X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Fproxy.cgi;h=870042ae519e2044119d8fbe06bd8a848626e197;hb=2e99ab8bf8a1dc79d1c411281bd82a19acf1c9dc;hp=0b28c2adf36a4fa0738147fc1bc768c158144755;hpb=92d75b2ed53e72427beab0dbda8f06577d42e4c5;p=people%2Fteissler%2Fipfire-2.x.git diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 0b28c2adf..870042ae5 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2012 IPFire Team # +# Copyright (C) 2007-2013 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -221,6 +221,7 @@ $proxysettings{'MEM_POLICY'} = 'LRU'; $proxysettings{'CACHE_POLICY'} = 'LRU'; $proxysettings{'L1_DIRS'} = '16'; $proxysettings{'OFFLINE_MODE'} = 'off'; +$proxysettings{'CACHE_DIGESTS'} = 'off'; $proxysettings{'CLASSROOM_EXT'} = 'off'; $proxysettings{'SUPERVISOR_PASSWORD'} = ''; $proxysettings{'NO_PROXY_LOCAL'} = 'off'; @@ -380,7 +381,7 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'} } } if (!($proxysettings{'FILEDESCRIPTORS'} =~ /^\d+/) || - ($proxysettings{'FILEDESCRIPTORS'} < 1) || ($proxysettings{'FILEDESCRIPTORS'} > 16384)) + ($proxysettings{'FILEDESCRIPTORS'} < 1) || ($proxysettings{'FILEDESCRIPTORS'} > 65536)) { $errormessage = $Lang::tr{'proxy errmsg filedescriptors'}; goto ERROR; @@ -698,6 +699,16 @@ if (!$errormessage) &read_acls; } +# ------------------------------------------------------------------ + +# Hook to regenerate the configuration files, if cgi got called from command line. +if ($ENV{"REMOTE_ADDR"} eq "") { + writeconfig(); + exit(0); +} + +# ------------------------------------------------------------------- + $checked{'ENABLE'}{'off'} = ''; $checked{'ENABLE'}{'on'} = ''; $checked{'ENABLE'}{$proxysettings{'ENABLE'}} = "checked='checked'"; @@ -737,6 +748,9 @@ $selected{'L1_DIRS'}{$proxysettings{'L1_DIRS'}} = "selected='selected'"; $checked{'OFFLINE_MODE'}{'off'} = ''; $checked{'OFFLINE_MODE'}{'on'} = ''; $checked{'OFFLINE_MODE'}{$proxysettings{'OFFLINE_MODE'}} = "checked='checked'"; +$checked{'CACHE_DIGESTS'}{'off'} = ''; +$checked{'CACHE_DIGESTS'}{'on'} = ''; +$checked{'CACHE_DIGESTS'}{$proxysettings{'CACHE_DIGESTS'}} = "checked='checked'"; $checked{'LOGGING'}{'off'} = ''; $checked{'LOGGING'}{'on'} = ''; @@ -1170,6 +1184,10 @@ print <$Lang::tr{'advproxy offline mode'}: + + $Lang::tr{'advproxy cache-digest'}: + +
@@ -3053,6 +3071,12 @@ icp_port 0 END ; + + # Include file with user defined settings. + if (-e "/etc/squid/squid.conf.pre.local") { + print FILE "include /etc/squid/squid.conf.pre.local\n\n"; + } + print FILE "http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}"; if ($proxysettings{'TRANSPARENT'} eq 'on') { print FILE " transparent" } if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" } @@ -3097,7 +3121,8 @@ END print FILE "error_directory $errordir/$proxysettings{'ERR_LANGUAGE'}\n\n"; if ($proxysettings{'OFFLINE_MODE'} eq 'on') { print FILE "offline_mode on\n\n"; } - + if ($proxysettings{'CACHE_DIGESTS'} eq 'on') { print FILE "digest_generation on\n\n"; } else { print FILE "digest_generation off\n\n"; } + if ((!($proxysettings{'MEM_POLICY'} eq 'LRU')) || (!($proxysettings{'CACHE_POLICY'} eq 'LRU'))) { if (!($proxysettings{'MEM_POLICY'} eq 'LRU')) @@ -3433,6 +3458,19 @@ END close (ACL); } if ((!-z $extgrp) && ($proxysettings{'AUTH_METHOD'} eq 'ncsa') && ($proxysettings{'NCSA_BYPASS_REDIR'} eq 'on')) { print FILE "\nredirector_access deny for_extended_users\n"; } + + # Check if squidclamav is enabled. + if ($proxysettings{'ENABLE_CLAMAV'} eq 'on') { + print FILE "\n#Settings for squidclamav:\n"; + print FILE "http_port 127.0.0.1:$proxysettings{'PROXY_PORT'} transparent\n"; + print FILE "acl to_localhost dst 127.0.0.0/8\n"; + print FILE "acl purge method PURGE\n"; + print FILE "http_access deny to_localhost\n"; + print FILE "http_access allow localhost\n"; + print FILE "http_access allow purge localhost\n"; + print FILE "http_access deny purge\n"; + print FILE "url_rewrite_access deny localhost\n"; + } print FILE <