- various bugfixes

- added a exclusion list that lists IPs excluded from beeing served via transparent proxying

7 files changed, 129 insertions, 2 deletions

diff --git a/packages/p3scan-pf/p3scan-pf-emer.xml b/packages/p3scan-pf/p3scan-pf-emer.xml
index 30e20ab9..99a1ed02 100644
--- a/packages/p3scan-pf/p3scan-pf-emer.xml
+++ b/packages/p3scan-pf/p3scan-pf-emer.xml
@@ -11,6 +11,10 @@
       <url>/pkg_edit.php?xml=p3scan-pf.xml&amp;id=0</url>
     </tab>
     <tab>
+      <text>Transparent Proxy Exclusion</text>
+      <url>/pkg.php?xml=p3scan-pf-transex.xml</url>
+    </tab>
+    <tab>
       <text>Message Processing</text>
       <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&amp;id=0</url>
     </tab>
diff --git a/packages/p3scan-pf/p3scan-pf-msg.xml b/packages/p3scan-pf/p3scan-pf-msg.xml
index fbe05a69..b928f034 100644
--- a/packages/p3scan-pf/p3scan-pf-msg.xml
+++ b/packages/p3scan-pf/p3scan-pf-msg.xml
@@ -17,6 +17,10 @@
       <url>/pkg_edit.php?xml=p3scan-pf.xml&amp;id=0</url>
     </tab>
     <tab>
+      <text>Transparent Proxy Exclusion</text>
+      <url>/pkg.php?xml=p3scan-pf-transex.xml</url>
+    </tab>
+    <tab>
       <text>Message Processing</text>
       <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&amp;id=0</url>
       <active />
diff --git a/packages/p3scan-pf/p3scan-pf-spam.xml b/packages/p3scan-pf/p3scan-pf-spam.xml
index 46023650..4ce9a95e 100644
--- a/packages/p3scan-pf/p3scan-pf-spam.xml
+++ b/packages/p3scan-pf/p3scan-pf-spam.xml
@@ -17,6 +17,10 @@
       <url>/pkg_edit.php?xml=p3scan-pf.xml&amp;id=0</url>
     </tab>
     <tab>
+      <text>Transparent Proxy Exclusion</text>
+      <url>/pkg.php?xml=p3scan-pf-transex.xml</url>
+    </tab>
+    <tab>
       <text>Message Processing</text>
       <url>pkg_edit.php?xml=p3scan-pf-msg.xml&amp;id=0</url>
     </tab>
diff --git a/packages/p3scan-pf/p3scan-pf-transex.xml b/packages/p3scan-pf/p3scan-pf-transex.xml
new file mode 100644
index 00000000..947031d9
--- /dev/null
+++ b/packages/p3scan-pf/p3scan-pf-transex.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<packagegui>
+  <!-- change this if configpath works -->
+  <name>p3scanpftransex</name>
+  <version>1.0</version>
+  <title>Services: POP3 Proxy: Exclude from Transparent Proxy</title>
+  <note>
+    Below you will have the opportunity to define specific IP addresses
+    which should be exempt from beeing served via transparent proxying.
+  </note>
+  <include_file>p3scan-pf.inc</include_file>
+  <tabs>
+    <tab>
+      <text>Daemon Settings</text>
+      <url>/pkg_edit.php?xml=p3scan-pf.xml&amp;id=0</url>
+    </tab>
+    <tab>
+      <text>Transparent Proxy Exclusion</text>
+      <url>/pkg.php?xml=p3scan-pf-transex.xml</url>
+      <active />
+    </tab>
+    <tab>
+      <text>Message Processing</text>
+      <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&amp;id=0</url>
+    </tab>
+    <tab>
+      <text>Emergency Contact</text>
+      <url>/pkg.php?xml=p3scan-pf-emer.xml</url>
+    </tab>
+    <tab>
+      <text>Virus Scanner Settings</text>
+      <url>/pkg_edit.php?xml=p3scan-pf-vir.xml&amp;id=0</url>
+    </tab>
+    <tab>
+      <text>SPAM Settings</text>
+      <url>/pkg_edit.php?xml=p3scan-pf-spam.xml&amp;id=0</url>
+    </tab>
+  </tabs>
+  <!-- 
+    configpath gets expanded out automatically and config items
+    will be stored in that location
+  -->
+  <configpath>['installedpackages']['p3scanpf']['config']['virus']</configpath>
+  
+	<adddeleteeditpagefields>
+		<columnitem>
+			<fielddescr>Exempted IP</fielddescr>
+			<fieldname>ip</fieldname>
+		</columnitem>
+		<columnitem>
+			<fielddescr>Description</fielddescr>
+			<fieldname>description</fieldname>
+		</columnitem>
+	</adddeleteeditpagefields>
+  <!--
+    fields gets invoked when the user adds or edits a item. The following items
+    will be parsed and rendered for the user as a gui with input, and selectboxes.
+  -->
+  <fields>
+		<field>
+			<fielddescr>Exempted IP</fielddescr>
+			<fieldname>ip</fieldname>
+			<description>Enter the IP to exempt from transparent proxy</description>
+			<type>input</type>
+		</field>
+		<field>
+			<fielddescr>Description</fielddescr>
+			<fieldname>description</fieldname>
+			<description>Enter the description for this item</description>
+			<type>input</type>
+		</field>
+  </fields>
+  <!--
+    Arbitrary PHP Code, that gets executed if a certain event gets triggered.
+  -->
+  <custom_php_resync_config_command>
+    sync_package_p3scan();
+  </custom_php_resync_config_command>
+</packagegui>
diff --git a/packages/p3scan-pf/p3scan-pf-vir.xml b/packages/p3scan-pf/p3scan-pf-vir.xml
index b2f16a87..76356f3f 100644
--- a/packages/p3scan-pf/p3scan-pf-vir.xml
+++ b/packages/p3scan-pf/p3scan-pf-vir.xml
@@ -17,6 +17,10 @@
       <url>/pkg_edit.php?xml=p3scan-pf.xml&amp;id=0</url>
     </tab>
     <tab>
+      <text>Transparent Proxy Exclusion</text>
+      <url>/pkg.php?xml=p3scan-pf-transex.xml</url>
+    </tab>
+    <tab>
       <text>Message Processing</text>
       <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&amp;id=0</url>
     </tab>
diff --git a/packages/p3scan-pf/p3scan-pf.inc b/packages/p3scan-pf/p3scan-pf.inc
index f9aa36c8..03a04942 100644
--- a/packages/p3scan-pf/p3scan-pf.inc
+++ b/packages/p3scan-pf/p3scan-pf.inc
@@ -327,9 +327,32 @@ function custom_php_deinstall_command() {
   conf_mount_ro();
 }
 
+function add_trans_table(){
+  global $config;
+  conf_mount_rw();
+  config_lock();
+
+  /* Flush all entries first, and then add them. */
+  $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -t p3scan -T flush');
+  if($p3scan_pf_result <> 0) {
+        file_notice("P3SCAN", "There were error(s) flushing the exclude table", "P3SCAN", "");
+  }
+  if($config['installedpackages']['p3scanpftransex']['config'] != ""){
+    foreach($config['installedpackages']['p3scanpftransex']['config'] as $tmp) {
+      $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -t p3scan -T add ' . $tmp['ip']);
+      if($p3scan_pf_result <> 0) {
+        file_notice("P3SCAN", "There were error(s) adding the ip " . $tmp['ip'], "P3SCAN", "");
+      }
+    }
+  }
+  /* signal a reload of all files */
+  conf_mount_ro();
+  config_unlock();
+}
+
 function remove_transparency() {
   $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -t p3scan -T flush');
-  if($havp_pf_result <> 0) {
+  if($p3scan_pf_result <> 0) {
     file_notice("P3SCAN", "There were error(s) flushing the exclude table", "P3SCAN", "");
   }
 }
@@ -339,7 +362,7 @@ function setup_transparency() {
   $cfg = $config['installedpackages']['p3scanpf']['config'][0];
   $trans_file = fopen("/tmp/p3scan_pf.rules","w");
   fwrite($trans_file, "table <p3scan> persist\n");
-  fwrite($trans_file, "rdr on " . $config['interfaces']['lan']['if'] .  " inet proto tcp from !<p3scan> to ! " . $config['interfaces']['lan']['ipaddr'] . " port = pop3 -> {$cfg['ip']} port {$cfg['port']} \n");
+  fwrite($trans_file, "rdr on " . $config['interfaces']['lan']['if'] .  " inet proto tcp from !<p3scan> to ! " . $config['interfaces']['lan']['ipaddr'] . " port = pop3 -> {$cfg['ipaddr']} port {$cfg['port']} \n");
   fclose($trans_file);
   $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -f /tmp/p3scan_pf.rules');
   if($p3scan_pf_result <> 0) {
diff --git a/packages/p3scan-pf/p3scan-pf.xml b/packages/p3scan-pf/p3scan-pf.xml
index 43615ef6..96c20de3 100644
--- a/packages/p3scan-pf/p3scan-pf.xml
+++ b/packages/p3scan-pf/p3scan-pf.xml
@@ -31,6 +31,10 @@
       <active />
     </tab>
     <tab>
+      <text>Transparent Proxy Exclusion</text>
+      <url>/pkg.php?xml=p3scan-pf-transex.xml</url>
+    </tab>
+    <tab>
       <text>Message Processing</text>
       <url>/pkg_edit.php?xml=p3scan-pf-msg.xml&amp;id=0</url>
     </tab>
@@ -60,6 +64,11 @@
   <additional_files_needed>
     <prefix>/usr/local/pkg/</prefix>
     <chmod>0755</chmod>
+    <item>http://www.pfsense.com/packages/config/p3scan-pf/p3scan-pf-transex.xml</item>
+  </additional_files_needed>
+  <additional_files_needed>
+    <prefix>/usr/local/pkg/</prefix>
+    <chmod>0755</chmod>
     <item>http://www.pfsense.com/packages/config/p3scan-pf/p3scan-pf-emer.xml</item>
   </additional_files_needed>
   <additional_files_needed>