From dfee7582f9b386126fcaa6c8cdcb98677e34f5b4 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sun, 23 Jun 2013 22:29:30 +0200 Subject: [PATCH] Increase performance of the squidclamav redirector. To boost up the performance, now we trust the proxy cache. I add some changes to the proxy.cgi to configure the proxy and the squidclamav in the right way. I also add a hook that allows us to generate a new configuration if the cgi script will be launched from the shell. Fixes #10367. --- config/cfgroot/general-functions.pl | 23 ++++++++++++++++ html/cgi-bin/proxy.cgi | 41 ++++++++++++++++++++++++----- 2 files changed, 58 insertions(+), 6 deletions(-) diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index 90eacbdb0..fbca601e4 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -1008,4 +1008,27 @@ sub MakeUserAgent() { return $user_agent; } +# Function to read a file with UTF-8 charset. +sub read_file_utf8 ($) { + my ($file) = @_; + + open my $in, '<:encoding(UTF-8)', $file or die "Could not open '$file' for reading $!"; + local $/ = undef; + my $all = <$in>; + close $in; + + return $all; +} + +# Function to write a file with UTF-8 charset. +sub write_file_utf8 ($) { + my ($file, $content) = @_; + + open my $out, '>:encoding(UTF-8)', $file or die "Could not open '$file' for writing $!";; + print $out $content; + close $out; + + return; +} + 1; diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index fb313ac7c..c42d35a95 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -699,6 +699,16 @@ if (!$errormessage) &read_acls; } +# ------------------------------------------------------------------ + +# Hook to regenerate the configuration files, if cgi got called from command line. +if ($ENV{"REMOTE_ADDR"} eq "") { + writeconfig(); + exit(0); +} + +# ------------------------------------------------------------------- + $checked{'ENABLE'}{'off'} = ''; $checked{'ENABLE'}{'on'} = ''; $checked{'ENABLE'}{$proxysettings{'ENABLE'}} = "checked='checked'"; @@ -3061,12 +3071,6 @@ icp_port 0 END ; - - # Include file with user defined settings. - if (-e "/etc/squid/squid.conf.pre.local") { - print FILE "include /etc/squid/squid.conf.pre.local\n\n"; - } - print FILE "http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}"; if ($proxysettings{'TRANSPARENT'} eq 'on') { print FILE " transparent" } if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" } @@ -3448,6 +3452,19 @@ END close (ACL); } if ((!-z $extgrp) && ($proxysettings{'AUTH_METHOD'} eq 'ncsa') && ($proxysettings{'NCSA_BYPASS_REDIR'} eq 'on')) { print FILE "\nredirector_access deny for_extended_users\n"; } + + # Check if squidclamav is enabled. + if ($proxysettings{'ENABLE_CLAMAV'} eq 'on') { + print FILE "\n#Settings for squidclamav:\n"; + print FILE "http_port 127.0.0.1:$proxysettings{'PROXY_PORT'} transparent\n"; + print FILE "acl to_localhost dst 127.0.0.0/8\n"; + print FILE "acl purge method PURGE\n"; + print FILE "http_access deny to_localhost\n"; + print FILE "http_access allow localhost\n"; + print FILE "http_access allow purge localhost\n"; + print FILE "http_access deny purge\n"; + print FILE "url_rewrite_access deny localhost\n"; + } print FILE <