From d56fc335c781ab988052b67d864a47c1ec05cd51 Mon Sep 17 00:00:00 2001 From: ms Date: Mon, 30 Apr 2007 21:20:20 +0000 Subject: [PATCH] Neue Proxysteuerung. git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@510 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 --- config/rootfiles/common/initscripts | 1 + config/rootfiles/common/misc-progs | 2 +- html/cgi-bin/proxy.cgi | 11 +- src/initscripts/init.d/squid | 98 ++++++ src/misc-progs/Makefile | 6 +- src/misc-progs/restartsquid.c | 449 ---------------------------- src/misc-progs/squidctrl.c | 45 +++ 7 files changed, 155 insertions(+), 457 deletions(-) create mode 100644 src/initscripts/init.d/squid delete mode 100644 src/misc-progs/restartsquid.c create mode 100644 src/misc-progs/squidctrl.c diff --git a/config/rootfiles/common/initscripts b/config/rootfiles/common/initscripts index fca5379075..431c65bca5 100644 --- a/config/rootfiles/common/initscripts +++ b/config/rootfiles/common/initscripts @@ -26,6 +26,7 @@ etc/rc.d/init.d/reboot etc/rc.d/init.d/red etc/rc.d/init.d/sendsignals etc/rc.d/init.d/setclock +etc/rc.d/init.d/squid etc/rc.d/init.d/sshd etc/rc.d/init.d/swap etc/rc.d/init.d/sysctl diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs index c6b4673585..6d2ed9e278 100644 --- a/config/rootfiles/common/misc-progs +++ b/config/rootfiles/common/misc-progs @@ -13,7 +13,6 @@ usr/local/bin/restartapplejuice usr/local/bin/restartdhcp usr/local/bin/restartntpd usr/local/bin/restartsnort -usr/local/bin/restartsquid usr/local/bin/restartssh usr/local/bin/restartsyslogd usr/local/bin/restartwireless @@ -24,5 +23,6 @@ usr/local/bin/setfilters usr/local/bin/setportfw usr/local/bin/setxtaccess usr/local/bin/smartctrl +usr/local/bin/squidctrl usr/local/bin/timecheckctrl usr/local/bin/upnpctrl diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index d7827c4869..05a75c3bb8 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -581,27 +581,30 @@ ERROR: &writeconfig; &writepacfile; + system ('/usr/local/bin/squidctrl', 'disable'); unlink "${General::swroot}/proxy/enable"; unlink "${General::swroot}/proxy/transparent"; unlink "${General::swroot}/proxy/enable_blue"; unlink "${General::swroot}/proxy/transparent_blue"; if ($proxysettings{'ENABLE'} eq 'on') { - system ('/usr/bin/touch', "${General::swroot}/proxy/enable"); } + system ('/usr/bin/touch', "${General::swroot}/proxy/enable"); + system ('/usr/local/bin/squidctrl', 'enable'); } if ($proxysettings{'TRANSPARENT'} eq 'on') { system ('/usr/bin/touch', "${General::swroot}/proxy/transparent"); } if ($proxysettings{'ENABLE_BLUE'} eq 'on') { - system ('/usr/bin/touch', "${General::swroot}/proxy/enable_blue"); } + system ('/usr/bin/touch', "${General::swroot}/proxy/enable_blue"); + system ('/usr/local/bin/squidctrl', 'enable'); } if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on') { system ('/usr/bin/touch', "${General::swroot}/proxy/transparent_blue"); } - if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy save and restart'}) { system('/usr/local/bin/restartsquid'); } + if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy save and restart'}) { system('/usr/local/bin/squidctrl restart >/dev/null 2>&1'); } } } if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy clear cache'}) { - system('/usr/local/bin/restartsquid','-f'); + system('/usr/local/bin/squidctrl flush >/dev/null 2>&1'); } if (!$errormessage) diff --git a/src/initscripts/init.d/squid b/src/initscripts/init.d/squid new file mode 100644 index 0000000000..a3c351cf13 --- /dev/null +++ b/src/initscripts/init.d/squid @@ -0,0 +1,98 @@ +#!/bin/sh +# Begin $rc_base/init.d/squid + +. /etc/sysconfig/rc +. $rc_functions + +transparent() { + DEVICE=$1 + + eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) + eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) + + # If the proxy port is not set we set the default to 800. + if [ -z $PROXY_PORT ]; then + PROXY_PORT=800 + fi + + LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n` + if [ -z $LOCALIP ]; then + boot_mesg "Couldn't read local-ipaddress" ${FAILURE} + exit 1 + fi + + COUNT=1 + FILE=/var/ipfire/vpn/config + + while read LINE; do + let COUNT=$COUNT+1 + CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'` + if [ "$CONN_TYPE" != "net" ]; then + continue + fi + iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN + done < $FILE + + if [ "$RED_TYPE" == "STATIC" ]; then + iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN + fi + + iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN + + iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port $PROXY_PORT +} + +case "$1" in + start) + boot_mesg "Starting Squid Proxy Server..." + + if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then + loadproc /usr/sbin/squid -D -z >/dev/null 2>&1 + loadproc /usr/sbin/squid -D + fi + + eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) + + if [ -e /var/ipfire/proxy/transparent ]; then + transparent $GREEN_DEV + fi + if [ -e /var/ipfire/proxy/transparent_blue ]; then + transparent $BLUE_DEV + fi + ;; + + stop) + boot_mesg "Stopping Squid Proxy Server..." + iptables -t nat -F SQUID + squid -k shutdown >/dev/null 2>&1 + evaluate_retval + killproc /usr/sbin/squid >/dev/null + killproc /usr/bin/squidGuard >/dev/null + ;; + + restart) + $0 stop + sleep 1 + $0 start + ;; + + status) + statusproc /usr/sbin/squid + statusproc /usr/lib/squid/unlinkd + ;; + + flush) + $0 stop + echo > /var/log/cache/swap.state + chown squid.squid /var/log/cache/swap.state + sleep 1 + $0 start + ;; + + *) + echo "Usage: $0 {start|stop|restart|status|flush}" + exit 1 + ;; +esac + +# End $rc_base/init.d/squid diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile index 0305003c41..3dd951e2f7 100644 --- a/src/misc-progs/Makefile +++ b/src/misc-progs/Makefile @@ -5,7 +5,7 @@ COMPILE=$(CC) $(CFLAGS) PROGS = iowrap SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \ - restartsquid restartssh ipfirereboot setaliases \ + squidctrl restartssh ipfirereboot setaliases \ ipsecctrl restartntpd restartdhcp restartsnort \ restartapplejuice rebuildhosts \ restartsyslogd logwatch openvpnctrl timecheckctrl \ @@ -88,8 +88,8 @@ restartdhcp: restartdhcp.c setuid.o ../install+setup/libsmooth/varval.o restartssh: restartssh.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ restartssh.c setuid.o ../install+setup/libsmooth/varval.o -o $@ -restartsquid: restartsquid.c setuid.o ../install+setup/libsmooth/varval.o - $(COMPILE) -I../install+setup/libsmooth/ restartsquid.c setuid.o ../install+setup/libsmooth/varval.o -o $@ +squidctrl: squidctrl.c setuid.o ../install+setup/libsmooth/varval.o + $(COMPILE) -I../install+setup/libsmooth/ squidctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@ restartsnort: restartsnort.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ restartsnort.c setuid.o ../install+setup/libsmooth/varval.o -o $@ diff --git a/src/misc-progs/restartsquid.c b/src/misc-progs/restartsquid.c deleted file mode 100644 index 6218d1c65a..0000000000 --- a/src/misc-progs/restartsquid.c +++ /dev/null @@ -1,449 +0,0 @@ -/* SmoothWall helper program - restartsquid - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * - * (c) Lawrence Manning, 2001 - * Restarting squid with transparent proxying. - * - * 05/02/2004 - Roy Walker - * Exclude red network from transparent proxy to allow browsing to alias IPs - * Read in VPN settings and exclude each VPN network from transparent proxy - * - * $Id: restartsquid.c,v 1.7.2.8 2005/04/22 18:44:37 rkerr Exp $ - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include "libsmooth.h" -#include "setuid.h" - -int main(int argc, char *argv[]) -{ - int fd = -1; - int enable = 0; - int enablevpn = 0; - int transparent = 0; - int enable_blue = 0; - int transparent_blue = 0; - int running = 0; - struct stat st; - FILE *ipfile; - char localip[STRING_SIZE] = ""; - struct keyvalue *net = NULL; - struct keyvalue *squid = NULL; - char buffer[STRING_SIZE]; - char proxy_port[STRING_SIZE]; - char s[STRING_SIZE]; - char green_dev[STRING_SIZE] = ""; - char blue_dev[STRING_SIZE] = ""; - char red_netaddress[STRING_SIZE] = ""; - char red_netmask[STRING_SIZE] = ""; - char configtype[STRING_SIZE] = ""; - char redtype[STRING_SIZE] = ""; - char enableredvpn[STRING_SIZE] = ""; - char enablebluevpn[STRING_SIZE] = ""; - - if (!(initsetuid())) - exit(1); - - /* Kill running squid */ - safe_system("/sbin/iptables -t nat -F SQUID"); - safe_system("/usr/sbin/squid -k shutdown >/dev/null 2>/dev/null"); - sleep(5); - safe_system("/bin/killall -9 squid squidGuard >/dev/null 2>/dev/null"); - - /* See if proxy is enabled and / or transparent */ - if ((fd = open(CONFIG_ROOT "/proxy/enable", O_RDONLY)) != -1) - { - close(fd); - enable = 1; - } - if ((fd = open(CONFIG_ROOT "/proxy/transparent", O_RDONLY)) != -1) - { - close(fd); - transparent = 1; - } - if ((fd = open(CONFIG_ROOT "/proxy/enable_blue", O_RDONLY)) != -1) - { - close(fd); - enable_blue = 1; - } - if ((fd = open(CONFIG_ROOT "/proxy/transparent_blue", O_RDONLY)) != -1) - { - close(fd); - transparent_blue = 1; - } - - /* Read the network configuration */ - net=initkeyvalues(); - if (!readkeyvalues(net, CONFIG_ROOT "/ethernet/settings")) - { - fprintf(stderr, "Cannot read ethernet settings\n"); - exit(1); - } - if (!findkey(net, "GREEN_DEV", green_dev)) - { - fprintf(stderr, "Cannot read GREEN_DEV\n"); - exit(1); - } - if (!VALID_DEVICE(green_dev)) - { - fprintf(stderr, "Bad GREEN_DEV: %s\n", green_dev); - exit(1); - } - if (!findkey(net, "CONFIG_TYPE", configtype)) - { - fprintf(stderr, "Cannot read CONFIG_TYPE\n"); - exit(1); - } - - findkey(net, "RED_TYPE", redtype); - findkey(net, "RED_NETADDRESS", red_netaddress); - findkey(net, "RED_NETMASK", red_netmask); - findkey(net, "BLUE_DEV", blue_dev); - freekeyvalues(net); - - /* See if VPN software is enabled */ - net=initkeyvalues(); - if (!readkeyvalues(net, CONFIG_ROOT "/vpn/settings")) - { - fprintf(stderr, "Cannot read vpn settings\n"); - exit(1); - } - findkey(net, "ENABLED", enableredvpn); - findkey(net, "ENABLED_BLUE", enablebluevpn); - freekeyvalues(net); - if ( (!strcmp(enableredvpn, "on") && VALID_IP(localip)) || - (!strcmp(enablebluevpn, "on") && VALID_DEVICE(blue_dev)) ) { - enablevpn = 1; - } - - /* Retrieve the Squid pid file */ - if ((fd = open("/var/run/squid.pid", O_RDONLY)) != -1) - { - close(fd); - running = 1; - } - - /* Retrieve the RED ip address */ - stat(CONFIG_ROOT "/red/local-ipaddress", &st); - if (S_ISREG(st.st_mode)) { - if (!(ipfile = fopen(CONFIG_ROOT "/red/local-ipaddress", "r"))) - { - fprintf(stderr, "Couldn't open ip file\n"); - exit(0); - } - if (fgets(localip, STRING_SIZE, ipfile)) - { - if (localip[strlen(localip) - 1] == '\n') - localip[strlen(localip) - 1] = '\0'; - } - fclose(ipfile); - if (!VALID_IP(localip)) - { - fprintf(stderr, "Bad ip: %s\n", localip); - exit(0); - } - } - - /* See if we need to flush the cache */ - if (argc >=2) { - if (strcmp(argv[1], "-f") == 0) { - if (stat("/var/log/cache/swap.state", &st) == 0) { - struct passwd *pw; - if((pw = getpwnam("squid"))) { - endpwent(); /* probably paranoia, but just in case.. */ - unpriv_system("/bin/echo > /var/log/cache/swap.state", pw->pw_uid, pw->pw_gid); - } else { endpwent(); } - } - } - } - - if (enable || enable_blue) - { - safe_system("/usr/sbin/squid -D -z"); - safe_system("/usr/sbin/squid -D"); - } - - /* Retrieve the proxy port */ - if (transparent || transparent_blue) { - squid=initkeyvalues(); - - if (!readkeyvalues(squid, CONFIG_ROOT "/proxy/settings")) - { - fprintf(stderr, "Cannot read proxy settings\n"); - exit(1); - } - - if (!(findkey(squid, "PROXY_PORT", proxy_port))) - { - strcpy (proxy_port, "800"); - } else { - if(strspn(proxy_port, NUMBERS) != strlen(proxy_port)) - { - fprintf(stderr, "Invalid proxy port: %s, defaulting to 800\n", proxy_port); - strcpy(proxy_port, "800"); - } - } - freekeyvalues(squid); - } - - if (transparent && enable) { - int count; - char *result; - char *name; - char *type; - char *running; - char *vpn_network_mask; - char *vpn_netaddress; - char *vpn_netmask; - FILE *file = NULL; - char *conn_enabled; - - /* Darren Critchley - check to see if RED VPN is enabled before mucking with rules */ - if (!strcmp(enableredvpn, "on")) { - /* Read the /vpn/config file - no check to see if VPN is enabled */ - if (!(file = fopen(CONFIG_ROOT "/vpn/config", "r"))) { - fprintf(stderr, "Couldn't open vpn config file"); - exit(1); - } - - while (fgets(s, STRING_SIZE, file) != NULL) { - if (s[strlen(s) - 1] == '\n') - s[strlen(s) - 1] = '\0'; - running = strdup (s); - result = strsep(&running, ","); - count = 0; - name = NULL; - type = NULL; - vpn_network_mask = NULL; - conn_enabled = NULL; - while (result) { - if (count == 1) - conn_enabled = result; - if (count == 2) - name = result; - if (count == 4) - type = result; - if (count == 12 ) - vpn_network_mask = result; - count++; - result = strsep(&running, ","); - } - - if (strspn(name, LETTERS_NUMBERS) != strlen(name)) { - fprintf(stderr, "Bad connection name: %s\n", name); - exit(1); - } - - if (! (strcmp(type, "net") == 0)) { - continue; - } - - /* Darren Critchley - new check to see if connection is enabled */ - if (! (strcmp(conn_enabled, "on") == 0)) { - continue; - } - - result = strsep(&vpn_network_mask, "/"); - count = 0; - vpn_netaddress = NULL; - vpn_netmask = NULL; - while (result) { - if (count == 0) - vpn_netaddress = result; - if (count == 1) - vpn_netmask = result; - count++; - result = strsep(&vpn_network_mask, "/"); - } - - if (!VALID_IP(vpn_netaddress)) { - fprintf(stderr, "Bad network for vpn connection %s: %s\n", name, vpn_netaddress); - continue; - } - - if ((!VALID_IP(vpn_netmask)) && (!VALID_SHORT_MASK(vpn_netmask))) { - fprintf(stderr, "Bad mask for vpn connection %s: %s\n", name, vpn_netmask); - continue; - } - - memset(buffer, 0, STRING_SIZE); - if( snprintf(buffer, STRING_SIZE - 1, "/sbin/iptables -t nat -A SQUID -i %s -p tcp -d %s/%s --dport 80 -j RETURN", green_dev, vpn_netaddress, vpn_netmask) >= STRING_SIZE ) - { - fprintf(stderr, "Command too long\n"); - exit(1); - } - safe_system(buffer); - } - } - - memset(buffer, 0, STRING_SIZE); - if ( ( (strcmp(configtype, "2")==0) || (strcmp(configtype, "3")==0) || - (strcmp(configtype, "6")==0) || (strcmp(configtype, "7")==0) ) && - (VALID_IP(red_netaddress)) && (VALID_IP(red_netmask)) && - (strcmp(redtype, "STATIC")==0) ) - { - memset(buffer, 0, STRING_SIZE); - if( snprintf(buffer, STRING_SIZE - 1, "/sbin/iptables -t nat -A SQUID -i %s -p tcp -d %s/%s --dport 80 -j RETURN", green_dev, red_netaddress, red_netmask) >= STRING_SIZE ) - { - fprintf(stderr, "Command too long\n"); - exit(1); - } - safe_system(buffer); - } else if (VALID_IP(localip)) { - memset(buffer, 0, STRING_SIZE); - if( snprintf(buffer, STRING_SIZE - 1, "/sbin/iptables -t nat -A SQUID -i %s -p tcp -d %s --dport 80 -j RETURN", green_dev, localip) >= STRING_SIZE ) - { - fprintf(stderr, "Command too long\n"); - exit(1); - } - safe_system(buffer); - } - - memset(buffer, 0, STRING_SIZE); - if( snprintf(buffer, STRING_SIZE - 1, "/sbin/iptables -t nat -A SQUID -i %s -p tcp --dport 80 -j REDIRECT --to-port %s", green_dev, proxy_port) >= STRING_SIZE ) - { - fprintf(stderr, "Command too long\n"); - exit(1); - } - safe_system(buffer); - } - - if (transparent_blue && enable_blue) { - int count; - char *result; - char *name; - char *type; - char *running; - char *vpn_network_mask; - char *vpn_netaddress; - char *vpn_netmask; - char *conn_enabled; - FILE *file = NULL; - - if (! VALID_DEVICE(blue_dev)) - { - fprintf(stderr, "Bad BLUE_DEV: %s\n", blue_dev); - exit(1); - } - - /* Darren Critchley - check to see if BLUE VPN is enabled before mucking with rules */ - if (!strcmp(enablebluevpn, "on")) { - /* Read the /vpn/config file - no check to see if VPN is enabled */ - if (!(file = fopen(CONFIG_ROOT "/vpn/config", "r"))) { - fprintf(stderr, "Couldn't open vpn config file"); - exit(1); - } - while (fgets(s, STRING_SIZE, file) != NULL) { - if (s[strlen(s) - 1] == '\n') - s[strlen(s) - 1] = '\0'; - running = strdup (s); - result = strsep(&running, ","); - count = 0; - name = NULL; - type = NULL; - vpn_network_mask = NULL; - conn_enabled = NULL; - while (result) { - if (count == 1) - conn_enabled = result; - if (count == 2) - name = result; - if (count == 4) - type = result; - if (count == 12 ) - vpn_network_mask = result; - count++; - result = strsep(&running, ","); - } - - if (strspn(name, LETTERS_NUMBERS) != strlen(name)) { - fprintf(stderr, "Bad connection name: %s\n", name); - exit(1); - } - - if (! (strcmp(type, "net") == 0)) { - continue; - } - - /* Darren Critchley - new check to see if connection is enabled */ - if (! (strcmp(conn_enabled, "on") == 0)) { - continue; - } - - result = strsep(&vpn_network_mask, "/"); - count = 0; - vpn_netaddress = NULL; - vpn_netmask = NULL; - while (result) { - if (count == 0) - vpn_netaddress = result; - if (count == 1) - vpn_netmask = result; - count++; - result = strsep(&vpn_network_mask, "/"); - } - - if (!VALID_IP(vpn_netaddress)) { - fprintf(stderr, "Bad network for vpn connection %s: %s\n", name, vpn_netaddress); - continue; - } - - if ((!VALID_IP(vpn_netmask)) && (!VALID_SHORT_MASK(vpn_netmask))) { - fprintf(stderr, "Bad mask for vpn connection %s: %s\n", name, vpn_netmask); - continue; - } - - memset(buffer, 0, STRING_SIZE); - if (snprintf(buffer, STRING_SIZE - 1, "/sbin/iptables -t nat -A SQUID -i %s -p tcp -d %s/%s --dport 80 -j RETURN", blue_dev, vpn_netaddress, vpn_netmask) >= STRING_SIZE ) - { - fprintf(stderr, "Command too long\n"); - exit(1); - } - safe_system(buffer); - } - } - - memset(buffer, 0, STRING_SIZE); - if ( ( (strcmp(configtype, "2")==0) || (strcmp(configtype, "3")==0) || - (strcmp(configtype, "6")==0) || (strcmp(configtype, "7")==0) ) && - (VALID_IP(red_netaddress)) && (VALID_IP(red_netmask)) && - (strcmp(redtype, "STATIC")==0) ) - { - memset(buffer, 0, STRING_SIZE); - if( snprintf(buffer, STRING_SIZE - 1, "/sbin/iptables -t nat -A SQUID -i %s -p tcp -d %s/%s --dport 80 -j RETURN", blue_dev, red_netaddress, red_netmask) >= STRING_SIZE ) - { - fprintf(stderr, "Command too long\n"); - exit(1); - } - safe_system(buffer); - } else if (VALID_IP(localip)) { - memset(buffer, 0, STRING_SIZE); - if( snprintf(buffer, STRING_SIZE - 1, "/sbin/iptables -t nat -A SQUID -i %s -p tcp -d %s --dport 80 -j RETURN", blue_dev, localip) >= STRING_SIZE ) - { - fprintf(stderr, "Command too long\n"); - exit(1); - } - safe_system(buffer); - } - - memset(buffer, 0, STRING_SIZE); - if( snprintf(buffer, STRING_SIZE - 1, "/sbin/iptables -t nat -A SQUID -i %s -p tcp --dport 80 -j REDIRECT --to-port %s", blue_dev, proxy_port) >= STRING_SIZE ) - { - fprintf(stderr, "Command too long\n"); - exit(1); - } - safe_system(buffer); - } - - return 0; -} diff --git a/src/misc-progs/squidctrl.c b/src/misc-progs/squidctrl.c new file mode 100644 index 0000000000..e8d2f13a9c --- /dev/null +++ b/src/misc-progs/squidctrl.c @@ -0,0 +1,45 @@ +/* This file is part of the IPFire Firewall. + * + * This program is distributed under the terms of the GNU General Public + * Licence. See the file COPYING for details. + * + */ + +#include +#include +#include +#include +#include +#include +#include "setuid.h" + +int main(int argc, char *argv[]) { + + if (!(initsetuid())) + exit(1); + + if (argc < 2) { + fprintf(stderr, "\nNo argument given.\n\nsquidctrl (start|stop|restart|flush)\n\n"); + exit(1); + } + + if (strcmp(argv[1], "start") == 0) { + safe_system("/etc/rc.d/init.d/squid start"); + } else if (strcmp(argv[1], "stop") == 0) { + safe_system("/etc/rc.d/init.d/squid stop"); + } else if (strcmp(argv[1], "restart") == 0) { + safe_system("/etc/rc.d/init.d/squid restart"); + } else if (strcmp(argv[1], "flush") == 0) { + safe_system("/etc/rc.d/init.d/squid flush"); + } else if (strcmp(argv[1], "enable") == 0) { + safe_system("ln -fs ../init.d/squid /etc/rc.d/rc3.d/S99squid >/dev/null 2>&1"); + safe_system("ln -fs ../init.d/squid /etc/rc.d/rc{0,6}.d/K00squid >/dev/null 2>&1"); + } else if (strcmp(argv[1], "disable") == 0) { + safe_system("rm -f /etc/rc.d/rc*.d/*squid >/dev/null 2>&1"); + } else { + fprintf(stderr, "\nBad argument given.\n\nredctrl (start|stop|restart|flush)\n\n"); + exit(1); + } + + return 0; +} -- 2.39.2