From ce1c170b0c38015c88d2ff2966853d7cd6d65952 Mon Sep 17 00:00:00 2001 From: Alexander Koch Date: Sun, 21 Apr 2019 23:56:58 +0200 Subject: [PATCH] squid / WPAD: Add GUI for exception-files for generation of proxy.pac This patch adds the missing Web-GUI for the WPAD-Exceptions to proxy.cgi Note: The translations are only done for "en" and "de" yet! Signed-off-by: Alexander Koch Signed-off-by: Michael Tremer --- html/cgi-bin/proxy.cgi | 110 +++++++++++++++++++++++++++++++++++++++-- langs/de/cgi-bin/de.pl | 7 +++ langs/en/cgi-bin/en.pl | 7 +++ 3 files changed, 120 insertions(+), 4 deletions(-) diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 369a5cb1f9..55fdc1c35a 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -559,6 +559,8 @@ ERROR: delete $proxysettings{'SRC_UNRESTRICTED_MAC'}; delete $proxysettings{'DST_NOCACHE'}; delete $proxysettings{'DST_NOAUTH'}; + delete $proxysettings{'DST_NOPROXY_IP'}; + delete $proxysettings{'DST_NOPROXY_URL'}; delete $proxysettings{'PORTS_SAFE'}; delete $proxysettings{'PORTS_SSL'}; delete $proxysettings{'MIME_TYPES'}; @@ -1318,6 +1320,58 @@ END ; } +# =================================================================== +# WPAD settings +# =================================================================== + +print < + + $Lang::tr{'advproxy wpad title'} + + + + + + $Lang::tr{'advproxy wpad label dst_noproxy_ip'}: + $Lang::tr{'advproxy wpad label dst_noproxy_url'}: + + + + + + + + $Lang::tr{'advproxy wpad example dst_noproxy_ip'} + $Lang::tr{'advproxy wpad example dst_noproxy_url'} + + +   + + + $Lang::tr{'advproxy wpad view pac'}: http://$ENV{SERVER_ADDR}:81/wpad.dat + + + +
+ +END +; + # ------------------------------------------------------------------- print <) { $proxysettings{'DST_NOAUTH'} .= $_ }; close(FILE); } + if (-e "$acl_dst_noproxy_ip") { + open(FILE,"$acl_dst_noproxy_ip"); + delete $proxysettings{'DST_NOPROXY_IP'}; + while () { $proxysettings{'DST_NOPROXY_IP'} .= $_ }; + close(FILE); + } + if (-e "$acl_dst_noproxy_url") { + open(FILE,"$acl_dst_noproxy_url"); + delete $proxysettings{'DST_NOPROXY_URL'}; + while () { $proxysettings{'DST_NOPROXY_URL'} .= $_ }; + close(FILE); + } if (-e "$acl_ports_safe") { open(FILE,"$acl_ports_safe"); delete $proxysettings{'PORTS_SAFE'}; @@ -2446,6 +2512,31 @@ sub check_acls } } + @temp = split(/\n/,$proxysettings{'DST_NOPROXY_IP'}); + undef $proxysettings{'DST_NOPROXY_IP'}; + foreach (@temp) + { + s/^\s+//g; s/\s+$//g; + if ($_) + { + unless (&General::validipormask($_)) { $errormessage = $Lang::tr{'advproxy errmsg wpad invalid ip or mask'}; } + $proxysettings{'DST_NOPROXY_IP'} .= $_."\n"; + } + } + + @temp = split(/\n/,$proxysettings{'DST_NOPROXY_URL'}); + undef $proxysettings{'DST_NOPROXY_URL'}; + foreach (@temp) + { + s/^\s+//g; + unless (/^#/) { s/\s+//g; } + if ($_) + { + if (/^\./) { $_ = '*'.$_; } + $proxysettings{'DST_NOPROXY_URL'} .= $_."\n"; + } + } + if (($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && ($proxysettings{'NTLM_USER_ACL'} eq 'positive')) { @temp = split(/\n/,$proxysettings{'NTLM_ALLOW_USERS'}); @@ -2584,6 +2675,16 @@ sub write_acls print FILE $proxysettings{'DST_NOAUTH'}; close(FILE); + open(FILE, ">$acl_dst_noproxy_ip"); + flock(FILE, 2); + print FILE $proxysettings{'DST_NOPROXY_IP'}; + close(FILE); + + open(FILE, ">$acl_dst_noproxy_url"); + flock(FILE, 2); + print FILE $proxysettings{'DST_NOPROXY_URL'}; + close(FILE); + open(FILE, ">$acl_dst_noauth_net"); close(FILE); open(FILE, ">$acl_dst_noauth_dom"); @@ -2769,7 +2870,7 @@ END # Additional exceptions for URLs # The file has to be created by the user and should contain one entry per line # Line-Format: - # e.g. *ipfire.org* + # e.g. *.ipfire.org* if (-s "$acl_dst_noproxy_url") { undef @templist; @@ -2786,8 +2887,8 @@ END # Additional exceptions for Subnets # The file has to be created by the user and should contain one entry per line - # Line-Format: "", "" - # e.g. "192.168.0.0", "255.255.255.0" + # Line-Format: / + # e.g. 192.168.0.0/255.255.255.0 if (-s "$acl_dst_noproxy_ip") { undef @templist; @@ -2798,7 +2899,8 @@ END foreach (@templist) { - print FILE " (isInNet(host, $_)) ||\n"; + @temp = split(/\//); + print FILE " (isInNet(host, \"$temp[0]\", \"$temp[1]\")) ||\n"; } } diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 90b1ada062..8f8404219c 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -396,6 +396,13 @@ 'advproxy visible hostname' => 'Sichtbarer Hostname', 'advproxy web browser' => 'Web-Browser', 'advproxy wednesday' => 'Mi', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Ausgenommene URL\'s (eine pro Zeile)', +'advproxy wpad label dst_noproxy_ip' => 'Ausgenommene IP-Subnetze (eins pro Zeile)', +'advproxy wpad example dst_noproxy_url' => 'z.B. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'z.B. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Ungültige IP oder Subnetz für ausgenommenes IP-Subnetz', +'advproxy wpad view pac' => 'PAC-Datei aufrufen', 'again' => 'Wiederholung:', 'age second' => 'Sekunde', 'age seconds' => 'Sekunden', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 98e99f150b..9a3e8b0132 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -397,6 +397,13 @@ 'advproxy visible hostname' => 'Visible hostname', 'advproxy web browser' => 'Web browser', 'advproxy wednesday' => 'Wed', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'Again:', 'age second' => 'second', 'age seconds' => 'seconds', -- 2.39.2