]>
Commit | Line | Data |
---|---|---|
d56fc335 MT |
1 | #!/bin/sh |
2 | # Begin $rc_base/init.d/squid | |
3 | ||
4 | . /etc/sysconfig/rc | |
5 | . $rc_functions | |
6 | ||
18322edf CS |
7 | chown -R squid:squid /var/log/squid |
8 | chown -R squid:squid /var/log/squidGuard | |
9 | ||
ab4a5a35 | 10 | |
d56fc335 MT |
11 | transparent() { |
12 | DEVICE=$1 | |
ab4a5a35 | 13 | |
d56fc335 MT |
14 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) |
15 | eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) | |
ab4a5a35 | 16 | |
d56fc335 | 17 | # If the proxy port is not set we set the default to 800. |
0f6b6067 MT |
18 | if [ -z "${TRANSPARENT_PORT}" ]; then |
19 | TRANSPARENT_PORT=800 | |
d56fc335 MT |
20 | fi |
21 | ||
22 | LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n` | |
23 | if [ -z $LOCALIP ]; then | |
24 | boot_mesg "Couldn't read local-ipaddress" ${FAILURE} | |
25 | exit 1 | |
26 | fi | |
27 | ||
28 | COUNT=1 | |
29 | FILE=/var/ipfire/vpn/config | |
30 | ||
31 | while read LINE; do | |
32 | let COUNT=$COUNT+1 | |
33 | CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'` | |
34 | if [ "$CONN_TYPE" != "net" ]; then | |
35 | continue | |
bb91c2f7 MF |
36 | fi |
37 | iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN | |
d56fc335 | 38 | done < $FILE |
bb91c2f7 | 39 | |
d56fc335 MT |
40 | if [ "$RED_TYPE" == "STATIC" ]; then |
41 | iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN | |
42 | fi | |
bb91c2f7 | 43 | |
d56fc335 | 44 | iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN |
bb91c2f7 | 45 | |
0f6b6067 | 46 | iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}" |
d56fc335 MT |
47 | } |
48 | ||
49 | case "$1" in | |
50 | start) | |
8b202790 CS |
51 | getpids "squid" |
52 | ||
53 | if [ -n "${pidlist}" ]; then | |
54 | echo -e "Squid is already running with Process"\ | |
55 | "ID(s) ${pidlist}.${NORMAL}" | |
56 | evaluate_retval | |
57 | exit | |
58 | fi | |
ab4a5a35 | 59 | |
ab4a5a35 AF |
60 | eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings) |
61 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) | |
62 | ||
d56fc335 | 63 | if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then |
ab4a5a35 AF |
64 | # Add Address to errorpage stylesheet |
65 | sed "s|XXXhostXXX|$GREEN_ADDRESS|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \ | |
66 | /etc/squid/errorpage.css | |
67 | ||
754f508b MT |
68 | boot_mesg "Creating Squid swap directories..." |
69 | /usr/sbin/squid -z >/dev/null 2>&1 | |
70 | evaluate_retval | |
71 | ||
72 | # Make sure, that the process above has finished. | |
73 | counter=5 | |
74 | while [ ${counter} -gt 0 ]; do | |
75 | if pidofproc -s /usr/sbin/squid; then | |
76 | sleep 1 | |
77 | else | |
78 | break | |
79 | fi | |
80 | done | |
81 | ||
203c2787 | 82 | boot_mesg "Starting Squid Proxy Server..." |
d4c6ba21 | 83 | loadproc /usr/sbin/squid |
d56fc335 MT |
84 | fi |
85 | ||
d56fc335 MT |
86 | if [ -e /var/ipfire/proxy/transparent ]; then |
87 | transparent $GREEN_DEV | |
88 | fi | |
89 | if [ -e /var/ipfire/proxy/transparent_blue ]; then | |
90 | transparent $BLUE_DEV | |
91 | fi | |
92 | ;; | |
93 | ||
94 | stop) | |
3fcc9b67 MT |
95 | iptables -t nat -F SQUID |
96 | ||
af95dec5 | 97 | if [ -e /var/run/squid.pid ]; then |
6113575d | 98 | boot_mesg -n "Stopping Squid Proxy Server (this may take up to a few minutes)..." |
09b58b25 | 99 | squid -k shutdown >/dev/null 2>&1 |
517d02ab | 100 | |
6113575d MF |
101 | # If some squid processes are still running, wait up to 360 seconds |
102 | # before we go on to kill the remaining process(es) and delete damaged | |
103 | # '/var/log/cache/swap.state'. | |
104 | n=0 | |
105 | while squid -k check &>/dev/null && [ $n -lt 360 ]; do | |
106 | # Print a dot every 6 seconds | |
107 | [ $(( ${n} % 6 )) -eq 0 ] && boot_mesg -n . | |
517d02ab | 108 | |
6113575d | 109 | n=$(( ${n} + 1 )) |
517d02ab | 110 | sleep 1 |
517d02ab | 111 | done |
6113575d MF |
112 | boot_mesg "" # end line |
113 | ||
114 | # If (squid-1) is still running, kill all squid processes | |
115 | if squid -k check &>/dev/null || pgrep -fl "(squid-1)" >/dev/null 2>&1; then | |
116 | killproc /usr/sbin/squid >/dev/null | |
117 | echo_failure | |
118 | ||
119 | # Remove damaged journal of cache index | |
120 | rm -f /var/log/cache/swap.state | |
121 | ||
122 | boot_mesg -n "WARNING: squid could not be gracefully shut down." ${WARNING} | |
123 | boot_mesg -n " The cache index was damaged and has been removed." | |
124 | boot_mesg -n " The cache data has not been lost and the index will be" | |
125 | boot_mesg -n " recreated at the next start." | |
126 | boot_mesg "" ${NORMAL} | |
127 | echo_warning | |
128 | else | |
129 | logger -t squid "squid shutdown time: ${n} seconds" | |
130 | ||
131 | echo_ok | |
132 | fi | |
691b2836 MT |
133 | |
134 | # Kill any redirector processes that might have been left running | |
135 | killproc /usr/bin/squidGuard >/dev/null & | |
136 | killproc /usr/sbin/updxlrator >/dev/null & | |
137 | killproc /usr/bin/squidclamav >/dev/null & | |
138 | killproc /usr/sbin/redirect_wrapper >/dev/null & | |
139 | wait | |
09b58b25 | 140 | fi |
6113575d MF |
141 | |
142 | # Trash remain pid file from squid. | |
143 | rm -f /var/run/squid.pid | |
d56fc335 MT |
144 | ;; |
145 | ||
146 | restart) | |
147 | $0 stop | |
186e3d2c | 148 | sleep 5 |
d56fc335 MT |
149 | $0 start |
150 | ;; | |
151 | ||
fe1656d2 | 152 | reconfigure) |
3fcc9b67 | 153 | /usr/sbin/squid -k reconfigure |
fe1656d2 CS |
154 | ;; |
155 | ||
d56fc335 MT |
156 | status) |
157 | statusproc /usr/sbin/squid | |
158 | statusproc /usr/lib/squid/unlinkd | |
159 | ;; | |
bb91c2f7 | 160 | |
d56fc335 MT |
161 | flush) |
162 | $0 stop | |
6113575d | 163 | rm -rf /var/log/cache/* |
d56fc335 MT |
164 | sleep 1 |
165 | $0 start | |
166 | ;; | |
bb91c2f7 | 167 | |
2b5b6b9e CS |
168 | setperms) |
169 | chown -R nobody.squid /var/updatecache/ | |
170 | ;; | |
d56fc335 MT |
171 | |
172 | *) | |
173 | echo "Usage: $0 {start|stop|restart|status|flush}" | |
174 | exit 1 | |
175 | ;; | |
176 | esac | |
177 | ||
178 | # End $rc_base/init.d/squid |