diff options
author | Seth Mos <seth.mos@xs4all.nl> | 2006-12-19 21:20:19 +0000 |
---|---|---|
committer | Seth Mos <seth.mos@xs4all.nl> | 2006-12-19 21:20:19 +0000 |
commit | 92d04b4b8ae266fef55700651525b1203674ae3c (patch) | |
tree | 05f57a7daa1ba8e1333149cd2cd61dfc83bf881f | |
parent | 756a43116b67fc757556ee908c83275bf13ab0a8 (diff) | |
download | pfsense-packages-92d04b4b8ae266fef55700651525b1203674ae3c.tar.gz pfsense-packages-92d04b4b8ae266fef55700651525b1203674ae3c.tar.bz2 pfsense-packages-92d04b4b8ae266fef55700651525b1203674ae3c.zip |
Last few commits have been in no particular order:
- remove stopping and starting of squid on reconfiguration. use squid -k
reconfigure instead.
- stop killing and starting the proxy_monitor.sh script. It's not
needed.
- Always allow the webgui port for access, otherwise you could lock
yourself from the gui.
- Add cache location option. If you have another disk to store them on.
- Fix input validation on a number of gui items.
- Transparent and normal proxy mode now work.
- Fix throttling. TEST
- Authentication UNTESTED
I think we are good for another public test attempt
-rw-r--r-- | packages/squid.inc | 41 | ||||
-rw-r--r-- | packages/squid_cache.xml | 9 |
2 files changed, 22 insertions, 28 deletions
diff --git a/packages/squid.inc b/packages/squid.inc index bab0f788..deab63d9 100644 --- a/packages/squid.inc +++ b/packages/squid.inc @@ -169,6 +169,15 @@ function squid_validate_general($post, $input_errors) { $icp_port = trim($post['icp_port']); if (!empty($icp_port) && !is_port($icp_port)) $input_errors[] = 'You must enter a valid port number in the \'ICP port\' field'; + + if (substr($post['log_dir'], -1, 1) == '/') + $input_errors[] = 'You may not end log location with an / mark'; + + if ($post['log_dir']{0} != '/') + $input_errors[] = 'You must start log location with a / mark'; + if (strlen($post['log_dir']) <= 3) + $input_errors[] = "That is not a valid log location dir"; + if (($post['transparent_proxy'] == 'on')) { $port = 80; } else { @@ -391,15 +400,6 @@ EOD; } - log_error("Reloading squid configuration"); - mwexec("/usr/local/sbin/squid -k reconfigure"); - /* kill any running proxy alarm scripts */ - // log_error("Stopping proxy monitor script"); - // mwexec("ps awux | grep \"proxy_monitor\" | grep -v \"grep\" | grep -v \"php\" | awk '{ print $2 }' | xargs kill"); - /* restart proxy alarm scripts */ - // log_error("Starting proxy monitor script"); - // mwexec_bg("/usr/local/etc/rc.d/proxy_monitor.sh"); - return $conf; } @@ -469,12 +469,13 @@ function squid_resync_nac() { global $config, $valid_acls; $settings = $config['installedpackages']['squidnac']['config'][0]; + $webgui_port = $config['system']['webgui']['port']; $conf = <<<EOD acl all src 0.0.0.0/0 acl localhost src 127.0.0.1 -acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 1025-65535 -acl sslports port 443 563 +acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port 1025-65535 +acl sslports port 443 563 $webgui_port acl manager proto cache_object acl purge method PURGE acl connect method CONNECT @@ -548,7 +549,7 @@ function squid_resync_traffic() { $conf .= <<<EOD delay_pools 1 delay_class 1 2 -delay_parameters 1 $overall/$threshold $perhost/$threshold +delay_parameters 1 $overall/$overall $perhost/$perhost delay_initial_bucket_level 100 EOD; @@ -736,26 +737,10 @@ function squid_resync() { exec("/usr/local/sbin/squid -z"); } - // log_error("Stopping proxy monitor script"); - /* kill any running proxy alarm scripts */ - // mwexec("ps awux | grep \"proxy_monitor\" | grep -v \"grep\" | grep -v \"php\" | awk '{ print $2 }' | xargs kill"); - - // restart_service('squid'); - // log_error("Stopping Squid for configuration sync"); - // mwexec("/usr/local/sbin/squid -k shutdown"); - // sleep (5); - // mwexec("killall -9 squid"); log_error("Reloading Squid for configuration sync"); mwexec("/usr/local/sbin/squid -k reconfigure"); - // log_error("Starting Squid for configuration sync"); - // mwexec_bg("/usr/local/sbin/squid -D"); - - // log_error("Starting monitor script"); - /* restart proxy alarm scripts */ - // mwexec_bg("/usr/local/etc/rc.d/proxy_monitor.sh"); - filter_configure(); } diff --git a/packages/squid_cache.xml b/packages/squid_cache.xml index 05f56c45..9b6f3f8f 100644 --- a/packages/squid_cache.xml +++ b/packages/squid_cache.xml @@ -43,6 +43,15 @@ <default_value>100</default_value> <type>input</type> </field> + <field> + <fielddescr>Hard disk cache location</fielddescr> + <fieldname>harddisk_cache_location</fieldname> + <description>This is the directory where the cache will be stored. (note: do not end with a /). If you change this location, squid needs to make a new cache, this could take a while</description> + <required/> + <default_value>/var/squid/cache</default_value> + <size>60</size> + <type>input</type> + </field> <field> <fielddescr>Memory cache size</fielddescr> <fieldname>memory_cache_size</fieldname> |