aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorRenato Botelho <renato@netgate.com>2015-09-30 07:23:55 -0300
committerRenato Botelho <renato@netgate.com>2015-09-30 07:23:55 -0300
commit614f420ec26939a0dec92997052a6bdebad52201 (patch)
tree36dc63b516e0b81b4f119711a19d191c759a00ea /config
parentefa2187152b6b4e10df0166e4124f5e1d189c016 (diff)
parentf7dbbd45e8f68d52cd46b1ae0d552d0bac66e3d5 (diff)
downloadpfsense-packages-614f420ec26939a0dec92997052a6bdebad52201.tar.gz
pfsense-packages-614f420ec26939a0dec92997052a6bdebad52201.tar.bz2
pfsense-packages-614f420ec26939a0dec92997052a6bdebad52201.zip
Merge pull request #1083 from doktornotor/patch-2
Diffstat (limited to 'config')
-rwxr-xr-xconfig/squid3/34/squid.inc213
-rwxr-xr-xconfig/squid3/34/squid_antivirus.xml16
-rwxr-xr-xconfig/squid3/34/squid_cache.xml14
-rwxr-xr-xconfig/squid3/34/squid_monitor.php6
-rwxr-xr-xconfig/squid3/34/squid_nac.xml2
-rwxr-xr-xconfig/squid3/34/squid_traffic.xml2
6 files changed, 162 insertions, 91 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index a7cb0490..7d2b08b7 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -123,24 +123,49 @@ function squid_check_clamav_user($user) {
function squid_dash_z($cache_action = 'none') {
global $config;
- //Do nothing if there is no cache config
- if (!is_array($config['installedpackages']['squidcache']['config'])) {
- return;
+ // We need cache created on package install
+ if (is_array($config['installedpackages']['squidcache'])) {
+ $cachesettings = $config['installedpackages']['squidcache']['config'][0];
+ } else {
+ $cachesettings = array();
+ }
+ $cachedir = ($cachesettings['harddisk_cache_location'] ? $cachesettings['harddisk_cache_location'] : '/var/squid/cache');
+ $numdirs = ($cachesettings['level1_subdirs'] ? $cachesettings['level1_subdirs'] : 16);
+ if (is_dir($cachedir)) {
+ $currentdirs = count(glob("{$cachedir}/*", GLOB_ONLYDIR));
+ } else {
+ $currentdirs = 0;
}
-
- $settings = $config['installedpackages']['squidcache']['config'][0];
// If the cache system is null, there is no need to initialize the (irrelevant) cache dir.
- if ($settings['harddisk_cache_system'] == "null") {
+ if ($cachesettings['harddisk_cache_system'] == "null") {
return;
}
+ // Re-create the cachedir if clean is forced by cronjob/manually, or
+ // or if the cachedir changed, or level1_subdirs don't exist or the number of level1_subdirs changed
+ if ($cache_action == "clean" || ((!is_dir($cachedir)) || (!is_dir($cachedir . '/00'))) || ($numdirs !== $currentdirs)) {
+ // cannot nuke disk cache while Squid is running
+ squid_stop_monitor();
+ if (is_service_running('squid')) {
+ stop_service("squid");
+ }
+ if (is_dir($cachedir)) {
+ rename($cachedir, "{$cachedir}.old");
+ mwexec_bg("/bin/rm -rf {$cachedir}.old");
+ }
+ squid_create_cachedir();
+ squid_restart_services();
+ }
+}
- $cachedir = ($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache');
-
- if ($cache_action == "clean" && file_exists($cachedir)) {
- rename($cachedir, "{$cachedir}.old");
- mwexec_bg("/bin/rm -rf {$cachedir}.old");
+function squid_create_cachedir() {
+ global $config;
+ if (is_array($config['installedpackages']['squidcache'])) {
+ $cachesettings = $config['installedpackages']['squidcache']['config'][0];
+ } else {
+ $cachesettings = array();
}
+ $cachedir = ($cachesettings['harddisk_cache_location'] ? $cachesettings['harddisk_cache_location'] : '/var/squid/cache');
if (!is_dir($cachedir)) {
log_error("Creating Squid cache dir {$cachedir}");
@@ -151,11 +176,8 @@ function squid_dash_z($cache_action = 'none') {
if (!is_dir($cachedir . '/00')) {
log_error("Creating Squid cache subdirs in $cachedir");
- mwexec(SQUID_BASE. "/sbin/squid -k shutdown -f " . SQUID_CONFFILE);
- sleep(5);
- mwexec(SQUID_BASE. "/sbin/squid -k kill -f " . SQUID_CONFFILE);
// Double check permissions here, should be safe to recurse cache dir if it's small here.
- mwexec("/usr/sbin/chown -R " . SQUID_UID . ":" . SQUID_GID . " $cachedir");
+ squid_chown_recursive($cachedir, SQUID_UID, SQUID_GID);
mwexec(SQUID_BASE. "/sbin/squid -z -f " . SQUID_CONFFILE);
}
@@ -353,26 +375,73 @@ function squid_install_command() {
function squid_deinstall_command() {
global $config, $g;
- $plswait_txt = "This operation may take quite some time, please be patient. Do not press stop or attempt to navigate away from this page during this process.";
+ /* remove cronjob */
squid_install_cron(false);
+
+ update_status("Stopping services...");
+ /* kill all running services */
+ mwexec('/usr/local/etc/rc.d/sqp_monitor.sh stop');
+ if (is_process_running("c-icap")) {
+ mwexec('/usr/local/etc/rc.d/c-icap stop');
+ }
+ if (is_process_running("clamd")) {
+ mwexec('/usr/local/etc/rc.d/clamav-clamd stop');
+ }
+ if (is_process_running("freshclam")) {
+ mwexec('/usr/local/etc/rc.d/clamav-freshclam stop');
+ }
+ mwexec("/bin/ps awux | /usr/bin/grep \"squid\" | /usr/bin/grep -v \"grep\" | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
+ mwexec("/bin/ps awux | /usr/bin/grep \"dnsserver\" | /usr/bin/grep -v \"grep\" | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
+ mwexec("/bin/ps awux | /usr/bin/grep \"unlinkd\" | /usr/bin/grep -v \"grep\" | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
+ /* delete rc scripts */
+ unlink_if_exists('/usr/local/etc/rc.d/sqp_monitor.sh');
+ unlink_if_exists('/usr/local/etc/rc.d/c-icap');
+ unlink_if_exists('/usr/local/etc/rc.d/clamav-clamd');
+ unlink_if_exists('/usr/local/etc/rc.d/clamav-freshclam');
+
+ /* clean up created directories */
+ update_status("Removing cache and logs ... One moment please...");
+ update_output_window("This operation may take quite some time, please be patient. Do not press stop or attempt to navigate away from this page during this process.");
if (is_array($config['installedpackages']['squidcache'])) {
- $settings = $config['installedpackages']['squidcache']['config'][0];
+ $cachesettings = $config['installedpackages']['squidcache']['config'][0];
} else {
- $settings = array();
+ $cachesettings = array();
}
- $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache');
- $logdir = ($settings['log_dir'] ? $settings['log_dir'] : '/var/squid/logs');
- update_status("Removing cache ... One moment please...");
- update_output_window("$plswait_txt");
+ $cachedir = ($cachesettings['harddisk_cache_location'] ? $cachesettings['harddisk_cache_location'] : '/var/squid/cache');
+ if (is_array($config['installedpackages']['squid'])) {
+ $squidsettings = $config['installedpackages']['squid']['config'][0];
+ } else {
+ $squidsettings = array();
+ }
+ $logdir = ($squidsettings['log_dir'] ? $squidsettings['log_dir'] : '/var/squid/logs');
// XXX: Is it ok to remove cache and logs? It's going to happen every time package is updated
- mwexec_bg("/bin/rm -rf {$cachedir}");
- mwexec("/bin/rm -rf {$logdir}");
+ if (is_dir("{$cachedir}")) {
+ mwexec_bg("/bin/rm -rf {$cachedir}");
+ }
+ if (is_dir("{$logdir}")) {
+ mwexec("/bin/rm -rf {$logdir}");
+ }
+ $dirs = array("/var/run/c-icap", "/var/log/c-icap", "/var/log/clamav", "/var/run/clamav", "/var/db/clamav");
+ foreach ($dirs as $dir) {
+ if (is_dir("{$dir}")) {
+ mwexec("/bin/rm -rf {$dir}");
+ }
+ }
+ /* clean up created PBI symlinks */
update_status("Finishing package cleanup.");
- mwexec("/usr/local/etc/rc.d/sqp_monitor.sh stop");
- unlink_if_exists('/usr/local/etc/rc.d/sqp_monitor.sh');
- mwexec("/bin/ps awux | /usr/bin/grep \"squid\" | /usr/bin/grep -v \"grep\" | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
- mwexec("/bin/ps awux | /usr/bin/grep \"dnsserver\" | /usr/bin/grep -v \"grep\" | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
- mwexec("/bin/ps awux | /usr/bin/grep \"unlinkd\" | /usr/bin/grep -v \"grep\" | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
+ if (SQUID_LOCALBASE != '/usr/local') {
+ $ln_icap = array('bin/c-icap', 'bin/c-icap-client', 'c-icap-config', 'c-icap-libicapapi-config', 'c-icap-stretch', 'lib/c_icap', 'share/c_icap', 'etc/c-icap');
+ foreach ($ln_icap as $ln) {
+ if (is_link("/usr/local/{$ln}")) {
+ unlink("/usr/local/{$ln}");
+ }
+ }
+ if (is_link("/usr/local/lib/libicapapi.so.3")) {
+ unlink("/usr/local/lib/libicapapi.so.3");
+ }
+ }
+
+
update_status("Reloading filter...");
filter_configure();
}
@@ -546,8 +615,6 @@ function squid_validate_cache($post, &$input_errors) {
}
}
}
-
- squid_dash_z();
}
function squid_validate_nac($post, &$input_errors) {
@@ -959,6 +1026,7 @@ function squid_resync_general() {
$logdir = ($settings['log_dir'] ? $settings['log_dir'] : '/var/squid/logs');
if (!is_dir($logdir)) {
+ log_error("Creating Squid log dir $logdir");
safe_mkdir($logdir, 0755);
squid_chown_recursive($logdir, SQUID_UID, SQUID_GID);
}
@@ -1951,7 +2019,39 @@ function squid_resync($via_rpc = "no") {
chgrp(SQUID_LOCALBASE . "/libexec/squid/pinger", SQUID_GID);
}
- $log_dir = "";
+ // check cache dir and create if necessary
+ squid_dash_z();
+
+ // restart Squid if enabled and reconfigure filter
+ squid_restart_services();
+ filter_configure();
+ conf_mount_ro();
+}
+
+function squid_stop_monitor() {
+ /* kill any running proxy alarm scripts */
+ if (exec("/bin/ps auxw | /usr/bin/grep '[s]qpmon'")) {
+ log_error("Stopping any running proxy monitors");
+ mwexec("/usr/local/etc/rc.d/sqp_monitor.sh stop");
+ }
+ sleep(1);
+}
+
+function squid_start_monitor() {
+ if (!exec("/bin/ps auxw | /usr/bin/grep '[s]qpmon'")) {
+ log_error("Starting a proxy monitor script");
+ mwexec_bg("/usr/local/etc/rc.d/sqp_monitor.sh start");
+ }
+ sleep(1);
+}
+
+function squid_restart_services() {
+ global $config;
+ // reconfigure and (re)start service as needed if enabled, otherwise stop them
+ // do not (re)start squid services on boot
+ if (platform_booting()) {
+ return;
+ }
$squid_enabled = false;
if (is_array($config['installedpackages']['squid']['config'])) {
// check if Squid is enabled
@@ -1964,30 +2064,11 @@ function squid_resync($via_rpc = "no") {
$squid_enabled = true;
}
}
- // create log dir if required
- if (is_array($config['installedpackages']['squid']['config'])) {
- if ($config['installedpackages']['squid']['config'][0]['log_dir'] != "") {
- $log_dir = $config['installedpackages']['squid']['config'][0]['log_dir'] . '/';
- }
- } else {
- $log_dir = "/var/squid/logs/";
- }
- if (!is_dir($log_dir)) {
- log_error("Creating Squid log dir $log_dir");
- safe_mkdir($log_dir, 0755);
- squid_chown_recursive($log_dir, SQUID_UID, SQUID_GID);
- }
-
- // check cache dir and create if necessary
- squid_dash_z();
- // reconfigure and (re)start service as needed if enabled, otherwise stop them
- // do not (re)start squid services on boot
- if ((!isset($boot_process)) && ($squid_enabled)) {
+ if ($squid_enabled) {
/* kill any running proxy alarm scripts */
- log_error("Stopping any running proxy monitors");
- mwexec("/usr/local/etc/rc.d/sqp_monitor.sh stop");
- sleep(1);
+ squid_stop_monitor();
+
if (!is_service_running('squid')) {
log_error("Starting Squid");
mwexec(SQUID_BASE . "/sbin/squid -f " . SQUID_CONFFILE);
@@ -2002,19 +2083,16 @@ function squid_resync($via_rpc = "no") {
}
}
/* restart proxy alarm scripts */
- log_error("Starting a proxy monitor script");
- mwexec_bg("/usr/local/etc/rc.d/sqp_monitor.sh start");
- } elseif (!$squid_enabled) {
+ squid_start_monitor();
+
+ } else {
/* Squid is disabled - kill any running proxy alarm scripts and stop Squid services */
- log_error("Stopping any running proxy monitors");
- mwexec("/usr/local/etc/rc.d/sqp_monitor.sh stop");
- sleep(1);
- log_error("Stopping Squid");
- stop_service("squid");
+ squid_stop_monitor();
+ if (is_service_running('squid')) {
+ log_error("Stopping Squid");
+ stop_service("squid");
+ }
}
-
- filter_configure();
- conf_mount_ro();
}
function squid_print_javascript_auth() {
@@ -2369,6 +2447,9 @@ EOD;
{$squid_base}/sbin/squid -k shutdown -f {$squid_conffile_var}
# Just to be sure...
sleep 5
+if [ -n "`/bin/ps auxw | /usr/bin/grep "[s]quid " | /usr/bin/awk '{print $2}'`" ]; then
+ {$squid_base}/sbin/squid -k kill -f {$squid_conffile_var}
+fi
if [ -x /usr/bin/ipcs ]; then
# http://man.chinaunix.net/newsoft/squid/Squid_FAQ/FAQ-22.html#ss22.8
@@ -2389,6 +2470,8 @@ if [ -z "`ps auxw | /usr/bin/grep "[s]quid " | /usr/bin/awk '{print $2}'`" ]; th
EOD;
conf_mount_rw();
write_rcfile($rc);
+ // force delete the PBI initscript that keeps creeping back
+ unlink_if_exists("/usr/local/etc/rc.d/squid");
conf_mount_ro();
}
diff --git a/config/squid3/34/squid_antivirus.xml b/config/squid3/34/squid_antivirus.xml
index 8d74eb2a..2e85ab19 100755
--- a/config/squid3/34/squid_antivirus.xml
+++ b/config/squid3/34/squid_antivirus.xml
@@ -87,8 +87,7 @@
<text>Sync</text>
<url>/pkg_edit.php?xml=squid_sync.xml</url>
</tab>
- </tabs>
- <advanced_options>enabled</advanced_options>
+ </tabs>
<fields>
<field>
<name>ClamAV Anti-Virus Integration Using C-ICAP</name>
@@ -118,14 +117,17 @@
</options>
</field>
<field>
+ <name>Advanced Options</name>
+ <type>listtopic</type>
+ </field>
+ <field>
<fielddescr>squidclamav.conf</fielddescr>
<fieldname>squidclamav</fieldname>
<description>squidclamav.conf file. Leave empty to load sample file. Edit only if you know what are you doing.</description>
<type>textarea</type>
<encoding>base64</encoding>
- <cols>75</cols>
+ <cols>85</cols>
<rows>15</rows>
- <advancedfield/>
</field>
<field>
<fielddescr>c-icap.conf</fielddescr>
@@ -133,9 +135,8 @@
<description>c-icap.conf file. Leave empty to load sample file. Edit only if you know what are you doing.</description>
<type>textarea</type>
<encoding>base64</encoding>
- <cols>75</cols>
+ <cols>85</cols>
<rows>15</rows>
- <advancedfield/>
</field>
<field>
<fielddescr>c-icap.magic</fielddescr>
@@ -143,9 +144,8 @@
<description>c-icap.conf file. Leave empty to load sample file. Edit only if you know what are you doing.</description>
<type>textarea</type>
<encoding>base64</encoding>
- <cols>75</cols>
+ <cols>85</cols>
<rows>15</rows>
- <advancedfield/>
</field>
</fields>
<custom_php_validation_command>
diff --git a/config/squid3/34/squid_cache.xml b/config/squid3/34/squid_cache.xml
index ff861897..a5e73f80 100755
--- a/config/squid3/34/squid_cache.xml
+++ b/config/squid3/34/squid_cache.xml
@@ -175,7 +175,7 @@
<fieldname>ext_cachemanager</fieldname>
<description>
<![CDATA[
- Enter the IPs for the external <a href="http://wiki.squid-cache.org/Features/CacheManager">Cache Managers</a> to be granted access to this proxy.
+ Enter the IPs for the external <a href="http://wiki.squid-cache.org/Features/CacheManager">Cache Managers</a> to be granted access to this proxy.<br/>
<strong>Note: Separate entries by semi-colons (;)</strong>
]]>
</description>
@@ -403,22 +403,10 @@
<encoding>base64</encoding>
</field>
</fields>
- <custom_php_command_before_form>
- <![CDATA[
- if ($_POST['harddisk_cache_size'] != $config['installedpackages']['squidcache']['config'][0]['harddisk_cache_size']) {
- $needs_dash_z = true;
- }
- ]]>
- </custom_php_command_before_form>
<custom_php_validation_command>
squid_validate_cache($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
- <![CDATA[
squid_resync();
- if ($needs_dash_z) {
- squid_dash_z();
- }
- ]]>
</custom_php_resync_config_command>
</packagegui>
diff --git a/config/squid3/34/squid_monitor.php b/config/squid3/34/squid_monitor.php
index ba87f998..80e15a64 100755
--- a/config/squid3/34/squid_monitor.php
+++ b/config/squid3/34/squid_monitor.php
@@ -120,9 +120,9 @@ include("head.inc");
<input name="strfilter" type="text" class="formfld search" id="strfilter" size="50" value="" />
<br/>
<span class="vexpl">
- <?=gettext("Enter a grep like string/pattern to filterlog.");?><br/>
- <?=gettext("eg. username, ip addr, url.");?><br/>
- <?=gettext("Use <b>!</b> to invert the sense of matching, to select non-matching lines.");?>
+ <?=gettext("Enter a grep-like string/pattern to filter the log entries.");?><br/>
+ <?=gettext("E.g.: username, IP address, URL.");?><br/>
+ <?=gettext("Use <strong>!</strong> to invert the sense of matching (to select non-matching lines).");?>
</span>
</td>
</tr>
diff --git a/config/squid3/34/squid_nac.xml b/config/squid3/34/squid_nac.xml
index fb7accc3..4a81ac91 100755
--- a/config/squid3/34/squid_nac.xml
+++ b/config/squid3/34/squid_nac.xml
@@ -171,7 +171,7 @@
<fieldname>block_user_agent</fieldname>
<description>
<![CDATA[
- Enter user agents that will be blocked for the users that are allowed to use the proxy.
+ Enter user agents that will be blocked for the users that are allowed to use the proxy.<br/>
<strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions.
]]>
</description>
diff --git a/config/squid3/34/squid_traffic.xml b/config/squid3/34/squid_traffic.xml
index 135ef9ad..ac86770f 100755
--- a/config/squid3/34/squid_traffic.xml
+++ b/config/squid3/34/squid_traffic.xml
@@ -192,7 +192,6 @@
<type>listtopic</type>
</field>
<field>
- <field>
<type>info</type>
<description>
<![CDATA[
@@ -205,6 +204,7 @@
]]>
</description>
</field>
+ <field>
<fielddescr>Finish transfer if less than x KB remaining</fielddescr>
<fieldname>quick_abort_min</fieldname>
<description>If the transfer has less than x KB remaining, it will finish the retrieval.</description>