<?
// Loadbalancer.org core functions
// write_config_file();
// parse_config_file();
// Get_rip_label($thevip,$therip); Get the rip label
// Get_rip_no($thevip,$therip); This function looks up the rip number from the ldirectord table on request.
// Get_vip_label($thevip); Get the vip label
// Get_vip_no($thevip); Gets the rip no
// Get_port($virt); Find the port number from the vip i.e 80 from 10.0.0.20:80
// Get_service($theport); Lookup the service i.e. http from the port i.e. 80
// Get_ip($virt); Lookup the ip from the virt i.e. 10.0.0.20 from 10.0.0.20:80
// add_physical_vip($ip); Add vip to haresources if it doesn't already exist
// parse_status_file(); // Get the Virtual & Real Server Actual Status !
// active($status) ; // Tidy boolean convert
// draw_portlist(); // Tidy function to draw a drop down list of common internet services and ports
// draw_error($message); // Tidy function to draw and log an error
// draw_no_access($filename); // Tidy function to draw and log a file access error
// RIP_Exists($thevip,$therip); // This function checks if the RIP exists in the ldirectord table on request.
// VIP_Exists($thevip); // This function checks if the vip exists in the ldirectord table on request.
// VIP_IP_Exists($thevip); // This function checks if the vip IP (without the ":port"), exists in the ldirectord table on request. We use that to know if the IP must be removed from the haresources or not.
// update_haproxy_stats($ip); // When you change the physical ip on eth0 then update
Function parse_config_file() {
global $arrtext,$vnum,$rnum,$CHECKTIMEOUT,$CHECKINTERVAL,$AUTORELOAD;
global $CALLBACK,$VIRTUAL,$VIRTUAL_LABEL,$REAL,$FALLBACK,$FALLBACKMODE;
global $v,$r,$action,$subaction,$REALSERVICE,$EMAILALERT,$EMAILALERTFREQ,$REALWEIGHT,$REAL_LABEL,$SERVICE,$CHECKTYPE,$CHECKPORT,$REQUEST,$RECEIVE;
global $SCHEDULER,$PERSISTENT,$NETMASK,$PROTOCOL,$QUIESCENT,$FWDMETHOD,$VIRTUALHOST,$LOGIN,$PASSWD,$DATABASE,$NEGOTIATETIMEOUT,$CHECKCOUNT,$HTTPMETHOD,$FEEDBACK;
exec ("sudo chmod 777 /etc/ha.d/conf/ldirectord.cf");
if ($arrtext = file("/etc/ha.d/conf/ldirectord.cf")) {
} else {
draw_no_access("/etc/ha.d/conf/ldirectord.cf");
}
$vnum=0;
$rnum=0;
$VIRTUAL[0]="XXX";
$QUIESCENT="yes";
$AUTORELOAD="yes";
$CHECKTIMEOUT="20";
$CHECKINTERVAL="60";
$NEGOTIATETIMEOUT="20";
for ( $i=0; $i<count($arrtext); $i++) {
# If the line is not a remark then tokenise on = signs
if (substr(ltrim($arrtext[$i]),0,1) <> "#") {
$tok = strtok(ltrim($arrtext[$i]),"=\n\t");
while ($tok) {
$Attribute=$tok;
$tok = strtok(" \n\t");
$value1=$tok;
$tok = strtok(" \n\t");
$value2=$tok;
$tok = strtok(" \n\t");
$value3=$tok;
$tok = strtok(" \n\t");
$value4=$tok;
$tok = strtok(" \n\t");
$value5=$tok;
$tok = strtok(" \n\t");
while ($tok) {
$value5=$tok;
$tok = strtok(" \n\t");
}
# first word is attribute
switch ($Attribute) {
case "checktimeout":
$CHECKTIMEOUT=$value1;
break;
case "checkinterval":
$CHECKINTERVAL=$value1;
break;
case "negotiatetimeout":
$NEGOTIATETIMEOUT=$value1;
break;
case "quiescent":
$QUIESCENT=$value1;
break;
case "autoreload":
$AUTORELOAD=$value1;
break;
case "callback":
$CALLBACK=$value1;
break;
case "real":
$REAL[$vnum][$rnum]=$value1;
$REALSERVICE[$vnum][$rnum]=$value2;
$REALWEIGHT[$vnum][$rnum]=$value3;
$REAL_LABEL[$vnum][$rnum]=$value5;
preg_match('/".*",/', $arrtext[$i], $matches_request_response);
preg_match('/".*."/', $matches_request_response[0], $matches_request);
$requestwithspaces=$matches_request[0];
$rnum++;
break;
case "virtual":
$vnum++;
$rnum=0;
$VIRTUAL[$vnum]=$value1;
if (strlen($value2)<2) {
$value2="gate";
}
$FWDMETHOD[$vnum]=$value2;
$VIRTUAL_LABEL[$vnum]=$value3;
break;
case "checktype":
$CHECKTYPE[$vnum]=$value1;
break;
case "checkport":
$CHECKPORT[$vnum]=$value1;
break;
case "fallback":
$FALLBACK[$vnum]=$value1;
$FALLBACKMODE[$vnum]=$value2;
break;
case "virtualhost":
$value1=$var = eregi_replace("\"", "", $value1);
$VIRTUALHOST[$vnum]=$value1;
break;
case "login":
$value1=$var = eregi_replace("\"", "", $value1);
$LOGIN[$vnum]=$value1;
break;
case "passwd":
$value1=$var = eregi_replace("\"", "", $value1);
$PASSWD[$vnum]=$value1;
break;
case "service":
$SERVICE[$vnum]=$value1;
break;
case "request":
$REQUEST[$vnum]=$requestwithspaces;
break;
case "receive":
$value1=$var = eregi_replace("\"", "", $value1);
$RECEIVE[$vnum]=$value1.$value2.$value3;
break;
case "scheduler":
$SCHEDULER[$vnum]=$value1;
break;
case "emailalert":
$value1=$var = eregi_replace("\"", "", $value1);
$EMAILALERT[$vnum]=$value1.$value2.$value3;
break;
case "emailalertfreq":
$EMAILALERTFREQ[$vnum]=$value1;
break;
case "persistent":
$PERSISTENT[$vnum]=$value1;
break;
case "netmask":
$NETMASK[$vnum]=$value1;
break;
case "protocol":
$PROTOCOL[$vnum]=$value1;
break;
case "database":
$value1=$var = eregi_replace("\"", "", $value1);
$DATABASE[$vnum]=$value1;
break;
case "checkcount":
$CHECKCOUNT[$vnum]=$value1;
break;
case "httpmethod":
$HTTPMETHOD[$vnum]=$value1;
break;
case "feedback":
$FEEDBACK[$vnum]=$value1;
break;
}
# Second word is value
$tok = strtok(" \n\t");
}
}
}
}
Function write_config_file() {
global $DELETEVIRTUAL,$CHECKTIMEOUT,$CHECKINTERVAL,$AUTORELOAD;
global $CALLBACK,$VIRTUAL,$VIRTUAL_LABEL,$REAL,$FALLBACK,$FALLBACKMODE;
global $v,$r,$action,$subaction,$REALSERVICE,$REALWEIGHT,$REAL_LABEL,$SERVICE,$EMAILALERT,$EMAILALERTFREQ,$CHECKTYPE,$CHECKPORT,$REQUEST,$RECEIVE,$demo;
global $SCHEDULER,$PERSISTENT,$NETMASK,$PROTOCOL,$QUIESCENT,$FWDMETHOD,$VIRTUALHOST,$LOGIN,$PASSWD,$DATABASE,$NEGOTIATETIMEOUT,$CHECKCOUNT,$HTTPMETHOD,$FEEDBACK;
if ($file=fopen("/etc/ha.d/conf/ldirectord.cf","w")) {
fputs($file,"# Ldirectord configuration file\n");
fputs($file,"# Global options\n");
fputs($file,"checktimeout=$CHECKTIMEOUT\n");
fputs($file,"checkinterval=$CHECKINTERVAL\n");
if ($NEGOTIATETIMEOUT<>"") { fputs($file,"negotiatetimeout=$NEGOTIATETIMEOUT\n"); }
fputs($file,"quiescent=$QUIESCENT\n");
//byLeal
// fputs($file,"fallback=$FALLBACK[0]\n");
if ($AUTORELOAD<>"") { fputs($file,"autoreload=yes\n"); } else { fputs($file,"autoreload=$AUTORELOAD\n"); }
if ($CALLBACK<>"") { fputs($file,"callback=$CALLBACK\n"); }
for ( $i=1; $i<count($VIRTUAL); $i++) {
// Check its not due for removal
if ($DELETEVIRTUAL<>$i) {
fputs($file,"virtual=$VIRTUAL[$i] $FWDMETHOD[$i] $VIRTUAL_LABEL[$i]\n");
for ( $b=0; $b<count($REAL[$i]); $b++) {
if ($i==$v && $b==$r && $action=="modreal" && $subaction=="remove" ) { # flaged to remove
} else {
if (preg_match('/".*."/', $REQUEST[$i], $matches)) {
fputs($file,"\treal=" . $REAL[$i][$b]. " " . $REALSERVICE[$i][$b] . " " . $REALWEIGHT[$i][$b] . " " . $REQUEST[$i] . ",\"" . $RECEIVE[$i] . "\" " . $REAL_LABEL[$i][$b] . "\n");
} else {
fputs($file,"\treal=" . $REAL[$i][$b]. " " . $REALSERVICE[$i][$b] . " " . $REALWEIGHT[$i][$b] . " \"" . $REQUEST[$i] . "\",\"" . $RECEIVE[$i] . "\" " . $REAL_LABEL[$i][$b] . "\n");
}
}
}
$FALLBACKMODE[$i]=$FWDMETHOD[$i];
if ($FALLBACK[$i]<>"") {
if ($FALLBACKMODE[$i]<>"") {
fputs($file,"\tfallback=$FALLBACK[$i] $FALLBACKMODE[$i]\n");
} else {
fputs($file,"\tfallback=$FALLBACK[$i]\n");
}
}
fputs($file,"\tservice=$SERVICE[$i]\n");
fputs($file,"\tchecktype=$CHECKTYPE[$i]\n");
if ($PROTOCOL[$i]=="fwm" && $CHECKPORT[$i]=="") { $CHECKPORT[$i]="80"; }
if ($CHECKPORT[$i]<>"") { fputs($file,"\tcheckport=$CHECKPORT[$i]\n"); }
if ($REQUEST[$i]<>"") {
if (preg_match('/".*."/', $REQUEST[$i], $matches)) {
fputs($file,"\trequest=$REQUEST[$i]\n");
} else {
fputs($file,"\trequest=\"$REQUEST[$i]\"\n");
}
} else {
fputs($file,"\trequest=\"/\"\n");
}
if ($RECEIVE[$i]<>"") {fputs($file,"\treceive=\"$RECEIVE[$i]\"\n");}
if ($VIRTUALHOST[$i]<>"") { fputs($file,"\tvirtualhost=\"$VIRTUALHOST[$i]\"\n"); }
if ($LOGIN[$i]<>"") { fputs($file,"\tlogin=\"$LOGIN[$i]\"\n"); }
if ($PASSWD[$i]<>"") { fputs($file,"\tpasswd=\"$PASSWD[$i]\"\n"); }
if ($DATABASE[$i]<>"") { fputs($file,"\tdatabase=\"$DATABASE[$i]\"\n"); }
if ($CHECKCOUNT[$i]<>"") { fputs($file,"\tcheckcount=$CHECKCOUNT[$i]\n"); }
if ($HTTPMETHOD[$i]<>"") { fputs($file,"\thttpmethod=$HTTPMETHOD[$i]\n"); }
fputs($file,"\tscheduler=$SCHEDULER[$i]\n");
if ($EMAILALERT[$i]<>"") {fputs($file,"\temailalert=\"$EMAILALERT[$i]\"\n");}
if ($EMAILALERTFREQ[$i]<>"") {fputs($file,"\temailalertfreq=$EMAILALERTFREQ[$i]\n");}
if ($PERSISTENT[$i]<>"") { fputs($file,"\tpersistent=$PERSISTENT[$i]\n");}
if ($NETMASK[$i]<>"") { fputs($file,"\tnetmask=$NETMASK[$i]\n"); }
fputs($file,"\tprotocol=$PROTOCOL[$i]\n");
//byLeal
// if ($FEEDBACK[$i]<>"") { fputs($file,"\tfeedback=$FEEDBACK[$i]\n");}
} //end of removal check
}
fclose($file);
}
else { echo "Can't open the ldirectord.cf file for write access ?";}
}
function Get_vip_label($thevip){
// This function looks up the vip name from the ldirectord table on request.
global $VIRTUAL,$VIRTUAL_LABEL;
for ( $i=1; $i<count($VIRTUAL); $i++) {
// Scan each virtual server
if ($VIRTUAL[$i]==$thevip) {
$thelabel=$VIRTUAL_LABEL[$i];
}
}
return $thelabel;
}
function Get_vip_no($thevip){
// This function looks up the vip number from the ldirectord table on request.
global $VIRTUAL;
for ( $i=1; $i<count($VIRTUAL); $i++) {
// Scan each virtual server
if ($VIRTUAL[$i]==$thevip) {
$theno=$i;
}
}
return $theno;
}
function Get_rip_label($thevip,$therip){
// This function looks up the vip name from the ldirectord table on request.
global $VIRTUAL,$VIRTUAL_LABEL,$REAL,$REAL_LABEL;
for ( $i=1; $i<count($VIRTUAL); $i++) {
// Scan each virtual server
if ($VIRTUAL[$i]==$thevip) {
for ( $b=0; $b<count($REAL[$i]); $b++) {
if ($REAL[$i][$b]==$therip) {
$thelabel=$REAL_LABEL[$i][$b];
}
}
}
}
return $thelabel;
}
function VIP_IP_Exists($thevip){
// This function checks if the vip exists in the ldirectord table on request.
global $VIRTUAL;
$flag=0;
for ( $i=1; $i<count($VIRTUAL); $i++) {
// Scan each virtual server
$tok = strtok($VIRTUAL[$i],":");
if ($tok == $thevip) {
$flag++;
if ($flag == 2) {
return TRUE;
}
}
}
return FALSE;
}
function VIP_Exists($thevip){
// This function checks if the vip exists in the ldirectord table on request.
global $VIRTUAL;
for ( $i=1; $i<count($VIRTUAL); $i++) {
// Scan each virtual server
if ($VIRTUAL[$i]==$thevip) {
return TRUE;
}
}
return FALSE;
}
function Get_rip_no($thevip,$therip){
// This function looks up the vip number from the ldirectord table on request.
global $VIRTUAL,$REAL;
for ( $i=1; $i<count($VIRTUAL); $i++) {
// Scan each virtual server
if ($VIRTUAL[$i]==$thevip) {
for ( $b=0; $b<count($REAL[$i]); $b++) {
if ($REAL[$i][$b]==$therip) {
$theno=$b;
}
}
}
}
return $theno;
}
function RIP_Exists($thevip,$therip){
// This function checks if the RIP exists in the ldirectord table on request.
global $VIRTUAL,$VIRTUAL_LABEL,$REAL,$REAL_LABEL;
for ( $i=1; $i<count($VIRTUAL); $i++) {
// Scan each virtual server
if ($VIRTUAL[$i]==$thevip) {
for ( $b=0; $b<count($REAL[$i]); $b++) {
if ($REAL[$i][$b]==$therip) {
return TRUE;
}
}
}
}
return FALSE;
}
Function Get_port($virt){
// Find the port from the vip i.e. find 80 from 10.0.0.20:80
if (strlen($virt) >2) {
$tok = strtok($virt,":"); //first bit is the ip address
$tok = strtok(":"); //second bit is the port
$theport = $tok;
} else { # Its a firewall mark
$theport=0;
}
return $theport;
}
Function Get_service($theport){
// Return the type of service from the port i.e. if 80 return http
$theservice ="none"; //default response
switch ($theport) {
case "80":
$theservice="http";
break;
case "443":
$theservice="https";
break;
case "25":
$theservice="smtp";
break;
case "21":
$theservice="ftp";
break;
case "110":
$theservice="pop";
break;
case "143":
$theservice="imap";
break;
case "119":
$theservice="nntp";
break;
case "389":
$theservice="ldap";
break;
case "53":
$theservice="dns";
break;
case "5060":
$theservice="sip";
break;
case "3306":
$theservice="mysql";
break;
}
return $theservice;
}
Function Get_ip($virt){
// Find the ip from the vip i.e. find 10.0.0.20 from 10.0.0.20:80
$tok = strtok($virt,":"); //first bit is the ip address
$theip = $tok;
return $theip;
}
Function remove_physical_vip($ip) {
$VIPWRITEFILE=TRUE;
$hostname = rtrim(`/bin/hostname`);
$host = $_SERVER['HTTP_HOST'];
$tok = strtok($host,":");
$host=$tok;
if (($ip == $host) or (VIP_IP_Exists($ip))){
//if ($ip==$host){
//No need to remove host IP address
$VIPWRITEFILE=FALSE;
}
exec ("sudo chmod 777 /etc/ha.d/haresources");
if ($arrtext = file("/etc/ha.d/haresources")) {
} else {
draw_no_access("/etc/ha.d/haresources");
}
$i=0;
$tok = strtok(ltrim($arrtext[1])," \n\t");
while ($tok) {
$VIPS[$i] = $tok;
$tok = strtok(" \n\t");
$i++;
}
if ($VIPWRITEFILE==TRUE) {
$testIP=0;
if ($vipfile=fopen("/etc/ha.d/haresources","w")) {
fputs($vipfile, "# File auto-generated by SCOP\n");
//fputs($vipfile, $VIPS[0] . " ");
fputs($vipfile, $hostname . " ");
for ( $i=0; $i<count($VIPS)-1; $i++) {
$testIP = ip2long($VIPS[$i]);
if ($testIP == -1 || $testIP === FALSE) {
} else {
if ($VIPS[$i] != $ip ) {
fputs($vipfile, $VIPS[$i] . " ");
}
}
}
fputs ($vipfile, "LVSSyncDaemonSwap::master ldirectord postfix iptables\n");
}
fclose($vipfile);
#Copy settings to slave
flush();
exec ("sudo scp /etc/ha.d/haresources hide@address.com:/etc/ha.d/haresources > /dev/null 2>&1 &");
#Now force the activiation
#This only works if you have a clustered pair communicating
exec ("sudo /usr/lib/heartbeat/hb_takeover local > /dev/null 2>&1 &");
}
}
//BUG
Function add_physical_vip($ip) {
//Add the vip to hareasources as long as it doesn't already exist
$VIPWRITEFILE=TRUE;
$hostname = rtrim(`/bin/hostname`);
$fileresources = "/etc/ha.d/haresources";
$host = $_SERVER['HTTP_HOST'];
$tok = strtok($host,":");
$host=$tok;
$tok="";
if ($ip == $host) {
//No need to add host IP address
$VIPWRITEFILE=FALSE;
}
exec ("sudo chmod 777 $fileresources");
if ($config = file("$fileresources")) {
} else {
draw_no_access("$fileresources");
}
reset ($config);
foreach ($config as $line)
{
if ( $line == "" ) next($config); # Ignore blankline
elseif ( $line == "\n" ) next($config); # Ignore newline
elseif ( strstr($line,"#")) next($config); # Ignore comments
else {
$tok = strtok(ltrim($line)," \n\t");
}
}
$i=0;
while ($tok) {
if ($tok==$ip) {
//The vip is already present
$VIPWRITEFILE=FALSE;
}
$VIPS[$i] = $tok;
$tok = strtok(" \n\t");
$i++;
}
if ($ip=="127.0.0.1") {
//No need to add loopback
$VIPWRITEFILE=FALSE;
}
if ($VIPWRITEFILE==TRUE) {
$testIP=0;
if ($vipfile=fopen("/etc/ha.d/haresources","w")) {
fputs($vipfile, "# File auto-generated by SCOP\n");
//fputs($vipfile, $VIPS[0] . " ");
fputs($vipfile, $hostname . " ");
for ( $i=1; $i<count($VIPS)-1; $i++) {
$testIP = ip2long($VIPS[$i]);
if ($testIP == -1 || $testIP === FALSE) {
} else {
fputs($vipfile, $VIPS[$i] . " ");
}
}
fputs($vipfile, $ip . " ");
fputs ($vipfile, "LVSSyncDaemonSwap::master ldirectord postfix iptables\n");
}
fclose($vipfile);
echo "</br><p> $ip will be added as an alias to eth0.";
echo "</br><i> NB. You may need to <a href=\"restart.php?service=heartbeat\" onclick=\"return areyousure('Are you sure you want to restart heartbeat?')\">restart heartbeat</a> for this change to take effect.</i></p></br>";
#Copy settings to slave
flush();
exec ("sudo scp /etc/ha.d/haresources hide@address.com:/etc/ha.d/haresources > /dev/null 2>&1 &");
#Now force the activiation
#This only works if you have a clustered pair communicating
exec ("sudo /usr/lib/heartbeat/hb_takeover local > /dev/null 2>&1 &");
}
}
Function parse_status_file() {
// Get the Virtual or Real Server Actual Status !
// I think we need to parse the config file anyway
parse_config_file(); // Read the ldirectord.cf file and setup the global variables
// THIS IS BEING DONE TWICE ! GOOD GRIEF I'm sloppy!
global $REALWEIGHT_stat,$VIRTUALWEIGHT_stat,$REALACTIVECONS_stat;
global $FALLBACK;
parse_config_file(); // Read the file and setup the global variables
exec ("sudo /sbin/ipvsadm -Ln > /var/www/html/scop/stats/normal.html");
exec ("sudo chmod 777 /var/www/html/scop/stats/normal.html");
if ($arrtext = file("/var/www/html/scop/stats/normal.html")) {
} else {
draw_no_access("/var/www/html/scop/stats/normal.html");
}
warn_no_results($arrtext);
#if (count($arrtext)==3) {
# draw_error ("ERROR : No results returned while parsing the real status of the ipvsadm table...");
# draw_error ("WARNING : Possible ldirectord configuration problem..");
# }
$item=0;
for ( $i=3; $i<count($arrtext); $i++) {
# If the line is not a remark then tokenise on newline or tab
$tok = strtok(ltrim($arrtext[$i])," \n\t");
while ($tok) {
$value0[$item]=$tok;
#echo "</br>attribute = " . $Attribute[$item];
$tok = strtok(" \n\t");
$value1[$item]=$tok;
#echo "</br>value1 = " . $value1[$item]; // ip address
$tok = strtok(" \n\t");
$value2[$item]=$tok;
#echo "</br>value2 = " . $value2[$item];
$tok = strtok(" \n\t");
$value3[$item]=$tok;
#echo "</br>value3 = " . $value3[$item]; // The weight
$tok = strtok(" \n\t");
$value4[$item]=$tok;
#echo "</br>value4 = " . $value4[$item]; // actual connections
$tok = strtok(" \n\t");
$value5[$item]=$tok;
#echo "</br>value5 = " . $value5[$item];
$tok = strtok(" \n\t");
$value5[$item]=$tok;
#echo "</br>value5 = " . $value5[$item];
# first word is attribute
# Second word is value
$tok = strtok(" \n\t");
$item=$item+1;
}
}
$VIP=0;
for ( $b=0; $b<$item; $b++) {
If ($value0[$b]=="TCP" OR $value0[$b]=="FWM" OR $value0[$b]=="UDP") {
$RIP=0;
$VIP=$VIP+1;
$thevip=$value1[$b];
$w=0; // like $b but resets with each VIP loop
$VIP=Get_vip_no($thevip); // Force the correct VIP number
} else { // Deal with each real server entry
If ($value1[$b] <> $FALLBACK[$VIP]) { // Ignore it if it is the fallback address
$w = Get_rip_no($thevip,$value1[$b]); // Force the rip no to be correct
$REALWEIGHT_stat[$VIP][$w] = $value3[$b]; //Get the actual status NOW.
$REALACTIVECONS_stat[$VIP][$w] = $value4[$b]; //Get the actual connections status NOW.
If ($value3[$b] >= 1 ) {$VIRTUALWEIGHT_stat[$VIP] = 1;}
else {$VIRTUALWEIGHT_stat[$VIP] = 0;}
$w=$w+1;
} else {$VIRTUALWEIGHT_stat[$VIP] = 0;}
}
} // End of parsing ipvsadm file...
} // end of parse_status_file();
function active($status) {
GLOBAL $l,$e53,$e54,$p53,$p54,$d53,$d54,$f53,$f54,$s53,$s54;
// active($status) ; // Tidy boolean convert
$trans="53";
$a53 = "${$l.$trans}";
$trans="54";
$a54 = "${$l.$trans}";
If ($status >= 1) {
$status = "<font color=\"#0ef42d\"><i> $a54 </i></font>";
} else {
$status = "<font color=\"red\"><i>$a53</i></font>";
}
return $status;
} // end of active($status)
function draw_portlist() {
// Tidy function to draw a drop down list of common internet services
echo "<select name=\"portno\" onclick=\"updateportno()\">";
echo "<OPTION VALUE=\"80\" ";
echo "selected=\"true\"";
echo ">http (80)";
echo "<OPTION VALUE=\"443\" ";
echo ">https (443)";
echo "<OPTION VALUE=\"25\" " ;
echo ">smtp (25)";
echo "</select>";
helpitem("5-1-5");
}
function draw_error($message) {
// Tidy function to draw and log an error
echo "<h3> $message </h3>";
SCOP_log($message);
}
function draw_no_access($filename) {
// Tidy function to draw and log a file access error
echo "<h3> ERROR : The file <b>$filename</b> does not have the correct permissions.</h3>";
SCOP_log("ERROR : Can't access file $filename");
}
function warn_no_results($arrtext) {
// Quick function to avoid duplication
if (count($arrtext)==3) {
echo "<h3>Warning: The system may still be booting or you may have no services configured. </h3>";
}
}
Function L7parse_config_file() {
global $L7vnum,$L7rnum,$v,$r,$action,$subaction,$demo,$L7VIRTUAL,$L7VIRTUAL_LABEL,$L7REAL,$L7REAL_LABEL,$L7VIRTUAL_COOKIE,$L7REAL_WEIGHT,$L7VIRTUAL_MODE,$L7VIRTUAL_FALLBACK;
exec ("sudo chmod 777 /etc/haproxy/haproxy.cfg");
if ($arrtext = file("/etc/haproxy/haproxy.cfg")) {
} else {
draw_no_access("/etc/haproxy/haproxy.cfg");
}
$L7vnum=0;
$L7rnum=0;
$L7VIRTUAL[0]="XXX";
# open a new file
for ( $i=0; $i<count($arrtext); $i++) {
# If the line is not a remark then tokenise on = signs
if (substr(ltrim($arrtext[$i]),0,1) <> "#") {
$tok = strtok(ltrim($arrtext[$i])," =\n\t");
while ($tok) {
$Attribute=$tok;
$tok = strtok(" \n\t");
$value1=$tok;
$tok = strtok(" \n\t");
$value2=$tok;
$tok = strtok(" \n\t");
$value3=$tok;
$tok = strtok(" \n\t");
$value4=$tok;
$tok = strtok(" \n\t");
$value5=$tok;
#echo "atribute=$Attribute v1=$value1 v2=$value2 v3=$value3 v4=$value4 v5=$value5 <br />";
#echo "ARRAY=$arrtext[$i] <br />";
# first word is attribute
switch ($Attribute) {
case "server":
if ($value1<>"backup") {
$L7REAL[$L7vnum][$L7rnum]=$value2;
$L7REAL_LABEL[$L7vnum][$L7rnum]=$value1;
$L7REAL_WEIGHT[$L7vnum][$L7rnum]=$value4;
$L7rnum++;
} else {
$L7VIRTUAL_FALLBACK[$L7vnum]=$value2;
}
break;
case "listen":
$L7vnum++;
$L7rnum=0;
$L7VIRTUAL[$L7vnum]=$value2;
$L7VIRTUAL_LABEL[$L7vnum]=$value1;
break;
case "cookie":
$L7VIRTUAL_COOKIE[$L7vnum]=$value1." ".$value2." ".$value3." ".$value4;
break;
case "mode":
$L7VIRTUAL_MODE[$L7vnum]=$value1;
break;
case "balance":
if ($value1=="source") {
$L7VIRTUAL_COOKIE[$L7vnum]="source";
}
break;
}
# Second word is value
$tok = strtok(" \n\t");
}
}
}
}
Function L7write_config_file() {
global $L7vnum,$L7rnum,$L7DELETEVIRTUAL,$v,$r,$action,$subaction,$demo,$L7VIRTUAL,$L7VIRTUAL_LABEL,$L7REAL,$L7REAL_LABEL,$L7VIRTUAL_COOKIE,$L7REAL_WEIGHT,$L7VIRTUAL_MODE,$L7VIRTUAL_FALLBACK,$L7UPDATE_STATS_IP;
if ($file=fopen("/etc/haproxy/haproxy.cfg","w")) {
fputs($file,"# HAProxy configuration file\n");
fputs($file,"global\n");
fputs($file,"\tchroot /usr/share/haproxy\n");
fputs($file,"\tuid 99\n");
fputs($file,"\tgid 99\n");
fputs($file,"\tdaemon\n");
fputs($file,"\tmaxconn 32000\n");
fputs($file,"\tulimit-n 65536\n");
fputs($file,"\tpidfile /var/run/haproxy.pid\n");
fputs($file,"defaults\n");
fputs($file,"\tmode http\n");
fputs($file,"\tcontimeout 5000\n");
fputs($file,"\tclitimeout 50000\n");
fputs($file,"\tsrvtimeout 50000\n");
fputs($file,"\tbalance roundrobin\n");
for ( $i=1; $i<count($L7VIRTUAL); $i++) {
// Check its not due for removal
if ($L7DELETEVIRTUAL<>$i) {
if ($L7VIRTUAL_LABEL[$i]!="stats") {
fputs($file,"listen\t$L7VIRTUAL_LABEL[$i] $L7VIRTUAL[$i]\n");
fputs($file,"\tmode\t$L7VIRTUAL_MODE[$i]\n");
fputs($file,"\tmaxconn\t32000\n");
if ($L7VIRTUAL_MODE[$i]!="tcp") {
fputs($file,"\toption\tforwardfor\n");
}
if (strlen($L7VIRTUAL_COOKIE[$i])>=1 && $L7VIRTUAL_COOKIE[$i]!="source") {
fputs($file,"\tcookie\t$L7VIRTUAL_COOKIE[$i]\n");
}
if ($L7VIRTUAL_COOKIE[$i]=="source") {
fputs($file,"\tbalance source\n");
}
for ( $b=0; $b<count($L7REAL[$i]); $b++) {
if ($i==$v && $b==$r && $action=="modreal" && $subaction=="remove" ) { # flaged to remove
} else {
if (strlen($L7VIRTUAL_COOKIE[$i])>=1 && $L7VIRTUAL_COOKIE[$i]!="source") {
fputs($file,"\tserver " . $L7REAL_LABEL[$i][$b] . " " . $L7REAL[$i][$b] . " weight ". $L7REAL_WEIGHT[$i][$b] . " cookie " . $L7REAL_LABEL[$i][$b] . " check\n");
} else {
fputs($file,"\tserver " . $L7REAL_LABEL[$i][$b] . " " . $L7REAL[$i][$b] . " weight ". $L7REAL_WEIGHT[$i][$b] . " check\n");
}
}
}
fputs($file,"\tserver\tbackup " . $L7VIRTUAL_FALLBACK[$i] . " backup\n");
} else { //end of stats check put statistics code in
if (strlen($L7UPDATE_STATS_IP)>=1) {
fputs($file,"listen\t$L7VIRTUAL_LABEL[$i] $L7UPDATE_STATS_IP\n");
} else {
fputs($file,"listen\t$L7VIRTUAL_LABEL[$i] $L7VIRTUAL[$i]\n");
}
fputs($file,"\tstats\tenable\n");
fputs($file,"\tstats\turi /\n");
#fputs($file,"\tserver\tdummy 127.0.0.1:80\n");
}
} //end of removal check
}
fclose($file);
exec ("sudo scp /etc/haproxy/haproxy.cfg hide@address.com:/etc/haproxy/haproxy.cfg > /dev/null 2>&1 &");
}
else { echo "Can't open the HAproxy.cfg file for write access?";}
}
Function SLLparse_config_file() {
global $SLLvnum,$SLLrnum,$v,$r,$action,$subaction,$demo,$SLLVIRTUAL,$SLLVIRTUAL_LABEL;
exec ("sudo chmod 777 /usr/local/etc/pound.cfg");
if ($arrtext = file("/usr/local/etc/pound.cfg")) {
} else {
draw_no_access("/usr/local/etc/pound.cfg");
}
$SLLvnum=0;
$SLLrnum=0;
$SSLVIRTUAL[0]="XXX";
# open a new file
for ( $i=0; $i<count($arrtext); $i++) {
# If the line is not a remark then tokenise on = signs
if (substr(ltrim($arrtext[$i]),0,1) <> "#") {
$tok = strtok(ltrim($arrtext[$i])," =\n\t");
while ($tok) {
$Attribute=$tok;
$tok = strtok(" \n\t");
$value1=$tok;
$tok = strtok(" \n\t");
$value2=$tok;
$tok = strtok(" \n\t");
$value3=$tok;
$tok = strtok(" \n\t");
$value4=$tok;
$tok = strtok(" \n\t");
$value5=$tok;
#echo "atribute=$Attribute v1=$value1 v2=$value2 v3=$value3 v4=$value4 v5=$value5 <br />";
#echo "ARRAY=$arrtext[$i] <br />";
# first word is attribute
switch ($Attribute) {
case "ListenHTTPS":
$SLLvnum++;
$SLLrnum=0;
$value1=$var = eregi_replace(",", ":", $value1);
$SLLVIRTUAL[$SLLvnum]=$value1;
break;
case "BackEnd":
$value1=$var = eregi_replace(",", ":", $value1);
$value1 = substr($value1, 0, -2);
$SLLVIRTUAL_LABEL[$SLLvnum]=$value1;
break;
}
# Second word is value
$tok = strtok(" \n\t");
}
}
}
}
Function SLLwrite_config_file() {
global $SLLvnum,$SLLrnum,$SLLDELETEVIRTUAL,$v,$r,$action,$subaction,$demo,$SLLVIRTUAL,$SLLVIRTUAL_LABEL,$SLLREAL,$SLLREAL_LABEL,$SLLVIRTUAL_COOKIE,$SLLREAL_WEIGHT;
if ($file=fopen("/usr/local/etc/pound.cfg","w")) {
fputs($file,"# Pound configuration file\n");
fputs($file,"User\tnobody\n");
fputs($file,"Group\tnobody\n");
fputs($file,"ExtendedHTTP\t0\n");
fputs($file,"WebDAV\t0\n");
fputs($file,"LogLevel\t0\n");
fputs($file,"RewriteRedirect\t0\n\n");
for ( $i=1; $i<=count($SLLVIRTUAL); $i++) {
// Check its not due for removal
$value1=$SLLVIRTUAL[$i];
$value2=$SLLVIRTUAL_LABEL[$i];
if ($SLLDELETEVIRTUAL<>$i) {
$value1=$var = eregi_replace(":", ",", $value1);
fputs($file,"ListenHTTPS $value1 /usr/local/etc/server$i.pem \n");
fputs($file,"UrlGroup \".*\"\n");
$value2=$var = eregi_replace(":", ",", $value2);
fputs($file,"BackEnd $value2,1\n");
fputs($file,"EndGroup\n\n");
} //end of removal check
}
fclose($file);
exec ("sudo scp /usr/local/etc/pound.cfg hide@address.com:/usr/local/etc/pound.cfg > /dev/null 2>&1 &");
}
else { echo "Can't open the Pound.cfg file for write access?";}
}
function update_haproxy_stats($ip) {
global $L7UPDATE_STATS_IP;
L7parse_config_file();
$L7UPDATE_STATS_IP = $ip . ":7777" ;
L7write_config_file();
}
?>