}
}
if (!($proxysettings{'FILEDESCRIPTORS'} =~ /^\d+/) ||
- ($proxysettings{'FILEDESCRIPTORS'} < 1) || ($proxysettings{'FILEDESCRIPTORS'} > 16384))
+ ($proxysettings{'FILEDESCRIPTORS'} < 1) || ($proxysettings{'FILEDESCRIPTORS'} > 65536))
{
$errormessage = $Lang::tr{'proxy errmsg filedescriptors'};
goto ERROR;
&read_acls;
}
+# ------------------------------------------------------------------
+
+# Hook to regenerate the configuration files, if cgi got called from command line.
+if ($ENV{"REMOTE_ADDR"} eq "") {
+ writeconfig();
+ exit(0);
+}
+
+# -------------------------------------------------------------------
+
$checked{'ENABLE'}{'off'} = '';
$checked{'ENABLE'}{'on'} = '';
$checked{'ENABLE'}{$proxysettings{'ENABLE'}} = "checked='checked'";
END
;
+
+ # Include file with user defined settings.
+ if (-e "/etc/squid/squid.conf.pre.local") {
+ print FILE "include /etc/squid/squid.conf.pre.local\n\n";
+ }
+
print FILE "http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
if ($proxysettings{'TRANSPARENT'} eq 'on') { print FILE " transparent" }
if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
if ($proxysettings{'LOGGING'} eq 'on')
{
print FILE <<END
-access_log /var/log/squid/access.log
+access_log stdio:/var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
END
;
- if ($proxysettings{'LOGUSERAGENT'} eq 'on') { print FILE "useragent_log \/var\/log\/squid\/user_agent.log\n"; }
+ if ($proxysettings{'LOGUSERAGENT'} eq 'on') { print FILE "access_log stdio:\/var\/log\/squid\/user_agent.log useragent\n"; }
if ($proxysettings{'LOGQUERY'} eq 'on') { print FILE "\nstrip_query_terms off\n"; }
} else {
print FILE <<END
{
if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
{
- print FILE "auth_param basic program $authdir/ncsa_auth $userdb\n";
+ print FILE "auth_param basic program $authdir/basic_ncsa_auth $userdb\n";
print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
print FILE "auth_param basic realm $authrealm\n";
print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
if ($proxysettings{'AUTH_METHOD'} eq 'ldap')
{
print FILE "auth_param basic utf8 on\n";
- print FILE "auth_param basic program $authdir/squid_ldap_auth -b \"$proxysettings{'LDAP_BASEDN'}\"";
+ print FILE "auth_param basic program $authdir/basic_ldap_auth -b \"$proxysettings{'LDAP_BASEDN'}\"";
if (!($proxysettings{'LDAP_BINDDN_USER'} eq '')) { print FILE " -D \"$proxysettings{'LDAP_BINDDN_USER'}\""; }
if (!($proxysettings{'LDAP_BINDDN_PASS'} eq '')) { print FILE " -w $proxysettings{'LDAP_BINDDN_PASS'}"; }
if ($proxysettings{'LDAP_TYPE'} eq 'ADS')
print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n";
if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
} else {
- print FILE "auth_param basic program $authdir/msnt_auth\n";
+ print FILE "auth_param basic program $authdir/basic_msnt_auth\n";
print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
print FILE "auth_param basic realm $authrealm\n";
print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
if ($proxysettings{'AUTH_METHOD'} eq 'radius')
{
- print FILE "auth_param basic program $authdir/squid_radius_auth -h $proxysettings{'RADIUS_SERVER'} -p $proxysettings{'RADIUS_PORT'} ";
+ print FILE "auth_param basic program $authdir/basic_radius_auth -h $proxysettings{'RADIUS_SERVER'} -p $proxysettings{'RADIUS_PORT'} ";
if (!($proxysettings{'RADIUS_IDENTIFIER'} eq '')) { print FILE "-i $proxysettings{'RADIUS_IDENTIFIER'} "; }
print FILE "-w $proxysettings{'RADIUS_SECRET'}\n";
print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
print FILE "acl blocked_mimetypes rep_mime_type \"$mimetypes\"\n\n";
}
- print FILE <<END
-#acl all src all
-acl localhost src 127.0.0.1/32
-END
-;
open (PORTS,"$acl_ports_ssl");
@temp = <PORTS>;
close PORTS;
close (ACL);
}
if ((!-z $extgrp) && ($proxysettings{'AUTH_METHOD'} eq 'ncsa') && ($proxysettings{'NCSA_BYPASS_REDIR'} eq 'on')) { print FILE "\nredirector_access deny for_extended_users\n"; }
+
+ # Check if squidclamav is enabled.
+ if ($proxysettings{'ENABLE_CLAMAV'} eq 'on') {
+ print FILE "\n#Settings for squidclamav:\n";
+ print FILE "http_port 127.0.0.1:$proxysettings{'PROXY_PORT'} transparent\n";
+ print FILE "acl purge method PURGE\n";
+ print FILE "http_access deny to_localhost\n";
+ print FILE "http_access allow localhost\n";
+ print FILE "http_access allow purge localhost\n";
+ print FILE "http_access deny purge\n";
+ print FILE "url_rewrite_access deny localhost\n";
+ }
print FILE <<END
#Access to squid:
print FILE "include /etc/squid/squid.conf.local\n";
}
close FILE;
+
+ # Proxy settings for squidclamav - if installed.
+ #
+ # Check if squidclamav is enabled.
+ if ($proxysettings{'ENABLE_CLAMAV'} eq 'on') {
+
+ my $configfile='/etc/squidclamav.conf';
+
+ my $data = &General::read_file_utf8($configfile);
+ $data =~ s/squid_port [0-9]+/squid_port $proxysettings{'PROXY_PORT'}/g;
+ &General::write_file_utf8($configfile, $data);
+ }
}
# -------------------------------------------------------------------