESS_TIME_MIN($pid);
        events("{$line} -> {$TTL}Mn");
        if ($TTL < 420) {
            continue;
        }
        ToSyslog("Killing exec.schedules.php PID {$pid}");
        unix_system_kill_force($pid);
    }
    events("************************ SCHEDULE ****************************", __FUNCTION__, __LINE__);
}
Пример #12
0
function preup_checkbridgre($breth, $nic)
{
    $unix = new unix();
    $brctl = $unix->find_program("brctl");
    $ifconfig = $unix->find_program("ifconfig");
    if ($GLOBALS["VERBOSE"]) {
        echo "Starting......: VPS server:{$brctl},{$ifconfig}\n";
    }
    $cmd = "{$brctl} show 2>&1";
    if ($GLOBALS["VERBOSE"]) {
        echo "Starting......: {$cmd}\n";
    }
    exec("{$cmd}", $results);
    while (list($index, $line) = each($results)) {
        if (preg_match("#^{$breth}\\s+#", $line)) {
            if ($GLOBALS["VERBOSE"]) {
                echo "Starting......: {$line}\n";
            }
            shell_exec2("{$ifconfig} {$nic} up >/dev/null 2>&1");
            shell_exec2("{$brctl} addif {$breth} {$nic} >/dev/null 2>&1");
            return;
        }
    }
    shell_exec2("{$brctl} addbr {$breth}  >/dev/null 2>&1");
    shell_exec2("{$ifconfig} {$nic} up >/dev/null 2>&1");
    shell_exec2("{$brctl} addif {$breth} {$nic} >/dev/null 2>&1");
}
Пример #13
0
function license_infos()
{
    $unix = new unix();
    $tmpstr = $unix->FILE_TEMP();
    $php5 = $unix->LOCATE_PHP5_BIN();
    $nohup = $unix->find_program("nohup");
    $kav4proxyCache = "/etc/artica-postfix/KAV4PROXY_LICENSE_INFO";
    if (!is_file($kav4proxyCache)) {
        shell_exec2("{$nohup} {$php5} /usr/share/artica-postfix/exec.kav4proxy.php --license >/dev/null 2>&1 &");
    }
    echo "<articadatascgi>" . base64_encode(@file_get_contents($kav4proxyCache)) . "</articadatascgi>";
}
Пример #14
0
function shell_exec_time($cmdlineNophp5, $mintime = 5)
{
    if (!is_numeric($mintime)) {
        $mintime = 5;
    }
    if ($mintime < 5) {
        $mintime = 5;
    }
    $md5 = md5($cmdlineNophp5);
    $timefile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".{$md5}.time";
    $TimeExec = $GLOBALS["CLASS_UNIX"]->file_time_min($timefile);
    if ($TimeExec < $mintime) {
        return;
    }
    @unlink($timefile);
    @file_put_contents($timefile, time());
    shell_exec2("{$GLOBALS["nohup"]} {$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} " . basename(__FILE__) . "/{$cmdlineNophp5} >/dev/null 2>&1 &");
}
Пример #15
0
function Transparents_modes()
{
    iptables_delete_all();
    $unix = new unix();
    $iptables = $unix->find_program("iptables");
    $sysctl = $unix->find_program("sysctl");
    $sql = "SELECT * FROM haproxy WHERE enabled=1 AND transparent=1";
    $q = new mysql();
    $results = $q->QUERY_SQL($sql, 'artica_backup');
    if (!$q->ok) {
        if ($GLOBALS["AS_ROOT"]) {
            echo "Starting......: " . date("H:i:s") . " {$GLOBALS["TITLENAME"]} building configuration failed {$q->mysql_error}\n";
            return;
        }
    }
    if (mysql_num_rows($results) == 0) {
        echo "Starting......: " . date("H:i:s") . " {$GLOBALS["TITLENAME"]} building configuration no transparent configurations...\n";
        return;
    }
    shell_exec("{$sysctl} -w net.ipv4.ip_forward=1 2>&1");
    shell_exec("{$sysctl} -w net.ipv4.conf.default.send_redirects=0 2>&1");
    shell_exec("{$sysctl} -w net.ipv4.conf.all.send_redirects=0 2>&1");
    shell_exec("{$sysctl} -w net.ipv4.conf.eth0.send_redirects=0 2>&1");
    shell_exec("{$iptables} -P FORWARD ACCEPT");
    return;
    while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
        $listen_add = "127.0.0.1";
        $next_port = $ligne["listen_port"];
        $listen_ip = $ligne["listen_ip"];
        $transparent_port = $ligne["transparentsrcport"];
        if ($transparent_port < 1) {
            continue;
        }
        echo "Starting......: " . date("H:i:s") . " {$GLOBALS["TITLENAME"]} building configuration transparent request from {$listen_ip}:{$transparent_port} and redirect to {$listen_add}:{$next_port}\n";
        shell_exec2("{$iptables} -t nat -A PREROUTING -i eth0 -p tcp --dport {$transparent_port} -j ACCEPT -m comment --comment \"ArticaHAProxy\"");
        shell_exec2("{$iptables} -t nat -A PREROUTING -p tcp --dport {$transparent_port} -j REDIRECT --to-ports {$next_port} -m comment --comment \"ArticaHAProxy\"");
        shell_exec2("{$iptables} -t nat -A POSTROUTING -j MASQUERADE -m comment --comment \"ArticaHAProxy\"");
        shell_exec2("{$iptables} -t mangle -A PREROUTING -p tcp --dport {$next_port} -j DROP -m comment --comment \"ArticaHAProxy\"");
    }
}
Пример #16
0
function Popuplate_cron()
{
    Build_default_values();
    shell_exec_time("exec.sys-stats.php", 2);
    $EnableDNSPerfs = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableDNSPerfs"));
    $EnableSquidQuotasBandwidth = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableSquidQuotasBandwidth"));
    $SquidSMTPNotifs = 0;
    if (is_file("/etc/artica-postfix/settings/Daemons/UfdbguardSMTPNotifs")) {
        $UfdbguardSMTPNotifs = unserialize(base64_decode(@file_get_contents("/etc/artica-postfix/settings/Daemons/UfdbguardSMTPNotifs")));
        if (!isset($UfdbguardSMTPNotifs["UfdbguardSMTPNotifs"]["ENABLED_SQUID_WATCHDOG"])) {
            $UfdbguardSMTPNotifs["UfdbguardSMTPNotifs"]["ENABLED_SQUID_WATCHDOG"] = 0;
        }
        $SquidSMTPNotifs = $UfdbguardSMTPNotifs["UfdbguardSMTPNotifs"]["ENABLED_SQUID_WATCHDOG"];
    }
    testspeed();
    $CRON_RELOAD = false;
    $EnableArticaMetaServer = intval($GLOBALS["CLASS_SOCKETS"]->GET_INFO("EnableArticaMetaServer"));
    if (!is_file("/etc/cron.hourly/squidrotate.sh")) {
        $CRON[] = "#!/bin/sh";
        $CRON[] = "export LC_ALL=C";
        $CRON[] = "{$GLOBALS["NICE"]} {$GLOBALS["PHP5"]} /usr/share/artica-postfix/exec.squid.rotate.php --cron >/dev/null 2>&1";
        $CRON[] = "";
        @file_put_contents("/etc/cron.hourly/squidrotate.sh", @implode("\n", $CRON));
        @chmod("/etc/cron.hourly/squidrotate.sh", 0755);
        $CRON_RELOAD = true;
    }
    if ($EnableSquidQuotasBandwidth == 1) {
        $SquidQuotaBandwidthRefresh = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/SquidQuotaBandwidthRefresh"));
        $SquidQuotaBandwidthRefresh_array[15] = "0,15,30,45 * * * *";
        $SquidQuotaBandwidthRefresh_array[30] = "0,30 * * * *";
        $SquidQuotaBandwidthRefresh_array[60] = "0 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 * * *";
        $SquidQuotaBandwidthRefresh_array[120] = "0 2,4,6,8,10,12,14,16,18,20,22 * * *";
        $FileMD5 = @md5_file("/etc/cron.d/squid-squidbandquot");
        Popuplate_cron_make("squid-squidbandquot", $SquidQuotaBandwidthRefresh_array[$SquidQuotaBandwidthRefresh], "exec.quotaband.php");
        $FileMD52 = @md5_file("/etc/cron.d/squid-squidbandquot");
        if ($FileMD5 != $FileMD52) {
            $CRON_RELOAD = true;
        }
    } else {
        if (is_file("/etc/cron.d/squid-squidbandquot")) {
            @unlink("/etc/cron.d/squid-squidbandquot");
            $CRON_RELOAD = true;
        }
    }
    if ($SquidSMTPNotifs == 1) {
        if (!is_file("/etc/cron.d/squid-notifications")) {
            Popuplate_cron_make("squid-notifications", "* * * * *", "exec.squid.smtp.notifications.php");
            $CRON_RELOAD = true;
        }
    } else {
        if (is_file("/etc/cron.d/squid-notifications")) {
            @unlink("/etc/cron.d/squid-notifications");
            $CRON_RELOAD = true;
        }
    }
    if ($EnableArticaMetaServer == 1) {
        if (!is_file("/etc/cron.d/artica-meta-ufdb")) {
            Popuplate_cron_make("artica-meta-ufdb", "45 0,2,4,6,8,10,12,14,16,18,20,22 * * *", "exec.squid.blacklists.php --bycron");
            $CRON_RELOAD = true;
        }
        if (!is_file("/etc/cron.d/ufdb-db-checkv")) {
            Popuplate_cron_make("ufdb-db-checkv", "30 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22 * * *", "exec.squid.blacklists.php --get-version");
            $CRON_RELOAD = true;
        }
    } else {
        if (is_file("/etc/cron.d/artica-meta-ufdb")) {
            @unlink("/etc/cron.d/artica-meta-ufdb");
            $CRON_RELOAD = true;
        }
    }
    if (!is_file("/etc/cron.d/artica-squid-5min")) {
        Popuplate_cron_make("artica-squid-5min", "0,5,10,15,20,25,30,35,40,45,50,55 * * * *", "exec.squidMins.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-rxtx-stats")) {
        Popuplate_cron_make("artica-rxtx-stats", "10 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 * * *", "exec.rxtx.hourly.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-sys-stats")) {
        Popuplate_cron_make("artica-sys-stats", "* * * * *", "exec.sys-stats.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/access-parser-logs")) {
        Popuplate_cron_make("access-parser-logs", "0 * * * *", "exec.squidparse.hourly.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/apache-parser-logs")) {
        Popuplate_cron_make("apache-parser-logs", "30 * * * *", "exec.apache.hour.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/access-parser-members")) {
        Popuplate_cron_make("access-parser-members", "5,15,30,45 * * * *", "exec.squidparse.members.php --rtt");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/access-parser-members-h")) {
        Popuplate_cron_make("access-parser-members-h", "0 * * * *", "exec.squidparse.members.php --hour");
        $CRON_RELOAD = true;
    }
    if ($EnableDNSPerfs == 1) {
        if (!is_file("/etc/cron.d/artica-dnsperf")) {
            Popuplate_cron_make("artica-dnsperf", "0,5,10,15,20,25,30,35,40,45,50,55 * * * *", "exec.dnsperf.php");
            $CRON_RELOAD = true;
        }
    } else {
        if (is_file("/etc/cron.d/artica-dnsperf")) {
            @unlink("/etc/cron.d/artica-dnsperf");
            $CRON_RELOAD = true;
        }
    }
    if (!is_file("/etc/cron.d/access-parser-failed")) {
        Popuplate_cron_make("access-parser-failed", "0,5,10,15,20,25,30,35,40,45,50,55 * * * *", "exec.squidparse.hourly.php --failed");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/available-softwares")) {
        Popuplate_cron_make("available-softwares", "30 0,8,16 * * *", "exec.web-community-filter.php --updates");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-clean-logs")) {
        Popuplate_cron_make("artica-clean-logs", "30 0,4,6,12 * * *", "exec.clean.logs.php --clean-tmp1");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-clean-tmp")) {
        Popuplate_cron_make("artica-clean-logs", "30 1,6,20,23 * * *", "exec.clean.logs.php --clean-logs");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-whatsnew")) {
        Popuplate_cron_make("artica-whatsnew", "30 8,10,12,16,18,20,22 * * *", "exec.web-community-filter.php --whatsnew");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-clean-RTTSize")) {
        Popuplate_cron_make("artica-clean-RTTSize", "30 4 * * *", "exec.clean.logs.php --rttsize");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-interface-size")) {
        Popuplate_cron_make("artica-interface-size", "0,15,30,45 * * * *", "exec.squid.interface-size.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-interface-hour")) {
        Popuplate_cron_make("artica-interface-hour", "25 * * * *", "exec.squid.interface-size.php --flux-hour");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-sys-alert")) {
        Popuplate_cron_make("artica-sys-alert", "0,2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58 * * * *", "exec.mpstat.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-auth-logs")) {
        Popuplate_cron_make("artica-auth-logs", "0,5,10,15,20,25,30,35,40,45,50,55 * * * *", "exec.syslog-engine.php --auth-logs");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-loadavg-interface")) {
        Popuplate_cron_make("artica-auth-logs", "0,5,10,15,20,25,30,35,40,45,50,55 * * * *", "exec.loadavg.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-usb-scan")) {
        Popuplate_cron_make("artica-usb-scan", "0,30 * * * *", "exec.usb.scan.write.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-nightly")) {
        Popuplate_cron_make("artica-nightly", "0,30 * * * *", "exec.nightly.php");
        $CRON_RELOAD = true;
    }
    if (!is_file("/etc/cron.d/artica-process1")) {
        $nice = $GLOBALS["CLASS_UNIX"]->EXEC_NICE();
        $PATH = "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin:/usr/share/artica-postfix/bin";
        $CRON[] = "PATH={$PATH}";
        $CRON[] = "MAILTO=\"\"";
        $CRON[] = "0 0,2,6,8,10,14,16,18,20 * * *\troot\t{$nice} /usr/share/artica-postfix/bin/process1 --force >/dev/null 2>&1";
        $CRON[] = "";
        file_put_contents("/etc/cron.d/artica-process1", @implode("\n", $CRON));
        chmod("/etc/cron.d/artica-process1", 0640);
        chown("/etc/cron.d/artica-process1", "root");
        $CRON_RELOAD = true;
        $CRON = array();
    }
    if ($CRON_RELOAD) {
        shell_exec2("/etc/init.d/cron reload");
    }
}