]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blob - src/initscripts/init.d/squid
projects / people / teissler / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
iptables: Replace state module by conntrack module.
[people/teissler/ipfire-2.x.git] / src / initscripts / init.d / squid
1 #!/bin/sh
2 # Begin $rc_base/init.d/squid
3
4 . /etc/sysconfig/rc
5 . $rc_functions
6
7 chown -R squid:squid /var/log/squid
8 chown -R squid:squid /var/log/squidGuard
9
10
11 transparent() {
12 DEVICE=$1
13
14 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
15 eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
16
17 # If the proxy port is not set we set the default to 800.
18 if [ -z $PROXY_PORT ]; then
19 PROXY_PORT=800
20 fi
21
22 LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n`
23 if [ -z $LOCALIP ]; then
24 boot_mesg "Couldn't read local-ipaddress" ${FAILURE}
25 exit 1
26 fi
27
28 COUNT=1
29 FILE=/var/ipfire/vpn/config
30
31 while read LINE; do
32 let COUNT=$COUNT+1
33 CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'`
34 if [ "$CONN_TYPE" != "net" ]; then
35 continue
36 fi
37 iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN
38 done < $FILE
39
40 if [ "$RED_TYPE" == "STATIC" ]; then
41 iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
42 fi
43
44 iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
45
46 iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port $PROXY_PORT
47 }
48
49 case "$1" in
50 start)
51 getpids "squid"
52
53 if [ -n "${pidlist}" ]; then
54 echo -e "Squid is already running with Process"\
55 "ID(s) ${pidlist}.${NORMAL}"
56 evaluate_retval
57 exit
58 fi
59
60
61 eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings)
62 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
63
64 if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then
65
66 # Add Address to errorpage stylesheet
67 sed "s|XXXhostXXX|$GREEN_ADDRESS|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \
68 /etc/squid/errorpage.css
69
70 boot_mesg "Starting Squid Proxy Server..."
71 loadproc /usr/sbin/squid -z >/dev/null 2>&1
72 loadproc /usr/sbin/squid
73 fi
74
75 if [ -e /var/ipfire/proxy/transparent ]; then
76 transparent $GREEN_DEV
77 fi
78 if [ -e /var/ipfire/proxy/transparent_blue ]; then
79 transparent $BLUE_DEV
80 fi
81 ;;
82
83 stop)
84 iptables -t nat -F SQUID
85 if [ -e /var/run/squid.pid ]; then
86 boot_mesg "Stopping Squid Proxy Server..."
87 squid -k shutdown >/dev/null 2>&1
88 evaluate_retval
89
90 # Stop squidGuard, updxlrator, squidclamav
91 # and redirect_wrappers.
92 killproc /usr/bin/squidGuard >/dev/null &
93 killproc /usr/sbin/updxlrator >/dev/null &
94 killproc /usr/bin/squidclamav >/dev/null &
95 killproc /usr/sbin/redirect_wrapper >/dev/null &
96
97 # Wait until all redirectors have been stopped.
98 wait
99
100 # If squid is still running, wait up to 30 seconds
101 # before we go on to kill it.
102 counter=30
103
104 while [ ${counter} -gt 0 ]; do
105 statusproc /usr/sbin/squid >/dev/null && break;
106 sleep 1
107 counter=$(( ${counter} - 1))
108 done
109
110 # Kill squid service, if still running.
111 killproc /usr/sbin/squid >/dev/null
112
113 # Trash remain pid file from squid.
114 rm -rf /var/run/squid.pid
115 fi
116 ;;
117
118 restart)
119 $0 stop
120 sleep 5
121 $0 start
122 ;;
123
124 reconfigure)
125 /usr/sbin/squid -k reconfigure
126 ;;
127
128 status)
129 statusproc /usr/sbin/squid
130 statusproc /usr/lib/squid/unlinkd
131 ;;
132
133 flush)
134 $0 stop
135 echo > /var/log/cache/swap.state
136 chown squid.squid /var/log/cache/swap.state
137 sleep 1
138 $0 start
139 ;;
140 setperms)
141 chown -R nobody.squid /var/updatecache/
142 ;;
143
144 *)
145 echo "Usage: $0 {start|stop|restart|status|flush}"
146 exit 1
147 ;;
148 esac
149
150 # End $rc_base/init.d/squid
Timo's tree of IPFire 2.x