aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2015-02-02 13:58:29 -0200
committerRenato Botelho <garga@FreeBSD.org>2015-02-02 13:58:29 -0200
commita93180d7bdd2a6db94fa29ea8370cf7cdef75f67 (patch)
treed382f731384f780150edfd7205f42510f2bdc3f7
parent5fc9cb859916ac1fdbe9fef605565545e8ed4421 (diff)
parent72b9436fbfe460b3b5c8308ad4d523d56d924bfd (diff)
downloadpfsense-packages-a93180d7bdd2a6db94fa29ea8370cf7cdef75f67.tar.gz
pfsense-packages-a93180d7bdd2a6db94fa29ea8370cf7cdef75f67.tar.bz2
pfsense-packages-a93180d7bdd2a6db94fa29ea8370cf7cdef75f67.zip
Merge pull request #789 from CinoNY/patch-3
-rwxr-xr-xconfig/squid3/34/squid.inc3
-rw-r--r--config/squid3/34/squid.xml16
2 files changed, 14 insertions, 5 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index ddea98f4..69a50125 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -1025,7 +1025,8 @@ EOD;
$conf .= "acl localnet src $src\n";
$valid_acls[] = 'localnet';
}
- if ($settings['disable_xforward']) $conf .= "forwarded_for off\n";
+ if ($settings['xforward_mode']) $conf .= "forwarded_for {$settings['xforward_mode']}\n";
+ else $conf .= "forwarded_for on\n"; //only used for first run
if ($settings['disable_via']) $conf .= "via off\n";
if ($settings['disable_squidversion']) $conf .= "httpd_suppress_version_string on\n";
if (!empty($settings['uri_whitespace'])) $conf .= "uri_whitespace {$settings['uri_whitespace']}\n";
diff --git a/config/squid3/34/squid.xml b/config/squid3/34/squid.xml
index 86d135ff..57dfc938 100644
--- a/config/squid3/34/squid.xml
+++ b/config/squid3/34/squid.xml
@@ -485,10 +485,18 @@
<default_value>en</default_value>
</field>
<field>
- <fielddescr>Disable X-Forward</fielddescr>
- <fieldname>disable_xforward</fieldname>
- <description>If not set, Squid will include your system's IP address or name in the HTTP requests it forwards.</description>
- <type>checkbox</type>
+ <fielddescr>X-Forward Mode</fielddescr>
+ <fieldname>xforward_mode</fieldname>
+ <description>&lt;p&gt;&lt;b&gt; on:&lt;/b&gt; Squid will append your client's IP address in the HTTP requests it forwards. (Default)&lt;p&gt; By default it looks like: X-Forwarded-For: 192.1.2.3 &lt;p&gt; &lt;b&gt; off:&lt;/b&gt; It will appear as: X-Forwarded-For: unknown&lt;p&gt; &lt;b&gt; transparent:&lt;/b&gt; Squid will not alter the X-Forwarded-For header in any way.&lt;p&gt; &lt;b&gt; delete:&lt;/b&gt; Squid will delete the entire X-Forwarded-For header.&lt;p&gt; &lt;b&gt; truncate:&lt;/b&gt; Squid will remove all existing X-Forwarded-For entries, and place the client IP as the sole entry.</description>
+ <type>select</type>
+ <default_value>on</default_value>
+ <options>
+ <option><name>(on)</name><value>on</value></option>
+ <option><name>off</name><value>off</value></option>
+ <option><name>transparent</name><value>transparent</value></option>
+ <option><name>delete</name><value>delete</value></option>
+ <option><name>truncate</name><value>truncate</value></option>
+ </options>
</field>
<field>
<fielddescr>Disable VIA</fielddescr>