]>
Commit | Line | Data |
---|---|---|
d56fc335 MT |
1 | #!/bin/sh |
2 | # Begin $rc_base/init.d/squid | |
3 | ||
4 | . /etc/sysconfig/rc | |
5 | . $rc_functions | |
6 | ||
18322edf CS |
7 | chown -R squid:squid /var/log/squid |
8 | chown -R squid:squid /var/log/squidGuard | |
9 | ||
ab4a5a35 | 10 | |
d56fc335 MT |
11 | transparent() { |
12 | DEVICE=$1 | |
ab4a5a35 | 13 | |
d56fc335 MT |
14 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) |
15 | eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) | |
ab4a5a35 | 16 | |
d56fc335 | 17 | # If the proxy port is not set we set the default to 800. |
0f6b6067 MT |
18 | if [ -z "${TRANSPARENT_PORT}" ]; then |
19 | TRANSPARENT_PORT=800 | |
d56fc335 MT |
20 | fi |
21 | ||
22 | LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n` | |
23 | if [ -z $LOCALIP ]; then | |
24 | boot_mesg "Couldn't read local-ipaddress" ${FAILURE} | |
25 | exit 1 | |
26 | fi | |
27 | ||
28 | COUNT=1 | |
29 | FILE=/var/ipfire/vpn/config | |
30 | ||
31 | while read LINE; do | |
32 | let COUNT=$COUNT+1 | |
33 | CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'` | |
34 | if [ "$CONN_TYPE" != "net" ]; then | |
35 | continue | |
36 | fi | |
37 | iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN | |
38 | done < $FILE | |
39 | ||
40 | if [ "$RED_TYPE" == "STATIC" ]; then | |
41 | iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN | |
42 | fi | |
43 | ||
44 | iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN | |
45 | ||
0f6b6067 | 46 | iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}" |
d56fc335 MT |
47 | } |
48 | ||
49 | case "$1" in | |
50 | start) | |
8b202790 CS |
51 | getpids "squid" |
52 | ||
53 | if [ -n "${pidlist}" ]; then | |
54 | echo -e "Squid is already running with Process"\ | |
55 | "ID(s) ${pidlist}.${NORMAL}" | |
56 | evaluate_retval | |
57 | exit | |
58 | fi | |
ab4a5a35 AF |
59 | |
60 | ||
61 | eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings) | |
62 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) | |
63 | ||
d56fc335 | 64 | if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then |
ab4a5a35 AF |
65 | # Add Address to errorpage stylesheet |
66 | sed "s|XXXhostXXX|$GREEN_ADDRESS|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \ | |
67 | /etc/squid/errorpage.css | |
68 | ||
754f508b MT |
69 | boot_mesg "Creating Squid swap directories..." |
70 | /usr/sbin/squid -z >/dev/null 2>&1 | |
71 | evaluate_retval | |
72 | ||
73 | # Make sure, that the process above has finished. | |
74 | counter=5 | |
75 | while [ ${counter} -gt 0 ]; do | |
76 | if pidofproc -s /usr/sbin/squid; then | |
77 | sleep 1 | |
78 | else | |
79 | break | |
80 | fi | |
81 | done | |
82 | ||
203c2787 | 83 | boot_mesg "Starting Squid Proxy Server..." |
d4c6ba21 | 84 | loadproc /usr/sbin/squid |
d56fc335 MT |
85 | fi |
86 | ||
d56fc335 MT |
87 | if [ -e /var/ipfire/proxy/transparent ]; then |
88 | transparent $GREEN_DEV | |
89 | fi | |
90 | if [ -e /var/ipfire/proxy/transparent_blue ]; then | |
91 | transparent $BLUE_DEV | |
92 | fi | |
93 | ;; | |
94 | ||
95 | stop) | |
a332b303 | 96 | iptables -t nat -F SQUID |
af95dec5 | 97 | if [ -e /var/run/squid.pid ]; then |
09b58b25 | 98 | boot_mesg "Stopping Squid Proxy Server..." |
09b58b25 CS |
99 | squid -k shutdown >/dev/null 2>&1 |
100 | evaluate_retval | |
517d02ab SS |
101 | |
102 | # Stop squidGuard, updxlrator, squidclamav | |
103 | # and redirect_wrappers. | |
104 | killproc /usr/bin/squidGuard >/dev/null & | |
105 | killproc /usr/sbin/updxlrator >/dev/null & | |
106 | killproc /usr/bin/squidclamav >/dev/null & | |
107 | killproc /usr/sbin/redirect_wrapper >/dev/null & | |
108 | ||
109 | # Wait until all redirectors have been stopped. | |
110 | wait | |
111 | ||
112 | # If squid is still running, wait up to 30 seconds | |
113 | # before we go on to kill it. | |
114 | counter=30 | |
115 | ||
116 | while [ ${counter} -gt 0 ]; do | |
117 | statusproc /usr/sbin/squid >/dev/null && break; | |
118 | sleep 1 | |
119 | counter=$(( ${counter} - 1)) | |
120 | done | |
121 | ||
122 | # Kill squid service, if still running. | |
09b58b25 | 123 | killproc /usr/sbin/squid >/dev/null |
517d02ab SS |
124 | |
125 | # Trash remain pid file from squid. | |
a332b303 | 126 | rm -rf /var/run/squid.pid |
09b58b25 | 127 | fi |
d56fc335 MT |
128 | ;; |
129 | ||
130 | restart) | |
131 | $0 stop | |
186e3d2c | 132 | sleep 5 |
d56fc335 MT |
133 | $0 start |
134 | ;; | |
135 | ||
fe1656d2 CS |
136 | reconfigure) |
137 | /usr/sbin/squid -k reconfigure | |
138 | ;; | |
139 | ||
d56fc335 MT |
140 | status) |
141 | statusproc /usr/sbin/squid | |
142 | statusproc /usr/lib/squid/unlinkd | |
143 | ;; | |
144 | ||
145 | flush) | |
146 | $0 stop | |
147 | echo > /var/log/cache/swap.state | |
148 | chown squid.squid /var/log/cache/swap.state | |
149 | sleep 1 | |
150 | $0 start | |
151 | ;; | |
2b5b6b9e CS |
152 | setperms) |
153 | chown -R nobody.squid /var/updatecache/ | |
154 | ;; | |
d56fc335 MT |
155 | |
156 | *) | |
157 | echo "Usage: $0 {start|stop|restart|status|flush}" | |
158 | exit 1 | |
159 | ;; | |
160 | esac | |
161 | ||
162 | # End $rc_base/init.d/squid |