[people/teissler/ipfire-2.x.git] / html / cgi-bin / proxy.cgi

#!/usr/bin/perl\r
#\r
# SmoothWall CGIs\r
#\r
# This code is distributed under the terms of the GPL\r
#\r
# (c) The SmoothWall Team\r
#\r
# $Id: proxy.cgi,v 1.13.2.23 2006/01/29 09:29:47 eoberlander Exp $\r
#\r
\r
use strict;\r
\r
# enable only the following on debugging purpose\r
#use warnings;\r
#use CGI::Carp 'fatalsToBrowser';\r
\r
require 'CONFIG_ROOT/general-functions.pl';\r
require "${General::swroot}/lang.pl";\r
require "${General::swroot}/header.pl";\r
\r
my %proxysettings=();\r
my %netsettings=();\r
my %mainsettings=();\r
my $errormessage = '';\r
my $NeedDoHTML = 1;\r
\r
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);\r
&General::readhash("${General::swroot}/main/settings", \%mainsettings);\r
\r
&Header::showhttpheaders();\r
\r
$proxysettings{'ACTION'} = '';\r
$proxysettings{'VALID'} = '';\r
\r
$proxysettings{'UPSTREAM_PROXY'} = '';\r
$proxysettings{'UPSTREAM_USER'} = '';\r
$proxysettings{'UPSTREAM_PASSWORD'} = '';\r
$proxysettings{'ENABLE'} = 'off';\r
$proxysettings{'ENABLE_BLUE'} = 'off';\r
$proxysettings{'CACHE_SIZE'} = '50';\r
$proxysettings{'TRANSPARENT'} = 'off';\r
$proxysettings{'TRANSPARENT_BLUE'} = 'off';\r
$proxysettings{'MAX_SIZE'} = '4096';\r
$proxysettings{'MIN_SIZE'} = '0';\r
$proxysettings{'MAX_OUTGOING_SIZE'} = '0';\r
$proxysettings{'MAX_INCOMING_SIZE'} = '0';\r
$proxysettings{'LOGGING'} = 'off';\r
$proxysettings{'PROXY_PORT'} = '800';\r
$proxysettings{'EXTENSION_METHODS'} = '';\r
\r
&Header::getcgihash(\%proxysettings);\r
\r
my $needhup = 0;\r
my $cachemem = '';\r
\r
if ($proxysettings{'ACTION'} eq $Lang::tr{'save'})\r
{\r
	\r
	#assume error\r
	my $configerror = 1;\r
\r
	if ($proxysettings{'ENABLE'} !~ /^(on|off)$/ || \r
	    $proxysettings{'TRANSPARENT'} !~ /^(on|off)$/ || \r
	    $proxysettings{'ENABLE_BLUE'} !~ /^(on|off)$/ || \r
	    $proxysettings{'TRANSPARENT_BLUE'} !~ /^(on|off)$/ ) {\r
		$errormessage = $Lang::tr{'invalid input'};\r
		goto ERROR;\r
	} \r
	if (!($proxysettings{'CACHE_SIZE'} =~ /^\d+/) ||\r
		($proxysettings{'CACHE_SIZE'} < 10))\r
	{\r
		$errormessage = $Lang::tr{'invalid cache size'};\r
		goto ERROR;\r
	}		\r
	if (!($proxysettings{'MAX_SIZE'} =~ /^\d+/))\r
	{\r
		$errormessage = $Lang::tr{'invalid maximum object size'};\r
		goto ERROR;\r
	}\r
	if (!($proxysettings{'MIN_SIZE'} =~ /^\d+/))\r
	{\r
		$errormessage = $Lang::tr{'invalid minimum object size'};\r
		goto ERROR;\r
	}\r
	if (!($proxysettings{'MAX_OUTGOING_SIZE'} =~ /^\d+/))\r
	{\r
		$errormessage = $Lang::tr{'invalid maximum outgoing size'};\r
		goto ERROR;\r
	}\r
	if (!($proxysettings{'MAX_INCOMING_SIZE'} =~ /^\d+/))\r
	{\r
		$errormessage = $Lang::tr{'invalid maximum incoming size'};\r
		goto ERROR;\r
	}\r
\r
	if (!($proxysettings{'EXTENSION_METHODS'} =~ /^(|[A-Z0-9 _-]+)$/))\r
	{\r
		$errormessage = $Lang::tr{'squid extension methods invalid'};\r
		goto ERROR;\r
	}\r
\r
        # Quick parent proxy error checking of username and password info. If username password don't both exist give an error.\r
        my $proxy1 = 'YES';\r
        my $proxy2 = 'YES';\r
        if (($proxysettings{'UPSTREAM_USER'} eq '')) {$proxy1 = '';}\r
        if (($proxysettings{'UPSTREAM_PASSWORD'} eq '')) {$proxy2 = '';}\r
        if (($proxy1 ne $proxy2))\r
        {\r
                $errormessage = $Lang::tr{'invalid upstream proxy username or password setting'};\r
                goto ERROR;\r
        }\r
\r
	$_ = $proxysettings{'UPSTREAM_PROXY'};\r
	my ($remotehost, $remoteport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);\r
	$remoteport = 80 if ($remoteport eq '');\r
\r
      	$proxysettings{'VALID'} = 'yes';\r
	&General::writehash("${General::swroot}/proxy/settings", \%proxysettings);\r
\r
	#\r
	# NAH, 03-Jan-2004\r
	#\r
	my @free = `/usr/bin/free`;\r
	$free[1] =~ m/(\d+)/;\r
	$cachemem = int $1 / 10;\r
	if ($cachemem < 4096) {\r
		$cachemem = 4096;\r
	}\r
	if ($cachemem > $proxysettings{'CACHE_SIZE'} * 40) {\r
		$cachemem = ( $proxysettings{'CACHE_SIZE'} * 40 );\r
	}\r
\r
	open(FILE, ">/${General::swroot}/proxy/squid.conf") or die "Unable to write squid.conf file";\r
	flock(FILE, 2);\r
	print FILE <<END\r
shutdown_lifetime 5 seconds\r
icp_port 0\r
\r
http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}\r
END\r
	;\r
	print FILE "\nextension_methods $proxysettings{'EXTENSION_METHODS'}\n" if ($proxysettings{'EXTENSION_METHODS'} ne '');\r
\r
	if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {\r
		print FILE "http_port $netsettings{'BLUE_ADDRESS'}:$proxysettings{'PROXY_PORT'}\n";\r
	}\r
	print FILE <<END\r
\r
acl QUERY urlpath_regex cgi-bin \\?\r
no_cache deny QUERY\r
\r
cache_effective_user squid\r
cache_effective_group squid\r
\r
pid_filename /var/run/squid.pid\r
\r
END\r
	;\r
\r
	if ($proxysettings{'LOGGING'} eq 'on')\r
	{\r
                print FILE <<END\r
cache_access_log /var/log/squid/access.log\r
cache_log /var/log/squid/cache.log\r
cache_store_log none\r
\r
END\r
	;} else {\r
		print FILE <<END\r
cache_access_log /dev/null\r
cache_log /dev/null\r
cache_store_log none\r
\r
END\r
	;}\r
	print FILE <<END\r
log_mime_hdrs off\r
forwarded_for off\r
\r
END\r
	;\r
\r
        #Insert acl file and replace __VAR__ with correct values\r
        my $blue_net = ''; #BLUE empty by default\r
	my $blue_ip = '';\r
	if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {\r
	    $blue_net = "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";\r
	    $blue_ip  = "$netsettings{'BLUE_ADDRESS'}";\r
	}\r
	open (ACL, "${General::swroot}/proxy/acl") or die "Unable to open ACL list file";\r
	while (<ACL>) {\r
		$_ =~ s/__GREEN_IP__/$netsettings{'GREEN_ADDRESS'}/;\r
		$_ =~ s/__GREEN_NET__/$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}/;\r
		$_ =~ s/__BLUE_IP__/$blue_ip/;\r
		$_ =~ s/__BLUE_NET__/$blue_net/;\r
		$_ =~ s/__PROXY_PORT__/$proxysettings{'PROXY_PORT'}/;\r
		print FILE $_;\r
	}\r
	close (ACL);\r
\r
	# This value is in bytes, so we must turn it from KB into bytes\r
	my $max_incoming_size = $proxysettings{'MAX_INCOMING_SIZE'} * 1024;\r
\r
	print FILE <<END\r
\r
maximum_object_size $proxysettings{'MAX_SIZE'} KB\r
minimum_object_size $proxysettings{'MIN_SIZE'} KB\r
\r
cache_mem $cachemem KB\r
cache_dir aufs /var/log/cache $proxysettings{'CACHE_SIZE'} 16 256\r
\r
request_body_max_size $proxysettings{'MAX_OUTGOING_SIZE'} KB\r
reply_body_max_size $max_incoming_size allow all\r
\r
visible_hostname $mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}\r
\r
END\r
	;\r
\r
	# Write the parent proxy info, if needed.\r
	if ($remotehost ne '')\r
	{\r
		# Enter authentication for the parent cache (format is login=user:password)\r
		if ($proxy1 eq 'YES') {\r
		print FILE <<END\r
cache_peer $remotehost parent $remoteport 3130 login=$proxysettings{'UPSTREAM_USER'}:$proxysettings{'UPSTREAM_PASSWORD'} default no-query\r
\r
END\r
		; \r
		} else {\r
		# Not using authentication with the parent cache\r
		print FILE <<END\r
cache_peer $remotehost parent $remoteport 3130 default no-query\r
\r
END\r
		;\r
		}\r
		print FILE "never_direct allow all\n";\r
	}\r
	if (($proxysettings{'TRANSPARENT'} eq 'on') ||\r
	    ($proxysettings{'TRANSPARENT_BLUE'} eq 'on'))\r
	{\r
		print FILE <<END\r
httpd_accel_host virtual \r
httpd_accel_port 80 \r
httpd_accel_with_proxy on\r
httpd_accel_uses_host_header on \r
END\r
		;\r
	}\r
	close FILE;\r
	$configerror = 0;  ## a good config!\r
\r
ERROR:\r
	unlink "${General::swroot}/proxy/enable";\r
	unlink "${General::swroot}/proxy/transparent";\r
	unlink "${General::swroot}/proxy/enable_blue";\r
	unlink "${General::swroot}/proxy/transparent_blue";\r
	&DoHTML;\r
\r
	if (!$configerror)\r
	{\r
		if ($proxysettings{'ENABLE'} eq 'on') {\r
			system ('/bin/touch', "${General::swroot}/proxy/enable"); }\r
		if ($proxysettings{'TRANSPARENT'} eq 'on') {\r
			system ('/bin/touch', "${General::swroot}/proxy/transparent"); }\r
		if ($proxysettings{'ENABLE_BLUE'} eq 'on') {\r
			system ('/bin/touch', "${General::swroot}/proxy/enable_blue"); }\r
		if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on') {\r
			system ('/bin/touch', "${General::swroot}/proxy/transparent_blue"); }\r
		system('/usr/local/bin/restartsquid');\r
	}\r
}\r
\r
if ($proxysettings{'ACTION'} eq $Lang::tr{'clear cache'})\r
{\r
	&DoHTML;\r
	system('/usr/local/bin/restartsquid','-f');\r
}\r
\r
&DoHTML if $NeedDoHTML;\r
\r
\r
sub DoHTML	{\r
\r
$NeedDoHTML = 0;\r
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);\r
\r
my %checked=();\r
\r
$checked{'ENABLE'}{'off'} = '';\r
$checked{'ENABLE'}{'on'} = '';\r
$checked{'ENABLE'}{$proxysettings{'ENABLE'}} = "checked='checked'";\r
\r
$checked{'TRANSPARENT'}{'off'} = '';\r
$checked{'TRANSPARENT'}{'on'} = '';\r
$checked{'TRANSPARENT'}{$proxysettings{'TRANSPARENT'}} = "checked='checked'";\r
\r
$checked{'ENABLE_BLUE'}{'off'} = '';\r
$checked{'ENABLE_BLUE'}{'on'} = '';\r
$checked{'ENABLE_BLUE'}{$proxysettings{'ENABLE_BLUE'}} = "checked='checked'";\r
\r
$checked{'TRANSPARENT_BLUE'}{'off'} = '';\r
$checked{'TRANSPARENT_BLUE'}{'on'} = '';\r
$checked{'TRANSPARENT_BLUE'}{$proxysettings{'TRANSPARENT_BLUE'}} = "checked='checked'";\r
\r
$checked{'LOGGING'}{'off'} = '';\r
$checked{'LOGGING'}{'on'} = '';\r
$checked{'LOGGING'}{$proxysettings{'LOGGING'}} = "checked='checked'";\r
\r
&Header::openpage($Lang::tr{'web proxy configuration'}, 1, '');\r
\r
&Header::openbigbox('100%', 'left', '', $errormessage);\r
\r
if ($errormessage) {\r
	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});\r
	print "<font class='base'>$errormessage&nbsp;</font>\n";\r
	&Header::closebox();\r
}\r
\r
print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";\r
\r
&Header::openbox('100%', 'left', "$Lang::tr{'web proxy'}:");\r
print <<END\r
<table width='100%'>\r
<tr>\r
	<td width='25%' class='base'>$Lang::tr{'enabled on'} <font color="${Header::colourgreen}">Green</font>:</td>\r
	<td width='15%'><input type='checkbox' name='ENABLE' $checked{'ENABLE'}{'on'} /></td>\r
	<td width='30%' class='base'>$Lang::tr{'upstream proxy host:port'}:&nbsp;<img src='/blob.gif' alt='*' /></td>\r
	<td width='30%'><input type='text' name='UPSTREAM_PROXY' value='$proxysettings{'UPSTREAM_PROXY'}' /></td>\r
</tr>\r
<tr>\r
	<td class='base'>$Lang::tr{'transparent on'} <font color="${Header::colourgreen}">Green</font>:</td>\r
	<td><input type='checkbox' name='TRANSPARENT' $checked{'TRANSPARENT'}{'on'} /></td>\r
	<td class='base'>$Lang::tr{'upstream username'}&nbsp;<img src='/blob.gif' alt='*' /></td>\r
	<td><input type='text' name='UPSTREAM_USER' value='$proxysettings{'UPSTREAM_USER'}' /></td>\r
</tr>\r
<tr>\r
END\r
;\r
if ($netsettings{'BLUE_DEV'}) {\r
	print "<td class='base'>$Lang::tr{'enabled on'} <font color='${Header::colourblue}'>Blue</font>:</td>";\r
	print "<td><input type='checkbox' name='ENABLE_BLUE' $checked{'ENABLE_BLUE'}{'on'} /></td>";\r
} else {\r
	print "<td colspan='2'>&nbsp;</td>";\r
}\r
print <<END\r
	<td class='base'>$Lang::tr{'upstream password'}&nbsp;<img src='/blob.gif' alt='*' /></td>\r
	<td><input type='password' name='UPSTREAM_PASSWORD' value='$proxysettings{'UPSTREAM_PASSWORD'}' /></td>\r
</tr>\r
<tr>\r
END\r
;\r
if ($netsettings{'BLUE_DEV'}) {\r
	print "<td class='base'>$Lang::tr{'transparent on'} <font color='${Header::colourblue}'>Blue</font>:</td>";\r
	print "<td><input type='checkbox' name='TRANSPARENT_BLUE' $checked{'TRANSPARENT_BLUE'}{'on'} /></td>";\r
} else {\r
	print "<td colspan='2'>&nbsp;</td>";\r
}\r
print <<END\r
	<td class='base'>$Lang::tr{'proxy port'}:</td>\r
	<td><input type='text' name='PROXY_PORT' value='$proxysettings{'PROXY_PORT'}' size='5' /></td>\r
</tr>\r
<tr>\r
	<td class='base'>$Lang::tr{'log enabled'}:</td>\r
	<td><input type='checkbox' name='LOGGING' $checked{'LOGGING'}{'on'} /></td>\r
	<td>$Lang::tr{'squid extension methods'}:&nbsp;<img src='/blob.gif' alt='*' /></td>\r
	<td><input type='text' name='EXTENSION_METHODS' value='$proxysettings{'EXTENSION_METHODS'}' /></td>\r
</tr>\r
<!--TAG FOR ADDONS-->\r
<tr>\r
	<td colspan='4'><hr /><b>$Lang::tr{'cache management'}</b></td>\r
</tr>\r
<tr>\r
	<td width='25%' class='base'>$Lang::tr{'cache size'}</td>\r
	<td><input type='text' name='CACHE_SIZE' value='$proxysettings{'CACHE_SIZE'}' size='5' /></td>\r
</tr>\r
<tr>\r
	<td class='base'>$Lang::tr{'min size'}</td>\r
	<td><input type='text' name='MIN_SIZE' value='$proxysettings{'MIN_SIZE'}' size='5' /></td>\r
	<td class='base'>$Lang::tr{'max size'}</td>\r
	<td><input type='text' name='MAX_SIZE' value='$proxysettings{'MAX_SIZE'}' size='5' /></td>\r
</tr>\r
<tr>\r
	<td colspan='4'><hr /><b>$Lang::tr{'transfer limits'}</b></td>\r
</tr>\r
<tr>\r
	<td class='base'>$Lang::tr{'max incoming size'}</td>\r
	<td><input type='text' name='MAX_INCOMING_SIZE' value='$proxysettings{'MAX_INCOMING_SIZE'}' size='5' /></td>\r
	<td class='base'>$Lang::tr{'max outgoing size'}</td>\r
	<td><input type='text' name='MAX_OUTGOING_SIZE' value='$proxysettings{'MAX_OUTGOING_SIZE'}' size='5' /></td>\r
</tr>\r
</table>\r
<table width='100%'>\r
<hr />\r
<tr>\r
	<td width='28%'>\r
		<img src='/blob.gif' align='top' alt='*' />&nbsp;\r
		<font class='base'>$Lang::tr{'this field may be blank'}</font>\r
	</td>\r
	<td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'clear cache'}' /></td>\r
	<td width=33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>\r
	<td width='5%' align='right'>\r
		<a href='${General::adminmanualurl}/services.html#services_webproxy' target='_blank'>\r
		<img src='/images/web-support.png' title='$Lang::tr{'online help en'}' /></a></td>\r
</tr>\r
\r
</table>\r
END\r
;\r
&Header::closebox();\r
\r
print "</form>\n";\r
\r
&Header::closebigbox();\r
\r
&Header::closepage();\r
\r
} # end sub DoHTML\r
1\r
Commit	Line	Data
cd1a2927 MT	1	#!/usr/bin/perl\r
	2	#\r
	3	# SmoothWall CGIs\r
	4	#\r
	5	# This code is distributed under the terms of the GPL\r
	6	#\r
	7	# (c) The SmoothWall Team\r
	8	#\r
	9	# $Id: proxy.cgi,v 1.13.2.23 2006/01/29 09:29:47 eoberlander Exp $\r
	10	#\r
	11	\r
	12	use strict;\r
	13	\r
	14	# enable only the following on debugging purpose\r
	15	#use warnings;\r
	16	#use CGI::Carp 'fatalsToBrowser';\r
	17	\r
	18	require 'CONFIG_ROOT/general-functions.pl';\r
	19	require "${General::swroot}/lang.pl";\r
	20	require "${General::swroot}/header.pl";\r
	21	\r
	22	my %proxysettings=();\r
	23	my %netsettings=();\r
	24	my %mainsettings=();\r
	25	my $errormessage = '';\r
	26	my $NeedDoHTML = 1;\r
	27	\r
	28	&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);\r
	29	&General::readhash("${General::swroot}/main/settings", \%mainsettings);\r
	30	\r
	31	&Header::showhttpheaders();\r
	32	\r
	33	$proxysettings{'ACTION'} = '';\r
	34	$proxysettings{'VALID'} = '';\r
	35	\r
	36	$proxysettings{'UPSTREAM_PROXY'} = '';\r
	37	$proxysettings{'UPSTREAM_USER'} = '';\r
	38	$proxysettings{'UPSTREAM_PASSWORD'} = '';\r
	39	$proxysettings{'ENABLE'} = 'off';\r
	40	$proxysettings{'ENABLE_BLUE'} = 'off';\r
	41	$proxysettings{'CACHE_SIZE'} = '50';\r
	42	$proxysettings{'TRANSPARENT'} = 'off';\r
	43	$proxysettings{'TRANSPARENT_BLUE'} = 'off';\r
	44	$proxysettings{'MAX_SIZE'} = '4096';\r
	45	$proxysettings{'MIN_SIZE'} = '0';\r
	46	$proxysettings{'MAX_OUTGOING_SIZE'} = '0';\r
	47	$proxysettings{'MAX_INCOMING_SIZE'} = '0';\r
	48	$proxysettings{'LOGGING'} = 'off';\r
	49	$proxysettings{'PROXY_PORT'} = '800';\r
	50	$proxysettings{'EXTENSION_METHODS'} = '';\r
	51	\r
	52	&Header::getcgihash(\%proxysettings);\r
	53	\r
	54	my $needhup = 0;\r
	55	my $cachemem = '';\r
	56	\r
	57	if ($proxysettings{'ACTION'} eq $Lang::tr{'save'})\r
	58	{\r
	59	\r
	60	#assume error\r
	61	my $configerror = 1;\r
	62	\r
	63	if ($proxysettings{'ENABLE'} !~ /^(on\|off)$/ \|\| \r
	64	$proxysettings{'TRANSPARENT'} !~ /^(on\|off)$/ \|\| \r
65	$proxysettings{'ENABLE_BLUE'} !~ /^(on\|off)$/ \|\| \r
66	$proxysettings{'TRANSPARENT_BLUE'} !~ /^(on\|off)$/ ) {\r
67	$errormessage = $Lang::tr{'invalid input'};\r
68	goto ERROR;\r
69	} \r
70	if (!($proxysettings{'CACHE_SIZE'} =~ /^\d+/) \|\|\r
71	($proxysettings{'CACHE_SIZE'} < 10))\r
72	{\r
73	$errormessage = $Lang::tr{'invalid cache size'};\r
74	goto ERROR;\r
75	} \r
76	if (!($proxysettings{'MAX_SIZE'} =~ /^\d+/))\r
77	{\r
78	$errormessage = $Lang::tr{'invalid maximum object size'};\r
79	goto ERROR;\r
80	}\r
81	if (!($proxysettings{'MIN_SIZE'} =~ /^\d+/))\r
82	{\r
83	$errormessage = $Lang::tr{'invalid minimum object size'};\r
84	goto ERROR;\r
85	}\r
86	if (!($proxysettings{'MAX_OUTGOING_SIZE'} =~ /^\d+/))\r
87	{\r
88	$errormessage = $Lang::tr{'invalid maximum outgoing size'};\r
89	goto ERROR;\r
90	}\r
91	if (!($proxysettings{'MAX_INCOMING_SIZE'} =~ /^\d+/))\r
92	{\r
93	$errormessage = $Lang::tr{'invalid maximum incoming size'};\r
94	goto ERROR;\r
95	}\r
96	\r
97	if (!($proxysettings{'EXTENSION_METHODS'} =~ /^(\|[A-Z0-9 _-]+)$/))\r
98	{\r
99	$errormessage = $Lang::tr{'squid extension methods invalid'};\r
100	goto ERROR;\r
101	}\r
102	\r
103	# Quick parent proxy error checking of username and password info. If username password don't both exist give an error.\r
104	my $proxy1 = 'YES';\r
105	my $proxy2 = 'YES';\r
106	if (($proxysettings{'UPSTREAM_USER'} eq '')) {$proxy1 = '';}\r
107	if (($proxysettings{'UPSTREAM_PASSWORD'} eq '')) {$proxy2 = '';}\r
108	if (($proxy1 ne $proxy2))\r
109	{\r
110	$errormessage = $Lang::tr{'invalid upstream proxy username or password setting'};\r
111	goto ERROR;\r
112	}\r
113	\r
114	$_ = $proxysettings{'UPSTREAM_PROXY'};\r
115	my ($remotehost, $remoteport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]?(?:\:[A-Za-z0-9\_\.\-]?)?\@)?([a-zA-Z0-9\.\_\-]?)(?:\:([0-9]{1,5}))?(?:\/.?)?$/);\r
116	$remoteport = 80 if ($remoteport eq '');\r
117	\r
118	$proxysettings{'VALID'} = 'yes';\r
119	&General::writehash("${General::swroot}/proxy/settings", \%proxysettings);\r
120	\r
121	#\r
122	# NAH, 03-Jan-2004\r
123	#\r
124	my @free = `/usr/bin/free`;\r
125	$free[1] =~ m/(\d+)/;\r
126	$cachemem = int $1 / 10;\r
127	if ($cachemem < 4096) {\r
128	$cachemem = 4096;\r
129	}\r
130	if ($cachemem > $proxysettings{'CACHE_SIZE'} * 40) {\r
131	$cachemem = ( $proxysettings{'CACHE_SIZE'} * 40 );\r
132	}\r
133	\r
134	open(FILE, ">/${General::swroot}/proxy/squid.conf") or die "Unable to write squid.conf file";\r
135	flock(FILE, 2);\r
136	print FILE <<END\r
137	shutdown_lifetime 5 seconds\r
138	icp_port 0\r
139	\r
140	http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}\r
141	END\r
142	;\r
143	print FILE "\nextension_methods $proxysettings{'EXTENSION_METHODS'}\n" if ($proxysettings{'EXTENSION_METHODS'} ne '');\r
144	\r
145	if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {\r
146	print FILE "http_port $netsettings{'BLUE_ADDRESS'}:$proxysettings{'PROXY_PORT'}\n";\r
147	}\r
148	print FILE <<END\r
149	\r
150	acl QUERY urlpath_regex cgi-bin \\?\r
151	no_cache deny QUERY\r
152	\r
153	cache_effective_user squid\r
154	cache_effective_group squid\r
155	\r
156	pid_filename /var/run/squid.pid\r
157	\r
158	END\r
159	;\r
160	\r
161	if ($proxysettings{'LOGGING'} eq 'on')\r
162	{\r
163	print FILE <<END\r
164	cache_access_log /var/log/squid/access.log\r
165	cache_log /var/log/squid/cache.log\r
166	cache_store_log none\r
167	\r
168	END\r
169	;} else {\r
170	print FILE <<END\r
171	cache_access_log /dev/null\r
172	cache_log /dev/null\r
173	cache_store_log none\r
174	\r
175	END\r
176	;}\r
177	print FILE <<END\r
178	log_mime_hdrs off\r
179	forwarded_for off\r
180	\r
181	END\r
182	;\r
183	\r
184	#Insert acl file and replace __VAR__ with correct values\r
185	my $blue_net = ''; #BLUE empty by default\r
186	my $blue_ip = '';\r
187	if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {\r
188	$blue_net = "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";\r
189	$blue_ip = "$netsettings{'BLUE_ADDRESS'}";\r
190	}\r
191	open (ACL, "${General::swroot}/proxy/acl") or die "Unable to open ACL list file";\r
192	while (<ACL>) {\r
193	$_ =~ s/__GREEN_IP__/$netsettings{'GREEN_ADDRESS'}/;\r
194	$_ =~ s/__GREEN_NET__/$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}/;\r
195	$_ =~ s/__BLUE_IP__/$blue_ip/;\r
196	$_ =~ s/__BLUE_NET__/$blue_net/;\r
197	$_ =~ s/__PROXY_PORT__/$proxysettings{'PROXY_PORT'}/;\r
198	print FILE $_;\r
199	}\r
200	close (ACL);\r
201	\r
202	# This value is in bytes, so we must turn it from KB into bytes\r
203	my $max_incoming_size = $proxysettings{'MAX_INCOMING_SIZE'} * 1024;\r
204	\r
205	print FILE <<END\r
206	\r
207	maximum_object_size $proxysettings{'MAX_SIZE'} KB\r
208	minimum_object_size $proxysettings{'MIN_SIZE'} KB\r
209	\r
210	cache_mem $cachemem KB\r
211	cache_dir aufs /var/log/cache $proxysettings{'CACHE_SIZE'} 16 256\r
212	\r
213	request_body_max_size $proxysettings{'MAX_OUTGOING_SIZE'} KB\r
214	reply_body_max_size $max_incoming_size allow all\r
215	\r
216	visible_hostname $mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}\r
217	\r
218	END\r
219	;\r
220	\r
221	# Write the parent proxy info, if needed.\r
222	if ($remotehost ne '')\r
223	{\r
224	# Enter authentication for the parent cache (format is login=user:password)\r
225	if ($proxy1 eq 'YES') {\r
226	print FILE <<END\r
227	cache_peer $remotehost parent $remoteport 3130 login=$proxysettings{'UPSTREAM_USER'}:$proxysettings{'UPSTREAM_PASSWORD'} default no-query\r
228	\r
229	END\r
230	; \r
231	} else {\r
232	# Not using authentication with the parent cache\r
233	print FILE <<END\r
234	cache_peer $remotehost parent $remoteport 3130 default no-query\r
235	\r
236	END\r
237	;\r
238	}\r
239	print FILE "never_direct allow all\n";\r
240	}\r
241	if (($proxysettings{'TRANSPARENT'} eq 'on') \|\|\r
242	($proxysettings{'TRANSPARENT_BLUE'} eq 'on'))\r
243	{\r
244	print FILE <<END\r
245	httpd_accel_host virtual \r
246	httpd_accel_port 80 \r
247	httpd_accel_with_proxy on\r
248	httpd_accel_uses_host_header on \r
249	END\r
250	;\r
251	}\r
252	close FILE;\r
253	$configerror = 0; ## a good config!\r
254	\r
255	ERROR:\r
256	unlink "${General::swroot}/proxy/enable";\r
257	unlink "${General::swroot}/proxy/transparent";\r
258	unlink "${General::swroot}/proxy/enable_blue";\r
259	unlink "${General::swroot}/proxy/transparent_blue";\r
260	&DoHTML;\r
261	\r
262	if (!$configerror)\r
263	{\r
264	if ($proxysettings{'ENABLE'} eq 'on') {\r
265	system ('/bin/touch', "${General::swroot}/proxy/enable"); }\r
266	if ($proxysettings{'TRANSPARENT'} eq 'on') {\r
267	system ('/bin/touch', "${General::swroot}/proxy/transparent"); }\r
268	if ($proxysettings{'ENABLE_BLUE'} eq 'on') {\r
269	system ('/bin/touch', "${General::swroot}/proxy/enable_blue"); }\r
270	if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on') {\r
271	system ('/bin/touch', "${General::swroot}/proxy/transparent_blue"); }\r
272	system('/usr/local/bin/restartsquid');\r
273	}\r
274	}\r
275	\r
276	if ($proxysettings{'ACTION'} eq $Lang::tr{'clear cache'})\r
277	{\r
278	&DoHTML;\r
279	system('/usr/local/bin/restartsquid','-f');\r
280	}\r
281	\r
282	&DoHTML if $NeedDoHTML;\r
283	\r
284	\r
285	sub DoHTML {\r
286	\r
287	$NeedDoHTML = 0;\r
288	&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);\r
289	\r
290	my %checked=();\r
291	\r
292	$checked{'ENABLE'}{'off'} = '';\r
293	$checked{'ENABLE'}{'on'} = '';\r
294	$checked{'ENABLE'}{$proxysettings{'ENABLE'}} = "checked='checked'";\r
295	\r
296	$checked{'TRANSPARENT'}{'off'} = '';\r
297	$checked{'TRANSPARENT'}{'on'} = '';\r
298	$checked{'TRANSPARENT'}{$proxysettings{'TRANSPARENT'}} = "checked='checked'";\r
299	\r
300	$checked{'ENABLE_BLUE'}{'off'} = '';\r
301	$checked{'ENABLE_BLUE'}{'on'} = '';\r
302	$checked{'ENABLE_BLUE'}{$proxysettings{'ENABLE_BLUE'}} = "checked='checked'";\r
303	\r
304	$checked{'TRANSPARENT_BLUE'}{'off'} = '';\r
305	$checked{'TRANSPARENT_BLUE'}{'on'} = '';\r
306	$checked{'TRANSPARENT_BLUE'}{$proxysettings{'TRANSPARENT_BLUE'}} = "checked='checked'";\r
307	\r
308	$checked{'LOGGING'}{'off'} = '';\r
309	$checked{'LOGGING'}{'on'} = '';\r
310	$checked{'LOGGING'}{$proxysettings{'LOGGING'}} = "checked='checked'";\r
311	\r
312	&Header::openpage($Lang::tr{'web proxy configuration'}, 1, '');\r
313	\r
314	&Header::openbigbox('100%', 'left', '', $errormessage);\r
315	\r
316	if ($errormessage) {\r
317	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});\r
318	print "<font class='base'>$errormessage </font>\n";\r
319	&Header::closebox();\r
320	}\r
321	\r
322	print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";\r
323	\r
324	&Header::openbox('100%', 'left', "$Lang::tr{'web proxy'}:");\r
325	print <<END\r
326	<table width='100%'>\r
327	<tr>\r
328	<td width='25%' class='base'>$Lang::tr{'enabled on'} <font color="${Header::colourgreen}">Green</font>:</td>\r
329	<td width='15%'><input type='checkbox' name='ENABLE' $checked{'ENABLE'}{'on'} /></td>\r
330	<td width='30%' class='base'>$Lang::tr{'upstream proxy host:port'}: <img src='/blob.gif' alt='*' /></td>\r
331	<td width='30%'><input type='text' name='UPSTREAM_PROXY' value='$proxysettings{'UPSTREAM_PROXY'}' /></td>\r
332	</tr>\r
333	<tr>\r
334	<td class='base'>$Lang::tr{'transparent on'} <font color="${Header::colourgreen}">Green</font>:</td>\r
335	<td><input type='checkbox' name='TRANSPARENT' $checked{'TRANSPARENT'}{'on'} /></td>\r
336	<td class='base'>$Lang::tr{'upstream username'} <img src='/blob.gif' alt='*' /></td>\r
337	<td><input type='text' name='UPSTREAM_USER' value='$proxysettings{'UPSTREAM_USER'}' /></td>\r
338	</tr>\r
339	<tr>\r
340	END\r
341	;\r
342	if ($netsettings{'BLUE_DEV'}) {\r
343	print "<td class='base'>$Lang::tr{'enabled on'} <font color='${Header::colourblue}'>Blue</font>:</td>";\r
344	print "<td><input type='checkbox' name='ENABLE_BLUE' $checked{'ENABLE_BLUE'}{'on'} /></td>";\r
345	} else {\r
346	print "<td colspan='2'> </td>";\r
347	}\r
348	print <<END\r
349	<td class='base'>$Lang::tr{'upstream password'} <img src='/blob.gif' alt='*' /></td>\r
350	<td><input type='password' name='UPSTREAM_PASSWORD' value='$proxysettings{'UPSTREAM_PASSWORD'}' /></td>\r
351	</tr>\r
352	<tr>\r
353	END\r
354	;\r
355	if ($netsettings{'BLUE_DEV'}) {\r
356	print "<td class='base'>$Lang::tr{'transparent on'} <font color='${Header::colourblue}'>Blue</font>:</td>";\r
357	print "<td><input type='checkbox' name='TRANSPARENT_BLUE' $checked{'TRANSPARENT_BLUE'}{'on'} /></td>";\r
358	} else {\r
359	print "<td colspan='2'> </td>";\r
360	}\r
361	print <<END\r
362	<td class='base'>$Lang::tr{'proxy port'}:</td>\r
363	<td><input type='text' name='PROXY_PORT' value='$proxysettings{'PROXY_PORT'}' size='5' /></td>\r
364	</tr>\r
365	<tr>\r
366	<td class='base'>$Lang::tr{'log enabled'}:</td>\r
367	<td><input type='checkbox' name='LOGGING' $checked{'LOGGING'}{'on'} /></td>\r
368	<td>$Lang::tr{'squid extension methods'}: <img src='/blob.gif' alt='*' /></td>\r
369	<td><input type='text' name='EXTENSION_METHODS' value='$proxysettings{'EXTENSION_METHODS'}' /></td>\r
370	</tr>\r
371	<!--TAG FOR ADDONS-->\r
372	<tr>\r
373	<td colspan='4'><hr /><b>$Lang::tr{'cache management'}</b></td>\r
374	</tr>\r
375	<tr>\r
376	<td width='25%' class='base'>$Lang::tr{'cache size'}</td>\r
377	<td><input type='text' name='CACHE_SIZE' value='$proxysettings{'CACHE_SIZE'}' size='5' /></td>\r
378	</tr>\r
379	<tr>\r
380	<td class='base'>$Lang::tr{'min size'}</td>\r
381	<td><input type='text' name='MIN_SIZE' value='$proxysettings{'MIN_SIZE'}' size='5' /></td>\r
382	<td class='base'>$Lang::tr{'max size'}</td>\r
383	<td><input type='text' name='MAX_SIZE' value='$proxysettings{'MAX_SIZE'}' size='5' /></td>\r
384	</tr>\r
385	<tr>\r
386	<td colspan='4'><hr /><b>$Lang::tr{'transfer limits'}</b></td>\r
387	</tr>\r
388	<tr>\r
389	<td class='base'>$Lang::tr{'max incoming size'}</td>\r
390	<td><input type='text' name='MAX_INCOMING_SIZE' value='$proxysettings{'MAX_INCOMING_SIZE'}' size='5' /></td>\r
391	<td class='base'>$Lang::tr{'max outgoing size'}</td>\r
392	<td><input type='text' name='MAX_OUTGOING_SIZE' value='$proxysettings{'MAX_OUTGOING_SIZE'}' size='5' /></td>\r
393	</tr>\r
394	</table>\r
395	<table width='100%'>\r
396	<hr />\r
397	<tr>\r
398	<td width='28%'>\r
399	<img src='/blob.gif' align='top' alt='*' /> \r
400	<font class='base'>$Lang::tr{'this field may be blank'}</font>\r
401	</td>\r
402	<td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'clear cache'}' /></td>\r
403	<td width=33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>\r
404	<td width='5%' align='right'>\r
405	<a href='${General::adminmanualurl}/services.html#services_webproxy' target='_blank'>\r
406	<img src='/images/web-support.png' title='$Lang::tr{'online help en'}' /></a></td>\r
407	</tr>\r
408	\r
409	</table>\r
410	END\r
411	;\r
412	&Header::closebox();\r
413	\r
414	print "</form>\n";\r
415	\r
416	&Header::closebigbox();\r
417	\r
418	&Header::closepage();\r
419	\r
420	} # end sub DoHTML\r
421	1\r