本文整理汇总了PHP中squidbee::get_ssl_port方法的典型用法代码示例。如果您正苦于以下问题:PHP squidbee::get_ssl_port方法的具体用法?PHP squidbee::get_ssl_port怎么用?PHP squidbee::get_ssl_port使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类squidbee
的用法示例。
在下文中一共展示了squidbee::get_ssl_port方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: iptables_rules
function iptables_rules()
{
$squid = new squidbee();
$unix = new unix();
$sock = new sockets();
$SquidBinIpaddr = trim($sock->GET_INFO("SquidBinIpaddr"));
if ($SquidBinIpaddr == null) {
$SquidBinIpaddr = "0.0.0.0";
}
$UseTProxyMode = intval($sock->GET_INFO("UseTProxyMode"));
$EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
$ssl_port = $squid->get_ssl_port();
if (!is_numeric($squid->listen_port)) {
$squid->listen_port = 3128;
}
$listen_ssl_port = $squid->listen_port + 1;
$SSL_BUMP = $squid->SSL_BUMP;
$iptables = $unix->find_program("iptables");
$GLOBALS["IPTABLESBIN"] = $iptables;
$sysctl = $unix->find_program("sysctl");
$ips = $unix->ifconfig_interfaces_list();
$KernelSendRedirects = $sock->GET_INFO("KernelSendRedirects");
if (!is_numeric($KernelSendRedirects)) {
$KernelSendRedirects = 1;
}
if (!is_numeric($EnableArticaHotSpot)) {
$EnableArticaHotSpot = 0;
}
$EnableNatProxy = intval($sock->GET_INFO("EnableNatProxy"));
$NatProxyServer = $sock->GET_INFO("NatProxyServer");
$NatProxyPort = intval($sock->GET_INFO("NatProxyPort"));
echo "Starting......: " . date("H:i:s") . " Squid iptables Rules: UseTProxyMode.....:{$UseTProxyMode}\n";
if ($UseTProxyMode == 1) {
disable_transparent();
iptables_wccp_delete_all();
$php = $unix->LOCATE_PHP5_BIN();
echo "Starting......: " . date("H:i:s") . " Squid running Tproxy Mode\n";
system("{$php} /usr/share/artica-postfix/exec.squid.tproxy.php");
echo "Starting......: " . date("H:i:s") . " Squid running TProxy script...\n";
shell_exec("/etc/init.d/tproxy start");
return;
}
$php = $unix->LOCATE_PHP5_BIN();
$GLOBALS["echobin"] = $unix->find_program("echo");
$MARKLOG = "-m comment --comment \"ArticaSquidTransparent\"";
$sh = array();
$sh[] = script_startfile();
build_progress("Creating rules...", 35);
$sh[] = "{$GLOBALS["echobin"]} \"Patching kernel\"";
$sh[] = "{$sysctl} -w net.ipv4.ip_forward=1 2>&1";
$sh[] = "{$sysctl} -w net.ipv4.conf.default.send_redirects={$KernelSendRedirects} 2>&1";
$sh[] = "{$sysctl} -w net.ipv4.conf.all.send_redirects={$KernelSendRedirects} 2>&1";
if (is_file("/proc/sys/net/ipv4/conf/eth0/send_redirects")) {
$sh[] = "{$sysctl} -w net.ipv4.conf.eth0.send_redirects={$KernelSendRedirects} 2>&1";
}
$sh[] = "{$php} /usr/share/artica-postfix/exec.squid.transparent.delete.php || true";
$sh[] = ebtables_rules();
$sh[] = "{$GLOBALS["echobin"]} \"Enable rules\"";
$sh[] = "{$iptables} -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT {$MARKLOG} || true";
if (!$GLOBALS["EBTABLES"]) {
$sh[] = "{$GLOBALS["echobin"]} \"Add internetT dictionary\"";
$sh[] = "{$iptables} -t mangle -N internetT {$MARKLOG} || true";
$sh[] = "{$GLOBALS["echobin"]} \"Add internsslT dictionary\"";
$sh[] = "{$iptables} -t mangle -N internsslT {$MARKLOG} || true";
$sh[] = "{$GLOBALS["echobin"]} \"Add mangle MARK 97 for internsslT\"";
$sh[] = "{$iptables} -t mangle -A internsslT -j MARK --set-mark 97 {$MARKLOG} || true";
$sh[] = "{$GLOBALS["echobin"]} \"Add mangle MARK 96 for internetT\"";
$sh[] = "{$iptables} -t mangle -A internetT -j MARK --set-mark 96 {$MARKLOG} || true";
}
$sh[] = "{$iptables} -t nat -A OUTPUT --match owner --uid-owner squid -p tcp -j ACCEPT {$MARKLOG}";
$sh[] = "{$iptables} -t nat -A OUTPUT --match owner --uid-owner squid -p tcp -j ACCEPT {$MARKLOG}";
$sh[] = "{$iptables} -t nat -I POSTROUTING -p tcp --dport 80 -j MASQUERADE {$MARKLOG}";
$sh[] = "{$iptables} -t nat -I POSTROUTING -p tcp --dport 443 -j MASQUERADE {$MARKLOG}";
$sql = "SELECT * FROM transparent_networks WHERE `enabled`=1 ORDER BY zOrder";
$q = new mysql_squid_builder();
$results = $q->QUERY_SQL($sql);
while ($ligne = mysql_fetch_assoc($results)) {
$transparent = $ligne["transparent"];
$block = $ligne["block"];
if ($ligne["destination_port"] == 0) {
$ligne["destination_port"] = 80;
if ($ligne["ssl"] == 1) {
$ligne["destination_port"] == 443;
}
}
if ($ligne["destination_port"] == 443) {
$ligne["ssl"] = 1;
}
if ($ligne["destination_port"] == 80) {
$ligne["ssl"] = 0;
}
if ($block == 1) {
$sh[] = pattern_to_www($ligne);
continue;
}
if ($transparent == 0) {
$sh[] = pattern_to_direct($ligne);
continue;
}
$sh[] = pattern_to_proxy($ligne, $squid->listen_port, $ssl_port);
//.........这里部分代码省略.........
示例2: build
function build()
{
$sock = new sockets();
$unix = new unix();
$ini = new Bs_IniHandler();
$IPADDRSSL = array();
$IPADDRSSL2 = array();
$ArticaSquidParameters = $sock->GET_INFO('ArticaSquidParameters');
$visible_hostname = $ini->_params["NETWORK"]["visible_hostname"];
if ($visible_hostname == null) {
$visible_hostname = $unix->hostname_g();
}
$SquidBinIpaddr = $sock->GET_INFO("SquidBinIpaddr");
$AllowAllNetworksInSquid = $sock->GET_INFO("AllowAllNetworksInSquid");
if (!is_numeric($AllowAllNetworksInSquid)) {
$AllowAllNetworksInSquid = 1;
}
$ini->loadString($ArticaSquidParameters);
NETWORK_ALL_INTERFACES();
$LISTEN_PORT = intval($ini->_params["NETWORK"]["LISTEN_PORT"]);
$ICP_PORT = intval(trim($ini->_params["NETWORK"]["ICP_PORT"]));
$certificate_center = $ini->_params["NETWORK"]["certificate_center"];
$SSL_BUMP = intval($ini->_params["NETWORK"]["SSL_BUMP"]);
$LogsWarninStop = intval($sock->GET_INFO("LogsWarninStop"));
$ssl = false;
if ($ICP_PORT == 0) {
$ICP_PORT = 3130;
}
if ($LISTEN_PORT == 0) {
$LISTEN_PORT = 3128;
}
$squid = new squidbee();
$q = new mysql_squid_builder();
$IPADDRS = array();
if ($SquidBinIpaddr != null) {
if (!isset($GLOBALS["NETWORK_ALL_INTERFACES"][$SquidBinIpaddr])) {
$SquidBinIpaddr = null;
} else {
$IPADDRS[$SquidBinIpaddr] = $LISTEN_PORT;
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listens {$SquidBinIpaddr}\n";
}
}
}
if ($SSL_BUMP == 1) {
$ssl = true;
$ssl_port = $squid->get_ssl_port();
}
if ($SquidBinIpaddr == null) {
reset($GLOBALS["NETWORK_ALL_INTERFACES"]);
while (list($ipaddr, $val) = each($GLOBALS["NETWORK_ALL_INTERFACES"])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listens {$ipaddr}:{$LISTEN_PORT}\n";
}
$IPADDRS[$ipaddr] = $LISTEN_PORT;
$IPADDRSSL[$ipaddr] = $ssl_port;
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} visible hostname........: {$visible_hostname}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} AllowAllNetworksInSquid.: {$AllowAllNetworksInSquid}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} ICP Port................: {$ICP_PORT}\n";
}
if ($ssl) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} SSL Intercept...........: Yes - {$ssl_port}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Certificate.............: {$certificate_center}\n";
}
$MAINSSL = $squid->SaveCertificate($certificate_center, false, false, false, true);
$f[] = $MAINSSL[0];
$certificate = $MAINSSL[1]["certificate"];
$key = $MAINSSL[1]["key"];
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Certificate.............: {$certificate}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Key.....................: {$key}\n";
}
}
$sql = "SELECT * FROM proxy_ports WHERE enabled=1 and transparent=1";
$results = $q->QUERY_SQL($sql);
$f[] = "# --------- proxy_ports enabled=1 and transparent=1 -> " . mysql_num_rows($results) . " ports";
while ($ligne = mysql_fetch_assoc($results)) {
$ipaddr = $ligne["ipaddr"];
$xport = $ligne["port"];
$transparent_text = null;
if (!isset($GLOBALS["NETWORK_ALL_INTERFACES"][$ipaddr])) {
$f[] = "# --------- table proxy_ports {$ipaddr}:{$xport} -> Hardware Error [" . __LINE__ . "]\n";
$f[] = "# --------- http {$ipaddr} -> Hardware Error [" . __LINE__ . "]\n";
continue;
}
if ($ssl) {
$IPADDRSSL[$ipaddr] = $ssl_port;
}
//.........这里部分代码省略.........
示例3: ucarp_notify
function ucarp_notify($nic = null, $SQUIDIP = null, $trois = null, $quatre = null, $cinq = null)
{
if ($nic == null) {
VirtualsIPSyslog("[Failover] No nic, no IP...");
return;
}
$unix = new unix();
$LOCATE_SQUID_BIN = $unix->LOCATE_SQUID_BIN();
if (!is_file($LOCATE_SQUID_BIN)) {
return;
}
$nohup = $unix->find_program("nohup");
include_once dirname(__FILE__) . "/ressources/class.squid.inc";
$sock = new sockets();
$hasProxyTransparent = $sock->GET_INFO("hasProxyTransparent");
if (!is_numeric($hasProxyTransparent)) {
$hasProxyTransparent = 0;
}
VirtualsIPSyslog("[Failover] state UP detected {$nic}:{$SQUIDIP} Proxy Transparent mode: {$hasProxyTransparent}");
if (is_file("/usr/share/ucarp/Master")) {
VirtualsIPSyslog("[Failover] UP mode Master... nothing to do...");
return;
}
$MAIN = unserialize(base64_decode($sock->GET_INFO("HASettings")));
if ($MAIN["SLAVE"] != null) {
VirtualsIPSyslog("[Failover] UP mode Master... nothing to do...");
return;
}
if ($hasProxyTransparent == 0) {
return;
}
$squid = new squidbee();
$ssl_port = $squid->get_ssl_port();
if (!is_numeric($squid->listen_port)) {
$squid->listen_port = 3128;
}
$listen_ssl_port = $squid->listen_port + 1;
$SSL_BUMP = $squid->SSL_BUMP;
$iptables = $unix->find_program("iptables");
$MARKLOG = "-m comment --comment \"SquidFailOverTransparent\"";
$SQUIDPORT = $squid->listen_port;
VirtualsIPSyslog("[Failover] UP Redirect connections from {$SQUIDIP}:80/443 to port {$SQUIDPORT}/{$ssl_port} - if ssl enabled -");
ucarp_notify_removeiptables();
shell_exec("{$iptables} -t nat -A PREROUTING -s {$SQUIDIP} -p tcp --dport 80 -j ACCEPT {$MARKLOG}");
if ($SSL_BUMP == 1) {
shell_exec("{$iptables} -t nat -A PREROUTING -s {$SQUIDIP} -p tcp --dport 443 -j ACCEPT {$MARKLOG}");
}
shell_exec("{$iptables} -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port {$SQUIDPORT} {$MARKLOG}");
if ($SSL_BUMP == 1) {
shell_exec("{$iptables} -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port {$ssl_port} {$MARKLOG}");
}
shell_exec("{$iptables} -t nat -A POSTROUTING -j MASQUERADE {$MARKLOG}");
shell_exec("{$iptables} -t mangle -A PREROUTING -p tcp --dport {$SQUIDPORT} -j DROP {$MARKLOG}");
if ($SSL_BUMP == 1) {
shell_exec("{$iptables} -t mangle -A PREROUTING -p tcp --dport {$ssl_port} -j DROP {$MARKLOG}");
}
$cmd = "/etc/init.d/squid reload --script=" . basename(__FILE__);
shell_exec("{$cmd} >/dev/null 2>&1");
shell_exec("{$nohup} /etc/init.d/snmpd restart >/dev/null 2>&1 &");
}
示例4: script_tproxy
function script_tproxy()
{
$unix = new unix();
$ip = $unix->find_program("ip");
$sock = new sockets();
$squid = new squidbee();
$SSL_BUMP = $squid->SSL_BUMP;
$ssl_port = $squid->get_ssl_port();
$php = $unix->LOCATE_PHP5_BIN();
$SquidTProxyInterface = $sock->GET_INFO("SquidTProxyInterface");
$MARKLOG = "-m comment --comment \"ArticaSquidTransparent\"";
$echo = $unix->find_program("echo");
$iptables = $unix->find_program("iptables");
$modprobe = $unix->find_program("modprobe");
$sh[] = "{$modprobe} xt_TPROXY || true";
$sh[] = "{$modprobe} xt_socket || true";
$sh[] = "{$modprobe} xt_mark || true";
$sh[] = "{$modprobe} nf_nat || true";
$sh[] = "{$modprobe} nf_conntrack_ipv4 || true";
$sh[] = "{$modprobe} nf_conntrack || true";
$sh[] = "{$modprobe} nf_defrag_ipv4 || true";
$sh[] = "{$modprobe} ipt_REDIRECT || true";
$sh[] = "{$modprobe} iptable_nat || true";
$sh[] = "{$echo} \"Squid TProxy mode: Check routing table 'Proxy'\"";
$sh[] = "{$php} " . __FILE__ . " --table-proxy || true";
$sh[] = "{$ip} route del 127.0.0.1 dev lo || true";
$sh[] = "{$ip} route del local 127.0.0.0/24 dev lo table local || true";
$sh[] = "{$ip} route del local 127.0.0.0/8 del lo table local || true";
$sh[] = "{$ip} -f inet rule add fwmark 1 lookup proxy || true";
$sh[] = "{$ip} -f inet route add local default dev lo table proxy || true";
$sh[] = "{$echo} 1 > /proc/sys/net/ipv4/ip_forward";
$sh[] = "{$echo} 0 > /proc/sys/net/ipv4/conf/default/rp_filter";
$sh[] = "{$echo} 0 > /proc/sys/net/ipv4/conf/all/rp_filter";
$sh[] = "{$echo} 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter";
$sh[] = "{$iptables} -t mangle -N DIVERT {$MARKLOG} || true";
$sh[] = "{$iptables} -t mangle -A DIVERT -j MARK --set-mark 1 {$MARKLOG} || true";
$sh[] = "{$iptables} -t mangle -A DIVERT -j ACCEPT {$MARKLOG} || true";
$sh[] = "{$iptables} -t mangle -A PREROUTING -p tcp -m socket -j DIVERT {$MARKLOG} || true";
$sh[] = "{$echo} \"Squid TProxy mode: enabled in transparent mode in {$squid->listen_port} Port (SSL_BUMP={$SSL_BUMP}) SSL PORT:{$ssl_port}\"";
$sh[] = "{$iptables} -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port {$squid->listen_port} {$MARKLOG} || true";
if ($SSL_BUMP == 1) {
$sh[] = "{$iptables} -t mangle -A PREROUTING -p tcp --dport 443 -j TPROXY --tproxy-mark 0x1/0x1 --on-port {$ssl_port} {$MARKLOG} || true";
}
return @implode("\n", $sh);
}