diff options
author | Alexander Wilke <nachtfalkeaw@web.de> | 2013-04-11 23:03:23 +0300 |
---|---|---|
committer | Alexander Wilke <nachtfalkeaw@web.de> | 2013-04-11 23:03:23 +0300 |
commit | 81dabcbf979957672bf61269f2d80ebb98103781 (patch) | |
tree | c33bd5802a7f8eef3d40e63b3d54a605d2bdc99f /config/squid-reverse/squid.inc | |
parent | 1197f1c9e6f28ff2c2df8675667c4a7caa957983 (diff) | |
download | pfsense-packages-81dabcbf979957672bf61269f2d80ebb98103781.tar.gz pfsense-packages-81dabcbf979957672bf61269f2d80ebb98103781.tar.bz2 pfsense-packages-81dabcbf979957672bf61269f2d80ebb98103781.zip |
Update squid.inc
GUI option to block user-agent and reply_mime_types like javascript
Diffstat (limited to 'config/squid-reverse/squid.inc')
-rw-r--r-- | config/squid-reverse/squid.inc | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/config/squid-reverse/squid.inc b/config/squid-reverse/squid.inc index fef9590c..55d4a372 100644 --- a/config/squid-reverse/squid.inc +++ b/config/squid-reverse/squid.inc @@ -225,6 +225,20 @@ function squid_install_command() { $config['installedpackages']['squidnac']['config'][0]['blacklist'] = $settingsnac['blacklist']; } } + + if(! empty($settingsnac['block_user_agent'])) { + if(strstr($settingsnac['block_user_agent'], ",")) { + $settingsnac['block_user_agent'] = base64_encode(implode("\n", explode(",", $settingsnac['block_user_agent']))); + $config['installedpackages']['squidnac']['config'][0]['block_user_agent'] = $settingsnac['block_user_agent']; + } + } + + if(! empty($settingsnac['block_reply_mime_type'])) { + if(strstr($settingsnac['block_reply_mime_type'], ",")) { + $settingsnac['block_reply_mime_type'] = base64_encode(implode("\n", explode(",", $settingsnac['block_reply_mime_type']))); + $config['installedpackages']['squidnac']['config'][0]['block_reply_mime_type'] = $settingsnac['block_reply_mime_type']; + } + } /*Migrate reverse settings*/ if (is_array($config['installedpackages']['squidreverse'])){ @@ -1078,6 +1092,8 @@ EOD; 'banned_hosts' => 'src', 'whitelist' => 'dstdom_regex -i', 'blacklist' => 'dstdom_regex -i', + 'block_user_agent' => 'browser -i', + 'block_reply_mime_type' => 'rep_mime_type -i', ); foreach ($options as $option => $directive) { $contents = sq_text_area_decode($settings[$option]); @@ -1291,6 +1307,18 @@ function squid_resync_auth() { $conf .= "http_access deny blacklist\n"; } } + if(! empty($settingsnac['block_user_agent'])) { + if (squid_is_valid_acl('block_user_agent')) { + $conf .= "# Block access with user agents and browsers\n"; + $conf .= "http_access deny block_user_agent\n"; + } + } + if(! empty($settingsnac['block_reply_mime_type'])) { + if (squid_is_valid_acl('block_reply_mime_type')) { + $conf .= "# Block access with mime type in the reply\n"; + $conf .= "http_reply_access deny block_reply_mime_type\n"; + } + } $transparent_proxy = ($settingsconfig['transparent_proxy'] == 'on'); $auth_method = (($settings['auth_method'] && !$transparent_proxy) ? $settings['auth_method'] : 'none'); |