One Hat Cyber Team

Your IP : 216.73.216.115
Server IP : 194.44.31.54
Server : Linux zen.imath.kiev.ua 4.18.0-553.77.1.el8_10.x86_64 #1 SMP Fri Oct 3 14:30:23 UTC 2025 x86_64
Server Software : Apache/2.4.37 (Rocky Linux) OpenSSL/1.1.1k
PHP Version : 5.6.40
Buat File | Buat Folder
Dir : ~/home/vo/
View File Name : watchsquidlog

#!/usr/bin/perl

use POSIX 'setsid';
use POSIX 'getpid';
use strict;
use DBI;

# begin user customizable section
# MySQL username, password, host and database name
my $username="squid";
my $password='$@!*';
my $hostname="asterix";
my $database="squid";
# where to look for log file
my $logfile="/var/log/squid/access.log";
# where squid lives
my $squid="/usr/sbin/squid";
# check the file every 15 sec
my $resttime=15;
# PID lock file
my $pidfile="/var/run/squidometer.pid";
# end user customizable section

my $logline;
my $host;
my $dbh;
my $oldpid;
my $newinode;

sub daemonize {
    chdir '/'               or die "Can't chdir to /: $!";
    open STDIN, '/dev/null' or die "Can't read /dev/null: $!";
    open STDOUT, '>/dev/null' or die "Can't write to /dev/null: $!";
    defined(my $pid = fork) or die "Can't fork: $!";
    exit if $pid;
    setsid                  or die "Can't start a new session: $!";
    open STDERR, '>&STDOUT' or die "Can't dup stdout: $!";
}

sub byebye {
    close LOGFILE;
    $dbh->disconnect();
    unlink $pidfile;
    exit 0;
}

# Start here
# check if already running
if(-e $pidfile){
    $oldpid=`cat $pidfile`;
    die "Already runnig as process $oldpid\n";
}

-e $logfile or   die "File $logfile does not exists\n";

# we don't like duplicates in database, rotate the logfile
my $reply=`$squid -k rotate 2>&1 >/dev/null`;
chomp $reply;
!$reply or die "squid not running\n";

#die "just so";
daemonize;

# write PID lock
open(PIDFILE,">$pidfile") or die "cannot open $pidfile\n";
print PIDFILE getpid or die "cannot write to $pidfile\n";
close PIDFILE;

# trap termination signal
$SIG{TERM}='byebye';


# we use inode to check if the file is rotated
my $inode=(stat($logfile))[1];


#sleep(5);

open(LOGFILE,$logfile) or die "cannot open $logfile\n";

$dbh=DBI->connect("DBI:mysql:database=$database;host=$hostname", $username, $password, {RaiseError =>0});

# main cycle
for(;;){
    if($logline=<LOGFILE>){
	# do the job
	# take parts of the line
	my @logdata=split(/\s+/,$logline);
	my $logtime=$logdata[0];
	my @logtimes=localtime($logtime);
	my $year=$logtimes[5]+1900;
	my $month=$logtimes[4]+1;
	my $day=$logtimes[3];
	my $time=$logtimes[2].":".$logtimes[1].":".$logtimes[0];
	my $datetime=$year."-".$month."-".$day." ".$time;
	my $client=$logdata[2];
	my $size=$logdata[4];
	my $resource=$logdata[6];
	$resource=~s|.*?//.+?/(.*)$|$1|;
	my @request=split(/\//,$logdata[6]);
	if($request[2]){
	    $host=$request[2];
	}
	else{
	    $host=$logdata[6];
	}
#	print $year." ".$month." ".$day." ".$time." ".$client." ".$size." ".$host."\n";

	$dbh->do(q{INSERT INTO squid (date,client,amount,site,resource) values(?,?,?,?,?)}, undef, $datetime, $client,$size,$host,$resource);
	
    }
    else{
	# end of file reached. what now?
	# check if the file is rotated and reopen new one
	$newinode = (stat($logfile))[1];
	if ($inode ne $newinode){
	    $inode=$newinode;
	    close LOGFILE;
	    open(LOGFILE,$logfile);
#	    print "rotated\n";
	}
#	print "waiting for a while...\n";
	sleep($resttime);
    }
    
}

# we will hardly get there, but anyway...