webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 19:15:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
0f6b606785f640bfa5dcbc78616ebb4d194f578e
bpfire/src/initscripts/init.d/squid
Michael Tremer 0f6b606785 squid: Implement intercept mode.
2013-10-14 13:54:24 +02:00

163 lines
3.6 KiB
Bash
Raw Blame History

#!/bin/sh
# Begin $rc_base/init.d/squid
. /etc/sysconfig/rc
. $rc_functions
chown -R squid:squid /var/log/squid
chown -R squid:squid /var/log/squidGuard
transparent() {
DEVICE=$1
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
# If the proxy port is not set we set the default to 800.
if [ -z "${TRANSPARENT_PORT}" ]; then
TRANSPARENT_PORT=800
fi
LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n`
if [ -z $LOCALIP ]; then
boot_mesg "Couldn't read local-ipaddress" ${FAILURE}
exit 1
fi
COUNT=1
FILE=/var/ipfire/vpn/config
while read LINE; do
let COUNT=$COUNT+1
CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'`
if [ "$CONN_TYPE" != "net" ]; then
continue
fi
iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN
done < $FILE
if [ "$RED_TYPE" == "STATIC" ]; then
iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
fi
iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
}
case "$1" in
start)
getpids "squid"
if [ -n "${pidlist}" ]; then
echo -e "Squid is already running with Process"\
"ID(s) ${pidlist}.${NORMAL}"
evaluate_retval
exit
fi
eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings)
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then
# Add Address to errorpage stylesheet
sed "s|XXXhostXXX|$GREEN_ADDRESS|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \
/etc/squid/errorpage.css
boot_mesg "Creating Squid swap directories..."
/usr/sbin/squid -z >/dev/null 2>&1
evaluate_retval
# Make sure, that the process above has finished.
counter=5
while [ ${counter} -gt 0 ]; do
if pidofproc -s /usr/sbin/squid; then
sleep 1
else
break
fi
done
boot_mesg "Starting Squid Proxy Server..."
loadproc /usr/sbin/squid
fi
if [ -e /var/ipfire/proxy/transparent ]; then
transparent $GREEN_DEV
fi
if [ -e /var/ipfire/proxy/transparent_blue ]; then
transparent $BLUE_DEV
fi
;;
stop)
iptables -t nat -F SQUID
if [ -e /var/run/squid.pid ]; then
boot_mesg "Stopping Squid Proxy Server..."
squid -k shutdown >/dev/null 2>&1
evaluate_retval
# Stop squidGuard, updxlrator, squidclamav
# and redirect_wrappers.
killproc /usr/bin/squidGuard >/dev/null &
killproc /usr/sbin/updxlrator >/dev/null &
killproc /usr/bin/squidclamav >/dev/null &
killproc /usr/sbin/redirect_wrapper >/dev/null &
# Wait until all redirectors have been stopped.
wait
# If squid is still running, wait up to 30 seconds
# before we go on to kill it.
counter=30
while [ ${counter} -gt 0 ]; do
statusproc /usr/sbin/squid >/dev/null && break;
sleep 1
counter=$(( ${counter} - 1))
done
# Kill squid service, if still running.
killproc /usr/sbin/squid >/dev/null
# Trash remain pid file from squid.
rm -rf /var/run/squid.pid
fi
;;
restart)
$0 stop
sleep 5
$0 start
;;
reconfigure)
/usr/sbin/squid -k reconfigure
;;
status)
statusproc /usr/sbin/squid
statusproc /usr/lib/squid/unlinkd
;;
flush)
$0 stop
echo > /var/log/cache/swap.state
chown squid.squid /var/log/cache/swap.state
sleep 1
$0 start
;;
setperms)
chown -R nobody.squid /var/updatecache/
;;
*)
echo "Usage: $0 {start|stop|restart|status|flush}"
exit 1
;;
esac
# End $rc_base/init.d/squid
Reference in New Issue View Git Blame Copy Permalink