Geaendert:
authorms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Sun, 10 Sep 2006 19:52:20 +0000 (19:52 +0000)
committerms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Sun, 10 Sep 2006 19:52:20 +0000 (19:52 +0000)
  * Squid auf neuesten Stand gebracht.
  * QoS-Fortschritt.
  * Kleines Script fuer Sprachdateiupdates.

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@268 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8

12 files changed:
config/qos/makeqosscripts.pl
config/qos/parse-func.pl
doc/ChangeLog
html/cgi-bin/chpasswd.cgi
html/cgi-bin/logs.cgi/proxylog.dat
html/cgi-bin/proxy.cgi
html/cgi-bin/qos.cgi
langs/de/cgi-bin/de.pl
langs/en/cgi-bin/en.pl
lfs/squid
src/ROOTFILES.i386
src/scripts/updatelang [new file with mode: 0644]

index 13e7eeb..de58047 100644 (file)
@@ -553,11 +553,16 @@ print <<END
        ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
        iptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_INC'}
 
+       ## STARTING COLLECTOR
+       /usr/local/bin/qosd $qossettings{'RED_DEV'} >/dev/null 2>&1
+       /usr/local/bin/qosd $qossettings{'IMQ_DEV'} >/dev/null 2>&1
+
        echo "Quality of Service was successfully started!"
        exit 0
   ;;
   clear|stop)
        ### RESET EVERYTHING TO A KNOWN STATE
+       killall -9 qosd
        # DELETE QDISCS
        tc qdisc del dev $qossettings{'RED_DEV'} root
        tc qdisc del dev $qossettings{'IMQ_DEV'} root
index 9779315..bd0560c 100644 (file)
@@ -157,8 +157,8 @@ sub parse_class($) {
 #              print "bytes: $bytes\n"."pkts: $pkts\n";
 #              print "dropped: $dropped\n"."overlimits: $overlimits\n";
            } else { 
-               print "$timestamp: ERROR(+1) - Unable to parse (class ${class}_$device): ";
-               print "\"$tc_output[$i + 1]\"\n";
+#              print "$timestamp: ERROR(+1) - Unable to parse (class ${class}_$device): ";
+#              print "\"$tc_output[$i + 1]\"\n";
                $return_val="";
                next;
            } 
index b3714cb..d71007f 100644 (file)
@@ -1,4 +1,11 @@
 ------------------------------------------------------------------------
+r267 | ms | 2006-09-02 22:18:51 +0200 (Sat, 02 Sep 2006) | 4 lines
+
+Hinzugefuegt:
+  * QoS-Graphen jetzt auch für Unterklassen.
+Fix:
+  * restartsquid killt jetzt auch squidGuard.
+------------------------------------------------------------------------
 r266 | ms | 2006-09-02 14:21:49 +0200 (Sat, 02 Sep 2006) | 6 lines
 
 Geaendert:
index 41aba29..5bc97d2 100644 (file)
@@ -6,7 +6,7 @@
 
 use CGI qw(param);
 
-$swroot = "/var/ipcop";
+$swroot = "/var/ipfire";
 
 my %cgiparams;
 my %mainsettings;
index 9c0176f..b4e622a 100644 (file)
@@ -6,8 +6,6 @@
 #
 # (c) The SmoothWall Team
 #
-# $Id: proxylog.dat,v 1.4.2.25 2005/07/07 17:32:24 eoberlander Exp $
-#
 
 use strict;
 
@@ -28,6 +26,7 @@ undef (@dummy);
 my %cgiparams=();
 my %logsettings=();
 my %ips=();
+my %users=();
 my %selected=();
 my %checked=();
 my @log=();
@@ -86,6 +85,7 @@ if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
        $cgiparams{'MONTH'} = $temp[1];
        $cgiparams{'DAY'} = $temp[2];  
        $cgiparams{'SOURCE_IP'} = $temp[3];
+       $cgiparams{'USERNAME'} = $temp[4];
 }
 
 if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
@@ -168,6 +168,8 @@ my $daystr = $cgiparams{'DAY'} == 0 ? '' :$cgiparams{'DAY'} <= 9 ? "0$cgiparams{
 my $filter = $cgiparams{'ENABLE_FILTER'} eq 'on' ? $cgiparams{'FILTER'} : '';
 my $sourceip = $cgiparams{'SOURCE_IP'};
 my $sourceall =  $cgiparams{'SOURCE_IP'} eq 'ALL' ? 1 : 0;
+my $username = $cgiparams{'USERNAME'};
+my $usersall =  $cgiparams{'USERNAME'} eq 'ALL' ? 1 : 0;
 
 my $lines = 0;
 my $temp = ();
@@ -217,21 +219,23 @@ if ($@ ne '')
            READ:while (<FILE>) {
                my ($datetime,$do,$ip,$ray,$me,$far,$url,$so) = split;
                $ips{$ip}++;
+               $users{$so}++;
                # for debug
                #$lastdatetime = $datetime;
 
                # collect lines between date && filter
                if (( ($datetime>$mintime)&&($datetime<$maxtime)) && !($url =~ /$filter/) &&
-                  ((($ip eq $sourceip) || $sourceall)))
+                  ((($ip eq $sourceip) || $sourceall)) &&
+                  ((($so eq $username) || $usersall)))
                {
                    # when standart viewing, just keep in memory the correct slices
                    # it starts a '$start' and size is $viewport
                    # If export, then keep all lines...
                    if ($cgiparams{'ACTION'} eq $Lang::tr{'export'}){
-                       $log[$lines++] = "$datetime $ip $url";
+                       $log[$lines++] = "$datetime $ip $so $url";
                    } else {
                        if ($lines++ < ($start + $Header::viewsize)) {
-                           push(@log,"$datetime $ip $url");
+                           push(@log,"$datetime $ip $so $url");
                            if (@log > $Header::viewsize) {
                                shift (@log);
                            }
@@ -247,7 +251,7 @@ if ($@ ne '')
            }
            close (FILE);
        }
-       $gzindex--;     # will try next gz file eg 40,39,38,.... because it may have holes when ipcop stopped
+       $gzindex--;     # will try next gz file eg 40,39,38,.... because it may have holes when ipfire stopped
                        # for a long time
 
     }
@@ -271,6 +275,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'export'})
        print "IPFire proxy log\r\n";
        print "$Lang::tr{'date'}: $daystr\r\n"; 
        print "Source IP: $cgiparams{'SOURCE_IP'}\r\n";
+       print "Username: $cgiparams{'USERNAME'}\r\n";
        if ($cgiparams{'ENABLE_FILTER'} eq 'on') {
                print "Ignore filter: $cgiparams{'FILTER'}\r\n"; }
        print "\r\n";
@@ -278,22 +283,23 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'export'})
        if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
 
        foreach $_ (@log) {
-           my ($datetime,$ip,$url) = split;
+           my ($datetime,$ip,$so,$url) = split;
            my ($SECdt, $MINdt, $HOURdt, $DAYdt, $MONTHdt, $YEARdt) = localtime($datetime);
            $SECdt = sprintf ("%.02d",$SECdt);
            $MINdt = sprintf ("%.02d",$MINdt);
            $HOURdt = sprintf ("%.02d",$HOURdt);
            if ($cgiparams{'DAY'}==0) {                 # full month
                $DAYdt = sprintf ("%.02d",$DAYdt);
-               print "$DAYdt/$HOURdt:$MINdt:$SECdt $ip $url\n";
+               print "$DAYdt/$HOURdt:$MINdt:$SECdt $ip $so $url\n";
            } else {
-               print "$HOURdt:$MINdt:$SECdt $ip $url\n";
+               print "$HOURdt:$MINdt:$SECdt $ip $so $url\n";
            }
        }
        exit;
 }
 
 $selected{'SOURCE_IP'}{$cgiparams{'SOURCE_IP'}} = "selected='selected'";
+$selected{'USERNAME'}{$cgiparams{'USERNAME'}} = "selected='selected'";
 
 $checked{'ENABLE_FILTER'}{'off'} = '';
 $checked{'ENABLE_FILTER'}{'on'} = '';
@@ -357,12 +363,26 @@ print <<END
        <option value='ALL' $selected{'SOURCE_IP'}{'ALL'}>$Lang::tr{'caps all'}</option>
 END
 ;
-foreach my $ip (keys %ips) {
+foreach my $ip (sort keys %ips) {
        print "<option value='$ip' $selected{'SOURCE_IP'}{$ip}>$ip</option>\n"; }
 print <<END
        </select>
        </td>
 </tr>
+<tr>
+       <td width='60%' colspan='6'>&nbsp;</td>
+       <td width='25%' class='base'>$Lang::tr{'advproxy NCSA username'}:</td>
+       <td width='15%'>
+       <select name='USERNAME'>
+       <option value='ALL' $selected{'USERNAME'}{'ALL'}>$Lang::tr{'caps all'}</option>
+END
+;
+foreach my $so (sort keys %users) {
+       print "<option value='$so' $selected{'USERNAME'}{$so}>$so</option>\n"; }
+print <<END
+       </select>
+       </td>
+</tr>
 <tr>
        <td class='base'>$Lang::tr{'ignore filter'}:</td>
        <td colspan='5'><input type='text' name='FILTER' value='$cgiparams{'FILTER'}' size='40' /></td>
@@ -415,7 +435,8 @@ print <<END
 <tr>
 <td width='10%' align='center' class='boldbase'><b>$Lang::tr{'time'}</b></td>
 <td width='15%' align='center' class='boldbase'><b>$Lang::tr{'source ip'}</b></td>
-<td width='75%' align='center' class='boldbase'><b>$Lang::tr{'website'}</b></td>
+<td width='12%' align='center' class='boldbase'><b>$Lang::tr{'advproxy NCSA username'}</b></td>
+<td width='63%' align='center' class='boldbase'><b>$Lang::tr{'website'}</b></td>
 </tr>
 END
 ;
@@ -426,7 +447,7 @@ foreach $_ (@log)
                print "<tr bgcolor='${Header::table1colour}'>\n"; }
        else {
                print "<tr bgcolor='${Header::table2colour}'>\n"; }
-       my ($datetime,$ip,$url) = split;
+       my ($datetime,$ip,$so,$url) = split;
         my ($SECdt, $MINdt, $HOURdt, $DAYdt, $MONTHdt, $YEARdt) = localtime($datetime);
        $SECdt = sprintf ("%.02d",$SECdt);
        $MINdt = sprintf ("%.02d",$MINdt);
@@ -445,6 +466,7 @@ foreach $_ (@log)
        print <<END
        <td align='center'>$DAYdt$HOURdt:$MINdt:$SECdt</td>
        <td align='center'>$ip</td>
+       <td align='center'>$so</td>
        <td align='left'><a href='$url' title='$url' target='_new'>$part</a></td>
 </tr>
 END
@@ -473,14 +495,14 @@ END
 
 print "<td align='center' width='50%'>";
 if ($prev != -1) {
-        print "<a href='/cgi-bin/logs.cgi/proxylog.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'SOURCE_IP'}'>$Lang::tr{'older'}</a>"; }
+        print "<a href='/cgi-bin/logs.cgi/proxylog.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'SOURCE_IP'},$cgiparams{'USERNAME'}'>$Lang::tr{'older'}</a>"; }
 else {
         print "$Lang::tr{'older'}"; }
 print "</td>\n";
 
 print "<td align='center' width='50%'>";
 if ($next >= 0 ) {
-        print "<a href='/cgi-bin/logs.cgi/proxylog.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'SOURCE_IP'}'>$Lang::tr{'newer'}</a>"; }
+        print "<a href='/cgi-bin/logs.cgi/proxylog.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'SOURCE_IP'},$cgiparams{'USERNAME'}'>$Lang::tr{'newer'}</a>"; }
 else {
         print "$Lang::tr{'newer'}"; }
 print "</td>\n";
index 22d7757..888653d 100644 (file)
@@ -4,7 +4,7 @@
 #
 # This code is distributed under the terms of the GPL
 #
-# $Id: advproxy.cgi,v 1.2.1 2006/04/02 00:00:00 marco.s Exp $
+# $Id: advproxy.cgi,v 2.0.0 [beta] 2006/09/03 00:00:00 marco.s Exp $
 #
 
 use strict;
@@ -13,20 +13,22 @@ use strict;
 #use warnings;
 #use CGI::Carp 'fatalsToBrowser';
 
-use IO::Socket;
-
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
 
+my @squidversion = `/usr/sbin/squid -v`;
+my $http_port='81';
+my $https_port='444';
+
 my %proxysettings=();
 my %netsettings=();
 my %filtersettings=();
-my %updaccsettings=();
+my %updaccelsettings=();
 my %stdproxysettings=();
 my %mainsettings=();
 my $urlfilter_addon=0;
-my $updacclrtr_addon=0;
+my $updaccel_addon=0;
 
 my %checked=();
 my %selected=();
@@ -36,6 +38,9 @@ my $throttle_binary="bin|cab|exe|gz|rar|sea|tar|tgz|zip";
 my $throttle_dskimg="b5t|bin|bwt|ccd|cdi|cue|gho|img|iso|mds|nrg|pqi";
 my $throttle_mmedia="aiff?|asf|avi|divx|mov|mp3|mpe?g|qt|ra?m";
 
+my $def_ports_safe="80 # http\n21 # ftp\n443 # https\n563 # snews\n70 # gopher\n210 # wais\n1025-65535 # unregistered ports\n280 # http-mgmt\n488 # gss-http\n591 # filemaker\n777 # multiling http\n800 # Squids port (for icons)\n";
+my $def_ports_ssl="443 # https\n563 # snews\n";
+
 my @useragent=();
 my @useragentlist=();
 
@@ -82,7 +87,8 @@ my $cre_svhosts = "${General::swroot}/proxy/advanced/cre/supervisors";
 
 my $identhosts = "$identdir/hosts";
 
-my $libexecdir = "/usr/lib/squid";
+my $authdir  = "/usr/lib/squid/advproxy/auth";
+my $errordir = "/usr/lib/squid/advproxy/errors";
 
 my $acl_src_subnets = "$acldir/src_subnets.acl";
 my $acl_src_banned_ip  = "$acldir/src_banned_ip.acl";
@@ -94,8 +100,13 @@ my $acl_src_noaccess_mac = "$acldir/src_noaccess_mac.acl";
 my $acl_dst_nocache  = "$acldir/dst_nocache.acl";
 my $acl_dst_noauth   = "$acldir/dst_noauth.acl";
 my $acl_dst_throttle = "$acldir/dst_throttle.acl";
+my $acl_ports_safe = "$acldir/ports_safe.acl";
+my $acl_ports_ssl  = "$acldir/ports_ssl.acl";
 my $acl_include = "$acldir/include.acl";
 
+my $updaccelversion  = 'n/a';
+my $urlfilterversion = 'n/a';
+
 unless (-d "$acldir")   { mkdir("$acldir"); }
 unless (-d "$ncsadir")  { mkdir("$ncsadir"); }
 unless (-d "$ntlmdir")  { mkdir("$ntlmdir"); }
@@ -121,6 +132,8 @@ unless (-e $acl_src_noaccess_mac) { system("touch $acl_src_noaccess_mac"); }
 unless (-e $acl_dst_nocache)   { system("touch $acl_dst_nocache"); }
 unless (-e $acl_dst_noauth)    { system("touch $acl_dst_noauth"); }
 unless (-e $acl_dst_throttle)  { system("touch $acl_dst_throttle"); }
+unless (-e $acl_ports_safe) { system("touch $acl_ports_safe"); }
+unless (-e $acl_ports_ssl)  { system("touch $acl_ports_ssl"); }
 unless (-e $acl_include) { system("touch $acl_include"); }
 
 unless (-e $browserdb) { system("touch $browserdb"); }
@@ -130,35 +143,32 @@ open FILE, $browserdb;
 @useragentlist = sort { reverse(substr(reverse(substr($a,index($a,',')+1)),index(reverse(substr($a,index($a,','))),',')+1)) cmp reverse(substr(reverse(substr($b,index($b,',')+1)),index(reverse(substr($b,index($b,','))),',')+1))} grep !/(^$)|(^\s*#)/,<FILE>;
 close(FILE);
 
-my %filtersettings=();
-$filtersettings{'CHILDREN'} = '5';
-if (-e "${General::swroot}/urlfilter/settings") {
-       &General::readhash("${General::swroot}/urlfilter/settings", \%filtersettings);
-}
-
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
 
-if (-e "${General::swroot}/urlfilter/version")  { $urlfilter_addon  = 1; }
-if (-e "${General::swroot}/updacclrtr/version") { $updacclrtr_addon = 1; }
+if (-e "${General::swroot}/urlfilter/version") { $urlfilter_addon = 1; }
+if (-e "${General::swroot}/updatexlrator/version") { $updaccel_addon = 1; }
 
 if ($urlfilter_addon) {
        $filtersettings{'CHILDREN'} = '5';
        if (-e "${General::swroot}/urlfilter/settings") {
-               &General::readhash("${General::swroot}/urlfilter/settings", \%filtersettings);
+               &General::readhash("${General::swroot}/urlfilter/settings", \%filtersettings);
        }
+       $urlfilterversion = `cat ${General::swroot}/urlfilter/version`;
+       $urlfilterversion =~ s/([^\s]+).*/$1/;
 }
 
-if ($updacclrtr_addon) {
-       $updaccsettings{'ACCELERATORS'} = '10';
-       if (-e "${General::swroot}/updacclrtr/settings") {
-               &General::readhash("${General::swroot}/updacclrtr/settings", \%updaccsettings);
+if ($updaccel_addon) {
+       $updaccelsettings{'CHILDREN'} = '10';
+       if (-e "${General::swroot}/updatexlrator/settings") {
+               &General::readhash("${General::swroot}/updatexlrator/settings", \%updaccelsettings);
        }
+       $updaccelversion = `cat ${General::swroot}/updatexlrator/version`;
+       $updaccelversion =~ s/([^\s]+).*/$1/;
 }
 
 &Header::showhttpheaders();
 
-$proxysettings{'ENABLE_FILTER'} = 'off';
 $proxysettings{'ACTION'} = '';
 $proxysettings{'VALID'} = '';
 
@@ -170,9 +180,12 @@ $proxysettings{'PROXY_PORT'} = '800';
 $proxysettings{'VISIBLE_HOSTNAME'} = '';
 $proxysettings{'ADMIN_MAIL_ADDRESS'} = '';
 $proxysettings{'ERR_LANGUAGE'} = 'English';
+$proxysettings{'ERR_DESIGN'} = 'IPCop';
+$proxysettings{'SUPPRESS_VERSION'} = 'off';
 $proxysettings{'FORWARD_VIA'} = 'off';
 $proxysettings{'FORWARD_IPADDRESS'} = 'off';
 $proxysettings{'FORWARD_USERNAME'} = 'off';
+$proxysettings{'NO_CONNECTION_AUTH'} = 'off';
 $proxysettings{'UPSTREAM_PROXY'} = '';
 $proxysettings{'UPSTREAM_USER'} = '';
 $proxysettings{'UPSTREAM_PASSWORD'} = '';
@@ -232,7 +245,7 @@ $proxysettings{'NTLM_BDC'} = '';
 $proxysettings{'NTLM_ENABLE_ACL'} = 'off';
 $proxysettings{'NTLM_USER_ACL'} = 'positive';
 $proxysettings{'RADIUS_SERVER'} = '';
-$proxysettings{'RADIUS_PORT'} = '1645';
+$proxysettings{'RADIUS_PORT'} = '1812';
 $proxysettings{'RADIUS_IDENTIFIER'} = '';
 $proxysettings{'RADIUS_SECRET'} = '';
 $proxysettings{'RADIUS_ENABLE_ACL'} = 'off';
@@ -246,8 +259,8 @@ if ($urlfilter_addon) {
        $proxysettings{'ENABLE_FILTER'} = 'off';
 }
 
-if ($updacclrtr_addon) {
-       $proxysettings{'ENABLE_UPDACCEL'} = 'off';
+if ($updaccel_addon) {
+       $proxysettings{'ENABLE_UPDXLRATOR'} = 'off';
 }
 
 $ncsa_buttontext = $Lang::tr{'advproxy NCSA create user'};
@@ -312,6 +325,11 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'}
                $errormessage = $Lang::tr{'invalid input'};
                goto ERROR;
        } 
+       if (!(&General::validport($proxysettings{'PROXY_PORT'})))
+       {
+               $errormessage = $Lang::tr{'advproxy errmsg invalid proxy port'};
+               goto ERROR;
+       }
        if (!($proxysettings{'CACHE_SIZE'} =~ /^\d+/) ||
                ($proxysettings{'CACHE_SIZE'} < 10))
        {
@@ -345,15 +363,6 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'}
                $errormessage = $Lang::tr{'invalid maximum outgoing size'};
                goto ERROR;
        }
-       if ($proxysettings{'ENABLE_FILTER'} eq 'on')
-       {
-               print FILE <<END
-redirect_program /usr/bin/squidGuard
-redirect_children $filtersettings{'CHILDREN'}
-
-END
-               ;
-       }
        if (!($proxysettings{'TIME_TO_HOUR'}.$proxysettings{'TIME_TO_MINUTE'} gt $proxysettings{'TIME_FROM_HOUR'}.$proxysettings{'TIME_FROM_MINUTE'}))
        {
                $errormessage = $Lang::tr{'advproxy errmsg time restriction'};
@@ -382,12 +391,12 @@ END
        }
        if (!($proxysettings{'AUTH_METHOD'} eq 'none'))
        {
-               unless (($proxysettings{'AUTH_METHOD'} eq 'ident') &&
+               unless (($proxysettings{'AUTH_METHOD'} eq 'ident') &&
                        ($proxysettings{'IDENT_REQUIRED'} eq 'off') &&
                        ($proxysettings{'IDENT_ENABLE_ACL'} eq 'off'))
                {
                        if ($netsettings{'BLUE_DEV'})
-                       {       
+                       {
                                if ((($proxysettings{'ENABLE'} eq 'off') || ($proxysettings{'TRANSPARENT'} eq 'on')) &&
                                        (($proxysettings{'ENABLE_BLUE'} eq 'off') || ($proxysettings{'TRANSPARENT_BLUE'} eq 'on')))
                                {
@@ -513,16 +522,17 @@ END
                }
        }
 
-        # Quick parent proxy error checking of username and password info. If username password don't both exist give an error.
-        $proxy1 = 'YES';
-        $proxy2 = 'YES';
-        if (($proxysettings{'UPSTREAM_USER'} eq '')) {$proxy1 = '';}
-        if (($proxysettings{'UPSTREAM_PASSWORD'} eq '')) {$proxy2 = '';}
-        if (($proxy1 ne $proxy2))
-        {
-                $errormessage = $Lang::tr{'advproxy errmsg invalid upstream proxy username or password setting'};
-                goto ERROR;
-        }
+       # Quick parent proxy error checking of username and password info. If username password don't both exist give an error.
+       $proxy1 = 'YES';
+       $proxy2 = 'YES';
+       if (($proxysettings{'UPSTREAM_USER'} eq '')) {$proxy1 = '';}
+       if (($proxysettings{'UPSTREAM_PASSWORD'} eq '')) {$proxy2 = '';}
+       if ($proxysettings{'UPSTREAM_USER'} eq 'PASS')  {$proxy1=$proxy2='PASS'; $proxysettings{'UPSTREAM_PASSWORD'} = '';}
+       if (($proxy1 ne $proxy2))
+       {
+               $errormessage = $Lang::tr{'advproxy errmsg invalid upstream proxy username or password setting'};
+               goto ERROR;
+       }
 
 ERROR:
        &check_acls;
@@ -530,7 +540,7 @@ ERROR:
        if ($errormessage) {
                $proxysettings{'VALID'} = 'no'; }
        else {
-               $proxysettings{'VALID'} = 'yes'; }
+               $proxysettings{'VALID'} = 'yes'; }
 
        if ($proxysettings{'VALID'} eq 'yes')
        {
@@ -543,6 +553,8 @@ ERROR:
                delete $proxysettings{'SRC_UNRESTRICTED_MAC'};
                delete $proxysettings{'DST_NOCACHE'};
                delete $proxysettings{'DST_NOAUTH'};
+               delete $proxysettings{'PORTS_SAFE'};
+               delete $proxysettings{'PORTS_SSL'};
                delete $proxysettings{'MIME_TYPES'};
                delete $proxysettings{'NTLM_ALLOW_USERS'};
                delete $proxysettings{'NTLM_DENY_USERS'};
@@ -573,19 +585,11 @@ ERROR:
 
                &General::writehash("${General::swroot}/proxy/advanced/settings", \%proxysettings);
 
-               if ($urlfilter_addon)
-               {
-                       if (-e "${General::swroot}/proxy/settings") { &General::readhash("${General::swroot}/proxy/settings", \%stdproxysettings); }
-                       $stdproxysettings{'ENABLE_FILTER'} = $proxysettings{'ENABLE_FILTER'};
-                       &General::writehash("${General::swroot}/proxy/settings", \%stdproxysettings);
-               }
-
-               if ($updacclrtr_addon)
-               {
-                       if (-e "${General::swroot}/proxy/settings") { &General::readhash("${General::swroot}/proxy/settings", \%stdproxysettings); }
-                       $stdproxysettings{'ENABLE_UPDACCEL'} = $proxysettings{'ENABLE_UPDACCEL'};
-                       &General::writehash("${General::swroot}/proxy/settings", \%stdproxysettings);
-               }
+               if (-e "${General::swroot}/proxy/settings") { &General::readhash("${General::swroot}/proxy/settings", \%stdproxysettings); }
+               $stdproxysettings{'PROXY_PORT'} = $proxysettings{'PROXY_PORT'};
+               if ($urlfilter_addon) { $stdproxysettings{'ENABLE_FILTER'} = $proxysettings{'ENABLE_FILTER'}; }
+               if ($updaccel_addon) { $stdproxysettings{'ENABLE_UPDXLRATOR'} = $proxysettings{'ENABLE_UPDXLRATOR'}; }
+               &General::writehash("${General::swroot}/proxy/settings", \%stdproxysettings);
 
                &writeconfig;
                &writepacfile;
@@ -608,7 +612,7 @@ ERROR:
        }
 }
 
-if ($proxysettings{'ACTION'} eq $Lang::tr{'clear cache'})
+if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy clear cache'})
 {
        system('/usr/local/bin/restartsquid','-f');
 }
@@ -639,6 +643,10 @@ $checked{'TRANSPARENT_BLUE'}{'off'} = '';
 $checked{'TRANSPARENT_BLUE'}{'on'} = '';
 $checked{'TRANSPARENT_BLUE'}{$proxysettings{'TRANSPARENT_BLUE'}} = "checked='checked'";
 
+$checked{'SUPPRESS_VERSION'}{'off'} = '';
+$checked{'SUPPRESS_VERSION'}{'on'} = '';
+$checked{'SUPPRESS_VERSION'}{$proxysettings{'SUPPRESS_VERSION'}} = "checked='checked'";
+
 $checked{'FORWARD_IPADDRESS'}{'off'} = '';
 $checked{'FORWARD_IPADDRESS'}{'on'} = '';
 $checked{'FORWARD_IPADDRESS'}{$proxysettings{'FORWARD_IPADDRESS'}} = "checked='checked'";
@@ -648,6 +656,9 @@ $checked{'FORWARD_USERNAME'}{$proxysettings{'FORWARD_USERNAME'}} = "checked='che
 $checked{'FORWARD_VIA'}{'off'} = '';
 $checked{'FORWARD_VIA'}{'on'} = '';
 $checked{'FORWARD_VIA'}{$proxysettings{'FORWARD_VIA'}} = "checked='checked'";
+$checked{'NO_CONNECTION_AUTH'}{'off'} = '';
+$checked{'NO_CONNECTION_AUTH'}{'on'} = '';
+$checked{'NO_CONNECTION_AUTH'}{$proxysettings{'NO_CONNECTION_AUTH'}} = "checked='checked'";
 
 $selected{'MEM_POLICY'}{$proxysettings{'MEM_POLICY'}} = "selected='selected'";
 $selected{'CACHE_POLICY'}{$proxysettings{'CACHE_POLICY'}} = "selected='selected'";
@@ -667,6 +678,7 @@ $checked{'LOGUSERAGENT'}{'on'} = '';
 $checked{'LOGUSERAGENT'}{$proxysettings{'LOGUSERAGENT'}} = "checked='checked'";
 
 $selected{'ERR_LANGUAGE'}{$proxysettings{'ERR_LANGUAGE'}} = "selected='selected'";
+$selected{'ERR_DESIGN'}{$proxysettings{'ERR_DESIGN'}} = "selected='selected'";
 
 $checked{'CLASSROOM_EXT'}{'off'} = '';
 $checked{'CLASSROOM_EXT'}{'on'} = '';
@@ -800,10 +812,10 @@ if ($urlfilter_addon) {
        $checked{'ENABLE_FILTER'}{$proxysettings{'ENABLE_FILTER'}} = "checked='checked'";
 }
 
-if ($updacclrtr_addon) {
-       $checked{'ENABLE_UPDACCEL'}{'off'} = '';
-       $checked{'ENABLE_UPDACCEL'}{'on'} = '';
-       $checked{'ENABLE_UPDACCEL'}{$proxysettings{'ENABLE_UPDACCEL'}} = "checked='checked'";
+if ($updaccel_addon) {
+       $checked{'ENABLE_UPDXLRATOR'}{'off'} = '';
+       $checked{'ENABLE_UPDXLRATOR'}{'on'} = '';
+       $checked{'ENABLE_UPDXLRATOR'}{$proxysettings{'ENABLE_UPDXLRATOR'}} = "checked='checked'";
 }
 
 &Header::openpage($Lang::tr{'advproxy advanced web proxy configuration'}, 1, '');
@@ -816,6 +828,15 @@ if ($errormessage) {
        &Header::closebox();
 }
 
+if ($squidversion[0] =~ /^Squid\sCache:\sVersion\s/i)
+{
+       $squidversion[0] =~ s/^Squid\sCache:\sVersion//i;
+       $squidversion[0] =~ s/^\s+//g;
+       $squidversion[0] =~ s/\s+$//g;
+} else {
+       $squidversion[0] = $Lang::tr{'advproxy unknown'};
+}
+
 # ===================================================================
 #  Main settings
 # ===================================================================
@@ -871,7 +892,7 @@ print <<END
        <select name='ERR_LANGUAGE'>
 END
 ;
-       foreach (</usr/lib/squid/errors/*>) {
+       foreach (<$errordir/*>) {
                if (-d) {
                        $language = substr($_,rindex($_,"/")+1);
                        print "<option value='$language' $selected{'ERR_LANGUAGE'}{$language}>$language</option>\n";
@@ -882,12 +903,19 @@ print <<END
        </td>
 </tr>
 <tr>
-       <td colspan='4'><hr /><b>$Lang::tr{'urlfilter url filter'}</b></td>
+       <td class='base'>$Lang::tr{'advproxy suppress version'}:</td>
+       <td><input type='checkbox' name='SUPPRESS_VERSION' $checked{'SUPPRESS_VERSION'}{'on'} /></td>
+       <td class='base'>$Lang::tr{'advproxy error design'}:</td>
+       <td class='base'><select name='ERR_DESIGN'>
+               <option value='ipcop' $selected{'ERR_DESIGN'}{'ipcop'}>IPCop</option>
+               <option value='squid' $selected{'ERR_DESIGN'}{'squid'}>$Lang::tr{'advproxy standard'}</option>
+       </select></td>
 </tr>
 <tr>
-       <td width='25%' class='base'>$Lang::tr{'urlfilter enabled'}</td>
-       <td><input type='checkbox' name='ENABLE_FILTER' $checked{'ENABLE_FILTER'}{'on'} /></td>
-       <td colspan='2'>&nbsp;</td>
+       <td class='base'>$Lang::tr{'advproxy squid version'}:</td>
+       <td class='base'>&nbsp;[<font color='$Header::colourred'> $squidversion[0] </font>]</td>
+       <td>&nbsp;</td>
+       <td>&nbsp;</td>
 </tr>
 </table>
 <hr size='1'>
@@ -896,23 +924,29 @@ print <<END
        <td colspan='4' class='base'><b>$Lang::tr{'advproxy upstream proxy'}</b></td>
 </tr>
 <tr>
-       <td width='25%' class='base'>$Lang::tr{'advproxy via forwarding'}</font>:</td>
+       <td width='25%' class='base'>$Lang::tr{'advproxy via forwarding'}:</td>
        <td width='20%'><input type='checkbox' name='FORWARD_VIA' $checked{'FORWARD_VIA'}{'on'} /></td>
        <td width='25%' class='base'>$Lang::tr{'advproxy upstream proxy host:port'}&nbsp;<img src='/blob.gif' alt='*' /></td>
        <td width='30%'><input type='text' name='UPSTREAM_PROXY' value='$proxysettings{'UPSTREAM_PROXY'}' /></td>
 </tr>
 <tr>
-       <td class='base'>$Lang::tr{'advproxy client IP forwarding'}</font>:</td>
+       <td class='base'>$Lang::tr{'advproxy client IP forwarding'}:</td>
        <td><input type='checkbox' name='FORWARD_IPADDRESS' $checked{'FORWARD_IPADDRESS'}{'on'} /></td>
        <td class='base'>$Lang::tr{'advproxy upstream username'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
        <td><input type='text' name='UPSTREAM_USER' value='$proxysettings{'UPSTREAM_USER'}' /></td>
 </tr>
 <tr>
-       <td class='base'>$Lang::tr{'advproxy username forwarding'}</font>:</td>
+       <td class='base'>$Lang::tr{'advproxy username forwarding'}:</td>
        <td><input type='checkbox' name='FORWARD_USERNAME' $checked{'FORWARD_USERNAME'}{'on'} /></td>
        <td class='base'>$Lang::tr{'advproxy upstream password'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
        <td><input type='password' name='UPSTREAM_PASSWORD' value='$proxysettings{'UPSTREAM_PASSWORD'}' /></td>
 </tr>
+<tr>
+       <td class='base'>$Lang::tr{'advproxy no connection auth'}:</td>
+       <td><input type='checkbox' name='NO_CONNECTION_AUTH' $checked{'NO_CONNECTION_AUTH'}{'on'} /></td>
+       <td>&nbsp;</td>
+       <td>&nbsp;</td>
+</tr>
 </table>
 <hr size='1'>
 <table width='100%'>
@@ -954,15 +988,15 @@ print <<END
 </tr>
 <tr>
        <td class='base'>$Lang::tr{'advproxy number of L1 dirs'}:</td>
-        <td class='base'><select name='L1_DIRS'>
-                <option value='16'  $selected{'L1_DIRS'}{'16'}>16</option>
-                <option value='32'  $selected{'L1_DIRS'}{'32'}>32</option>
-                <option value='64'  $selected{'L1_DIRS'}{'64'}>64</option>
-                <option value='128' $selected{'L1_DIRS'}{'128'}>128</option>
-                <option value='256' $selected{'L1_DIRS'}{'256'}>256</option>
-        </select></td>
+       <td class='base'><select name='L1_DIRS'>
+               <option value='16'  $selected{'L1_DIRS'}{'16'}>16</option>
+               <option value='32'  $selected{'L1_DIRS'}{'32'}>32</option>
+               <option value='64'  $selected{'L1_DIRS'}{'64'}>64</option>
+               <option value='128' $selected{'L1_DIRS'}{'128'}>128</option>
+               <option value='256' $selected{'L1_DIRS'}{'256'}>256</option>
+       </select></td>
        <td colspan='2' rowspan= '5' valign='top' class='base'>
-               <table cellpadding='0' cellspacing='0'>
+               <table cellspacing='0' cellpadding='0'>
                        <tr>
                                <!-- intentionally left empty -->
                        </tr>
@@ -989,33 +1023,62 @@ print <<END
        </td>
 </tr>
 <tr>
-        <td class='base'>$Lang::tr{'advproxy memory replacement policy'}:</td>
-        <td class='base'><select name='MEM_POLICY'>
-                <option value='LRU' $selected{'MEM_POLICY'}{'LRU'}>LRU</option>
-                <option value='heap LFUDA' $selected{'MEM_POLICY'}{'heap LFUDA'}>heap LFUDA</option>
-                <option value='heap GDSF' $selected{'MEM_POLICY'}{'heap GDSF'}>heap GDSF</option>
-                <option value='heap LRU' $selected{'MEM_POLICY'}{'heap LRU'}>heap LRU</option>
-        </select></td>
+       <td class='base'>$Lang::tr{'advproxy memory replacement policy'}:</td>
+       <td class='base'><select name='MEM_POLICY'>
+               <option value='LRU' $selected{'MEM_POLICY'}{'LRU'}>LRU</option>
+               <option value='heap LFUDA' $selected{'MEM_POLICY'}{'heap LFUDA'}>heap LFUDA</option>
+               <option value='heap GDSF' $selected{'MEM_POLICY'}{'heap GDSF'}>heap GDSF</option>
+               <option value='heap LRU' $selected{'MEM_POLICY'}{'heap LRU'}>heap LRU</option>
+       </select></td>
 </tr>
 <tr>
-        <td class='base'>$Lang::tr{'advproxy cache replacement policy'}:</td>
-        <td class='base'><select name='CACHE_POLICY'>
-                <option value='LRU' $selected{'CACHE_POLICY'}{'LRU'}>LRU</option>
-                <option value='heap LFUDA' $selected{'CACHE_POLICY'}{'heap LFUDA'}>heap LFUDA</option>
-                <option value='heap GDSF' $selected{'CACHE_POLICY'}{'heap GDSF'}>heap GDSF</option>
-                <option value='heap LRU' $selected{'CACHE_POLICY'}{'heap LRU'}>heap LRU</option>
-        </select></td>
+       <td class='base'>$Lang::tr{'advproxy cache replacement policy'}:</td>
+       <td class='base'><select name='CACHE_POLICY'>
+               <option value='LRU' $selected{'CACHE_POLICY'}{'LRU'}>LRU</option>
+               <option value='heap LFUDA' $selected{'CACHE_POLICY'}{'heap LFUDA'}>heap LFUDA</option>
+               <option value='heap GDSF' $selected{'CACHE_POLICY'}{'heap GDSF'}>heap GDSF</option>
+               <option value='heap LRU' $selected{'CACHE_POLICY'}{'heap LRU'}>heap LRU</option>
+       </select></td>
 </tr>
 <tr>
        <td colspan='2'>&nbsp;</td>
 </tr>
 <tr>
-        <td class='base'>$Lang::tr{'advproxy offline mode'}:</td>
+       <td class='base'>$Lang::tr{'advproxy offline mode'}:</td>
        <td><input type='checkbox' name='OFFLINE_MODE' $checked{'OFFLINE_MODE'}{'on'} /></td>
 </tr>
 </table>
 <hr size='1'>
 <table width='100%'>
+<tr>
+       <td colspan='4'><b>$Lang::tr{'advproxy destination ports'}</b></td>
+</tr>
+<tr>
+       <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
+</tr>
+<tr>
+       <td colspan='2' class='base'>$Lang::tr{'advproxy standard ports'}:</td>
+       <td colspan='2' class='base'>$Lang::tr{'advproxy ssl ports'}:</td>
+</tr>
+<tr>
+       <td colspan='2'><textarea name='PORTS_SAFE' cols='32' rows='6' wrap='off'>
+END
+;
+       if (!$proxysettings{'PORTS_SAFE'}) { print $def_ports_safe; } else { print $proxysettings{'PORTS_SAFE'}; }
+
+print <<END
+</textarea></td>
+       <td colspan='2'><textarea name='PORTS_SSL' cols='32' rows='6' wrap='off'>
+END
+;
+       if (!$proxysettings{'PORTS_SSL'}) { print $def_ports_ssl; } else { print $proxysettings{'PORTS_SSL'}; }
+
+print <<END
+</textarea></td>
+</tr>
+</table>
+<hr size='1'>
+<table width='100%'>
 <tr>
        <td colspan='4'><b>$Lang::tr{'advproxy network based access'}</b></td>
 </tr>
@@ -1031,14 +1094,14 @@ print <<END
 END
 ;
 
-if (!$proxysettings{'SRC_SUBNETS'}) {
+if (!$proxysettings{'SRC_SUBNETS'})
+{
        print "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}\n";
-       if ($netsettings{'BLUE_DEV'}) {
-            print "$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}\n";
+       if ($netsettings{'BLUE_DEV'})
+       {
+               print "$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}\n";
        }
-} else {
-       print $proxysettings{'SRC_SUBNETS'};
-}
+} else { print $proxysettings{'SRC_SUBNETS'}; }
 
 print <<END
 </textarea></td>
@@ -1112,7 +1175,7 @@ if (-e $cre_enabled) { print <<END
 <table width='100%'>
 
 <tr>
-        <td colspan='4'><b>$Lang::tr{'advproxy classroom extensions'}</b></td>
+       <td colspan='4'><b>$Lang::tr{'advproxy classroom extensions'}</b></td>
 </tr>
 <tr>
        <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
@@ -1158,13 +1221,14 @@ END
 END
 ;
 }
+
 # -------------------------------------------------------------------
 
 print <<END 
 
 <table width='100%'>
 <tr>
-        <td colspan='4'><b>$Lang::tr{'advproxy time restrictions'}</b></td>
+       <td colspan='4'><b>$Lang::tr{'advproxy time restrictions'}</b></td>
 </tr>
 <table width='100%'>
 <tr>
@@ -1347,8 +1411,8 @@ print <<END
        <td width='10%'><input type='checkbox' name='THROTTLE_DSKIMG' $checked{'THROTTLE_DSKIMG'}{'on'} /></td>
        <td width='15%' class='base'>$Lang::tr{'advproxy throttle mmedia'}:</td>
        <td width='10%'><input type='checkbox' name='THROTTLE_MMEDIA' $checked{'THROTTLE_MMEDIA'}{'on'} /></td>
-        <td width='15%'>&nbsp;</td>
-        <td width='10%'>&nbsp;</td>
+       <td width='15%'>&nbsp;</td>
+       <td width='10%'>&nbsp;</td>
 </tr>  
 </table>
 <hr size='1'>
@@ -1362,8 +1426,8 @@ print <<END
 </tr>
 <tr>
        <td  colspan='2' class='base'>$Lang::tr{'advproxy MIME block types'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
-        <td>&nbsp;</td>
-        <td>&nbsp;</td>
+       <td>&nbsp;</td>
+       <td>&nbsp;</td>
 </tr>
 <tr>
        <td colspan='2'><textarea name='MIME_TYPES' cols='32' rows='6' wrap='off'>
@@ -1374,8 +1438,8 @@ print $proxysettings{'MIME_TYPES'};
 
 print <<END
 </textarea></td>
-        <td>&nbsp;</td>
-        <td>&nbsp;</td>
+       <td>&nbsp;</td>
+       <td>&nbsp;</td>
 </tr>
 </table>
 <hr size='1'>
@@ -1386,8 +1450,8 @@ print <<END
 <tr>
        <td width='25%' class='base'>$Lang::tr{'advproxy UA enable filter'}:</td>
        <td width='20%'><input type='checkbox' name='ENABLE_BROWSER_CHECK' $checked{'ENABLE_BROWSER_CHECK'}{'on'} /></td>
-        <td>&nbsp;</td>
-        <td>&nbsp;</td>
+       <td>&nbsp;</td>
+       <td>&nbsp;</td>
 </tr>
 <tr>
        <td colspan='4'><i>
@@ -1438,15 +1502,32 @@ print <<END
 END
 ;
 
-if (($updacclrtr_addon) && (!($urlfilter_addon))) {
+if ($urlfilter_addon) {
+       print <<END
+<table width='100%'>
+<tr>
+       <td class='base' colspan='4'><b>$Lang::tr{'advproxy url filter'}</b>&nbsp; [<font color='$Header::colourred'> $urlfilterversion </font>]</td>
+</tr>
+<tr>
+       <td class='base' width='25%'>$Lang::tr{'advproxy enabled'}:</td>
+       <td class='base' width='20%'><input type='checkbox' name='ENABLE_FILTER' $checked{'ENABLE_FILTER'}{'on'} /></td>
+       <td>&nbsp;</td>
+       <td>&nbsp;</td>
+</tr>
+</table>
+<hr size='1'>
+END
+; }
+
+if ($updaccel_addon) {
        print <<END
 <table width='100%'>
 <tr>
-       <td colspan='4'><b>$Lang::tr{'advproxy update accelerator'}</b></td>
+       <td class='base' colspan='4'><b>$Lang::tr{'advproxy update accelerator'}</b>&nbsp; [<font color='$Header::colourred'> $updaccelversion </font>]</td>
 </tr>
 <tr>
        <td class='base' width='25%'>$Lang::tr{'advproxy enabled'}:</td>
-       <td><input type='checkbox' name='ENABLE_UPDACCEL' $checked{'ENABLE_UPDACCEL'}{'on'} /></td>
+       <td class='base' width='20%'><input type='checkbox' name='ENABLE_UPDXLRATOR' $checked{'ENABLE_UPDXLRATOR'}{'on'} /></td>
        <td>&nbsp;</td>
        <td>&nbsp;</td>
 </tr>
@@ -1458,7 +1539,7 @@ END
 print <<END
 <table width='100%'>
 <tr>
-        <td colspan='5'><b>$Lang::tr{'advproxy AUTH method'}</b></td>
+       <td colspan='5'><b>$Lang::tr{'advproxy AUTH method'}</b></td>
 </tr>
 <tr>
        <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='none' $checked{'AUTH_METHOD'}{'none'} />$Lang::tr{'advproxy AUTH method none'}</td>
@@ -1476,7 +1557,7 @@ if (!($proxysettings{'AUTH_METHOD'} eq 'none')) { if (!($proxysettings{'AUTH_MET
 <hr size='1'>
 <table width='100%'>
 <tr>
-        <td colspan='4'><b>$Lang::tr{'advproxy AUTH global settings'}</b></td>
+       <td colspan='4'><b>$Lang::tr{'advproxy AUTH global settings'}</b></td>
 </tr>
 <tr>
        <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
@@ -1539,8 +1620,8 @@ print <<END
        <td><input type='text' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td>
 </tr>
 <tr>
-        <td class='base'>$Lang::tr{'advproxy AUTH always required'}:</td>
-        <td><input type='checkbox' name='AUTH_ALWAYS_REQUIRED' $checked{'AUTH_ALWAYS_REQUIRED'}{'on'} /></td>
+       <td class='base'>$Lang::tr{'advproxy AUTH always required'}:</td>
+       <td><input type='checkbox' name='AUTH_ALWAYS_REQUIRED' $checked{'AUTH_ALWAYS_REQUIRED'}{'on'} /></td>
 </tr>
 <tr>
        <td colspan='2'>&nbsp;</td>
@@ -1565,7 +1646,7 @@ print <<END
        <td width='25%' class='base'>$Lang::tr{'advproxy NCSA min password length'}:</td>
        <td width='20%'><input type='text' name='NCSA_MIN_PASS_LEN' value='$proxysettings{'NCSA_MIN_PASS_LEN'}' size='5' /></td>
        <td width='25%' class='base'>$Lang::tr{'advproxy NCSA redirector bypass'} \'$Lang::tr{'advproxy NCSA grp extended'}\':</td>
-        <td width='20%'><input type='checkbox' name='NCSA_BYPASS_REDIR' $checked{'NCSA_BYPASS_REDIR'}{'on'} /></td>
+       <td width='20%'><input type='checkbox' name='NCSA_BYPASS_REDIR' $checked{'NCSA_BYPASS_REDIR'}{'on'} /></td>
 </tr>
 <tr>
        <td colspan='2'><br>&nbsp;<input type='submit' name='ACTION' value='$Lang::tr{'advproxy NCSA user management'}'></td>
@@ -1589,9 +1670,9 @@ print <<END
 </tr>
 <tr>
        <td width='25%' class='base'>$Lang::tr{'advproxy IDENT required'}:</td>
-        <td width='20%'><input type='checkbox' name='IDENT_REQUIRED' $checked{'IDENT_REQUIRED'}{'on'} /></td>
-        <td width='25%' class='base'>$Lang::tr{'advproxy AUTH always required'}:</td>
-        <td width='30%'><input type='checkbox' name='AUTH_ALWAYS_REQUIRED' $checked{'AUTH_ALWAYS_REQUIRED'}{'on'} /></td>
+       <td width='20%'><input type='checkbox' name='IDENT_REQUIRED' $checked{'IDENT_REQUIRED'}{'on'} /></td>
+       <td width='25%' class='base'>$Lang::tr{'advproxy AUTH always required'}:</td>
+       <td width='30%'><input type='checkbox' name='AUTH_ALWAYS_REQUIRED' $checked{'AUTH_ALWAYS_REQUIRED'}{'on'} /></td>
 </tr>
 <tr>
        <td class='base'>$Lang::tr{'advproxy IDENT timeout'}:</td>
@@ -1650,7 +1731,7 @@ print <<END
        <td colspan='2'>$Lang::tr{'advproxy IDENT unauthorized users'}</td>
 </tr>
 <tr>
-        <td colspan='2'><textarea name='IDENT_ALLOW_USERS' cols='32' rows='6' wrap='off'>
+       <td colspan='2'><textarea name='IDENT_ALLOW_USERS' cols='32' rows='6' wrap='off'>
 END
 ; }
 
@@ -1658,7 +1739,7 @@ if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print $proxysettings{'IDENT_ALLO
 
 if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print <<END
 </textarea></td>
-        <td colspan='2'><textarea name='IDENT_DENY_USERS' cols='32' rows='6' wrap='off'>
+       <td colspan='2'><textarea name='IDENT_DENY_USERS' cols='32' rows='6' wrap='off'>
 END
 ; }
 
@@ -1724,7 +1805,7 @@ print <<END
        <td colspan='2'>$Lang::tr{'advproxy NTLM unauthorized users'}</td>
 </tr>
 <tr>
-        <td colspan='2'><textarea name='NTLM_ALLOW_USERS' cols='32' rows='6' wrap='off'>
+       <td colspan='2'><textarea name='NTLM_ALLOW_USERS' cols='32' rows='6' wrap='off'>
 END
 ; }
 
@@ -1732,7 +1813,7 @@ if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_ALLOW_
 
 if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END
 </textarea></td>
-        <td colspan='2'><textarea name='NTLM_DENY_USERS' cols='32' rows='6' wrap='off'>
+       <td colspan='2'><textarea name='NTLM_DENY_USERS' cols='32' rows='6' wrap='off'>
 END
 ; }
 
@@ -1847,7 +1928,7 @@ print <<END
        <td colspan='2'>$Lang::tr{'advproxy RADIUS unauthorized users'}</td>
 </tr>
 <tr>
-        <td colspan='2'><textarea name='RADIUS_ALLOW_USERS' cols='32' rows='6' wrap='off'>
+       <td colspan='2'><textarea name='RADIUS_ALLOW_USERS' cols='32' rows='6' wrap='off'>
 END
 ; }
 
@@ -1855,7 +1936,7 @@ if ($proxysettings{'AUTH_METHOD'} eq 'radius') { print $proxysettings{'RADIUS_AL
 
 if ($proxysettings{'AUTH_METHOD'} eq 'radius') { print <<END
 </textarea></td>
-        <td colspan='2'><textarea name='RADIUS_DENY_USERS' cols='32' rows='6' wrap='off'>
+       <td colspan='2'><textarea name='RADIUS_DENY_USERS' cols='32' rows='6' wrap='off'>
 END
 ; }
 
@@ -1963,11 +2044,11 @@ END
 print <<END
 <table width='100%'>
 <tr>
-        <td>&nbsp;</td>
+       <td>&nbsp;</td>
        <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
        <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'advproxy save and restart'}' /></td>
-       <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'clear cache'}' /></td>
-        <td>&nbsp;</td>
+       <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'advproxy clear cache'}' /></td>
+       <td>&nbsp;</td>
 </tr>
 
 </table>
@@ -1977,9 +2058,7 @@ print <<END
        <td><img src='/blob.gif' align='top' alt='*' />&nbsp;
        <font class='base'>$Lang::tr{'this field may be blank'}</font>
        </td>
-       <td align='right'>
-       &nbsp;
-       </td>
+       <td align='right'>&nbsp;</td>
 </tr>
 </table>
 </form>
@@ -1999,7 +2078,7 @@ print <<END
 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
 <table width='100%'>
 <tr>
-        <td colspan='4'><b>$Lang::tr{'advproxy NCSA user management'}</b></td>
+       <td colspan='4'><b>$Lang::tr{'advproxy NCSA user management'}</b></td>
 </tr>
 <tr>
        <td width='25%' class='base'>$Lang::tr{'advproxy NCSA username'}:</td>
@@ -2049,7 +2128,7 @@ print <<END
 <hr size='1'>
 <table width='100%'>
 <tr>
-        <td><b>$Lang::tr{'advproxy NCSA user accounts'}:</b></td>
+       <td><b>$Lang::tr{'advproxy NCSA user accounts'}:</b></td>
 </tr>
 </table>
 <table width='100%' align='center'>
@@ -2134,7 +2213,7 @@ END
 print <<END
 </table>
 <br>
-<table witdh='100%'>
+<table width='100%'>
 <tr>
        <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
        <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
@@ -2147,7 +2226,7 @@ END
 } else {
        print <<END
        <tr>
-               <td><i>$Lang::tr{'advproxy NCSA no accounts'}</i></td>
+               <td><i>$Lang::tr{'advproxy NCSA no accounts'}</i></td>
        </tr>
 END
 ;
@@ -2214,6 +2293,18 @@ sub read_acls
                while (<FILE>) { $proxysettings{'DST_NOAUTH'} .= $_ };
                close(FILE);
        }
+       if (-e "$acl_ports_safe") {
+               open(FILE,"$acl_ports_safe");
+               delete $proxysettings{'PORTS_SAFE'};
+               while (<FILE>) { $proxysettings{'PORTS_SAFE'} .= $_ };
+               close(FILE);
+       }
+       if (-e "$acl_ports_ssl") {
+               open(FILE,"$acl_ports_ssl");
+               delete $proxysettings{'PORTS_SSL'};
+               while (<FILE>) { $proxysettings{'PORTS_SSL'} .= $_ };
+               close(FILE);
+       }
        if (-e "$mimetypes") {
                open(FILE,"$mimetypes");
                delete $proxysettings{'MIME_TYPES'};
@@ -2280,6 +2371,51 @@ sub read_acls
 
 sub check_acls
 {
+       @temp = split(/\n/,$proxysettings{'PORTS_SAFE'});
+       undef $proxysettings{'PORTS_SAFE'};
+       foreach (@temp)
+       {
+               s/^\s+//g; s/\s+$//g;
+               if ($_)
+               {
+                       $line = $_;
+                       if (/^[^#]+\s+#\sSquids\sport/) { s/(^[^#]+)(\s+#\sSquids\sport)/$proxysettings{'PROXY_PORT'}\2/; $line=$_; }
+                       s/#.*//g; s/\s+//g;
+                       if (/.*-.*-.*/) { $errormessage = $Lang::tr{'advproxy errmsg invalid destination port'}; }
+                       @templist = split(/-/);
+                       foreach (@templist) { unless (&General::validport($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid destination port'}; } }
+                       $proxysettings{'PORTS_SAFE'} .= $line."\n";
+               }
+       }
+
+       @temp = split(/\n/,$proxysettings{'PORTS_SSL'});
+       undef $proxysettings{'PORTS_SSL'};
+       foreach (@temp)
+       {
+               s/^\s+//g; s/\s+$//g;
+               if ($_)
+               {
+                       $line = $_;
+                       s/#.*//g; s/\s+//g;
+                       if (/.*-.*-.*/) { $errormessage = $Lang::tr{'advproxy errmsg invalid destination port'}; }
+                       @templist = split(/-/);
+                       foreach (@templist) { unless (&General::validport($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid destination port'}; } }
+                       $proxysettings{'PORTS_SSL'} .= $line."\n";
+               }
+       }
+
+       @temp = split(/\n/,$proxysettings{'DST_NOCACHE'});
+       undef $proxysettings{'DST_NOCACHE'};
+       foreach (@temp)
+       {
+               s/^\s+//g; s/\s+$//g;
+               if ($_)
+               {
+                       unless (/^\./) { $_ = '.'.$_; }
+                       $proxysettings{'DST_NOCACHE'} .= $_."\n";
+               }
+       }
+
        @temp = split(/\n/,$proxysettings{'SRC_SUBNETS'});
        undef $proxysettings{'SRC_SUBNETS'};
        foreach (@temp)
@@ -2340,6 +2476,18 @@ sub check_acls
                }
        }
 
+       @temp = split(/\n/,$proxysettings{'DST_NOAUTH'});
+       undef $proxysettings{'DST_NOAUTH'};
+       foreach (@temp)
+       {
+               s/^\s+//g; s/\s+$//g;
+               if ($_)
+               {
+                       unless (/^\./) { $_ = '.'.$_; }
+                       $proxysettings{'DST_NOAUTH'} .= $_."\n";
+               }
+       }
+
        if (($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && ($proxysettings{'NTLM_USER_ACL'} eq 'positive'))
        {
                @temp = split(/\n/,$proxysettings{'NTLM_ALLOW_USERS'});
@@ -2437,14 +2585,20 @@ sub check_acls
        }
 }
 
-
 # -------------------------------------------------------------------
 
 sub write_acls
 {
        open(FILE, ">$acl_src_subnets");
        flock(FILE, 2);
-       print FILE $proxysettings{'SRC_SUBNETS'};
+       if (!$proxysettings{'SRC_SUBNETS'})
+       {
+               print FILE "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}\n";
+               if ($netsettings{'BLUE_DEV'})
+               {
+                       print FILE "$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}\n";
+               }
+       } else { print FILE $proxysettings{'SRC_SUBNETS'}; }
        close(FILE);
 
        open(FILE, ">$acl_src_banned_ip");
@@ -2477,29 +2631,39 @@ sub write_acls
        print FILE $proxysettings{'DST_NOAUTH'};
        close(FILE);
 
+       open(FILE, ">$acl_ports_safe");
+       flock(FILE, 2);
+       if (!$proxysettings{'PORTS_SAFE'}) { print FILE $def_ports_safe; } else { print FILE $proxysettings{'PORTS_SAFE'}; }
+       close(FILE);
+
+       open(FILE, ">$acl_ports_ssl");
+       flock(FILE, 2);
+       if (!$proxysettings{'PORTS_SSL'}) { print FILE $def_ports_ssl; } else { print FILE $proxysettings{'PORTS_SSL'}; }
+       close(FILE);
+
        open(FILE, ">$acl_dst_throttle");
        flock(FILE, 2);
        if ($proxysettings{'THROTTLE_BINARY'} eq 'on')
        {
                @temp = split(/\|/,$throttle_binary);
-               foreach (@temp) { print FILE "\\.$_\$\n"; }
+               foreach (@temp) { print FILE "\\.$_\$\n"; }
        }
        if ($proxysettings{'THROTTLE_DSKIMG'} eq 'on')
        {
                @temp = split(/\|/,$throttle_dskimg);
-               foreach (@temp) { print FILE "\\.$_\$\n"; }
+               foreach (@temp) { print FILE "\\.$_\$\n"; }
        }
        if ($proxysettings{'THROTTLE_MMEDIA'} eq 'on')
        {
                @temp = split(/\|/,$throttle_mmedia);
-               foreach (@temp) { print FILE "\\.$_\$\n"; }
+               foreach (@temp) { print FILE "\\.$_\$\n"; }
        }
        if (-s $throttled_urls)
        {
                open(URLFILE, $throttled_urls);
                @temp = <URLFILE>;
                close(URLFILE);
-               foreach (@temp) { print FILE; }
+               foreach (@temp) { print FILE; }
        }
        close(FILE);
 
@@ -2615,7 +2779,7 @@ sub writeconfig
        my $authrealm;
        my $delaypools;
 
-       if ($proxysettings{'THROTTLING_GREEN_TOTAL'} + 
+       if ($proxysettings{'THROTTLING_GREEN_TOTAL'} +
            $proxysettings{'THROTTLING_GREEN_HOST'}  +
            $proxysettings{'THROTTLING_BLUE_TOTAL'}  +
            $proxysettings{'THROTTLING_BLUE_HOST'} gt 0)
@@ -2625,7 +2789,7 @@ sub writeconfig
 
        if ($proxysettings{'AUTH_REALM'} eq '')
        {
-               $authrealm = "IPFire Advanced Proxy Server";
+               $authrealm = "IPCop Advanced Proxy Server";
        } else {
                $authrealm = $proxysettings{'AUTH_REALM'};
        }
@@ -2638,42 +2802,63 @@ sub writeconfig
        open(FILE, ">${General::swroot}/proxy/squid.conf");
        flock(FILE, 2);
        print FILE <<END
+# Do not modify '${General::swroot}/proxy/squid.conf' directly since any changes
+# you make will be overwritten whenever you resave proxy settings using the
+# web interface!
+#
+# Instead, modify the file '$acl_include' and
+# then restart the proxy service using the web interface. Changes made to the
+# 'include.acl' file will propagate to the 'squid.conf' file at that time.
+
 shutdown_lifetime 5 seconds
 icp_port 0
 
-http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}
 END
        ;
+       print FILE "http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
+       if ($proxysettings{'TRANSPARENT'} eq 'on') { print FILE " transparent" }
+       if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
+       print FILE "\n";
+
        if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {
-               print FILE "http_port $netsettings{'BLUE_ADDRESS'}:$proxysettings{'PROXY_PORT'}\n";
+               print FILE "http_port $netsettings{'BLUE_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
+               if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on') { print FILE " transparent" }
+               if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
+               print FILE "\n";
        }
 
        print FILE <<END
 
 acl QUERY urlpath_regex cgi-bin \\?
-no_cache deny QUERY
+cache deny QUERY
 END
        ;
        if (!-z $acl_dst_nocache) {
                print FILE "acl no_cache_domains dstdomain \"$acl_dst_nocache\"\n";
-               print FILE "no_cache deny no_cache_domains\n";
+               print FILE "cache deny no_cache_domains\n";
        }
 
        print FILE <<END
 
 cache_effective_user squid
 cache_effective_group squid
+umask 022
 
 pid_filename /var/run/squid.pid
 
 cache_mem $proxysettings{'CACHE_MEM'} MB
 cache_dir aufs /var/log/cache $proxysettings{'CACHE_SIZE'} $proxysettings{'L1_DIRS'} 256
 
-error_directory /usr/lib/squid/errors/$proxysettings{'ERR_LANGUAGE'}
-
 END
        ;
 
+       if (($proxysettings{'ERR_DESIGN'} eq 'ipcop') && ($proxysettings{'VISIBLE_HOSTNAME'} eq ''))
+       {
+               print FILE "error_directory $errordir.ipcop/$proxysettings{'ERR_LANGUAGE'}\n\n";
+       } else {
+               print FILE "error_directory $errordir/$proxysettings{'ERR_LANGUAGE'}\n\n";
+       }
+
        if ($proxysettings{'OFFLINE_MODE'} eq 'on') {  print FILE "offline_mode on\n\n"; }
 
        if ((!($proxysettings{'MEM_POLICY'} eq 'LRU')) || (!($proxysettings{'CACHE_POLICY'} eq 'LRU')))
@@ -2691,8 +2876,8 @@ END
 
        if ($proxysettings{'LOGGING'} eq 'on')
        {
-                print FILE <<END
-cache_access_log /var/log/squid/access.log
+               print FILE <<END
+access_log /var/log/squid/access.log
 cache_log /var/log/squid/cache.log
 cache_store_log none
 END
@@ -2701,7 +2886,7 @@ END
                if ($proxysettings{'LOGQUERY'} eq 'on') { print FILE "\nstrip_query_terms off\n"; }
        } else {
                print FILE <<END
-cache_access_log /dev/null
+access_log /dev/null
 cache_log /dev/null
 cache_store_log none
 END
@@ -2714,16 +2899,23 @@ END
 
        if ($proxysettings{'FORWARD_IPADDRESS'} eq 'on')
        {
-               print FILE "forwarded_for on\n\n";
+               print FILE "forwarded_for on\n";
        } else {
-               print FILE "forwarded_for off\n\n";
+               print FILE "forwarded_for off\n";
        }
+       if ($proxysettings{'FORWARD_VIA'} eq 'on')
+       {
+               print FILE "via on\n";
+       } else {
+               print FILE "via off\n";
+       }
+       print FILE "\n";
 
        if ((!($proxysettings{'AUTH_METHOD'} eq 'none')) && (!($proxysettings{'AUTH_METHOD'} eq 'ident')))
        {
                if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
                {
-                       print FILE "auth_param basic program $libexecdir/ncsa_auth $userdb\n";
+                       print FILE "auth_param basic program $authdir/ncsa_auth $userdb\n";
                        print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
                        print FILE "auth_param basic realm $authrealm\n";
                        print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
@@ -2732,7 +2924,7 @@ END
 
                if ($proxysettings{'AUTH_METHOD'} eq 'ldap')
                {
-                       print FILE "auth_param basic program $libexecdir/squid_ldap_auth -b \"$proxysettings{'LDAP_BASEDN'}\"";
+                       print FILE "auth_param basic program $authdir/squid_ldap_auth -b \"$proxysettings{'LDAP_BASEDN'}\"";
                        if (!($proxysettings{'LDAP_BINDDN_USER'} eq '')) { print FILE " -D \"$proxysettings{'LDAP_BINDDN_USER'}\""; }
                        if (!($proxysettings{'LDAP_BINDDN_PASS'} eq '')) { print FILE " -w $proxysettings{'LDAP_BINDDN_PASS'}"; }
                        if ($proxysettings{'LDAP_TYPE'} eq 'ADS')
@@ -2778,14 +2970,12 @@ END
                {
                        if ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on')
                        {
-                               print FILE "auth_param ntlm program $libexecdir/ntlm_auth $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_PDC'}";
+                               print FILE "auth_param ntlm program $authdir/ntlm_auth $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_PDC'}";
                                if ($proxysettings{'NTLM_BDC'} eq '') { print FILE "\n"; } else { print FILE " $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_BDC'}\n"; }
                                print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n";
-                               print FILE "auth_param ntlm max_challenge_reuses 0\n";
-                               print FILE "auth_param ntlm max_challenge_lifetime 2 minutes\n";
                                if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
                        } else {
-                               print FILE "auth_param basic program $libexecdir/msnt_auth\n";
+                               print FILE "auth_param basic program $authdir/msnt_auth\n";
                                print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
                                print FILE "auth_param basic realm $authrealm\n";
                                print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
@@ -2811,7 +3001,7 @@ END
 
                if ($proxysettings{'AUTH_METHOD'} eq 'radius')
                {
-                       print FILE "auth_param basic program $libexecdir/squid_rad_auth -h $proxysettings{'RADIUS_SERVER'} -p $proxysettings{'RADIUS_PORT'} ";
+                       print FILE "auth_param basic program $authdir/squid_radius_auth -h $proxysettings{'RADIUS_SERVER'} -p $proxysettings{'RADIUS_PORT'} ";
                        if (!($proxysettings{'RADIUS_IDENTIFIER'} eq '')) { print FILE "-i $proxysettings{'RADIUS_IDENTIFIER'} "; }
                        print FILE "-w $proxysettings{'RADIUS_SECRET'}\n";
                        print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
@@ -2853,7 +3043,8 @@ END
                if (!($proxysettings{'AUTH_MAX_USERIP'} eq '')) { print FILE "\nacl concurrent max_user_ip -s $proxysettings{'AUTH_MAX_USERIP'}\n"; }
                print FILE "\n";
 
-               if (!-z $acl_dst_noauth) { print FILE "acl to_domains_without_auth dstdomain \"$acl_dst_noauth\"\n\n"; }
+               if (!-z $acl_dst_noauth) { print FILE "acl to_domains_without_auth dstdomain \"$acl_dst_noauth\"\n"; }
+               print FILE "\n";
        }
 
        if ($proxysettings{'AUTH_METHOD'} eq 'ident')
@@ -2873,6 +3064,8 @@ END
                                print FILE "acl for_acl_users ident_regex -i \"$identdir/identauth.denyusers\"\n\n";
                        }
                }
+               if (!-z $acl_dst_noauth) { print FILE "acl to_domains_without_auth dstdomain \"$acl_dst_noauth\"\n"; }
+               print FILE "\n";
        }
 
        if (($delaypools) && (!-z $acl_dst_throttle)) { print FILE "acl for_throttled_urls url_regex -i \"$acl_dst_throttle\"\n\n"; }
@@ -2887,10 +3080,10 @@ END
        if ($proxysettings{'TIME_FRI'} eq 'on') { print FILE "F"; }
        if ($proxysettings{'TIME_SAT'} eq 'on') { print FILE "A"; }
        if ($proxysettings{'TIME_SUN'} eq 'on') { print FILE "S"; }
-        print FILE " $proxysettings{'TIME_FROM_HOUR'}:";
-        print FILE "$proxysettings{'TIME_FROM_MINUTE'}-";
-        print FILE "$proxysettings{'TIME_TO_HOUR'}:";
-        print FILE "$proxysettings{'TIME_TO_MINUTE'}\n\n";
+       print FILE " $proxysettings{'TIME_FROM_HOUR'}:";
+       print FILE "$proxysettings{'TIME_FROM_MINUTE'}-";
+       print FILE "$proxysettings{'TIME_TO_HOUR'}:";
+       print FILE "$proxysettings{'TIME_TO_MINUTE'}\n\n";
 
        if ((!-z $mimetypes) && ($proxysettings{'ENABLE_MIME_FILTER'} eq 'on')) {
                print FILE "acl blocked_mimetypes rep_mime_type \"$mimetypes\"\n\n";
@@ -2899,27 +3092,32 @@ END
        print FILE <<END
 acl all src 0.0.0.0/0.0.0.0
 acl localhost src 127.0.0.1/255.255.255.255
-acl SSL_ports port 443 563
-acl Safe_ports port 80 # http
-acl Safe_ports port 21 # ftp
-acl Safe_ports port 443 563 # https, snews
-acl Safe_ports port 70 # gopher
-acl Safe_ports port 210 # wais
-acl Safe_ports port 1025-65535 # unregistered ports
-acl Safe_ports port 280 # http-mgmt
-acl Safe_ports port 488 # gss-http
-acl Safe_ports port 591 # filemaker
-acl Safe_ports port 777 # multiling http
-acl Safe_ports port 800 # Squids port (for icons)
-
-acl IPCop_http  port 81
-acl IPCop_https port 444
+END
+;
+open (PORTS,"$acl_ports_ssl");
+@temp = <PORTS>;
+close PORTS;
+if (@temp)
+{
+       foreach (@temp) { print FILE "acl SSL_ports port $_"; }
+}
+open (PORTS,"$acl_ports_safe");
+@temp = <PORTS>;
+close PORTS;
+if (@temp)
+{
+       foreach (@temp) { print FILE "acl Safe_ports port $_"; }
+}
+       print FILE <<END
+
+acl IPCop_http  port $http_port
+acl IPCop_https port $https_port
 acl IPCop_ips              dst $netsettings{'GREEN_ADDRESS'}
 acl IPCop_networks         src "$acl_src_subnets"
 acl IPCop_green_network    src $netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}
 END
        ;
-        if ($netsettings{'BLUE_DEV'}) { print FILE "acl IPCop_blue_network     src $netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}\n"; }
+       if ($netsettings{'BLUE_DEV'}) { print FILE "acl IPCop_blue_network     src $netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}\n"; }
        if (!-z $acl_src_banned_ip) { print FILE "acl IPCop_banned_ips       src \"$acl_src_banned_ip\"\n"; }
        if (!-z $acl_src_banned_mac) { print FILE "acl IPCop_banned_mac       arp \"$acl_src_banned_mac\"\n"; }
        if (!-z $acl_src_unrestricted_ip) { print FILE "acl IPCop_unrestricted_ips src \"$acl_src_unrestricted_ip\"\n"; }
@@ -2938,14 +3136,22 @@ acl IPCop_no_access_mac arp "$acl_src_noaccess_mac"
 END
                ;
                print FILE "deny_info ";
-               if (-e "/usr/lib/squid/errors/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED") {
-               print FILE "ERR_ACCESS_DISABLED";
-               } else { print FILE "ERR_ACCESS_DENIED"; }
+               if ((($proxysettings{'ERR_DESIGN'} eq 'ipcop') && (-e "$errordir.ipcop/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED")) ||
+                   (($proxysettings{'ERR_DESIGN'} eq 'squid') && (-e "$errordir/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED")))
+               {
+                       print FILE "ERR_ACCESS_DISABLED";
+               } else {
+                       print FILE "ERR_ACCESS_DENIED";
+               }
                print FILE " IPCop_no_access_ips\n";
                print FILE "deny_info ";
-               if (-e "/usr/lib/squid/errors/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED") {
-               print FILE "ERR_ACCESS_DISABLED";
-               } else { print FILE "ERR_ACCESS_DENIED"; }
+               if ((($proxysettings{'ERR_DESIGN'} eq 'ipcop') && (-e "$errordir.ipcop/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED")) ||
+                   (($proxysettings{'ERR_DESIGN'} eq 'squid') && (-e "$errordir/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED")))
+               {
+                       print FILE "ERR_ACCESS_DISABLED";
+               } else {
+                       print FILE "ERR_ACCESS_DENIED";
+               }
                print FILE " IPCop_no_access_mac\n";
 
                print FILE <<END
@@ -2955,14 +3161,14 @@ END
        ;
        }
 
-        #Insert acl file and replace __VAR__ with correct values
-        my $blue_net = ''; #BLUE empty by default
-        my $blue_ip = '';
-        if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {
-            $blue_net = "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
-            $blue_ip  = "$netsettings{'BLUE_ADDRESS'}";
-        }
-        if (!-z $acl_include)
+       #Insert acl file and replace __VAR__ with correct values
+       my $blue_net = ''; #BLUE empty by default
+       my $blue_ip = '';
+       if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {
+               $blue_net = "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
+               $blue_ip  = "$netsettings{'BLUE_ADDRESS'}";
+       }
+       if (!-z $acl_include)
        {
                open (ACL, "$acl_include");
                print FILE "\n#Start of custom includes\n";
@@ -2971,6 +3177,7 @@ END
                        $_ =~ s/__GREEN_NET__/$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}/;
                        $_ =~ s/__BLUE_IP__/$blue_ip/;
                        $_ =~ s/__BLUE_NET__/$blue_net/;
+                       $_ =~ s/__PROXY_PORT__/$proxysettings{'PROXY_PORT'}/;
                        print FILE $_;
                }
                print FILE "#End of custom includes\n";
@@ -3065,6 +3272,7 @@ if ($delaypools) {
                print FILE "\n";
        }
 
+       print FILE "delay_access 1 deny  IPCop_ips\n";
        if (!-z $acl_src_unrestricted_ip)  { print FILE "delay_access 1 deny  IPCop_unrestricted_ips\n"; }
        if (!-z $acl_src_unrestricted_mac) { print FILE "delay_access 1 deny  IPCop_unrestricted_mac\n"; }
        if (($proxysettings{'AUTH_METHOD'} eq 'ncsa') && (!-z $extgrp)) { print FILE "delay_access 1 deny  for_extended_users\n"; }
@@ -3072,22 +3280,23 @@ if ($delaypools) {
        if ($netsettings{'BLUE_DEV'})
        {
                print FILE "delay_access 1 allow IPCop_green_network";
-               if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; } 
+               if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; }
                print FILE "\n";
                print FILE "delay_access 1 deny  all\n";
        } else {
                print FILE "delay_access 1 allow all";
-               if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; } 
+               if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; }
                print FILE "\n";
        }
 
        if ($netsettings{'BLUE_DEV'})
        {
+               print FILE "delay_access 2 deny  IPCop_ips\n";
                if (!-z $acl_src_unrestricted_ip)  { print FILE "delay_access 2 deny  IPCop_unrestricted_ips\n"; }
                if (!-z $acl_src_unrestricted_mac) { print FILE "delay_access 2 deny  IPCop_unrestricted_mac\n"; }
                if (($proxysettings{'AUTH_METHOD'} eq 'ncsa') && (!-z $extgrp)) { print FILE "delay_access 2 deny  for_extended_users\n"; }
                print FILE "delay_access 2 allow IPCop_blue_network";
-               if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; } 
+               if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; }
                print FILE "\n";
                print FILE "delay_access 2 deny  all\n";
        }
@@ -3169,9 +3378,9 @@ END
                                } else { print FILE " for_inetusers"; }
                        }
                        if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on'))
-                       {       
+                       {
                                if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')
-                               {       
+                               {
                                        if (($proxysettings{'RADIUS_USER_ACL'} eq 'positive') && (!-z "$raddir/radauth.allowusers"))
                                        {
                                                print FILE " for_acl_users";
@@ -3214,9 +3423,9 @@ END
                                } else { print FILE " for_inetusers"; }
                        }
                        if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on'))
-                       {       
+                       {
                                if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')
-                               {       
+                               {
                                        if (($proxysettings{'RADIUS_USER_ACL'} eq 'positive') && (!-z "$raddir/radauth.allowusers"))
                                        {
                                                print FILE " for_acl_users";
@@ -3360,6 +3569,8 @@ END
                }
        }
 
+       if ($proxysettings{'SUPPRESS_VERSION'} eq 'on') { print FILE "httpd_suppress_version_string on\n\n" }
+
        if ((!-z $mimetypes) && ($proxysettings{'ENABLE_MIME_FILTER'} eq 'on')) {
                if (!-z $acl_src_unrestricted_ip)  { print FILE "http_reply_access allow IPCop_unrestricted_ips\n"; }
                if (!-z $acl_src_unrestricted_mac) { print FILE "http_reply_access allow IPCop_unrestricted_mac\n"; }
@@ -3402,53 +3613,55 @@ END
        # Write the parent proxy info, if needed.
        if ($remotehost ne '')
        {
-               # Enter authentication for the parent cache (format is login=user:password)
-               if ($proxy1 eq 'YES') {
-               print FILE <<END
-cache_peer $remotehost parent $remoteport 3130 login=$proxysettings{'UPSTREAM_USER'}:$proxysettings{'UPSTREAM_PASSWORD'} default no-query
-
-END
-               ; 
-               } else {
-               # Not using authentication with the parent cache
                print FILE "cache_peer $remotehost parent $remoteport 3130 default no-query";
-               if ($proxysettings{'FORWARD_USERNAME'} eq 'on') { print FILE " login=*:password"; }
-               print FILE "\n";
+
+               # Enter authentication for the parent cache. Option format is
+               # login=user:password   ($proxy1='YES')
+               # login=PASS            ($proxy1='PASS')
+               # login=*:password      ($proxysettings{'FORWARD_USERNAME'} eq 'on')
+               if (($proxy1 eq 'YES') || ($proxy1 eq 'PASS'))
+               {
+                       print FILE " login=$proxysettings{'UPSTREAM_USER'}";
+                       if ($proxy1 eq 'YES') { print FILE ":$proxysettings{'UPSTREAM_PASSWORD'}"; }
                }
-               print FILE "never_direct allow all\n\n";
+               elsif ($proxysettings{'FORWARD_USERNAME'} eq 'on') { print FILE " login=*:password"; }
+
+               print FILE "\nnever_direct allow all\n\n";
        }
-       if ($urlfilter_addon) {
-               if ($proxysettings{'ENABLE_FILTER'} eq 'on')
-               {
-                       print FILE <<END
-redirect_program /usr/bin/squidGuard
-redirect_children $filtersettings{'CHILDREN'}
+       if (($urlfilter_addon) && ($updaccel_addon) && ($proxysettings{'ENABLE_FILTER'} eq 'on') && ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on'))
+       {
+               print FILE "url_rewrite_program /usr/sbin/redirect_wrapper\n";
+               if ($filtersettings{'CHILDREN'} > $updaccelsettings{'CHILDREN'})
+               {
+                       print FILE "url_rewrite_children $filtersettings{'CHILDREN'}\n\n";
+               } else {
+                       print FILE "url_rewrite_children $updaccelsettings{'CHILDREN'}\n\n";
+               }
+       } else
+       {
+               if ($urlfilter_addon) {
+                       if ($proxysettings{'ENABLE_FILTER'} eq 'on')
+                       {
+                               print FILE <<END
+url_rewrite_program /usr/sbin/squidGuard
+url_rewrite_children $filtersettings{'CHILDREN'}
 
 END
-                       ;
+                               ;
+                       }
                }
-        }
-       if ($updacclrtr_addon) {
-               if ($proxysettings{'ENABLE_UPDACCEL'} eq 'on')
-               {
-                       print FILE <<END
-redirect_program /usr/local/bin/updacclrtr
-redirect_children $updaccsettings{'ACCELERATORS'}
+               if ($updaccel_addon) {
+                       if ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on')
+                       {
+                               print FILE <<END
+url_rewrite_program /usr/sbin/updxlrator
+url_rewrite_children $updaccelsettings{'CHILDREN'}
 
 END
-                       ;
+                               ;
+                       }
                }
        }
-       if (($proxysettings{'TRANSPARENT'} eq 'on') || ($proxysettings{'TRANSPARENT_BLUE'} eq 'on'))
-       {
-               print FILE <<END
-httpd_accel_host virtual 
-httpd_accel_port 80 
-httpd_accel_with_proxy on
-httpd_accel_uses_host_header on 
-END
-               ;
-       }
        close FILE;
 }
 
index ef26457..0b40b49 100644 (file)
@@ -20,7 +20,7 @@ require "${General::swroot}/header.pl";
 my %qossettings = ();
 my %checked = ();
 my %netsettings = ();
-my $message = "";
+my $message = '';
 my $errormessage = "";
 my $c = "";
 my $direntry = "";
@@ -179,11 +179,6 @@ elsif ($qossettings{'DOCLASS'} eq 'Loeschen')
 
 if ($qossettings{'DOSCLASS'} eq $Lang::tr{'save'})
 {
-       if ($qossettings{'SCLASS'} >= 1000 && $qossettings{'CLASS'} < 1021) {
-               $qossettings{'DEVICE'} = $qossettings{'RED_DEV'};
-       } elsif ($qossettings{'SCLASS'} >= 2000 && $qossettings{'CLASS'} < 2021) {
-               $qossettings{'DEVICE'} = $qossettings{'IMQ_DEV'};
-       }
        &validsubclass();
        &validminbwdth();
        if ( $qossettings{'VALID'} eq 'yes' ) {
@@ -382,24 +377,47 @@ elsif ($qossettings{'ACTION'} eq 'Grafische Auswertung')
        &Header::openbox('100%', 'left', 'QoS Graphen');
        print <<END
        <table width='100%'><tr><td colspan='2' align='center'><font color='red'>Diese Seite braucht je nach Geschwindigkeit des Computers laenger zum Laden.</font>
+       </table>
 END
 ;
+       &Header::closebox();
        open( FILE, "< $classfile" ) or die "Unable to read $classfile";
        @classes = <FILE>;
        close FILE;
+       open( FILE, "< $subclassfile" ) or die "Unable to read $subclassfile";
+       @subclasses = <FILE>;
+       close FILE;
        foreach $classentry (sort @classes)
        {
                @classline = split( /\;/, $classentry );
                $qossettings{'DEV'}=$classline[0];
                $qossettings{'CLASS'}=$classline[1];
                &gengraph($qossettings{'DEV'},$qossettings{'CLASS'});
+               &Header::openbox('100%', 'center', "$qossettings{'CLASS'} ($qossettings{'DEV'})");
                print <<END
-               <tr><td colspan='2' align='center'><font color='darkblue'><b>$qossettings{'CLASS'} ($qossettings{'DEV'})</b></font>
+               <table>
                <tr><td colspan='2' align='center'><img src='/graphs/class_$qossettings{'CLASSPRFX'}-$qossettings{'CLASS'}_$qossettings{'DEV'}-packets.png'>
                <tr><td colspan='2' align='center'><img src='/graphs/class_$qossettings{'CLASSPRFX'}-$qossettings{'CLASS'}_$qossettings{'DEV'}-borrowed.png'>
                <tr><td colspan='2' align='center'><img src='/graphs/class_$qossettings{'CLASSPRFX'}-$qossettings{'CLASS'}_$qossettings{'DEV'}-bytes.png'>
 END
 ;
+               foreach $subclassentry (sort @subclasses)
+               {
+                       @subclassline = split( /\;/, $subclassentry );
+                       if ($subclassline[1] eq $classline[1]) {
+                               $qossettings{'DEV'}=$subclassline[0];
+                               $qossettings{'SCLASS'}=$subclassline[2];
+                               &gengraph($qossettings{'DEV'},$qossettings{'SCLASS'});
+                               print <<END
+                               <tr><td colspan='2' align='center'><img src='/graphs/class_$qossettings{'CLASSPRFX'}-$qossettings{'SCLASS'}_$qossettings{'DEV'}-packets.png'>
+                               <tr><td colspan='2' align='center'><img src='/graphs/class_$qossettings{'CLASSPRFX'}-$qossettings{'SCLASS'}_$qossettings{'DEV'}-borrowed.png'>
+                               <tr><td colspan='2' align='center'><img src='/graphs/class_$qossettings{'CLASSPRFX'}-$qossettings{'SCLASS'}_$qossettings{'DEV'}-bytes.png'>
+END
+;
+                       }
+               }
+       print "\t\t</table>";
+       &Header::closebox();    
        }
 print <<END
        </table>
@@ -776,7 +794,9 @@ END
                    <td width='33%' align='center'>&nbsp;
                <tr><td width='33%' align='right'>Ceilburst:
                    <td width='33%' align='left'><input type='text' name='CBURST' maxlength='8' value=$qossettings{'CBURST'}>
-                   <td width='33%' align='center'><input type='hidden' name='CLASS' value=$qossettings{'CLASS'}><input type='submit' name='DOSCLASS' value=$Lang::tr{'save'} />&nbsp;<input type='reset' value=$Lang::tr{'reset'} />
+                   <td width='33%' align='center'><input type='hidden' name='CLASS' value=$qossettings{'CLASS'}>
+                                                       <input type='hidden' name='DEVICE' value=$qossettings{'DEVICE'}>
+                                                       <input type='submit' name='DOSCLASS' value=$Lang::tr{'save'} />&nbsp;<input type='reset' value=$Lang::tr{'reset'} />
                </table></form>
 END
 ;
@@ -1269,7 +1289,7 @@ sub expert
        &Header::openbox('100%', 'center', 'Expertenoptionen:');
        print <<END
                <form method='post' action='$ENV{'SCRIPT_NAME'}'>
-               <table width='66%'>
+<!--           <table width='66%'>
                <tr><td width='100%' colspan='3'>Diese Einstellungen sollten sie nur veraendern, wenn sie wirklich wissen, was sie tun.
                <tr><td width='33%' align='right'>Download-Rate 90\%:<td width='33%' align='left'>
                        <input type='text' name='DEF_INC_SPD' maxlength='8' required='4' value=$qossettings{'DEF_INC_SPD'}>
@@ -1278,7 +1298,7 @@ sub expert
                        <input type='text' name='DEF_OUT_SPD' maxlength='8' required='4' value=$qossettings{'DEF_OUT_SPD'}>
                    <td width='33%' align='center'>&nbsp;
                </table>
-               <hr>
+               <hr> -->
                <table width='66%'>
                <tr><td width='33%' align='right'>MTU:<td width='33%' align='left'>
                        <input type='text' name='MTU' maxlength='8' required='4' value=$qossettings{'MTU'}>
@@ -1303,7 +1323,7 @@ sub validminbwdth {
                } elsif ( $qossettings{'DEVICE'} eq $qossettings{'IMQ_DEV'} ) {
                        $qossettings{'SPD'} = $qossettings{'INC_SPD'};
                }
-               unless ( ( $qossettings{'MINBDWTH'} >= 0 ) && ( $qossettings{'MINBDWTH'} <= $qossettings{'SPD'} ) ) {
+               unless ( ( $qossettings{'MINBWDTH'} >= 1 ) && ( $qossettings{'MINBWDTH'} <= $qossettings{'SPD'} ) ) {
                        $qossettings{'VALID'} = 'no';
                        $message = "Mindestbandbreite ist ungueltig.";
                }
@@ -1378,9 +1398,9 @@ sub gengraph {
        $qossettings{'CLASS'} = shift;
        my $ERROR="";
        if ( $qossettings{'DEV'} eq $qossettings{'RED_DEV'} ) { 
-               $qossettings{'CLASSPRFX'} = '1'; 
+               $qossettings{'CLASSPRFX'} = '1';
        } else { 
-               $qossettings{'CLASSPRFX'} = '2'; 
+               $qossettings{'CLASSPRFX'} = '2';
        }
 
        RRDs::graph ("/home/httpd/html/graphs/class_$qossettings{'CLASSPRFX'}-$qossettings{'CLASS'}_$qossettings{'DEV'}-packets.png",
@@ -1436,7 +1456,6 @@ sub gengraph {
                "CDEF:kbits=bits,1024,/,8,/",
                "AREA:kbytes#FFBE7D:kbytes",
                "GPRINT:kbytes:LAST:rate\\: %8.3lf kbytes\\j",
-               "GPRINT:kbits:LAST:rate\\:%8.2lf kbits\\r",
        );
                $ERROR = RRDs::error;
                print "$ERROR";
index 4ce3745..df16290 100644 (file)
 'advproxy visible hostname' => 'Sichtbarer Hostname',
 'advproxy admin mail' => 'Cache Administrator E-Mail',
 'advproxy error language' => 'Sprache der Fehlermeldungen',
+'advproxy error design' => 'Design der Fehlermeldungen',
+'advproxy suppress version' => 'Unterdrücke Versions-Informationen',
+'advproxy squid version' => 'Squid Cache Version',
+'advproxy standard' => 'Standard',
+'advproxy unknown' => 'Unbekannt',
 'advproxy upstream proxy' => 'Vorgelagerter Proxy',
 'advproxy via forwarding' => 'Proxy-Adresse weiterleiten',
 'advproxy client IP forwarding' => 'Client-IP-Adresse weiterleiten',
 'advproxy username forwarding' => ' Benutzernamen weiterleiten',
-'advproxy upstream proxy hostport' => 'Vorgelagerter Proxy (HostPort)',
+'advproxy no connection auth' => 'Keine verbindungsorientierte Authentifizierungsweiterleitung',
+'advproxy upstream proxy host:port' => 'Vorgelagerter Proxy (Host:Port)',
 'advproxy upstream username' => 'Proxy-Benutzername',
 'advproxy upstream password' => 'Proxy-Passwort',
 'advproxy log settings' => 'Protokolleinstellungen',
 'advproxy no cache sites' => 'Diese Domains nicht zwischenspeichern (eine pro Zeile)',
 'advproxy number of L1 dirs' => 'Anzahl der Level-1 Unterverzeichnisse',
 'advproxy offline mode' => 'Aktiviere Offline-Modus',
+'advproxy destination ports' => 'Ziel-Ports',
+'advproxy standard ports' => 'Zulässige Standard-Ports (einer pro Zeile)',
+'advproxy ssl ports' => 'Zulässige SSL-Ports (einer pro Zeile)',
 'advproxy network based access' => 'Netzwerkbasierte Zugriffskontrolle',
 'advproxy allowed subnets' => 'Erlaubte Subnetze (eins pro Zeile)',
 'advproxy unrestricted ip clients' => 'Uneingeschränkte IP-Adressen (eine pro Zeile)',
 'advproxy fake useragent' => 'Gefälschter Useragent für externe Web-Sites',
 'advproxy fake referer' => 'Gefälschter Referer für externe Web-Sites',
 'advproxy url filter' => 'URL-Filter',
-'advproxy update accelerator' => 'Update-Beschleuniger',
+'advproxy update accelerator' => 'Update-Accelerator',
 'advproxy enabled' => 'Aktiviert',
 'advproxy save and restart' => 'Speichern und Neustart',
 'advproxy clear cache' => 'Cache leeren',
 'advproxy RADIUS unauthorized users' => 'Unautorisierte Benutzer (einer pro Zeile)',
 'advproxy RADIUS use positive access list' => 'Verwende positive Zugriffskontrolle',
 'advproxy RADIUS use negative access list' => 'Verwende negative Zugriffskontrolle',
+'advproxy errmsg invalid proxy port' => 'Ungültiger Proxy-Port',
 'advproxy errmsg invalid upstream proxy username or password setting' => 'Ungültiger Benutzername oder ungültiges Kennwort für Upstream Proxy',
-'advproxy errmsg hdd cache size' => 'Ungültiger Wert für die Größe des Festplatten-Cachespeichers (min. 10 MB erforderlich)',
-'advproxy errmsg mem cache size' => 'Ungültiger Wert für die Größe des RAM-Cachespeichers',
+'advproxy errmsg hdd cache size' => 'Ungültiger Wert für die GröÃ\9fe des Festplatten-Cachespeichers (min. 10 MB erforderlich)',
+'advproxy errmsg mem cache size' => 'Ungültiger Wert für die GröÃ\9fe des RAM-Cachespeichers',
+'advproxy errmsg invalid destination port' => 'Ungültiger Ziel-Port',
 'advproxy errmsg time restriction' => 'Ungültige Zeitbeschränkung',
 'advproxy errmsg no browser' => 'Mindestens ein Browser oder Client muss für den Web-Zugriff zugelassen sein',
 'advproxy errmsg auth children' => 'Ungültige Anzahl Authentifizierungsprozesse',
 'advproxy errmsg password incorrect' => 'Falsches Passwort',
 'advproxy errmsg change fail' => 'Passwort konnte nicht geändert werden',
 'advproxy errmsg change success'  => 'Passwort für Webzugriff erfolgreich geändert',
-'advproxy chgwebpwd SUCCESS' => 'E R F O L G ',
-'advproxy chgwebpwd ERROR' => 'F E H L E R ',
+'advproxy chgwebpwd SUCCESS' => 'E R F O L G :',
+'advproxy chgwebpwd ERROR' => 'F E H L E R :',
 'advproxy update notification' => 'Update-Benachrichtigung!',
-'advproxy update information' => 'Eine aktualisierte Version steht zum Download bereit. Besuchen Sie <a href="http://www.advproxy.net" target="_blank">http://www.advproxy.net</a> für weitere Informationen.',
 'linkq' => 'Verbindungsqualität',
 'empty profile' => 'Unbenannt',
 'HDD temperature' => 'HDD-Temperatur',
index 01c7d14..40db0bd 100644 (file)
 'advproxy visible hostname' => 'Visible hostname',
 'advproxy admin mail' => 'Cache administrator e-mail',
 'advproxy error language' => 'Error messages language',
+'advproxy error design' => 'Error messages design',
+'advproxy suppress version' => 'Suppress version information',
+'advproxy squid version' => 'Squid Cache version',
+'advproxy standard' => 'Standard',
+'advproxy unknown' => 'Unknown',
 'advproxy upstream proxy' => 'Upstream proxy',
 'advproxy via forwarding' => 'Proxy address forwarding',
 'advproxy client IP forwarding' => 'Client IP address forwarding',
 'advproxy username forwarding' => 'Username forwarding',
+'advproxy no connection auth' => 'No connection oriented authentication forwarding',
 'advproxy upstream proxy host:port' => 'Upstream proxy (host:port)',
 'advproxy upstream username' => 'Upstream username',
 'advproxy upstream password' => 'Upstream password',
 'advproxy no cache sites' => 'Do not cache these domains (one per line)',
 'advproxy number of L1 dirs' => 'Number of level-1 subdirectories',
 'advproxy offline mode' => 'Enable offline mode',
+'advproxy destination ports' => 'Destination ports',
+'advproxy standard ports' => 'Allowed standard ports (one per line)',
+'advproxy ssl ports' => 'Allowed SSL ports (one per line)',
 'advproxy network based access' => 'Network based access control',
 'advproxy allowed subnets' => 'Allowed subnets (one per line)',
 'advproxy unrestricted ip clients' => 'Unrestricted IP addresses (one per line)',
 'advproxy RADIUS unauthorized users' => 'Unauthorized users (one per line)',
 'advproxy RADIUS use positive access list' => 'Use positive access control',
 'advproxy RADIUS use negative access list' => 'Use negative access control',
+'advproxy errmsg invalid proxy port' => 'Invalid proxy port',
 'advproxy errmsg invalid upstream proxy username or password setting' => 'Invalid upstream proxy username or password setting',
 'advproxy errmsg hdd cache size' => 'Invalid value for harddisk cache size (min 10 MB required)',
 'advproxy errmsg mem cache size' => 'Invalid value for memory cache size',
+'advproxy errmsg invalid destination port' => 'Invalid destination port',
 'advproxy errmsg time restriction' => 'Invalid time restriction',
 'advproxy errmsg no browser' => 'At least one browser or client must be selected for web access',
 'advproxy errmsg auth children' => 'Invalid number of authentication processes',
index 005c2bc..d07fdf6 100644 (file)
--- a/lfs/squid
+++ b/lfs/squid
@@ -26,7 +26,7 @@
 
 include Config
 
-VER        = 2.5.STABLE14
+VER        = 2.6.STABLE3
 
 THISAPP    = squid-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -38,17 +38,11 @@ TARGET     = $(DIR_INFO)/$(THISAPP)
 # Top-level Rules
 ###############################################################################
 
-objects = $(DL_FILE) \
-       $(THISAPP)-httpReplyDestroy.patch \
-       $(THISAPP)-hierarchy_tag.patch
+objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(THISAPP)-httpReplyDestroy.patch = $(URL_IPFIRE)/$(THISAPP)-httpReplyDestroy.patch
-$(THISAPP)-hierarchy_tag.patch = $(URL_IPFIRE)/$(THISAPP)-hierarchy_tag.patch
 
-$(DL_FILE)_MD5 = f413e0b887a5f9b2a75350243ed5564c
-$(THISAPP)-httpReplyDestroy.patch_MD5 = 1529f8b0170e24b26353578778435bd4
-$(THISAPP)-hierarchy_tag.patch_MD5 = 9abe563ca3d01dc58502737edc6f3c60
+$(DL_FILE)_MD5 = 5b181e9c08f35d098e53e54b01fbd092
 
 install : $(TARGET)
 
@@ -79,8 +73,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
 
-       cd $(DIR_APP) && patch -Np1 < $(DIR_DL)/$(THISAPP)-httpReplyDestroy.patch
-       cd $(DIR_APP) && patch -Np1 < $(DIR_DL)/$(THISAPP)-hierarchy_tag.patch
        cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls \
           --datadir=/usr/lib/squid \
           --mandir=/usr/share/man --libexecdir=/usr/lib/squid \
index d183ffd..1009192 100644 (file)
@@ -1381,6 +1381,7 @@ usr/local/bin/rcnfs-server
 usr/local/bin/rcpostfix
 usr/local/bin/rcwinbind
 usr/local/bin/run-parts
+usr/local/bin/updatelang
 #usr/local/doc
 #usr/local/etc
 #usr/local/include
diff --git a/src/scripts/updatelang b/src/scripts/updatelang
new file mode 100644 (file)
index 0000000..1f89044
--- /dev/null
@@ -0,0 +1,6 @@
+#!/bin/bash
+#
+# IPFire! GPLv2
+#
+
+perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"