From ec4b94c88d7208170f2f2e2f32cd434246ca2971 Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Wed, 14 Mar 2012 14:28:15 +0545 Subject: Update config/squid/swapstate_check.php --- config/squid/swapstate_check.php | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/config/squid/swapstate_check.php b/config/squid/swapstate_check.php index ab5b11d8..d70c2dd4 100644 --- a/config/squid/swapstate_check.php +++ b/config/squid/swapstate_check.php @@ -30,19 +30,23 @@ require_once('config.inc'); require_once('util.inc'); $settings = $config['installedpackages']['squidcache']['config'][0]; -$cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); -$swapstate = $cachedir . '/swap.state'; -$disktotal = disk_total_space(dirname($cachedir)); -$diskfree = disk_free_space(dirname($cachedir)); -$diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); -$swapstate_size = filesize($swapstate); -$swapstate_pct = round(($swapstate_size / $disktotal) * 100); +// Only check the cache if Squid is actually caching. +// If there is no cache then quietly do nothing. +if ($settings['harddisk_cache_system'] != "null"){ + $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); + $swapstate = $cachedir . '/swap.state'; + $disktotal = disk_total_space(dirname($cachedir)); + $diskfree = disk_free_space(dirname($cachedir)); + $diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); + $swapstate_size = filesize($swapstate); + $swapstate_pct = round(($swapstate_size / $disktotal) * 100); -// If the swap.state file is taking up more than 75% disk space, -// or the drive is 90% full and swap.state is larger than 1GB, -// kill it and initiate a rotate to write a fresh copy. -if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { - mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); - log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + // If the swap.state file is taking up more than 75% disk space, + // or the drive is 90% full and swap.state is larger than 1GB, + // kill it and initiate a rotate to write a fresh copy. + if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { + mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); + log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + } } ?> \ No newline at end of file -- cgit v1.2.3 From 66f0c5a5d24d2956b6c8692acdcb365ddf2edd17 Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Wed, 14 Mar 2012 14:53:56 +0545 Subject: Update config/pf-blocker/pfblocker.inc --- config/pf-blocker/pfblocker.inc | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index 57d73b57..1a32906f 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -368,25 +368,26 @@ function sync_package_pfblocker() { } } #update pfsense alias table - if (is_array($config['aliases']['alias'])) + if (is_array($config['aliases']['alias'])){ $aliases=$config['aliases']['alias']; - foreach($aliases as $cbalias){ - if (preg_match("/pfBlocker/",$cbalias['name'])){ - #mark pfctl aliastable for cleaning - if (!in_array($cbalias['name'], $aliases_list)) - $aliases_list[]=$cbalias['name']; #mark aliastable for cleaning - #remove previous aliastable file if alias is not defined any more - if (!in_array($cbalias['name'], $new_aliases_list)) - unlink_if_exists("/var/db/aliastables/".$cbalias['name'].".txt"); - } - else{ - $new_aliases[]= $cbalias; - if (file_exists($pfb_alias_dir.'/'.$alias.'.txt') && $message ==""){ - preg_match("/(\d+)/",exec("/usr/bin/wc -l ".$pfb_alias_dir.'/'.$alias.'.txt'),$matches); + foreach($aliases as $cbalias){ + if (preg_match("/pfBlocker/",$cbalias['name'])){ + #mark pfctl aliastable for cleaning + if (!in_array($cbalias['name'], $aliases_list)) + $aliases_list[]=$cbalias['name']; #mark aliastable for cleaning + #remove previous aliastable file if alias is not defined any more + if (!in_array($cbalias['name'], $new_aliases_list)) + unlink_if_exists("/var/db/aliastables/".$cbalias['name'].".txt"); + } + else{ + $new_aliases[]= $cbalias; + if (file_exists($pfb_alias_dir.'/'.$alias.'.txt') && $message ==""){ + preg_match("/(\d+)/",exec("/usr/bin/wc -l ".$pfb_alias_dir.'/'.$alias.'.txt'),$matches); + } + if (($matches[1] * 2.1)>= $table_limit ) + #alias table too large + $message= $alias .' alias table is too large. Reduce networks in list or increase "Firewall Maximum Table Entries" value to at least '. (int)($matches[1] * 2.1) .' in "system - advanced - Firewall/NAT".'; } - if (($matches[1] * 2.1)>= $table_limit ) - #alias table too large - $message= $alias .' alias table is too large. Reduce networks in list or increase "Firewall Maximum Table Entries" value to at least '. (int)($matches[1] * 2.1) .' in "system - advanced - Firewall/NAT".'; } } #apply new alias table to xml -- cgit v1.2.3 From d436abb9d5574c72bcc5b52ac2dd68468e4544ec Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Wed, 14 Mar 2012 15:10:25 +0545 Subject: Put pfblocker.inc back the way it was. I didn't mean to change it in this fork. --- config/pf-blocker/pfblocker.inc | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index 1a32906f..57d73b57 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -368,26 +368,25 @@ function sync_package_pfblocker() { } } #update pfsense alias table - if (is_array($config['aliases']['alias'])){ + if (is_array($config['aliases']['alias'])) $aliases=$config['aliases']['alias']; - foreach($aliases as $cbalias){ - if (preg_match("/pfBlocker/",$cbalias['name'])){ - #mark pfctl aliastable for cleaning - if (!in_array($cbalias['name'], $aliases_list)) - $aliases_list[]=$cbalias['name']; #mark aliastable for cleaning - #remove previous aliastable file if alias is not defined any more - if (!in_array($cbalias['name'], $new_aliases_list)) - unlink_if_exists("/var/db/aliastables/".$cbalias['name'].".txt"); - } - else{ - $new_aliases[]= $cbalias; - if (file_exists($pfb_alias_dir.'/'.$alias.'.txt') && $message ==""){ - preg_match("/(\d+)/",exec("/usr/bin/wc -l ".$pfb_alias_dir.'/'.$alias.'.txt'),$matches); - } - if (($matches[1] * 2.1)>= $table_limit ) - #alias table too large - $message= $alias .' alias table is too large. Reduce networks in list or increase "Firewall Maximum Table Entries" value to at least '. (int)($matches[1] * 2.1) .' in "system - advanced - Firewall/NAT".'; + foreach($aliases as $cbalias){ + if (preg_match("/pfBlocker/",$cbalias['name'])){ + #mark pfctl aliastable for cleaning + if (!in_array($cbalias['name'], $aliases_list)) + $aliases_list[]=$cbalias['name']; #mark aliastable for cleaning + #remove previous aliastable file if alias is not defined any more + if (!in_array($cbalias['name'], $new_aliases_list)) + unlink_if_exists("/var/db/aliastables/".$cbalias['name'].".txt"); + } + else{ + $new_aliases[]= $cbalias; + if (file_exists($pfb_alias_dir.'/'.$alias.'.txt') && $message ==""){ + preg_match("/(\d+)/",exec("/usr/bin/wc -l ".$pfb_alias_dir.'/'.$alias.'.txt'),$matches); } + if (($matches[1] * 2.1)>= $table_limit ) + #alias table too large + $message= $alias .' alias table is too large. Reduce networks in list or increase "Firewall Maximum Table Entries" value to at least '. (int)($matches[1] * 2.1) .' in "system - advanced - Firewall/NAT".'; } } #apply new alias table to xml -- cgit v1.2.3