aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexander Wilke <nachtfalkeaw@web.de>2013-04-11 23:03:23 +0300
committerAlexander Wilke <nachtfalkeaw@web.de>2013-04-11 23:03:23 +0300
commit81dabcbf979957672bf61269f2d80ebb98103781 (patch)
treec33bd5802a7f8eef3d40e63b3d54a605d2bdc99f
parent1197f1c9e6f28ff2c2df8675667c4a7caa957983 (diff)
downloadpfsense-packages-81dabcbf979957672bf61269f2d80ebb98103781.tar.gz
pfsense-packages-81dabcbf979957672bf61269f2d80ebb98103781.tar.bz2
pfsense-packages-81dabcbf979957672bf61269f2d80ebb98103781.zip
Update squid.inc
GUI option to block user-agent and reply_mime_types like javascript
-rw-r--r--config/squid-reverse/squid.inc28
1 files changed, 28 insertions, 0 deletions
diff --git a/config/squid-reverse/squid.inc b/config/squid-reverse/squid.inc
index fef9590c..55d4a372 100644
--- a/config/squid-reverse/squid.inc
+++ b/config/squid-reverse/squid.inc
@@ -225,6 +225,20 @@ function squid_install_command() {
$config['installedpackages']['squidnac']['config'][0]['blacklist'] = $settingsnac['blacklist'];
}
}
+
+ if(! empty($settingsnac['block_user_agent'])) {
+ if(strstr($settingsnac['block_user_agent'], ",")) {
+ $settingsnac['block_user_agent'] = base64_encode(implode("\n", explode(",", $settingsnac['block_user_agent'])));
+ $config['installedpackages']['squidnac']['config'][0]['block_user_agent'] = $settingsnac['block_user_agent'];
+ }
+ }
+
+ if(! empty($settingsnac['block_reply_mime_type'])) {
+ if(strstr($settingsnac['block_reply_mime_type'], ",")) {
+ $settingsnac['block_reply_mime_type'] = base64_encode(implode("\n", explode(",", $settingsnac['block_reply_mime_type'])));
+ $config['installedpackages']['squidnac']['config'][0]['block_reply_mime_type'] = $settingsnac['block_reply_mime_type'];
+ }
+ }
/*Migrate reverse settings*/
if (is_array($config['installedpackages']['squidreverse'])){
@@ -1078,6 +1092,8 @@ EOD;
'banned_hosts' => 'src',
'whitelist' => 'dstdom_regex -i',
'blacklist' => 'dstdom_regex -i',
+ 'block_user_agent' => 'browser -i',
+ 'block_reply_mime_type' => 'rep_mime_type -i',
);
foreach ($options as $option => $directive) {
$contents = sq_text_area_decode($settings[$option]);
@@ -1291,6 +1307,18 @@ function squid_resync_auth() {
$conf .= "http_access deny blacklist\n";
}
}
+ if(! empty($settingsnac['block_user_agent'])) {
+ if (squid_is_valid_acl('block_user_agent')) {
+ $conf .= "# Block access with user agents and browsers\n";
+ $conf .= "http_access deny block_user_agent\n";
+ }
+ }
+ if(! empty($settingsnac['block_reply_mime_type'])) {
+ if (squid_is_valid_acl('block_reply_mime_type')) {
+ $conf .= "# Block access with mime type in the reply\n";
+ $conf .= "http_reply_access deny block_reply_mime_type\n";
+ }
+ }
$transparent_proxy = ($settingsconfig['transparent_proxy'] == 'on');
$auth_method = (($settings['auth_method'] && !$transparent_proxy) ? $settings['auth_method'] : 'none');