#!/bin/bash # # Wizard # # Copyright (C) 2000,2001 Mandrakesoft. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # See file LICENSE for further informations on licensing terms. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # # Authors: Jerome Dumonteil, Maurizio De Cecco, Enzo Maggi # icons: Helene Durosini # http://www.mandrakesoft.com # # squid wizard # # This script sets up proxy params # #store wizard config values file=/etc/sysconfig/mdk_serv service squid stop chg_val ${file} wiz_squid_defdir ${wiz_squid_defdir} chg_val ${file} wiz_squid_level ${wiz_squid_level} # find squid config file export conf=/etc/squid/squid.conf [ -f ${conf} ] || { [ -d "/etc/squid" ] || exit 1 cp -f ${CWD}/scripts/squid.conf.default ${conf} } # backup squid config file bck_file ${conf} echo_debug "squid port ${wiz_squid_port}" chg_val2 ${conf} http_port ${wiz_squid_port} echo_debug "squid mem ${wiz_squid_mem}" chg_val2 ${conf} cache_mem "${wiz_squid_mem} MB" echo_debug "squid disk ${wiz_squid_disk}" t=`grep -E "^[[:space:]]*cache_dir[[:space:]]+[a-z]+[[:space:]]+${wiz_squid_defdir}[[:space:]]+[0-9]+" ${conf}` if [ -n "$t" ]; then tpe=`echo $t|awk '{print $2}'` opt=`echo $t|awk '{print $5" "$6" "$7" "$8" "$9}'` TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 cat "${conf}" > ${TMPFILE} (cat ${TMPFILE}\ |sed -e '\£^[[:space:]]*cache_dir[[:space:]]\+'"${tpe}"'[[:space:]]\+'"${wiz_squid_defdir}"'[[:space:]]\+[0-9]\+.*$£{ i \ # removed by mdk_serv script on '"$(date)"' s££#&£ a \ '"cache_dir ${tpe} ${wiz_squid_defdir} ${wiz_squid_disk} ${opt}"' } ' > "${conf}") && rm -f ${TMPFILE} else echo -e "\ # added by mdk_serv script on $(date)\n\ cache_dir ufs ${wiz_squid_defdir} ${wiz_squid_disk} 16 256\n\ " >> "${conf}" fi echo_debug "squid ACL ${wiz_squid_level} ${wiz_squid_mynetw}" # ACL first step, define an acl definition for "mynetwork", like : # acl mynetwork src 192.168.1.0/255.255.255.0 t=`grep -E "^[[:space:]]*acl[[:space:]]+mynetwork[[:space:]]+src[[:space:]]+" ${conf}` TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 cat "${conf}" > ${TMPFILE} if [ -n "$t" ]; then (cat ${TMPFILE}\ |sed -e '\£^[[:space:]]*acl[[:space:]]\+mynetwork[[:space:]]\+src[[:space:]]\+.*$£{ i \ # removed by mdk_serv script on '"$(date)"' s££#&£ a \ '"acl mynetwork src ${wiz_squid_mynetw}"' } ' > "${conf}") && rm -f ${TMPFILE} else (cat ${TMPFILE}\ |sed -e '\£^[[:space:]]*acl[[:space:]]\+all[[:space:]]\+src[[:space:]]\+.*$£{ a \ # added by mdk_serv script on '"$(date)"' a \ '"acl mynetwork src ${wiz_squid_mynetw}"' } ' > "${conf}") && rm -f ${TMPFILE} fi # ACL second step, insert the control rule from the chosen level TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 cat "${conf}" > ${TMPFILE} case ${wiz_squid_level} in 1) # all sed -e '\£^[[:space:]]*http_access[[:space:]]\+deny[[:space:]]\+all[[:space:]]*.*$£{ i \ # changed by mdk_serv script on '"$(date)"' s££#&£ a \ '"http_access allow all"' }' ${TMPFILE} > ${conf} ;; 2) # local network sed -e '\£^[[:space:]]*http_access[[:space:]]\+allow[[:space:]]\+all[[:space:]]*.*$£{ i \ # changed by mdk_serv script on '"$(date)"' s££#&£ a \ '"http_access deny all"' }' ${TMPFILE} > ${conf} cat ${conf} > ${TMPFILE} sed -e '\£^[[:space:]]*http_access[[:space:]]\+allow[[:space:]]\+localhost[[:space:]]*.*$£{ i \ # changed by mdk_serv script on '"$(date)"' s££#&£ a \ '"http_access allow mynetwork"' }' ${TMPFILE} > ${conf} ;; 3) sed -e '\£^[[:space:]]*http_access[[:space:]]\+allow[[:space:]]\+all[[:space:]]*.*$£{ i \ # changed by mdk_serv script on '"$(date)"' s££#&£ a \ '"http_access deny all"' }' ${TMPFILE} > ${conf} cat ${conf} > ${TMPFILE} sed -e '\£^[[:space:]]*http_access[[:space:]]\+allow[[:space:]]\+mynetwork[[:space:]]*.*$£{ i \ # changed by mdk_serv script on '"$(date)"' s££#&£ a \ '"http_access allow localhost"' }' ${TMPFILE} > ${conf} ;; *) # should not happen exit 1 ;; esac rm -f ${TMPFILE} echo_debug "squid cache peer ${wiz_squid_menupeer} ${wiz_squid_cachepeer} ${wiz_squid_peerport}" t=`grep -E "^[[:space:]]*cache_peer[[:space:]]+" ${conf}` if [ "${wiz_squid_menupeer}" == "1" -a -n "$t" ]; # if no peer value, we have to remove the possible cache_peer # in the config file then TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 cat "${conf}" > ${TMPFILE} (cat ${TMPFILE}\ |sed -e '\£^[[:space:]]*cache_peer[[:space:]]\+.*$£{ i \ # removed by mdk_serv script on '"$(date)"' s££#&£ } ' > "${conf}") && rm -f ${TMPFILE} elif [ "${wiz_squid_menupeer}" == "2" -a -n "${wiz_squid_cachepeer}" -a -n "$t" ]; # if the cachepeer value exist, we have to remove the old value of the cache # peer in the config file, then add the new one. # WARNING : # All this works very badly if more than one cache peer exist in the file then TMPFILE=`mktemp /tmp/temp.XXXXXX` || exit 1 cat "${conf}" > ${TMPFILE} (cat ${TMPFILE}\ |sed -e '\£^[[:space:]]*cache_peer[[:space:]]\+.*$£{ i \ # removed by mdk_serv script on '"$(date)"' s££#&£ } ' > "${conf}") && rm -f ${TMPFILE} echo -e \ "# added by mdk_serv script on $(date)\n\ cache_peer ${wiz_squid_cachepeer} parent ${wiz_squid_peerport} 3130" \ >> ${conf} elif [ "${wiz_squid_menupeer}" == "2" -a -n "${wiz_squid_cachepeer}" -a -z "$t" ]; # Just need to add the new value to the config file then echo_debug "hop ${conf}" echo -e \ "# added by mdk_serv script on $(date)\n\ cache_peer ${wiz_squid_cachepeer} parent ${wiz_squid_peerport} 3130" \ >> ${conf} fi ####### /sbin/chkconfig --level 345 squid on service squid start exit 10