[people/pmueller/ipfire-2.x.git] / src / initscripts / init.d / squid

#!/bin/sh
# Begin $rc_base/init.d/squid

. /etc/sysconfig/rc
. $rc_functions

chown -R squid:squid /var/log/squid
chown -R squid:squid /var/log/squidGuard


transparent() {
		DEVICE=$1

		eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
		eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)

		# If the proxy port is not set we set the default to 800.
		if [ -z "${TRANSPARENT_PORT}" ]; then
			TRANSPARENT_PORT=800
		fi

		LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n`
		if [ -z $LOCALIP ]; then
			boot_mesg "Couldn't read local-ipaddress" ${FAILURE}
			exit 1
		fi

		COUNT=1
		FILE=/var/ipfire/vpn/config

		while read LINE; do
			let COUNT=$COUNT+1
			CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'`
			if [ "$CONN_TYPE" != "net" ]; then
				continue
			fi
		iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN
		done < $FILE

		if [ "$RED_TYPE" == "STATIC" ]; then
			iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
		fi

		iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN

		iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
}

case "$1" in
	start)
		getpids "squid"

		if [ -n "${pidlist}" ]; then
			echo -e "Squid is already running with Process"\
				"ID(s) ${pidlist}.${NORMAL}"
		evaluate_retval
		exit
		fi

		eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings)
		eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)

		if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then
			# Add Address to errorpage stylesheet
			sed "s|XXXhostXXX|$GREEN_ADDRESS|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \
				/etc/squid/errorpage.css

			boot_mesg "Creating Squid swap directories..."
			/usr/sbin/squid -z >/dev/null 2>&1
			evaluate_retval

			# Make sure, that the process above has finished.
			counter=5
			while [ ${counter} -gt 0 ]; do
				if pidofproc -s /usr/sbin/squid; then
					sleep 1
				else
					break
				fi
			done

			boot_mesg "Starting Squid Proxy Server..."
			loadproc /usr/sbin/squid
		fi

		if [ -e /var/ipfire/proxy/transparent ]; then
			transparent $GREEN_DEV
		fi
		if [ -e /var/ipfire/proxy/transparent_blue ]; then
			transparent $BLUE_DEV
		fi
		;;

	stop)
		iptables -t nat -F SQUID

		if [ -e /var/run/squid.pid ]; then
			boot_mesg -n "Stopping Squid Proxy Server (this may take up to a few minutes)..."
			squid -k shutdown >/dev/null 2>&1

			# If some squid processes are still running, wait up to 360 seconds
			# before we go on to kill the remaining process(es) and delete damaged
			# '/var/log/cache/swap.state'.
			n=0
			while squid -k check &>/dev/null && [ $n -lt 360 ]; do
				# Print a dot every 6 seconds
				[ $(( ${n} % 6 )) -eq 0 ] && boot_mesg -n .

				n=$(( ${n} + 1 ))
				sleep 1
			done
			boot_mesg "" # end line

			# If (squid-1) is still running, kill all squid processes
			if squid -k check &>/dev/null || pgrep -fl "(squid-1)" >/dev/null 2>&1; then
				killproc /usr/sbin/squid >/dev/null
				echo_failure

				# Remove damaged journal of cache index
				rm -f /var/log/cache/swap.state

				boot_mesg -n "WARNING: squid could not be gracefully shut down." ${WARNING}
				boot_mesg -n " The cache index was damaged and has been removed."
				boot_mesg -n " The cache data has not been lost and the index will be"
				boot_mesg -n " recreated at the next start."
				boot_mesg "" ${NORMAL}
				echo_warning
			else
				logger -t squid "squid shutdown time: ${n} seconds"

				echo_ok
			fi

			# Kill any redirector processes that might have been left running
			killproc /usr/bin/squidGuard >/dev/null &
			killproc /usr/sbin/updxlrator >/dev/null &
			killproc /usr/bin/squidclamav >/dev/null &
			killproc /usr/sbin/redirect_wrapper >/dev/null &
			wait
		fi

		# Trash remain pid file from squid.
		rm -f /var/run/squid.pid
		;;

	restart)
		$0 stop
		sleep 5
		$0 start
		;;

	reconfigure)
		/usr/sbin/squid -k reconfigure
		;;

	status)
		statusproc /usr/sbin/squid
		statusproc /usr/lib/squid/unlinkd
		;;

	flush)
		$0 stop
		rm -rf /var/log/cache/*
		sleep 1
		$0 start
		;;

	setperms)
		chown -R nobody.squid /var/updatecache/
		;;

	*)
		echo "Usage: $0 {start|stop|restart|status|flush}"
		exit 1
		;;
esac

# End $rc_base/init.d/squid
Commit	Line	Data
d56fc335 MT	1	#!/bin/sh
	2	# Begin $rc_base/init.d/squid
	3
	4	. /etc/sysconfig/rc
	5	. $rc_functions
	6
18322edf CS	7	chown -R squid:squid /var/log/squid
	8	chown -R squid:squid /var/log/squidGuard
	9
ab4a5a35	10
d56fc335 MT	11	transparent() {
d56fc335 MT	12	DEVICE=$1
ab4a5a35	13
d56fc335 MT	14	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
d56fc335 MT	15	eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
ab4a5a35	16
d56fc335	17	# If the proxy port is not set we set the default to 800.
0f6b6067 MT	18	if [ -z "${TRANSPARENT_PORT}" ]; then
0f6b6067 MT	19	TRANSPARENT_PORT=800
d56fc335 MT	20	fi
	21
	22	LOCALIP=`cat /var/ipfire/red/local-ipaddress \| tr -d \n`
	23	if [ -z $LOCALIP ]; then
	24	boot_mesg "Couldn't read local-ipaddress" ${FAILURE}
	25	exit 1
	26	fi
	27
	28	COUNT=1
	29	FILE=/var/ipfire/vpn/config
	30
	31	while read LINE; do
	32	let COUNT=$COUNT+1
	33	CONN_TYPE=`echo "$LINE" \| awk -F, '{ print $5 }'`
	34	if [ "$CONN_TYPE" != "net" ]; then
	35	continue
bb91c2f7 MF	36	fi
bb91c2f7 MF	37	iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" \| awk -F, '{ print $13 }'` --dport 80 -j RETURN
d56fc335	38	done < $FILE
bb91c2f7	39
d56fc335 MT	40	if [ "$RED_TYPE" == "STATIC" ]; then
	41	iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
	42	fi
bb91c2f7	43
d56fc335	44	iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
bb91c2f7	45
0f6b6067	46	iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
d56fc335 MT	47	}
	48
	49	case "$1" in
	50	start)
8b202790 CS	51	getpids "squid"
	52
	53	if [ -n "${pidlist}" ]; then
	54	echo -e "Squid is already running with Process"\
	55	"ID(s) ${pidlist}.${NORMAL}"
	56	evaluate_retval
	57	exit
	58	fi
ab4a5a35	59
ab4a5a35 AF	60	eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings)
	61	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
	62
d56fc335	63	if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then
ab4a5a35 AF	64	# Add Address to errorpage stylesheet
	65	sed "s\|XXXhostXXX\|$GREEN_ADDRESS\|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \
	66	/etc/squid/errorpage.css
	67
754f508b MT	68	boot_mesg "Creating Squid swap directories..."
	69	/usr/sbin/squid -z >/dev/null 2>&1
	70	evaluate_retval
	71
	72	# Make sure, that the process above has finished.
	73	counter=5
	74	while [ ${counter} -gt 0 ]; do
	75	if pidofproc -s /usr/sbin/squid; then
	76	sleep 1
	77	else
	78	break
	79	fi
	80	done
	81
203c2787	82	boot_mesg "Starting Squid Proxy Server..."
d4c6ba21	83	loadproc /usr/sbin/squid
d56fc335 MT	84	fi
d56fc335 MT	85
d56fc335 MT	86	if [ -e /var/ipfire/proxy/transparent ]; then
	87	transparent $GREEN_DEV
	88	fi
	89	if [ -e /var/ipfire/proxy/transparent_blue ]; then
	90	transparent $BLUE_DEV
	91	fi
	92	;;
	93
	94	stop)
3fcc9b67 MT	95	iptables -t nat -F SQUID
3fcc9b67 MT	96
af95dec5	97	if [ -e /var/run/squid.pid ]; then
6113575d	98	boot_mesg -n "Stopping Squid Proxy Server (this may take up to a few minutes)..."
09b58b25	99	squid -k shutdown >/dev/null 2>&1
517d02ab	100
6113575d MF	101	# If some squid processes are still running, wait up to 360 seconds
	102	# before we go on to kill the remaining process(es) and delete damaged
	103	# '/var/log/cache/swap.state'.
	104	n=0
	105	while squid -k check &>/dev/null && [ $n -lt 360 ]; do
	106	# Print a dot every 6 seconds
	107	[ $(( ${n} % 6 )) -eq 0 ] && boot_mesg -n .
517d02ab	108
6113575d	109	n=$(( ${n} + 1 ))
517d02ab	110	sleep 1
517d02ab	111	done
6113575d MF	112	boot_mesg "" # end line
	113
	114	# If (squid-1) is still running, kill all squid processes
	115	if squid -k check &>/dev/null \|\| pgrep -fl "(squid-1)" >/dev/null 2>&1; then
	116	killproc /usr/sbin/squid >/dev/null
	117	echo_failure
	118
	119	# Remove damaged journal of cache index
	120	rm -f /var/log/cache/swap.state
	121
	122	boot_mesg -n "WARNING: squid could not be gracefully shut down." ${WARNING}
	123	boot_mesg -n " The cache index was damaged and has been removed."
	124	boot_mesg -n " The cache data has not been lost and the index will be"
	125	boot_mesg -n " recreated at the next start."
	126	boot_mesg "" ${NORMAL}
	127	echo_warning
	128	else
	129	logger -t squid "squid shutdown time: ${n} seconds"
	130
	131	echo_ok
	132	fi
691b2836 MT	133
	134	# Kill any redirector processes that might have been left running
	135	killproc /usr/bin/squidGuard >/dev/null &
	136	killproc /usr/sbin/updxlrator >/dev/null &
	137	killproc /usr/bin/squidclamav >/dev/null &
	138	killproc /usr/sbin/redirect_wrapper >/dev/null &
	139	wait
09b58b25	140	fi
6113575d MF	141
	142	# Trash remain pid file from squid.
	143	rm -f /var/run/squid.pid
d56fc335 MT	144	;;
	145
	146	restart)
	147	$0 stop
186e3d2c	148	sleep 5
d56fc335 MT	149	$0 start
	150	;;
	151
fe1656d2	152	reconfigure)
3fcc9b67	153	/usr/sbin/squid -k reconfigure
fe1656d2 CS	154	;;
fe1656d2 CS	155
d56fc335 MT	156	status)
	157	statusproc /usr/sbin/squid
	158	statusproc /usr/lib/squid/unlinkd
	159	;;
bb91c2f7	160
d56fc335 MT	161	flush)
d56fc335 MT	162	$0 stop
6113575d	163	rm -rf /var/log/cache/*
d56fc335 MT	164	sleep 1
	165	$0 start
	166	;;
bb91c2f7	167
2b5b6b9e CS	168	setperms)
	169	chown -R nobody.squid /var/updatecache/
	170	;;
d56fc335 MT	171
	172	*)
	173	echo "Usage: $0 {start\|stop\|restart\|status\|flush}"
	174	exit 1
	175	;;
	176	esac
	177
	178	# End $rc_base/init.d/squid