diff options
| author | Chris Buechler <cmb@pfsense.org> | 2015-12-01 19:08:22 -0600 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2015-12-01 19:08:22 -0600 |
| commit | f658cd9051dcf73460125751b9f95bf41d0333c9 (patch) | |
| tree | b864358ab9982c08ae444782ba7cee371f1f5d3a | |
| parent | ed94a2663b00fe7d5c7bf20443b043fe420dc659 (diff) | |
| parent | 0e7b5b67fdc119051914ad47e409bc688ba5aae9 (diff) | |
| download | pfsense-packages-f658cd9051dcf73460125751b9f95bf41d0333c9.tar.gz pfsense-packages-f658cd9051dcf73460125751b9f95bf41d0333c9.tar.bz2 pfsense-packages-f658cd9051dcf73460125751b9f95bf41d0333c9.zip | |
Merge pull request #1196 from doktornotor/patch-1
| -rw-r--r-- | config/squid3/34/squid_antivirus.inc | 24 | ||||
| -rwxr-xr-x | config/squid3/34/squid_antivirus.xml | 12 | ||||
| -rw-r--r-- | config/squid3/34/squid_js.inc | 5 | ||||
| -rw-r--r-- | pkg_config.10.xml | 4 |
4 files changed, 40 insertions, 5 deletions
diff --git a/config/squid3/34/squid_antivirus.inc b/config/squid3/34/squid_antivirus.inc index e22ae039..4bf9ea59 100644 --- a/config/squid3/34/squid_antivirus.inc +++ b/config/squid3/34/squid_antivirus.inc @@ -348,6 +348,28 @@ EOF; if (!file_put_contents("{$cf}", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) { log_error("[squid] Could not save generated {$cf} file!"); } + if ($antivirus_config['clamav_disable_stream_scanning'] == "on") { + $stream_exclude = <<< EOF +# Do not scan (streamed) videos and audios +abort ^.*\.(flv|f4f|mp(3|4))(\?.*)?$ +abort ^.*\.(m3u|pls|wmx|aac|mpeg)(\?.*)?$ +abortcontent ^video\/x-flv$ +abortcontent ^video\/mp4$ +abortcontent ^audio\/mp4$ +abortcontent ^.*audio\/mp4.*$ +abortcontent ^video\/webm$ +abortcontent ^audio\/webm$ +abortcontent ^video\/MP2T$ +abortcontent ^audio\/wmx$ +abortcontent ^audio\/mpeg$ +abortcontent ^audio\/aac$ +abortcontent ^.*application\/x-mms-framed.*$ + +EOF; + if (!file_put_contents("{$cf}", "{$stream_exclude}", FILE_APPEND | LOCK_EX)) { + log_error("[squid] Could not add streaming exclusions to {$cf} file!"); + } + } } else { log_error("[squid] Template not found; could not generate '{$cf}' file!"); } @@ -468,6 +490,8 @@ function squid_antivirus_install_config_files() { } else { $squidclamav_r[2] = "{$config['system']['webgui']['protocol']}://{$config['system']['hostname']}.{$config['system']['domain']}:{$port}/squid_clwarn.php"; } + $squidclamav_m[3] = "@dnslookup\s1@"; + $squidclamav_r[3] = "dnslookup 0"; if (!file_put_contents("{$cf}.pfsense", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) { log_error("[squid] Could not save patched '{$cf}.pfsense' template file!"); } diff --git a/config/squid3/34/squid_antivirus.xml b/config/squid3/34/squid_antivirus.xml index 495ef342..e70acf55 100755 --- a/config/squid3/34/squid_antivirus.xml +++ b/config/squid3/34/squid_antivirus.xml @@ -42,7 +42,7 @@ ]]> </copyright> <name>squidantivirus</name> - <version>0.4.1</version> + <version>0.4.6</version> <title>Proxy Server: Antivirus</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> @@ -165,6 +165,16 @@ <type>checkbox</type> </field> <field> + <fielddescr>Exclude Audio/Video Streams</fielddescr> + <fieldname>clamav_disable_stream_scanning</fieldname> + <description> + <![CDATA[ + This option disables antivirus scanning of streamed video and audio. + ]]> + </description> + <type>checkbox</type> + </field> + <field> <fielddescr>ClamAV Database Update</fielddescr> <fieldname>clamav_update</fieldname> <description> diff --git a/config/squid3/34/squid_js.inc b/config/squid3/34/squid_js.inc index 59b75e60..33f1923d 100644 --- a/config/squid3/34/squid_js.inc +++ b/config/squid3/34/squid_js.inc @@ -215,11 +215,10 @@ function on_antivirus_advanced_config_changed() { if (enable_advanced === 'disabled') { document.iform['clamav_url'].disabled = 0; document.iform['clamav_safebrowsing'].disabled = 0; + document.iform['clamav_disable_stream_scanning'].disabled = 0; document.iform['clamav_update'].disabled = 0; document.iform['clamav_dbregion'].disabled = 0; document.iform['clamav_dbservers'].disabled = 0; - document.iform['clamav_dbservers'].disabled = 0; - document.iform['clamav_dbservers'].disabled = 0; document.getElementById("load_advanced").disabled = 1; document.iform['raw_squidclamav_conf'].disabled = 1; document.iform['raw_squidclamav_conf'].value = ''; @@ -235,6 +234,8 @@ function on_antivirus_advanced_config_changed() { document.iform['clamav_url'].disabled = 1; document.iform['clamav_safebrowsing'].disabled = 1; document.getElementById('clamav_safebrowsing').checked = 0; + document.iform['clamav_disable_stream_scanning'].disabled = 1; + document.getElementById('clamav_disable_stream_scanning').checked = 0; document.iform['clamav_update'].disabled = 0; document.iform['clamav_dbregion'].disabled = 1; document.getElementById("clamav_dbregion").value = ''; diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 343f2575..eec3985f 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -1089,8 +1089,8 @@ <pkginfolink>https://forum.pfsense.org/index.php?topic=100167.0</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Services</category> - <version>0.4.5</version> - <status>BETA</status> + <version>0.4.6</version> + <status>RC</status> <required_version>2.2</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> <run_depends>sbin/squid:www/squid libexec/squid/squid_radius_auth:www/squid_radius_auth lib/c_icap/virus_scan.so:www/c-icap-modules lib/c_icap/squidclamav.so:www/squidclamav</run_depends> |