diff options
| author | Chris Buechler <cmb@pfsense.org> | 2015-10-15 12:51:25 -0500 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2015-10-15 12:51:25 -0500 |
| commit | 649850e4e9928e9192417c4b4dc406c7e8eb582a (patch) | |
| tree | 413111fa022dcbe6bd675f2cbe799d81f2d309d9 | |
| parent | 01cbf628b0c380390ea05bd0b4aec62240160c1f (diff) | |
| parent | f327b39571d6f45531d14da59c155964372e7c71 (diff) | |
| download | pfsense-packages-649850e4e9928e9192417c4b4dc406c7e8eb582a.tar.gz pfsense-packages-649850e4e9928e9192417c4b4dc406c7e8eb582a.tar.bz2 pfsense-packages-649850e4e9928e9192417c4b4dc406c7e8eb582a.zip | |
Merge pull request #1097 from doktornotor/patch-2
| -rwxr-xr-x | config/squid3/34/squid.inc | 34 | ||||
| -rw-r--r-- | config/squid3/34/squid_antivirus.inc | 87 | ||||
| -rwxr-xr-x | config/squid3/34/squid_antivirus.xml | 10 | ||||
| -rw-r--r-- | config/squid3/34/squid_antivirus_status.widget.php | 12 | ||||
| -rwxr-xr-x | config/squid3/34/squid_cache.xml | 8 | ||||
| -rwxr-xr-x | config/squid3/34/squid_monitor.php | 134 | ||||
| -rwxr-xr-x | config/squid3/34/squid_monitor_data.php | 119 | ||||
| -rwxr-xr-x | config/squid3/34/squid_nac.xml | 9 | ||||
| -rwxr-xr-x | config/squid3/34/squid_reverse.inc | 6 | ||||
| -rwxr-xr-x | config/squid3/34/squid_reverse_sync.xml | 4 | ||||
| -rwxr-xr-x | config/squid3/34/squid_sync.xml | 4 | ||||
| -rwxr-xr-x | config/squid3/34/squid_traffic.xml | 5 | ||||
| -rwxr-xr-x | config/squid3/34/squid_users.xml | 4 | ||||
| -rw-r--r-- | pkg_config.10.xml | 2 |
14 files changed, 345 insertions, 93 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc index 07d1da26..3dafded6 100755 --- a/config/squid3/34/squid.inc +++ b/config/squid3/34/squid.inc @@ -502,8 +502,9 @@ function squid_install_command() { // remove unwanted PBI rc script unlink_if_exists("/usr/local/etc/rc.d/squid"); - // remove broken cronjob possibly left over after 'Clear Cache on Log Rotate' misfeature + // remove broken cronjobs possibly left over after 'Clear Cache on Log Rotate' misfeature install_cron_job("/usr/local/pkg/swapstate_check.php clean;", false); + install_cron_job("/bin/rm /var/squid/cache/swap.state;", false); } @@ -516,12 +517,14 @@ function squid_deinstall_command() { /* kill all running services */ update_output_window("Stopping and removing services..."); mwexec('/usr/local/etc/rc.d/sqp_monitor.sh stop'); - mwexec("/bin/ps awux | /usr/bin/grep '[s]quid' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill"); + mwexec("/bin/ps awux | /usr/bin/egrep -i '[s]quid -f|\([s]quid\)' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill"); + mwexec("/bin/ps awux | /usr/bin/grep '[d]iskd' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill"); mwexec("/bin/ps awux | /usr/bin/grep '[d]nsserver' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill"); mwexec("/bin/ps awux | /usr/bin/grep '[u]nlinkd' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill"); /* delete rc scripts */ unlink_if_exists('/usr/local/etc/rc.d/sqp_monitor.sh'); + unlink_if_exists('/usr/local/etc/rc.d/squid.sh'); /* clean up created directories if 'Keep Settings/Data' is disabled */ if (is_array($config['installedpackages']['squidcache'])) { @@ -600,6 +603,9 @@ function squid_deinstall_command() { if (is_array($config['installedpackages']['squidreverseredir'])) { unset($config['installedpackages']['squidreverseredir']); } + if (is_array($config['installedpackages']['squidreverseuri'])) { + unset($config['installedpackages']['squidreverseuri']); + } if (is_array($config['installedpackages']['squidsync'])) { unset($config['installedpackages']['squidsync']); } @@ -953,7 +959,7 @@ function squid_validate_traffic($post, &$input_errors) { if (!empty($post['quick_abort_min'])) { $value = trim($post['quick_abort_min']); - if ((!is_numericint($value)) && ($value !== -1)) { + if ((!is_numericint($value)) && ($value != "-1")) { $input_errors[] = "'Finish when remaining KB' must contain a positive integer or '-1'."; } } @@ -971,6 +977,14 @@ function squid_validate_traffic($post, &$input_errors) { $input_errors[] = "'Finish when remaining %' must contain valid percentage (1-100)."; } } + + if ($post['throttle_specific'] == "on") { + $others = trim($post['throttle_others']); + if ($post['throttle_binaries'] == "" && $post['throttle_cdimages'] == "" && $post['throttle_multimedia'] == "" && $others == "") { + $input_errors[] = "'Throttle Only Specific Extensions' enabled but no extensions specified. Select some options under 'Squid Transfer Extension Settings' or disable this option."; + } + } + } /* Proxy Server: Authentication input validation */ @@ -1065,12 +1079,21 @@ function squid_resync_general() { // cert, key, version, cipher, options, clientca, cafile, capath, crlfile, dhparams, sslflags, sslcontext $crt_pk = SQUID_CONFBASE . "/serverkey.pem"; $crt_capath = SQUID_LOCALBASE . "/share/certs/"; + /* XXX: Bug #4453 + * http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit#Modern_DH.2Fciphers_usage + */ + //$sslproxy_cipher = "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS"; + $sslproxy_cipher = "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS"; + $sslproxy_dhparams = "/etc/dh-parameters.2048"; + $sslproxy_options = "NO_SSLv2,NO_SSLv3,SINGLE_DH_USE"; file_put_contents($crt_pk, base64_decode($srv_cert['prv']) . base64_decode($srv_cert['crt'])); $sslcrtd_children = ($settings['sslcrtd_children'] ? $settings['sslcrtd_children'] : 5); - $ssl_interception .= "ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=" . ($sslcrtd_children*2) . "MB cert={$crt_pk} capath={$crt_capath}\n"; + $ssl_interception .= "ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=" . ($sslcrtd_children*2) . "MB cert={$crt_pk} capath={$crt_capath} cipher={$sslproxy_cipher} dhparams={$sslproxy_dhparams} options={$sslproxy_options}\n"; $interception_checks = "sslcrtd_program " . SQUID_LOCALBASE . "/libexec/squid/ssl_crtd -s " . SQUID_SSL_DB . " -M 4MB -b 2048\n"; $interception_checks .= "sslcrtd_children {$sslcrtd_children}\n"; $interception_checks .= "sslproxy_capath {$crt_capath}\n"; + $interception_checks .= "sslproxy_options {$sslproxy_options}\n"; + $interception_checks .= "sslproxy_cipher {$sslproxy_cipher}\n"; if (preg_match("/sslproxy_cert_error/", $settings["interception_checks"])) { $interception_checks .= "sslproxy_cert_error allow all\n"; } @@ -1620,6 +1643,7 @@ EOD; $conf .= "delay_access 1 allow throttle_exts\n"; $conf .= "delay_access 1 deny allsrc\n"; } else { + unlink_if_exists(SQUID_ACLDIR . '/throttle_exts.acl'); $conf .= "delay_access 1 allow allsrc\n"; } @@ -1766,7 +1790,7 @@ function squid_resync_auth() { $conf .= "http_access allow $acl\n"; } } else { - $noauth = implode(' ', explode("\n", base64_decode($settings['no_auth_hosts']))); + $noauth = implode(' ', explode("\n", sq_text_area_decode($settings['no_auth_hosts']))); if (!empty($noauth)) { $conf .= "acl noauth src $noauth\n"; $valid_acls[] = 'noauth'; diff --git a/config/squid3/34/squid_antivirus.inc b/config/squid3/34/squid_antivirus.inc index 9a678fa9..6e5823b7 100644 --- a/config/squid3/34/squid_antivirus.inc +++ b/config/squid3/34/squid_antivirus.inc @@ -42,9 +42,11 @@ function squid_check_clamav_user() { return; } else { if (!exec("/usr/sbin/pw usershow clamav")) { + log_error("[squid] Adding clamav user."); mwexec("/usr/sbin/pw useradd clamav -G wheel -u 9595 -s /sbin/nologin"); } if (!exec("/usr/sbin/pw groupshow wheel | /usr/bin/grep clamav")) { + log_error("[squid] Adding clamav user to wheel group."); mwexec("/usr/sbin/pw usermod clamav -G wheel"); } } @@ -98,7 +100,7 @@ function squid_install_freshclam_cron($should_install) { /* Manually update ClamAV virus definitions via the GUI button */ function squid_update_clamav() { squid_check_antivirus_dirs(); - log_error("[squid] Updating ClamAV definitions now... This will take a while. Check /var/log/clamav/freshclam.log for progress information."); + log_error("[squid] Updating ClamAV definitions now... This will take a while. Check freshclam log on the 'Real Time' tab for progress information."); mwexec_bg(SQUID_BASE . "/bin/freshclam --config-file=" . SQUID_BASE . "/etc/freshclam.conf"); } @@ -147,21 +149,10 @@ function squid_antivirus_install_command() { /* Run on Squid package uninstall */ function squid_antivirus_deinstall_command() { global $config, $keep; - /* kill all running services */ - if (is_process_running("c-icap")) { - mwexec('/bin/echo -n "stop" > /var/run/c-icap/c-icap.ctl'); - } - mwexec("/bin/ps awux | /usr/bin/grep '[c]lamd' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill"); + /* Stop all running services, remove rc scripts and cronjobs */ + squid_stop_antivirus(); mwexec("/bin/ps awux | /usr/bin/grep '[f]reshclam' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill"); - /* remove cronjobs */ - squid_install_freshclam_cron(false); - - /* delete rc scripts */ - unlink_if_exists('/usr/local/etc/rc.d/squid.sh'); - unlink_if_exists("/usr/local/etc/rc.d/c-icap.sh"); - unlink_if_exists('/usr/local/etc/rc.d/clamd.sh'); - /* clean up created PBI symlinks */ update_output_window("Finishing package cleanup."); if (SQUID_LOCALBASE != '/usr/local') { @@ -656,11 +647,11 @@ function squid_antivirus_put_raw_config($rawfiles) { break; case 'raw_freshclam_conf': $confdir = ""; - $conffile = "freshclam.conf"; + $conffile = "/freshclam.conf"; break; case 'raw_clamd_conf': $confdir = ""; - $conffile = "clamd.conf"; + $conffile = "/clamd.conf"; break; default: $confdir = ""; @@ -677,10 +668,11 @@ function squid_antivirus_put_raw_config($rawfiles) { /* Helper function for squid_antivirus_put_raw_config() */ function squid_antivirus_write_conffile($dir, $file, $text) { if ($file && $text) { - if (!file_put_contents(SQUID_LOCALBASE . "/etc" . "{$dir}" . "/{$file}", preg_replace("/\r\n/", "\n", base64_decode($text)), LOCK_EX)) { - log_error("[squid] Could not save '{$file}' configuration file."); + $cfgfile = SQUID_LOCALBASE . "/etc" . "{$dir}" . "{$file}"; + if (!file_put_contents("{$cfgfile}", preg_replace("/\r\n/", "\n", base64_decode($text)), LOCK_EX)) { + log_error("[squid] Could not save '{$cfgfile}' configuration file."); } else { - log_error("[squid] Saved '{$file}' configuration file."); + log_error("[squid] Saved '{$cfgfile}' configuration file."); } } } @@ -697,7 +689,7 @@ function squid_write_clamd_rcfile() { $rc['start'] = <<< EOD if [ ! -f /var/db/clamav/main.cvd -a ! -f /var/db/clamav/main.cld ]; then - echo "Missing /var/db/clamav/*.cvd or *.cld files. You must run freshclam first" + echo "Missing /var/db/clamav/*.cvd or *.cld files. You must run freshclam first!" exit 1 fi @@ -717,6 +709,7 @@ fi EOD; conf_mount_rw(); + log_error("[squid] Creating 'clamd.sh' rc script."); write_rcfile($rc); conf_mount_ro(); } @@ -730,6 +723,7 @@ function squid_write_cicap_rcfile() { $cicap_start_cmd = "LD_LIBRARY_PATH={$cicap_libdir} {$cicap_bin} -f {$cicap_conf}"; $cicap_stop_cmd = '/bin/echo -n "stop" > /var/run/c-icap/c-icap.ctl'; conf_mount_rw(); + log_error("[squid] Creating '{$c_icap_rcfile}' rc script."); write_rcfile(array( "file" => "{$c_icap_rcfile}", "start" => "{$cicap_start_cmd}", @@ -739,7 +733,7 @@ function squid_write_cicap_rcfile() { conf_mount_ro(); } -/* (Re)start antivirus services if AV features are enabled; otherwise stop and disable them */ +/* (Re)start antivirus services if AV features are enabled */ function squid_restart_antivirus() { global $config; if (is_array($config['installedpackages']['squidantivirus'])) { @@ -751,6 +745,7 @@ function squid_restart_antivirus() { // reconfigure and (re)start service as needed if enabled, otherwise stop them // do not (re)start antivirus services on boot if (platform_booting()) { + log_error("[squid] Skipping antivirus services (re)start on boot."); return; } @@ -758,7 +753,7 @@ function squid_restart_antivirus() { // Check clamav database if (count(glob("/var/db/clamav/*d")) == 0) { log_error("[squid] Missing /var/db/clamav/*.cvd or *.cld files. Running freshclam in background."); - log_error("[squid] Do NOT attempt to start ClamAV service until AV definitions are downloaded. Check /var/log/clamav/freshclam.log for progress information."); + log_error("[squid] Do NOT attempt to start ClamAV service until AV definitions are downloaded."); squid_update_clamav(); } elseif ($antivirus_config['clamav_safebrowsing'] == "on" && !is_file("/var/db/clamav/safebrowsing.cvd")) { log_error("[squid] Google Safe Browsing is enabled but missing safebrowsing.cvd definitions. Running freshclam in background."); @@ -789,31 +784,55 @@ function squid_restart_antivirus() { squid_write_cicap_rcfile(); } if (is_process_running("c-icap")) { + log_error("[squid] Reloading C-ICAP..."); mwexec_bg('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl'); } else { + log_error("[squid] Starting C-ICAP..."); mwexec_bg("{$c_icap_rcfile} start"); } } else { // stop AV services and disable all C-ICAP/AV features log_error("[squid] Antivirus features disabled."); - if (is_process_running("clamd")) { - log_error("[squid] Stopping and disabling ClamAV..."); - mwexec("/usr/bin/killall clamd"); - } - unlink_if_exists("/usr/local/etc/rc.d/clamd.sh"); - - // freshclam cronjob - squid_install_freshclam_cron(false); + squid_stop_antivirus(); + } +} - // check c-icap rcfile +/* Stop AV services and disable all C-ICAP/AV features */ +function squid_stop_antivirus() { + // Stop C-ICAP + if (is_process_running("c-icap")) { + log_error("[squid] Stopping and disabling C-ICAP..."); + mwexec('/bin/echo -n "stop" > /var/run/c-icap/c-icap.ctl'); + sleep(5); if (is_process_running("c-icap")) { - log_error("[squid] Stopping and disabling C-ICAP..."); - mwexec('/bin/echo -n "stop" > /var/run/c-icap/c-icap.ctl'); + log_error("[squid] C-ICAP still running, forcibly killing c-icap process(es)."); + mwexec("/bin/ps awux | /usr/bin/grep '[c]-icap' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill -9"); + } + } + unlink_if_exists("/usr/local/etc/rc.d/c-icap.sh"); + + // Stop ClamAV + if (is_process_running("clamd")) { + log_error("[squid] Stopping and disabling ClamAV..."); + mwexec("/usr/bin/killall clamd"); + // sleep for a couple of seconds to give clamd a chance to perform clean exit + for ($i = 0; $i < 10; $i++) { + if (is_process_running('clamd')) { + sleep(1); + } } - unlink_if_exists("/usr/local/etc/rc.d/c-icap.sh"); } + if (is_process_running("clamd")) { + log_error("[squid] ClamAV still running, forcibly killing clamd process(es)."); + mwexec("/usr/bin/killall -9 clamd"); + } + unlink_if_exists("/usr/local/etc/rc.d/clamd.sh"); + + // Remove freshclam cronjob + squid_install_freshclam_cron(false); } + /* * Input validation */ diff --git a/config/squid3/34/squid_antivirus.xml b/config/squid3/34/squid_antivirus.xml index 44820257..495ef342 100755 --- a/config/squid3/34/squid_antivirus.xml +++ b/config/squid3/34/squid_antivirus.xml @@ -42,8 +42,8 @@ ]]> </copyright> <name>squidantivirus</name> - <version>0.4.0</version> - <title>Proxy server: Antivirus</title> + <version>0.4.1</version> + <title>Proxy Server: Antivirus</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> <tab> @@ -148,7 +148,7 @@ ]]> </description> <type>input</type> - <cols>60</cols> + <size>60</size> </field> <field> @@ -173,7 +173,7 @@ Select the desired frequency here.<br/><br/> <input name='update_av' id='update_av' type='submit' value='Update AV' /> Click the button to update AV databases now.<br/> - <strong>Note: This will take a while.</strong> Check /var/log/clamav/freshclam.log for progress information. + <strong>Note: This will take a while.</strong> Check freshclam log on the <a href="squid_monitor.php">'Real Time' tab</a> for progress information. ]]> </description> <type>select</type> @@ -229,7 +229,7 @@ ]]> </description> <type>input</type> - <cols>60</cols> + <size>60</size> </field> <field> <fielddescr>squidclamav.conf</fielddescr> diff --git a/config/squid3/34/squid_antivirus_status.widget.php b/config/squid3/34/squid_antivirus_status.widget.php index 41c8c2fd..377b51f2 100644 --- a/config/squid3/34/squid_antivirus_status.widget.php +++ b/config/squid3/34/squid_antivirus_status.widget.php @@ -44,8 +44,8 @@ global $clamd_path, $cicap_cfg_path, $img; $clamd_path = SQUID_BASE . "/bin/clamd"; $cicap_cfg_path = SQUID_LOCALBASE . "/bin/c-icap-config"; $img = array(); -$img['up'] = "<img src ='data:image/gif;base64,R0lGODlhCwALAIABACPcMP///yH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAh+QQBCgABACwAAAAACwALAAACFYwNpwi50eKK9NA722Puyf15GjgaBQA7' title='Service running' alt='' />"; -$img['down'] = "<img src ='data:image/gif;base64,R0lGODlhCwALAIABANwjI////yH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAh+QQBCgABACwAAAAACwALAAACFowDeYvKlsCD7sXZ5Iq89kpdFshoRwEAOw==' title='Service not running' alt='' />"; +$img['up'] = "<img src='data:image/gif;base64,R0lGODlhCwALAIABACPcMP///yH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAh+QQBCgABACwAAAAACwALAAACFYwNpwi50eKK9NA722Puyf15GjgaBQA7' title='Service running' alt='' />"; +$img['down'] = "<img src='data:image/gif;base64,R0lGODlhCwALAIABANwjI////yH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAh+QQBCgABACwAAAAACwALAAACFowDeYvKlsCD7sXZ5Iq89kpdFshoRwEAOw==' title='Service not running' alt='' />"; function squid_avdb_info($filename) { $stl = "style='padding-top: 0px; padding-bottom: 0px; padding-left: 4px; padding-right: 4px; border-left: 1px solid #999999;'"; @@ -71,10 +71,10 @@ function squid_avdb_info($filename) { function squid_antivirus_bases_info() { $db = '<table width="100%" border="0" cellspacing="0" cellpadding="1"><tbody>'; $db .= '<tr class="vncellt" ><td>Database</td><td>Date</td><td>Version</td><td>Builder</td></tr>'; - $db .= squid_avdb_info("daily.cvd"); - $db .= squid_avdb_info("bytecode.cvd"); - $db .= squid_avdb_info("main.cvd"); - $db .= squid_avdb_info("safebrowsing.cvd"); + $avdbs = array("daily.cvd", "daily.cld", "bytecode.cvd", "bytecode.cld", "main.cvd", "main.cld", "safebrowing.cvd", "safebrowing.cld"); + foreach ($avdbs as $avdb) { + $db .= squid_avdb_info($avdb); + } $db .= '</tbody></table>'; return $db; } diff --git a/config/squid3/34/squid_cache.xml b/config/squid3/34/squid_cache.xml index 47471df9..b4f1aedf 100755 --- a/config/squid3/34/squid_cache.xml +++ b/config/squid3/34/squid_cache.xml @@ -42,8 +42,8 @@ ]]> </copyright> <name>squidcache</name> - <version>0.4.0</version> - <title>Proxy Server: Cache management</title> + <version>0.4.1</version> + <title>Proxy Server: Cache Management</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> <tab> @@ -410,7 +410,9 @@ // do not leave orphaned cachedirs if harddisk_cache_location changed if ($_POST['harddisk_cache_location'] != $config['installedpackages']['squidcache']['config'][0]['harddisk_cache_location']) { $oldcachedir = $config['installedpackages']['squidcache']['config'][0]['harddisk_cache_location']; - $cachedir_changed = true; + if ($oldcachedir != "") { + $cachedir_changed = true; + } } ]]> </custom_php_command_before_form> diff --git a/config/squid3/34/squid_monitor.php b/config/squid3/34/squid_monitor.php index 80e15a64..840d9a60 100755 --- a/config/squid3/34/squid_monitor.php +++ b/config/squid3/34/squid_monitor.php @@ -74,7 +74,7 @@ include("head.inc"); $tab_array[] = array(gettext("Web Servers"), false, "/pkg.php?xml=squid_reverse_peer.xml"); $tab_array[] = array(gettext("Mappings"), false, "/pkg.php?xml=squid_reverse_uri.xml"); $tab_array[] = array(gettext("Redirects"), false, "/pkg.php?xml=squid_reverse_redir.xml"); - $tab_array[] = array(gettext("Real time"), true, "/squid_monitor.php?menu=reverse"); + $tab_array[] = array(gettext("Real Time"), true, "/squid_monitor.php?menu=reverse"); $tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=squid_reverse_sync.xml"); } else { $tab_array[] = array(gettext("General"), false, "/pkg_edit.php?xml=squid.xml&id=0"); @@ -85,7 +85,7 @@ include("head.inc"); $tab_array[] = array(gettext("Traffic Mgmt"), false, "/pkg_edit.php?xml=squid_traffic.xml&id=0"); $tab_array[] = array(gettext("Authentication"), false, "/pkg_edit.php?xml=squid_auth.xml&id=0"); $tab_array[] = array(gettext("Users"), false, "/pkg.php?xml=squid_users.xml"); - $tab_array[] = array(gettext("Real time"), true, "/squid_monitor.php"); + $tab_array[] = array(gettext("Real Time"), true, "/squid_monitor.php"); $tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=squid_sync.xml"); } display_top_tabs($tab_array); @@ -93,7 +93,7 @@ include("head.inc"); </td></tr> <tr><td> <div id="mainarea" style="padding-top: 0px; padding-bottom: 0px; "> - <form id="paramsForm" name="paramsForm" method="post"> + <form id="paramsForm" name="paramsForm" method="post" action=""> <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="6"> <tbody> <tr> @@ -130,19 +130,39 @@ include("head.inc"); </table> </form> - <!-- Squid Table --> + <!-- Squid Access Table --> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr><td> <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> - <tr> - <td colspan="6" class="listtopic" align="center"><?=gettext("Squid Logs"); ?></td> - </tr> + <thead><tr> + <td colspan="6" class="listtopic" align="center"><?=gettext("Squid - Access Logs"); ?></td> + </tr></thead> <tbody id="squidView"> + <tr><td> <script type="text/javascript"> - // Call function to show squid log showLog('squidView', 'squid_monitor_data.php', 'squid'); </script> + </td></tr> + </tbody> + </table> + </td></tr> + </tbody> + </table> + <!-- Squid Cache Table --> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tbody> + <tr><td> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <thead><tr> + <td colspan="2" class="listtopic" align="center"><?=gettext("Squid - Cache Logs"); ?></td> + </tr></thead> + <tbody id="squidCacheView"> + <tr><td> + <script type="text/javascript"> + showLog('squidCacheView', 'squid_monitor_data.php', 'squid_cache'); + </script> + </td></tr> </tbody> </table> </td></tr> @@ -154,32 +174,110 @@ include("head.inc"); <tbody> <tr><td> <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> - <tr> + <thead><tr> <td colspan="5" class="listtopic" align="center"><?=gettext("SquidGuard Logs"); ?></td> - </tr> + </tr></thead> <tbody id="sguardView"> + <tr><td> <script type="text/javascript"> - // Call function to show squidGuard log showLog('sguardView', 'squid_monitor_data.php', 'sguard'); </script> + </td></tr> + </tbody> + </table> + </td></tr> + </tbody> + </table> + <!-- C-ICAP Virus Table --> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tbody> + <tr><td> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <thead><tr> + <td colspan="6" class="listtopic" align="center"><?=gettext("C-ICAP - Virus Logs"); ?></td> + </tr></thead> + <tbody id="CICIAPVirusView"> + <tr><td> + <script type="text/javascript"> + showLog('CICIAPVirusView', 'squid_monitor_data.php', 'cicap_virus'); + </script> + </td></tr> + </tbody> + </table> + </td></tr> + </tbody> + </table> + <!-- C-ICAP Access Table --> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tbody> + <tr><td> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <thead><tr> + <td colspan="2" class="listtopic" align="center"><?=gettext("C-ICAP - Access Logs"); ?></td> + </tr></thead> + <tbody id="CICAPAccessView"> + <tr><td> + <script type="text/javascript"> + showLog('CICAPAccessView', 'squid_monitor_data.php', 'cicap_access'); + </script> + </td></tr> + </tbody> + </table> + </td></tr> + </tbody> + </table> + <!-- C-ICAP Server Table --> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tbody> + <tr><td> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <thead><tr> + <td colspan="2" class="listtopic" align="center"><?=gettext("C-ICAP - Server Logs"); ?></td> + </tr></thead> + <tbody id="CICAPServerView"> + <tr><td> + <script type="text/javascript"> + showLog('CICAPServerView', 'squid_monitor_data.php', 'cicap_server'); + </script> + </td></tr> + </tbody> + </table> + </td></tr> + </tbody> + </table> + <!-- freshclam Table --> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tbody> + <tr><td> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <thead><tr> + <td colspan="1" class="listtopic" align="center"><?=gettext("ClamAV - freshclam Logs"); ?></td> + </tr></thead> + <tbody id="freshclamView"> + <tr><td> + <script type="text/javascript"> + showLog('freshclamView', 'squid_monitor_data.php', 'freshclam'); + </script> + </td></tr> </tbody> </table> </td></tr> </tbody> </table> - <!-- clamav Table --> + <!-- clamd Table --> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr><td> <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> - <tr> - <td colspan="6" class="listtopic" align="center"><?=gettext("clamav Logs"); ?></td> - </tr> - <tbody id="clamView"> + <thead><tr> + <td colspan="1" class="listtopic" align="center"><?=gettext("ClamAV - clamd Logs"); ?></td> + </tr></thead> + <tbody id="clamdView"> + <tr><td> <script type="text/javascript"> - // Call function to show squidGuard log - showLog('clamView', 'squid_monitor_data.php', 'clamav'); + showLog('clamdView', 'squid_monitor_data.php', 'clamd'); </script> + </td></tr> </tbody> </table> </td></tr> diff --git a/config/squid3/34/squid_monitor_data.php b/config/squid3/34/squid_monitor_data.php index c2c3264d..747699cd 100755 --- a/config/squid3/34/squid_monitor_data.php +++ b/config/squid3/34/squid_monitor_data.php @@ -49,9 +49,6 @@ if ($_POST) { // Split line by space delimiter $logline = preg_split("/\s+/", $logent); - // Apply date format to first line - //$logline[0] = date("d.m.Y H:i:s",$logline[0]); - // Word wrap the URL $logline[7] = htmlentities($logline[7]); $logline[7] = html_autowrap($logline[7]); @@ -62,7 +59,7 @@ if ($_POST) { // Apply filter and color // Need validate special chars if ($filter != "") { - $logline = preg_replace("@($filter)@i","<spam><font color='red'>$1</font></span>", $logline); + $logline = preg_replace("@($filter)@i","<span><font color='red'>$1</font></span>", $logline); } echo "<tr valign=\"top\">\n"; @@ -75,6 +72,30 @@ if ($_POST) { echo "</tr>\n"; } break; + case 'squid_cache'; + // Define log file + $log = '/var/squid/logs/cache.log'; + // Show table headers + show_tds(array("Date-Time", "Message")); + // Fetch lines + $logarr = fetch_log($log); + foreach ($logarr as $logent) { + // Split line by delimiter + $logline = preg_split("@\|@", $logent); + + // Replace some build host nonsense and apply time format + $logline[0] = date("d.m.Y H:i:s", strtotime(str_replace("kid1", "", $logline[0]))); + + // Word wrap the message + $logline[1] = htmlentities($logline[1]); + $logline[1] = html_autowrap($logline[1]); + + echo "<tr>\n"; + echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n"; + echo "<td class=\"listr\" nowrap=\"nowrap\">{$logline[1]}</td>\n"; + echo "</tr>\n"; + } + break; case 'sguard'; $log = '/var/squidGuard/log/block.log'; // Show table headers @@ -107,7 +128,7 @@ if ($_POST) { echo "</tr>\n"; } break; - case 'clamav'; + case 'cicap_virus'; // Define log file $log = '/var/log/c-icap/virus.log'; // Show table headers @@ -115,7 +136,7 @@ if ($_POST) { // Fetch lines $logarr = fetch_log($log); foreach ($logarr as $logent) { - // Split line by space delimiter + // Split line by delimiter $logline = preg_split("/\|/", $logent); // Apply time format @@ -135,7 +156,91 @@ if ($_POST) { echo "</tr>\n"; } break; - } + case 'cicap_access'; + // Define log file + $log = '/var/log/c-icap/access.log'; + // Show table headers + show_tds(array("Date-Time", "Message")); + // Fetch lines + $logarr = fetch_log($log); + foreach ($logarr as $logent) { + // Split line by delimiter + $logline = preg_split("/,/", $logent); + + // Apply time format + $logline[0] = date("d.m.Y H:i:s", strtotime($logline[0])); + + // Word wrap the message + $logline[1] = htmlentities($logline[1]); + $logline[1] = html_autowrap($logline[1]); + + echo "<tr>\n"; + echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n"; + echo "<td class=\"listr\" nowrap=\"nowrap\">{$logline[1]}</td>\n"; + echo "</tr>\n"; + } + break; + case 'cicap_server'; + // Define log file + $log = '/var/log/c-icap/server.log'; + // Show table headers + show_tds(array("Date-Time", "Message")); + // Fetch lines + $logarr = fetch_log($log); + foreach ($logarr as $logent) { + // Split line by delimiter + $logline = preg_split("/,/", $logent); + + // Apply time format + $logline[0] = date("d.m.Y H:i:s", strtotime($logline[0])); + + // Word wrap the message + $logline[2] = htmlentities($logline[2]); + $logline[2] = html_autowrap($logline[2]); + + echo "<tr>\n"; + echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n"; + echo "<td class=\"listr\" nowrap=\"nowrap\">{$logline[2]}</td>\n"; + echo "</tr>\n"; + } + break; + case 'freshclam'; + // Define log file + $log = '/var/log/clamav/freshclam.log'; + // Show table headers + show_tds(array("Message")); + // Fetch lines + $logarr = fetch_log($log); + foreach ($logarr as $logent) { + $logline = preg_split("/\n/", $logent); + // Word wrap the message + $logline[0] = htmlentities($logline[0]); + $logline[0] = html_autowrap($logline[0]); + + echo "<tr>\n"; + echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n"; + echo "</tr>\n"; + } + break; + case 'clamd'; + // Define log file + $log = '/var/log/clamav/clamd.log'; + // Show table headers + show_tds(array("Message")); + // Fetch lines + $logarr = fetch_log($log); + foreach ($logarr as $logent) { + $logline = preg_split("/\n/", $logent); + // Word wrap the message + $logline[0] = htmlentities($logline[0]); + $logline[0] = html_autowrap($logline[0]); + + echo "<tr>\n"; + echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n"; + echo "</tr>\n"; + } + break; + } } /* Functions */ diff --git a/config/squid3/34/squid_nac.xml b/config/squid3/34/squid_nac.xml index 4a81ac91..d621231f 100755 --- a/config/squid3/34/squid_nac.xml +++ b/config/squid3/34/squid_nac.xml @@ -42,7 +42,7 @@ ]]> </copyright> <name>squidnac</name> - <version>0.3.5</version> + <version>0.4.1</version> <title>Proxy Server: Access Control</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> @@ -98,9 +98,10 @@ <fieldname>allowed_subnets</fieldname> <description> <![CDATA[ - Enter each subnet on a new line that is allowed to use the proxy.<br/> - The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24).<br/><br/> - Note: The proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy. + Enter subnets that are allowed to use the proxy.<br/> + The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24).<br/> + The proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.<br/> + <strong>Note: Put each entry on a separate line.</strong> ]]> </description> <type>textarea</type> diff --git a/config/squid3/34/squid_reverse.inc b/config/squid3/34/squid_reverse.inc index 9693b21f..f19652b4 100755 --- a/config/squid3/34/squid_reverse.inc +++ b/config/squid3/34/squid_reverse.inc @@ -209,7 +209,11 @@ function squid_resync_reverse() { } if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])) && ($settings['reverse_owa_autodiscover'] == 'on')) { - $reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.'); + if (substr_count($settings['reverse_external_fqdn'], ".") > 1) { + $reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.'); + } else { + $reverse_external_domain = $settings['reverse_external_fqdn']; + } $conf .= "acl OWA_URI_pfs url_regex -i ^http://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n"; $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n"; $conf .= "acl OWA_URI_pfs url_regex -i ^http://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n"; diff --git a/config/squid3/34/squid_reverse_sync.xml b/config/squid3/34/squid_reverse_sync.xml index eb52540f..139c73c3 100755 --- a/config/squid3/34/squid_reverse_sync.xml +++ b/config/squid3/34/squid_reverse_sync.xml @@ -42,7 +42,7 @@ ]]> </copyright> <name>squidsync</name> - <version>0.3.7</version> + <version>0.4.1</version> <title>Reverse Proxy Server: XMLRPC Sync</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> @@ -63,7 +63,7 @@ <url>/pkg.php?xml=squid_reverse_redir.xml</url> </tab> <tab> - <text>Real time</text> + <text>Real Time</text> <url>/squid_monitor.php?menu=reverse</url> </tab> <tab> diff --git a/config/squid3/34/squid_sync.xml b/config/squid3/34/squid_sync.xml index 60e1190c..2f86b7c6 100755 --- a/config/squid3/34/squid_sync.xml +++ b/config/squid3/34/squid_sync.xml @@ -42,8 +42,8 @@ ]]> </copyright> <name>squidsync</name> - <version>0.3.7</version> - <title>Proxy server: XMLRPC Sync</title> + <version>0.4.1</version> + <title>Proxy Server: XMLRPC Sync</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> <tab> diff --git a/config/squid3/34/squid_traffic.xml b/config/squid3/34/squid_traffic.xml index bd01bbb7..810fa62d 100755 --- a/config/squid3/34/squid_traffic.xml +++ b/config/squid3/34/squid_traffic.xml @@ -42,8 +42,8 @@ ]]> </copyright> <name>squidtraffic</name> - <version>0.3.5</version> - <title>Proxy server: Traffic Management</title> + <version>0.4.1</version> + <title>Proxy Server: Traffic Management</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> <tab> @@ -160,7 +160,6 @@ <description>Leave this checked to be able to choose the extensions that throttling will be applied to. Otherwise, all files will be throttled.</description> <type>checkbox</type> <enablefields>throttle_binaries,throttle_cdimages,throttle_multimedia,throttle_others</enablefields> - <default_value>on</default_value> </field> <field> <fielddescr>Throttle Binary Files</fielddescr> diff --git a/config/squid3/34/squid_users.xml b/config/squid3/34/squid_users.xml index c47395b9..fb791b9e 100755 --- a/config/squid3/34/squid_users.xml +++ b/config/squid3/34/squid_users.xml @@ -42,8 +42,8 @@ ]]> </copyright> <name>squidusers</name> - <version>0.3.5</version> - <title>Proxy server: Local users</title> + <version>0.4.1</version> + <title>Proxy Server: Local Users</title> <include_file>/usr/local/pkg/squid.inc</include_file> <delete_string>A proxy server user has been deleted.</delete_string> <addedit_string>A proxy server user has been created/modified.</addedit_string> diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 7dac43b3..2ed6336d 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -1052,7 +1052,7 @@ <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>0.4.0</version> + <version>0.4.1</version> <status>beta</status> <required_version>2.2</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> |