diff options
Diffstat (limited to 'proxy_wizard/scripts/do_it_squid.sh')
-rwxr-xr-x | proxy_wizard/scripts/do_it_squid.sh | 264 |
1 files changed, 264 insertions, 0 deletions
diff --git a/proxy_wizard/scripts/do_it_squid.sh b/proxy_wizard/scripts/do_it_squid.sh new file mode 100755 index 00000000..28b2de1f --- /dev/null +++ b/proxy_wizard/scripts/do_it_squid.sh @@ -0,0 +1,264 @@ +#!/bin/bash +# +# Wizard +# +# Copyright (C) 2000,2001 Mandrakesoft. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# See file LICENSE for further informations on licensing terms. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# Authors: Jerome Dumonteil, Maurizio De Cecco, Enzo Maggi +# icons: Helene Durosini <ln@mandrakesoft.com> +# <corporate@mandrakesoft.com> http://www.mandrakesoft.com + +# +# squid wizard +# +# This script sets up proxy params +# + + +#store wizard config values +file=/etc/sysconfig/mdk_serv + +service squid stop + +chg_val ${file} wiz_squid_defdir ${wiz_squid_defdir} +chg_val ${file} wiz_squid_level ${wiz_squid_level} + + + +# find squid config file +export conf=/etc/squid/squid.conf + +[ -f ${conf} ] || { + [ -d "/etc/squid" ] || exit 1 + cp -f ${CWD}/scripts/squid.conf.default ${conf} +} + +# backup squid config file +bck_file ${conf} + + + + + +echo_debug "squid port ${wiz_squid_port}" +chg_val2 ${conf} http_port ${wiz_squid_port} + + + +echo_debug "squid mem ${wiz_squid_mem}" +chg_val2 ${conf} cache_mem "${wiz_squid_mem} MB" + + + +echo_debug "squid disk ${wiz_squid_disk}" + +t=`grep -E "^[[:space:]]*cache_dir[[:space:]]+[a-z]+[[:space:]]+${wiz_squid_defdir}[[:space:]]+[0-9]+" ${conf}` + +if [ -n "$t" ]; then + tpe=`echo $t|awk '{print $2}'` + opt=`echo $t|awk '{print $5" "$6" "$7" "$8" "$9}'` + + TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 + cat "${conf}" > ${TMPFILE} + (cat ${TMPFILE}\ +|sed -e '\£^[[:space:]]*cache_dir[[:space:]]\+'"${tpe}"'[[:space:]]\+'"${wiz_squid_defdir}"'[[:space:]]\+[0-9]\+.*$£{ +i \ +# removed by mdk_serv script on '"$(date)"' +s££#&£ +a \ +'"cache_dir ${tpe} ${wiz_squid_defdir} ${wiz_squid_disk} ${opt}"' +} +' > "${conf}") && rm -f ${TMPFILE} + +else + echo -e "\ +# added by mdk_serv script on $(date)\n\ +cache_dir ufs ${wiz_squid_defdir} ${wiz_squid_disk} 16 256\n\ +" >> "${conf}" +fi + + + + + + + + +echo_debug "squid ACL ${wiz_squid_level} ${wiz_squid_mynetw}" + +# ACL first step, define an acl definition for "mynetwork", like : +# acl mynetwork src 192.168.1.0/255.255.255.0 + +t=`grep -E "^[[:space:]]*acl[[:space:]]+mynetwork[[:space:]]+src[[:space:]]+" ${conf}` + +TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 +cat "${conf}" > ${TMPFILE} + +if [ -n "$t" ]; then + (cat ${TMPFILE}\ +|sed -e '\£^[[:space:]]*acl[[:space:]]\+mynetwork[[:space:]]\+src[[:space:]]\+.*$£{ +i \ +# removed by mdk_serv script on '"$(date)"' +s££#&£ +a \ +'"acl mynetwork src ${wiz_squid_mynetw}"' +} +' > "${conf}") && rm -f ${TMPFILE} +else + (cat ${TMPFILE}\ +|sed -e '\£^[[:space:]]*acl[[:space:]]\+all[[:space:]]\+src[[:space:]]\+.*$£{ +a \ +# added by mdk_serv script on '"$(date)"' +a \ +'"acl mynetwork src ${wiz_squid_mynetw}"' +} +' > "${conf}") && rm -f ${TMPFILE} +fi + + + +# ACL second step, insert the control rule from the chosen level + +TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 +cat "${conf}" > ${TMPFILE} + +case ${wiz_squid_level} in + 1) # all + sed -e '\£^[[:space:]]*http_access[[:space:]]\+deny[[:space:]]\+all[[:space:]]*.*$£{ +i \ +# changed by mdk_serv script on '"$(date)"' +s££#&£ +a \ +'"http_access allow all"' +}' ${TMPFILE} > ${conf} + + ;; + + 2) # local network + sed -e '\£^[[:space:]]*http_access[[:space:]]\+allow[[:space:]]\+all[[:space:]]*.*$£{ +i \ +# changed by mdk_serv script on '"$(date)"' +s££#&£ +a \ +'"http_access deny all"' +}' ${TMPFILE} > ${conf} + + +cat ${conf} > ${TMPFILE} + sed -e '\£^[[:space:]]*http_access[[:space:]]\+allow[[:space:]]\+localhost[[:space:]]*.*$£{ +i \ +# changed by mdk_serv script on '"$(date)"' +s££#&£ +a \ +'"http_access allow mynetwork"' +}' ${TMPFILE} > ${conf} + + ;; + + 3) + sed -e '\£^[[:space:]]*http_access[[:space:]]\+allow[[:space:]]\+all[[:space:]]*.*$£{ +i \ +# changed by mdk_serv script on '"$(date)"' +s££#&£ +a \ +'"http_access deny all"' +}' ${TMPFILE} > ${conf} + +cat ${conf} > ${TMPFILE} + + sed -e '\£^[[:space:]]*http_access[[:space:]]\+allow[[:space:]]\+mynetwork[[:space:]]*.*$£{ +i \ +# changed by mdk_serv script on '"$(date)"' +s££#&£ +a \ +'"http_access allow localhost"' +}' ${TMPFILE} > ${conf} + + ;; + + *) # should not happen + exit 1 + ;; +esac + +rm -f ${TMPFILE} + + + + + +echo_debug "squid cache peer ${wiz_squid_menupeer} ${wiz_squid_cachepeer} ${wiz_squid_peerport}" + + +t=`grep -E "^[[:space:]]*cache_peer[[:space:]]+" ${conf}` + +if [ "${wiz_squid_menupeer}" == "1" -a -n "$t" ]; +# if no peer value, we have to remove the possible cache_peer +# in the config file +then + TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 + cat "${conf}" > ${TMPFILE} + (cat ${TMPFILE}\ + |sed -e '\£^[[:space:]]*cache_peer[[:space:]]\+.*$£{ +i \ +# removed by mdk_serv script on '"$(date)"' +s££#&£ +} +' > "${conf}") && rm -f ${TMPFILE} + + +elif [ "${wiz_squid_menupeer}" == "2" -a -n "${wiz_squid_cachepeer}" -a -n "$t" ]; +# if the cachepeer value exist, we have to remove the old value of the cache +# peer in the config file, then add the new one. +# WARNING : +# All this works very badly if more than one cache peer exist in the file +then + TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 + cat "${conf}" > ${TMPFILE} + (cat ${TMPFILE}\ + |sed -e '\£^[[:space:]]*cache_peer[[:space:]]\+.*$£{ +i \ +# removed by mdk_serv script on '"$(date)"' +s££#&£ +} +' > "${conf}") && rm -f ${TMPFILE} + + echo -e \ +"# added by mdk_serv script on $(date)\n\ +cache_peer ${wiz_squid_cachepeer} parent ${wiz_squid_peerport} 3130" \ + >> ${conf} + + +elif [ "${wiz_squid_menupeer}" == "2" -a -n "${wiz_squid_cachepeer}" -a -z "$t" ]; +# Just need to add the new value to the config file +then +echo_debug "hop ${conf}" + echo -e \ +"# added by mdk_serv script on $(date)\n\ +cache_peer ${wiz_squid_cachepeer} parent ${wiz_squid_peerport} 3130" \ + >> ${conf} +fi + + +####### + +/sbin/chkconfig --level 345 squid on + +service squid start + +exit 10 |