From 4a4429cbcf28a631014574eaf2b93f0b41555995 Mon Sep 17 00:00:00 2001 From: jim-p Date: Thu, 29 Dec 2011 09:30:05 -0500 Subject: Add a periodic cron job to keep an eye on the size of swap.state and rm/rotate as needed. Also remove swap.state before the daily rotate process runs, and make sure that the daily rotate happens each day even when the normal log rotation is disabled (set logfile_rotate to 0 if not set in the GUI) --- config/squid/squid.inc | 73 ++++++++++++++++++++++++++++------------ config/squid/squid.xml | 5 +++ config/squid/swapstate_check.php | 48 ++++++++++++++++++++++++++ 3 files changed, 104 insertions(+), 22 deletions(-) create mode 100644 config/squid/swapstate_check.php (limited to 'config/squid') diff --git a/config/squid/squid.inc b/config/squid/squid.inc index 5ad2eb4c..cd05151a 100644 --- a/config/squid/squid.inc +++ b/config/squid/squid.inc @@ -210,6 +210,8 @@ function squid_install_command() { exec("/bin/rm /usr/local/etc/rc.d/squid"); squid_write_rcfile(); exec("chmod a+rx /usr/local/libexec/squid/dnsserver"); + if(file_exists("/usr/local/pkg/swapstate_check.php")) + exec("/bin/chmod a+x /usr/local/pkg/swapstate_check.php"); foreach (array( SQUID_CONFBASE, SQUID_ACLDIR, @@ -534,21 +536,29 @@ function squid_install_cron($should_install) { global $config, $g; if($g['booting']==true) return; - $is_installed = false; + $rotate_is_installed = false; + $swapstate_is_installed = false; if(!$config['cron']['item']) return; + $settings = $config['installedpackages']['squidcache']['config'][0]; + $x=0; + $rotate_job_id=-1; + $swapstate_job_id=-1; + foreach($config['cron']['item'] as $item) { if(strstr($item['task_name'], "squid_rotate_logs")) { - $is_installed = true; - break; + $rotate_job_id = $x; + } elseif(strstr($item['task_name'], "squid_check_swapstate")) { + $swapstate_job_id = $x; } $x++; } + $need_write = false; switch($should_install) { case true: - if(!$is_installed) { - $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); + $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); + if($rotate_job_id < 0) { $cron_item = array(); $cron_item['task_name'] = "squid_rotate_logs"; $cron_item['minute'] = "0"; @@ -557,24 +567,44 @@ function squid_install_cron($should_install) { $cron_item['month'] = "*"; $cron_item['wday'] = "*"; $cron_item['who'] = "root"; - $cron_item['command'] = "/bin/rm {$cachedir}/swap.state; /usr/local/sbin/squid -k rotate"; + $cron_item['command'] = "/bin/rm {$cachedir}/swap.state; /usr/local/sbin/squid -k rotate"; + $config['cron']['item'][] = $cron_item; + $need_write = true; + } + if($swapstate_job_id < 0) { + $cron_item = array(); + $cron_item['task_name'] = "squid_check_swapstate"; + $cron_item['minute'] = "*/15"; + $cron_item['hour'] = "*"; + $cron_item['mday'] = "*"; + $cron_item['month'] = "*"; + $cron_item['wday'] = "*"; + $cron_item['who'] = "root"; + $cron_item['command'] = "/usr/local/pkg/swapstate_check.php"; $config['cron']['item'][] = $cron_item; + $need_write = true; + } + if ($need_write) { parse_config(true); - write_config("Squid Log Rotation"); - configure_cron(); + write_config("Adding Squid Cron Jobs"); } break; case false: - if($is_installed == true) { - if($x > 0) { - unset($config['cron']['item'][$x]); - parse_config(true); - write_config(); - } - configure_cron(); + if($rotate_job_id >= 0) { + unset($config['cron']['item'][$rotate_job_id]); + $need_write = true; + } + if($swapstate_job_id >= 0) { + unset($config['cron']['item'][$swapstate_job_id]); + $need_write = true; + } + if ($need_write) { + parse_config(true); + write_config("Removing Squid Cron Jobs"); } break; } + configure_cron(); } function squid_resync_general() { @@ -626,13 +656,12 @@ cache_store_log none EOD; - if (!empty($settings['log_rotate'])) { - $conf .= "logfile_rotate {$settings['log_rotate']}\n"; - squid_install_cron(true); - } - else { - squid_install_cron(false); - } + // Per squid docs, setting logfile_rotate to 0 is safe and causes a simple close/reopen. + // Rotating also ensures that swap.state is rewritten, so is useful even if the logs + // are not being rotated. + $rotate = empty($settings['log_rotate']) ? 0 : $settings['log_rotate']; + $conf .= "logfile_rotate {$settings['log_rotate']}\n"; + squid_install_cron(true); $conf .= <<0755 http://www.pfsense.org/packages/config/squid/squid_cache.xml + + /usr/local/pkg/ + 0755 + http://www.pfsense.org/packages/config/squid/swapstate_check.php + Proxy interface diff --git a/config/squid/swapstate_check.php b/config/squid/swapstate_check.php new file mode 100644 index 00000000..ab5b11d8 --- /dev/null +++ b/config/squid/swapstate_check.php @@ -0,0 +1,48 @@ +#!/usr/local/bin/php -q + 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { + mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); + log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); +} +?> \ No newline at end of file -- cgit v1.2.3