aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordoktornotor <notordoktor@gmail.com>2015-09-30 23:25:52 +0200
committerdoktornotor <notordoktor@gmail.com>2015-09-30 23:25:52 +0200
commitdd50146443b450cecc4a767cb8ab16a2a5ae2e2b (patch)
tree9bd99d56ff24b5b23ee53fc2a8f81a44cd633fb2
parentce7858d7585e1ef0ae21325551ccd7a2428566d6 (diff)
downloadpfsense-packages-dd50146443b450cecc4a767cb8ab16a2a5ae2e2b.tar.gz
pfsense-packages-dd50146443b450cecc4a767cb8ab16a2a5ae2e2b.tar.bz2
pfsense-packages-dd50146443b450cecc4a767cb8ab16a2a5ae2e2b.zip
When antivirus/C-ICAP is disabled, actually stop and disable related services
-rwxr-xr-xconfig/squid3/34/squid.inc27
1 files changed, 27 insertions, 0 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index 8c1e9628..0c26ff1f 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -1729,7 +1729,34 @@ EOF;
} else {
mwexec_bg("/usr/local/etc/rc.d/clamav-clamd start");
}
+ } else {
+ // stop AV services and disable all C-ICAP/AV features
+ log_error("Squid antivirus features disabled.");
+ if (is_process_running("clamd")) {
+ log_error("Stopping ClamAV...");
+ mwexec("/bin/ps awux | /usr/bin/grep '[c]lamd' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
+ }
+ if (is_process_running("c-icap")) {
+ log_error("Stopping C-ICAP...");
+ mwexec_bg("/usr/local/etc/rc.d/c-icap stop");
+ }
+ // freshclam cronjob
+ log_error("Removing freshclam cronjob...");
+ squid_install_freshclam_cron(false);
+
+ // check if clamav/c_icap is enabled in rc.conf.local
+ // XXX: This whole thing sucks and should be redone to install/enable services in pfSense way
+ if (file_exists("/etc/rc.conf.local")) {
+ log_error("Removing antivirus services from /etc/rc.conf.local...");
+ $sample_file = file_get_contents("/etc/rc.conf.local");
+ $rcconf_local_m[0] = "@c_icap_enable(.*)\n@";
+ $rcconf_local_m[1] = "@clamav_clamd_enable(.*)\n@";
+ $rcconf_local_r[0] = "";
+ $rcconf_local_r[1] = "";
+ file_put_contents("/etc/rc.conf.local", preg_replace($rcconf_local_m, $rcconf_local_r, $sample_file), LOCK_EX);
+ }
}
+
return $conf;
}