my %checked=();
my %selected=();
-my @throttle_limits=(64,128,256,384,512,768,1024,1280,1536,1792,2048,2560,3072,3584,4096,5120,6144,7168,8192,10240,12288,16384,20480);
+my @throttle_limits=(64,128,256,512,1024,1536,2048,3072,4096,5120,6144,7168,8192,10240,16384,20480,51200,102400);
my $def_ports_safe="80 # http\n21 # ftp\n443 # https\n563 # snews\n70 # gopher\n210 # wais\n1025-65535 # unregistered ports\n280 # http-mgmt\n488 # gss-http\n591 # filemaker\n777 # multiling http\n800 # Squids port (for icons)\n";
my $def_ports_ssl="443 # https\n563 # snews\n";
my $identhosts = "$identdir/hosts";
-my $authdir = "/usr/lib/squid/";
+my $authdir = "/usr/lib/squid";
my $errordir = "/usr/lib/squid/errors";
my $acl_src_subnets = "$acldir/src_subnets.acl";
my $acl_ports_ssl = "$acldir/ports_ssl.acl";
my $acl_include = "$acldir/include.acl";
+my $acl_dst_noproxy_url = "$acldir/dst_noproxy_url.acl";
+my $acl_dst_noproxy_ip = "$acldir/dst_noproxy_ip.acl";
+
my $updaccelversion = 'n/a';
my $urlfilterversion = 'n/a';
$proxysettings{'VISIBLE_HOSTNAME'} = '';
$proxysettings{'ADMIN_MAIL_ADDRESS'} = '';
$proxysettings{'ADMIN_PASSWORD'} = '';
-$proxysettings{'ERR_LANGUAGE'} = 'German';
+$proxysettings{'ERR_LANGUAGE'} = 'en';
$proxysettings{'ERR_DESIGN'} = 'ipfire';
$proxysettings{'SUPPRESS_VERSION'} = 'off';
$proxysettings{'FORWARD_VIA'} = 'off';
$proxysettings{'LOGQUERY'} = 'off';
$proxysettings{'LOGUSERAGENT'} = 'off';
$proxysettings{'FILEDESCRIPTORS'} = '16384';
-$proxysettings{'CACHE_MEM'} = '2';
-$proxysettings{'CACHE_SIZE'} = '50';
+$proxysettings{'CACHE_MEM'} = '128';
+$proxysettings{'CACHE_SIZE'} = '0';
$proxysettings{'MAX_SIZE'} = '4096';
$proxysettings{'MIN_SIZE'} = '0';
$proxysettings{'MEM_POLICY'} = 'LRU';
delete $proxysettings{'SRC_UNRESTRICTED_MAC'};
delete $proxysettings{'DST_NOCACHE'};
delete $proxysettings{'DST_NOAUTH'};
+ delete $proxysettings{'DST_NOPROXY_IP'};
+ delete $proxysettings{'DST_NOPROXY_URL'};
delete $proxysettings{'PORTS_SAFE'};
delete $proxysettings{'PORTS_SSL'};
delete $proxysettings{'MIME_TYPES'};
;
}
+# ===================================================================
+# WPAD settings
+# ===================================================================
+
+print <<END
+<table width='100%'>
+<tr>
+ <td colspan='4'><b>$Lang::tr{'advproxy wpad title'}</b></td>
+</tr>
+<tr>
+ <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
+</tr>
+<tr>
+ <td colspan='2' class='base'>$Lang::tr{'advproxy wpad label dst_noproxy_ip'}:</td>
+ <td colspan='2' class='base'>$Lang::tr{'advproxy wpad label dst_noproxy_url'}:</td>
+</tr>
+<tr>
+ <td colspan='2'><textarea name='DST_NOPROXY_IP' cols='32' rows='3' wrap='off'>
+END
+;
+
+ print $proxysettings{'DST_NOPROXY_IP'};
+
+print <<END
+</textarea></td>
+
+ <td colspan='2'><textarea name='DST_NOPROXY_URL' cols='32' rows='3' wrap='off'>
+END
+;
+
+ print $proxysettings{'DST_NOPROXY_URL'};
+
+print <<END
+</textarea></td>
+</tr>
+<tr>
+ <td colspan='2' class='base'>$Lang::tr{'advproxy wpad example dst_noproxy_ip'}</td>
+ <td colspan='2' class='base'>$Lang::tr{'advproxy wpad example dst_noproxy_url'}</td>
+</tr>
+<tr>
+ <td colspan="4"> </td>
+</tr>
+<tr>
+ <td colspan="4">$Lang::tr{'advproxy wpad view pac'}: <a href="http://$ENV{SERVER_ADDR}:81/wpad.dat" target="_blank">http://$ENV{SERVER_ADDR}:81/wpad.dat</a></td>
+</tr>
+</table>
+
+<hr size='1'>
+
+END
+;
+
# -------------------------------------------------------------------
print <<END
;
foreach (@throttle_limits) {
- print "\t<option value='$_' $selected{'THROTTLING_GREEN_TOTAL'}{$_}>$_ kbit/s</option>\n";
+ my $val = $_;
+ my $unit = "kbit/s";
+
+ if ($val >= 1024) {
+ $unit = "Mbit/s";
+ $val /= 1024;
+ }
+
+ print "\t<option value='$_' $selected{'THROTTLING_GREEN_TOTAL'}{$_}>$val $unit</option>\n";
}
print <<END
while (<FILE>) { $proxysettings{'DST_NOAUTH'} .= $_ };
close(FILE);
}
+ if (-e "$acl_dst_noproxy_ip") {
+ open(FILE,"$acl_dst_noproxy_ip");
+ delete $proxysettings{'DST_NOPROXY_IP'};
+ while (<FILE>) { $proxysettings{'DST_NOPROXY_IP'} .= $_ };
+ close(FILE);
+ }
+ if (-e "$acl_dst_noproxy_url") {
+ open(FILE,"$acl_dst_noproxy_url");
+ delete $proxysettings{'DST_NOPROXY_URL'};
+ while (<FILE>) { $proxysettings{'DST_NOPROXY_URL'} .= $_ };
+ close(FILE);
+ }
if (-e "$acl_ports_safe") {
open(FILE,"$acl_ports_safe");
delete $proxysettings{'PORTS_SAFE'};
}
}
+ @temp = split(/\n/,$proxysettings{'DST_NOPROXY_IP'});
+ undef $proxysettings{'DST_NOPROXY_IP'};
+ foreach (@temp)
+ {
+ s/^\s+//g; s/\s+$//g;
+ if ($_)
+ {
+ unless (&General::validipormask($_)) { $errormessage = $Lang::tr{'advproxy errmsg wpad invalid ip or mask'}; }
+ $proxysettings{'DST_NOPROXY_IP'} .= $_."\n";
+ }
+ }
+
+ @temp = split(/\n/,$proxysettings{'DST_NOPROXY_URL'});
+ undef $proxysettings{'DST_NOPROXY_URL'};
+ foreach (@temp)
+ {
+ s/^\s+//g;
+ unless (/^#/) { s/\s+//g; }
+ if ($_)
+ {
+ if (/^\./) { $_ = '*'.$_; }
+ $proxysettings{'DST_NOPROXY_URL'} .= $_."\n";
+ }
+ }
+
if (($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && ($proxysettings{'NTLM_USER_ACL'} eq 'positive'))
{
@temp = split(/\n/,$proxysettings{'NTLM_ALLOW_USERS'});
print FILE $proxysettings{'DST_NOAUTH'};
close(FILE);
+ open(FILE, ">$acl_dst_noproxy_ip");
+ flock(FILE, 2);
+ print FILE $proxysettings{'DST_NOPROXY_IP'};
+ close(FILE);
+
+ open(FILE, ">$acl_dst_noproxy_url");
+ flock(FILE, 2);
+ print FILE $proxysettings{'DST_NOPROXY_URL'};
+ close(FILE);
+
open(FILE, ">$acl_dst_noauth_net");
close(FILE);
open(FILE, ">$acl_dst_noauth_dom");
print FILE " (isInNet(host, \"$netsettings{'ORANGE_NETADDRESS'}\", \"$netsettings{'ORANGE_NETMASK'}\")) ||\n";
}
+ # Additional exceptions for URLs
+ # The file has to be created by the user and should contain one entry per line
+ # Line-Format: <URL incl. wildcards>
+ # e.g. *.ipfire.org*
+ if (-s "$acl_dst_noproxy_url") {
+ undef @templist;
+
+ open(NOPROXY,"$acl_dst_noproxy_url");
+ @templist = <NOPROXY>;
+ close(NOPROXY);
+ chomp (@templist);
+
+ foreach (@templist)
+ {
+ print FILE " (shExpMatch(url, \"$_\")) ||\n";
+ }
+ }
+
+ # Additional exceptions for Subnets
+ # The file has to be created by the user and should contain one entry per line
+ # Line-Format: <IP>/<SUBNET MASK>
+ # e.g. 192.168.0.0/255.255.255.0
+ if (-s "$acl_dst_noproxy_ip") {
+ undef @templist;
+
+ open(NOPROXY,"$acl_dst_noproxy_ip");
+ @templist = <NOPROXY>;
+ close(NOPROXY);
+ chomp (@templist);
+
+ foreach (@templist)
+ {
+ @temp = split(/\//);
+ print FILE " (isInNet(host, \"$temp[0]\", \"$temp[1]\")) ||\n";
+ }
+ }
+
print FILE <<END
(isInNet(host, "169.254.0.0", "255.255.0.0"))
)
projects / ipfire-2.x.git / blobdiff