function Builsql($CLIENT, $username = null, $uri, $code_error, $size = 0, $time, $cached, $mac = null)
{
$squid_error["100"] = "Continue";
$squid_error["101"] = "Switching Protocols";
$squid_error["102"] = "Processing";
$squid_error["200"] = "Pass";
$squid_error["201"] = "Created";
$squid_error["202"] = "Accepted";
$squid_error["203"] = "Non-Authoritative Information";
$squid_error["204"] = "No Content";
$squid_error["205"] = "Reset Content";
$squid_error["206"] = "Partial Content";
$squid_error["207"] = "Multi Status";
$squid_error["300"] = "Multiple Choices";
$squid_error["301"] = "Moved Permanently";
$squid_error["302"] = "Moved Temporarily";
$squid_error["303"] = "See Other";
$squid_error["304"] = "Not Modified";
$squid_error["305"] = "Use Proxy";
$squid_error["307"] = "Temporary Redirect";
$squid_error["400"] = "Bad Request";
$squid_error["401"] = "Unauthorized";
$squid_error["402"] = "Payment Required";
$squid_error["403"] = "Forbidden";
$squid_error["404"] = "Not Found";
$squid_error["405"] = "Method Not Allowed";
$squid_error["406"] = "Not Acceptable";
$squid_error["407"] = "Proxy Authentication Required";
$squid_error["408"] = "Request Timeout";
$squid_error["409"] = "Conflict";
$squid_error["410"] = "Gone";
$squid_error["411"] = "Length Required";
$squid_error["412"] = "Precondition Failed";
$squid_error["413"] = "Request Entity Too Large";
$squid_error["414"] = "Request URI Too Large";
$squid_error["415"] = "Unsupported Media Type";
$squid_error["416"] = "Request Range Not Satisfiable";
$squid_error["417"] = "Expectation Failed";
$squid_error["424"] = "Locked";
$squid_error["424"] = "Failed Dependency";
$squid_error["433"] = "Unprocessable Entity";
$squid_error["500"] = "Internal Server Error";
$squid_error["501"] = "Not Implemented";
$squid_error["502"] = "Bad Gateway";
$squid_error["503"] = "Service Unavailable";
$squid_error["504"] = "Gateway Timeout";
$squid_error["505"] = "HTTP Version Not Supported";
$squid_error["507"] = "Insufficient Storage";
$squid_error["600"] = "Squid header parsing error";
if (preg_match("#^(?:[^/]+://)?([^/:]+)#", $uri, $re)) {
$sitename = $re[1];
if (preg_match("#^www\\.(.+)#", $sitename, $ri)) {
$sitename = $ri[1];
}
} else {
events("dansguardian-stats2:: unable to extract domain name from {$uri}");
return false;
}
$TYPE = $squid_error[$code_error];
$REASON = $TYPE;
$CLIENT = trim($CLIENT);
$date = date('Y-m-d') . " " . $time;
if ($username == null) {
$username = GetComputerName($ip);
}
if ($size == null) {
$size = 0;
}
if (trim($GLOBALS["IPs"][$sitename]) == null) {
$site_IP = trim(gethostbyname($sitename));
$GLOBALS["IPs"][$sitename] = $site_IP;
} else {
$site_IP = $GLOBALS["IPs"][$sitename];
}
if (count($_GET["IPs"]) > 5000) {
unset($_GET["IPs"]);
}
if (count($_GET["COUNTRIES"]) > 5000) {
unset($_GET["COUNTRIES"]);
}
if (trim($GLOBALS["COUNTRIES"][$site_IP]) == null) {
if (function_exists("geoip_record_by_name")) {
if ($site_IP == null) {
$site_IP = $sitename;
}
$record = @geoip_record_by_name($site_IP);
if ($record) {
$Country = $record["country_name"];
$GLOBALS["COUNTRIES"][$site_IP] = $Country;
}
} else {
$geoerror = "geoip_record_by_name no such function...";
}
} else {
$Country = $GLOBALS["COUNTRIES"][$site_IP];
}
$zMD5 = md5("{$uri}{$date}{$CLIENT}{$username}{$TYPE}{$Country}{$site_IP}");
if (!is_dir("/var/log/artica-postfix/dansguardian-stats2")) {
@mkdir("/var/log/artica-postfix/dansguardian-stats2", 600, true);
}
if (!is_dir("/var/log/artica-postfix/dansguardian-stats3")) {
@mkdir("/var/log/artica-postfix/dansguardian-stats3", 600, true);
}
if (!$GLOBALS["SINGLE_SITE"][$sitename]) {
$filewebsite = "/var/log/artica-postfix/dansguardian-stats3/" . md5($sitename);
$filewebsite_array = array("sitename" => $sitename, "country" => $Country, "ipaddr" => $site_IP);
$filecontent = serialize($filewebsite_array);
if (!is_file($filewebsite)) {
events("{$date} dansguardian-stats3:: " . basename($filewebsite) . " -> \"sitename\"=>{$sitename},\"country\"=>{$Country},\"ipaddr\"=>{$site_IP} (" . __LINE__ . ")");
@file_put_contents($filewebsite, $filecontent);
if (is_file($filewebsite)) {
$GLOBALS["SINGLE_SITE"][$sitename] = true;
}
events("{$date} dansguardian-stats3:: " . count($GLOBALS["SINGLE_SITE"]) . " analyzed websites");
writeMem();
}
}
if (count($GLOBALS["SINGLE_SITE"]) > 1500) {
unset($GLOBALS["SINGLE_SITE"]);
}
events("{$date} dansguardian-stats2:: {$REASON}:: [{$mac}]{$CLIENT} ({$username}) -> {$sitename} ({$site_IP}) Country={$Country} ({$geoerror}) REASON:\"{$REASON}\" TYPE::\"{$TYPE}\" size={$size} (" . __LINE__ . ")");
$uri = addslashes($uri);
$Country = addslashes($Country);
$sql = "('{$sitename}','{$uri}','{$TYPE}','{$REASON}','{$CLIENT}','{$date}','{$zMD5}','{$site_IP}','{$Country}','{$size}','{$username}','{$cached}','{$mac}')";
@file_put_contents("/var/log/artica-postfix/dansguardian-stats2/{$zMD5}.sql", $sql);
if (count($GLOBALS["RTIME"]) > 500) {
unset($GLOBALS["RTIME"]);
}
$GLOBALS["RTIME"][] = array($sitename, $uri, $TYPE, $REASON, $CLIENT, $date, $zMD5, $site_IP, $Country, $size, $username, $mac);
@file_put_contents("/etc/artica-postfix/squid-realtime.cache", base64_encode(serialize($GLOBALS["RTIME"])));
}
function interact($socket){
$sock=new sockets();
//protocol_state=END-OF-MESSAGE,RCPT
// PHP_NORMAL_READ PHP_BINARY_READ
$buffer=@socket_read($socket,2000,PHP_BINARY_READ);
if(!isset($GLOBALS["DebugArticaFilter"])){
$GLOBALS["DebugArticaFilter"]=$sock->GET_INFO("DebugArticaFilter");
if($GLOBALS["DebugArticaFilter"]==null){$GLOBALS["DebugArticaFilter"]=0;}
}
$GLOBALS["PostfixNotifyMessagesRestrictions"]=$sock->GET_INFO("PostfixNotifyMessagesRestrictions");
$GLOBALS["ArticaPolicyFilterMaxRCPTInternalDomainsOnly"]=$sock->GET_INFO("ArticaPolicyFilterMaxRCPTInternalDomainsOnly");
if(!is_numeric($GLOBALS["ArticaPolicyFilterMaxRCPTInternalDomainsOnly"])){$GLOBALS["ArticaPolicyFilterMaxRCPTInternalDomainsOnly"]=0;}
if(!is_numeric($GLOBALS["PostfixNotifyMessagesRestrictions"])){$GLOBALS["PostfixNotifyMessagesRestrictions"]=0;}
$tbl=explode("\n",$buffer);
if($GLOBALS["DebugArticaFilter"]==1){events(count($tbl)." lines",__FUNCTION__,__LINE__);}
while (list ($num, $ligne) = each ($tbl) ){
if(preg_match("#(.+?)=(.+)#",$ligne,$re)){
if($re[1]=="recipient"){
$GLOBALS["RECIPIENTS"][]=$re[2];
if($GLOBALS["DebugArticaFilter"]==1){events("To: {$re[2]}",__FUNCTION__,__LINE__);}
}
if($GLOBALS["DebugArticaFilter"]==1){events("{$re[1]}:{$re[2]}",__FUNCTION__,__LINE__);}
$base[trim($re[1])]=trim($re[2]);
}
}
$GLOBALS["BASE"]=$base;
$GLOBALS["protocol_state"]=$base["protocol_state"];
if($GLOBALS["DebugArticaFilter"]==1){events("Loading caches",__FUNCTION__,__LINE__);}
$GLOBALS["LOCAL_DOMAINS"]=unserialize(@file_get_contents("/tmp/".basename(__FILE__).".domains"));
$GLOBALS["CACHE"]=unserialize(@file_get_contents("/tmp/".basename(__FILE__).".cache"));
$GLOBALS["INTERNAL_FROM"]=unserialize(@file_get_contents("/tmp/".basename(__FILE__).".internal.from"));
$GLOBALS["QUEUES"]=unserialize(@file_get_contents("/tmp/".basename(__FILE__).".cache.queues"));
if(count($GLOBALS["QUEUES"])>500){unset($GLOBALS["QUEUES"]);}
/*if(CheckMAXRcptto()){
socket_write($socket, "action=451 Sorry, your message has too many recipients\n");
socket_write($socket, "\n");
unset($GLOBALS["QUEUES"][$GLOBALS["BASE"]["instance"]]);
writeMem();
return;
}*/
if($GLOBALS["protocol_state"]<>"END-OF-MESSAGE"){
writeMem();
socket_write($socket, "action=DUNNO\n");
socket_write($socket, "\n");
return;
}
if($GLOBALS["DebugArticaFilter"]==1){events("running -> BlockQuotaFrom()",__FUNCTION__,__LINE__);}
if(BlockQuotaFrom($base["sender"],$base["recipient"],$base["size"])){
if($GLOBALS["DebugArticaFilter"]==1){events("Return 552",__FUNCTION__,__LINE__);}
socket_write($socket, "action=552 " . MSG_QUOTA . "\n");
socket_write($socket, "\n");
if($GLOBALS["DebugArticaFilter"]==1){events("running -> writeMem()",__FUNCTION__,__LINE__);}
writeMem();
if($GLOBALS["DebugArticaFilter"]==1){events("running -> point_events()",__FUNCTION__,__LINE__);}
point_events($base["queue_id"],$base["client_address"],$base["sender"],$base["recipient"],"Over Quota",$base["size"]);
if($GLOBALS["DebugArticaFilter"]==1){events("finish",__FUNCTION__,__LINE__);}
return;
}
if($GLOBALS["DebugArticaFilter"]==1){events("running -> writeMem()",__FUNCTION__,__LINE__);}
writeMem();
socket_write($socket, "action=DUNNO\n");
socket_write($socket, "\n");
if($GLOBALS["DebugArticaFilter"]==1){events("running -> point_events()",__FUNCTION__,__LINE__);}
point_events($base["queue_id"],$base["client_address"],$base["sender"],$base["recipient"],null,$base["size"]);
if($GLOBALS["DebugArticaFilter"]==1){events("finish",__FUNCTION__,__LINE__);}
}
