[people/teissler/ipfire-2.x.git] / src / initscripts / init.d / squid

#!/bin/sh
# Begin $rc_base/init.d/squid

. /etc/sysconfig/rc
. $rc_functions

chown -R squid:squid /var/log/squid
chown -R squid:squid /var/log/squidGuard


transparent() {
		DEVICE=$1

		eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
		eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)

		# If the proxy port is not set we set the default to 800.
		if [ -z "${TRANSPARENT_PORT}" ]; then
			TRANSPARENT_PORT=800
		fi

		LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n`
		if [ -z $LOCALIP ]; then
			boot_mesg "Couldn't read local-ipaddress" ${FAILURE}
			exit 1
		fi

		COUNT=1
		FILE=/var/ipfire/vpn/config

		while read LINE; do
			let COUNT=$COUNT+1
			CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'`
			if [ "$CONN_TYPE" != "net" ]; then
				continue
			fi  
  		iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN
		done < $FILE
		
		if [ "$RED_TYPE" == "STATIC" ]; then
			iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
		fi
		
		iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
		
		iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
}

case "$1" in
	start)
		getpids "squid"

		if [ -n "${pidlist}" ]; then
			echo -e "Squid is already running with Process"\
				"ID(s) ${pidlist}.${NORMAL}"
		evaluate_retval
		exit
		fi


		eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings)
		eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)

		if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then
			# Add Address to errorpage stylesheet
			sed "s|XXXhostXXX|$GREEN_ADDRESS|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \
				/etc/squid/errorpage.css

			boot_mesg "Creating Squid swap directories..."
			/usr/sbin/squid -z >/dev/null 2>&1
			evaluate_retval

			# Make sure, that the process above has finished.
			counter=5
			while [ ${counter} -gt 0 ]; do
				if pidofproc -s /usr/sbin/squid; then
					sleep 1
				else
					break
				fi
			done

			boot_mesg "Starting Squid Proxy Server..."
			loadproc /usr/sbin/squid
		fi

		if [ -e /var/ipfire/proxy/transparent ]; then
			transparent $GREEN_DEV
		fi
		if [ -e /var/ipfire/proxy/transparent_blue ]; then
			transparent $BLUE_DEV
		fi
		;;

	stop)
			iptables -t nat -F SQUID
		if [ -e /var/run/squid.pid ]; then
			boot_mesg "Stopping Squid Proxy Server..."
			squid -k shutdown >/dev/null 2>&1
			evaluate_retval

			# Stop squidGuard, updxlrator, squidclamav
			# and redirect_wrappers.			
			killproc /usr/bin/squidGuard >/dev/null &
			killproc /usr/sbin/updxlrator >/dev/null &
			killproc /usr/bin/squidclamav >/dev/null &
			killproc /usr/sbin/redirect_wrapper >/dev/null &

			# Wait until all redirectors have been stopped.
			wait

			# If squid is still running, wait up to 30 seconds
			# before we go on to kill it.
			counter=30

			while [ ${counter} -gt 0 ]; do
				statusproc /usr/sbin/squid >/dev/null && break;
				sleep 1
				counter=$(( ${counter} - 1))
			done

			# Kill squid service, if still running.
			killproc /usr/sbin/squid >/dev/null

			# Trash remain pid file from squid.
			rm -rf /var/run/squid.pid	
		fi
		;;

	restart)
		$0 stop
		sleep 5
		$0 start
		;;

	reconfigure)
	/usr/sbin/squid -k reconfigure
		;;

	status)
		statusproc /usr/sbin/squid
		statusproc /usr/lib/squid/unlinkd
		;;
		
	flush)
		$0 stop
		echo > /var/log/cache/swap.state
		chown squid.squid /var/log/cache/swap.state
		sleep 1
		$0 start
		;;
	setperms)
		chown -R nobody.squid /var/updatecache/
		;;

	*)
		echo "Usage: $0 {start|stop|restart|status|flush}"
		exit 1
		;;
esac

# End $rc_base/init.d/squid
Commit	Line	Data
d56fc335 MT	1	#!/bin/sh
	2	# Begin $rc_base/init.d/squid
	3
	4	. /etc/sysconfig/rc
	5	. $rc_functions
	6
18322edf CS	7	chown -R squid:squid /var/log/squid
	8	chown -R squid:squid /var/log/squidGuard
	9
ab4a5a35	10
d56fc335 MT	11	transparent() {
d56fc335 MT	12	DEVICE=$1
ab4a5a35	13
d56fc335 MT	14	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
d56fc335 MT	15	eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
ab4a5a35	16
d56fc335	17	# If the proxy port is not set we set the default to 800.
0f6b6067 MT	18	if [ -z "${TRANSPARENT_PORT}" ]; then
0f6b6067 MT	19	TRANSPARENT_PORT=800
d56fc335 MT	20	fi
	21
	22	LOCALIP=`cat /var/ipfire/red/local-ipaddress \| tr -d \n`
	23	if [ -z $LOCALIP ]; then
	24	boot_mesg "Couldn't read local-ipaddress" ${FAILURE}
	25	exit 1
	26	fi
	27
	28	COUNT=1
	29	FILE=/var/ipfire/vpn/config
	30
	31	while read LINE; do
	32	let COUNT=$COUNT+1
	33	CONN_TYPE=`echo "$LINE" \| awk -F, '{ print $5 }'`
	34	if [ "$CONN_TYPE" != "net" ]; then
	35	continue
	36	fi
	37	iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" \| awk -F, '{ print $13 }'` --dport 80 -j RETURN
	38	done < $FILE
	39
	40	if [ "$RED_TYPE" == "STATIC" ]; then
	41	iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
	42	fi
	43
	44	iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
	45
0f6b6067	46	iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
d56fc335 MT	47	}
	48
	49	case "$1" in
	50	start)
8b202790 CS	51	getpids "squid"
	52
	53	if [ -n "${pidlist}" ]; then
	54	echo -e "Squid is already running with Process"\
	55	"ID(s) ${pidlist}.${NORMAL}"
	56	evaluate_retval
	57	exit
	58	fi
ab4a5a35 AF	59
	60
	61	eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings)
	62	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
	63
d56fc335	64	if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then
ab4a5a35 AF	65	# Add Address to errorpage stylesheet
	66	sed "s\|XXXhostXXX\|$GREEN_ADDRESS\|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \
	67	/etc/squid/errorpage.css
	68
754f508b MT	69	boot_mesg "Creating Squid swap directories..."
	70	/usr/sbin/squid -z >/dev/null 2>&1
	71	evaluate_retval
	72
	73	# Make sure, that the process above has finished.
	74	counter=5
	75	while [ ${counter} -gt 0 ]; do
	76	if pidofproc -s /usr/sbin/squid; then
	77	sleep 1
	78	else
	79	break
	80	fi
	81	done
	82
203c2787	83	boot_mesg "Starting Squid Proxy Server..."
d4c6ba21	84	loadproc /usr/sbin/squid
d56fc335 MT	85	fi
d56fc335 MT	86
d56fc335 MT	87	if [ -e /var/ipfire/proxy/transparent ]; then
	88	transparent $GREEN_DEV
	89	fi
	90	if [ -e /var/ipfire/proxy/transparent_blue ]; then
	91	transparent $BLUE_DEV
	92	fi
	93	;;
	94
	95	stop)
a332b303	96	iptables -t nat -F SQUID
af95dec5	97	if [ -e /var/run/squid.pid ]; then
09b58b25	98	boot_mesg "Stopping Squid Proxy Server..."
09b58b25 CS	99	squid -k shutdown >/dev/null 2>&1
09b58b25 CS	100	evaluate_retval
517d02ab SS	101
	102	# Stop squidGuard, updxlrator, squidclamav
	103	# and redirect_wrappers.
	104	killproc /usr/bin/squidGuard >/dev/null &
	105	killproc /usr/sbin/updxlrator >/dev/null &
	106	killproc /usr/bin/squidclamav >/dev/null &
	107	killproc /usr/sbin/redirect_wrapper >/dev/null &
	108
	109	# Wait until all redirectors have been stopped.
	110	wait
	111
	112	# If squid is still running, wait up to 30 seconds
	113	# before we go on to kill it.
	114	counter=30
	115
	116	while [ ${counter} -gt 0 ]; do
	117	statusproc /usr/sbin/squid >/dev/null && break;
	118	sleep 1
	119	counter=$(( ${counter} - 1))
	120	done
	121
	122	# Kill squid service, if still running.
09b58b25	123	killproc /usr/sbin/squid >/dev/null
517d02ab SS	124
517d02ab SS	125	# Trash remain pid file from squid.
a332b303	126	rm -rf /var/run/squid.pid
09b58b25	127	fi
d56fc335 MT	128	;;
	129
	130	restart)
	131	$0 stop
186e3d2c	132	sleep 5
d56fc335 MT	133	$0 start
	134	;;
	135
fe1656d2 CS	136	reconfigure)
	137	/usr/sbin/squid -k reconfigure
	138	;;
	139
d56fc335 MT	140	status)
	141	statusproc /usr/sbin/squid
	142	statusproc /usr/lib/squid/unlinkd
	143	;;
	144
	145	flush)
	146	$0 stop
	147	echo > /var/log/cache/swap.state
	148	chown squid.squid /var/log/cache/swap.state
	149	sleep 1
	150	$0 start
	151	;;
2b5b6b9e CS	152	setperms)
	153	chown -R nobody.squid /var/updatecache/
	154	;;
d56fc335 MT	155
	156	*)
	157	echo "Usage: $0 {start\|stop\|restart\|status\|flush}"
	158	exit 1
	159	;;
	160	esac
	161
	162	# End $rc_base/init.d/squid