aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2010-10-07 08:47:55 -0400
committerjim-p <jimp@pfsense.org>2010-10-07 08:49:01 -0400
commit434a4b6c351fc238700945c7a7f9402abdf69dfc (patch)
treec27c93859a862b322b0c46850d695654d0929907
parent46bd0218b3f330c9c983dab4cbc27d6fa42180f2 (diff)
downloadpfsense-packages-434a4b6c351fc238700945c7a7f9402abdf69dfc.tar.gz
pfsense-packages-434a4b6c351fc238700945c7a7f9402abdf69dfc.tar.bz2
pfsense-packages-434a4b6c351fc238700945c7a7f9402abdf69dfc.zip
Ensure that http_access for allowed_subnets is added, regardless of whether 'allow_interface' is on or not. Submitted-By: wagonza.
-rw-r--r--config/squid/squid.inc10
1 files changed, 6 insertions, 4 deletions
diff --git a/config/squid/squid.inc b/config/squid/squid.inc
index 8a44d02c..fded1f8b 100644
--- a/config/squid/squid.inc
+++ b/config/squid/squid.inc
@@ -992,13 +992,15 @@ function squid_resync_auth() {
$auth_method = (($settings['auth_method'] && !$transparent_proxy) ? $settings['auth_method'] : 'none');
// Allow the remaining ACLs if no authentication is set
if ($auth_method == 'none') {
+ $conf .="# Setup allowed acls\n";
+ $allowed = array('allowed_subnets');
if ($settingsconfig['allow_interface'] == 'on') {
$conf .= "# Allow local network(s) on interface(s)\n";
- $allowed = array('localnet', 'allowed_subnets');
- $allowed = array_filter($allowed, 'squid_is_valid_acl');
- foreach ($allowed as $acl)
- $conf .= "http_access allow $acl\n";
+ $allowed[] = "localnet";
}
+ $allowed = array_filter($allowed, 'squid_is_valid_acl');
+ foreach ($allowed as $acl)
+ $conf .= "http_access allow $acl\n";
}
else {
$noauth = implode(' ', explode("\n", base64_decode($settings['no_auth_hosts'])));