aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSeth Mos <seth.mos@xs4all.nl>2006-12-19 21:20:19 +0000
committerSeth Mos <seth.mos@xs4all.nl>2006-12-19 21:20:19 +0000
commit92d04b4b8ae266fef55700651525b1203674ae3c (patch)
tree05f57a7daa1ba8e1333149cd2cd61dfc83bf881f
parent756a43116b67fc757556ee908c83275bf13ab0a8 (diff)
downloadpfsense-packages-92d04b4b8ae266fef55700651525b1203674ae3c.tar.gz
pfsense-packages-92d04b4b8ae266fef55700651525b1203674ae3c.tar.bz2
pfsense-packages-92d04b4b8ae266fef55700651525b1203674ae3c.zip
Last few commits have been in no particular order:
- remove stopping and starting of squid on reconfiguration. use squid -k reconfigure instead. - stop killing and starting the proxy_monitor.sh script. It's not needed. - Always allow the webgui port for access, otherwise you could lock yourself from the gui. - Add cache location option. If you have another disk to store them on. - Fix input validation on a number of gui items. - Transparent and normal proxy mode now work. - Fix throttling. TEST - Authentication UNTESTED I think we are good for another public test attempt
-rw-r--r--packages/squid.inc41
-rw-r--r--packages/squid_cache.xml9
2 files changed, 22 insertions, 28 deletions
diff --git a/packages/squid.inc b/packages/squid.inc
index bab0f788..deab63d9 100644
--- a/packages/squid.inc
+++ b/packages/squid.inc
@@ -169,6 +169,15 @@ function squid_validate_general($post, $input_errors) {
$icp_port = trim($post['icp_port']);
if (!empty($icp_port) && !is_port($icp_port))
$input_errors[] = 'You must enter a valid port number in the \'ICP port\' field';
+
+ if (substr($post['log_dir'], -1, 1) == '/')
+ $input_errors[] = 'You may not end log location with an / mark';
+
+ if ($post['log_dir']{0} != '/')
+ $input_errors[] = 'You must start log location with a / mark';
+ if (strlen($post['log_dir']) <= 3)
+ $input_errors[] = "That is not a valid log location dir";
+
if (($post['transparent_proxy'] == 'on')) {
$port = 80;
} else {
@@ -391,15 +400,6 @@ EOD;
}
- log_error("Reloading squid configuration");
- mwexec("/usr/local/sbin/squid -k reconfigure");
- /* kill any running proxy alarm scripts */
- // log_error("Stopping proxy monitor script");
- // mwexec("ps awux | grep \"proxy_monitor\" | grep -v \"grep\" | grep -v \"php\" | awk '{ print $2 }' | xargs kill");
- /* restart proxy alarm scripts */
- // log_error("Starting proxy monitor script");
- // mwexec_bg("/usr/local/etc/rc.d/proxy_monitor.sh");
-
return $conf;
}
@@ -469,12 +469,13 @@ function squid_resync_nac() {
global $config, $valid_acls;
$settings = $config['installedpackages']['squidnac']['config'][0];
+ $webgui_port = $config['system']['webgui']['port'];
$conf = <<<EOD
acl all src 0.0.0.0/0
acl localhost src 127.0.0.1
-acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 1025-65535
-acl sslports port 443 563
+acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port 1025-65535
+acl sslports port 443 563 $webgui_port
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
@@ -548,7 +549,7 @@ function squid_resync_traffic() {
$conf .= <<<EOD
delay_pools 1
delay_class 1 2
-delay_parameters 1 $overall/$threshold $perhost/$threshold
+delay_parameters 1 $overall/$overall $perhost/$perhost
delay_initial_bucket_level 100
EOD;
@@ -736,26 +737,10 @@ function squid_resync() {
exec("/usr/local/sbin/squid -z");
}
- // log_error("Stopping proxy monitor script");
- /* kill any running proxy alarm scripts */
- // mwexec("ps awux | grep \"proxy_monitor\" | grep -v \"grep\" | grep -v \"php\" | awk '{ print $2 }' | xargs kill");
-
- // restart_service('squid');
- // log_error("Stopping Squid for configuration sync");
- // mwexec("/usr/local/sbin/squid -k shutdown");
- // sleep (5);
- // mwexec("killall -9 squid");
log_error("Reloading Squid for configuration sync");
mwexec("/usr/local/sbin/squid -k reconfigure");
- // log_error("Starting Squid for configuration sync");
- // mwexec_bg("/usr/local/sbin/squid -D");
-
- // log_error("Starting monitor script");
- /* restart proxy alarm scripts */
- // mwexec_bg("/usr/local/etc/rc.d/proxy_monitor.sh");
-
filter_configure();
}
diff --git a/packages/squid_cache.xml b/packages/squid_cache.xml
index 05f56c45..9b6f3f8f 100644
--- a/packages/squid_cache.xml
+++ b/packages/squid_cache.xml
@@ -43,6 +43,15 @@
<default_value>100</default_value>
<type>input</type>
</field>
+ <field>
+ <fielddescr>Hard disk cache location</fielddescr>
+ <fieldname>harddisk_cache_location</fieldname>
+ <description>This is the directory where the cache will be stored. (note: do not end with a /). If you change this location, squid needs to make a new cache, this could take a while</description>
+ <required/>
+ <default_value>/var/squid/cache</default_value>
+ <size>60</size>
+ <type>input</type>
+ </field>
<field>
<fielddescr>Memory cache size</fielddescr>
<fieldname>memory_cache_size</fieldname>