diff options
author | Martin Fuchs <mfuchs77@gmail.com> | 2014-06-13 11:31:52 +0200 |
---|---|---|
committer | Martin Fuchs <mfuchs77@gmail.com> | 2014-06-13 11:31:52 +0200 |
commit | 2bbfbdd783fe46d584d91b6014ef6c86520a9097 (patch) | |
tree | d43466316f4805d9ef1867d81f60afaa1fd690c2 /config/squid3/33/squid_reverse.inc | |
parent | 0ef20f92b5bea3d3487c249d515f905d09f859a7 (diff) | |
download | pfsense-packages-2bbfbdd783fe46d584d91b6014ef6c86520a9097.tar.gz pfsense-packages-2bbfbdd783fe46d584d91b6014ef6c86520a9097.tar.bz2 pfsense-packages-2bbfbdd783fe46d584d91b6014ef6c86520a9097.zip |
allow multiple CAS-servers, correct checks
Diffstat (limited to 'config/squid3/33/squid_reverse.inc')
-rwxr-xr-x | config/squid3/33/squid_reverse.inc | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/config/squid3/33/squid_reverse.inc b/config/squid3/33/squid_reverse.inc index 6ae209b2..69d461e4 100755 --- a/config/squid3/33/squid_reverse.inc +++ b/config/squid3/33/squid_reverse.inc @@ -100,14 +100,22 @@ function squid_resync_reverse() { //PEERS if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip']))) - $conf .= "cache_peer {$settings['reverse_owa_ip']} parent 443 0 proxy-only no-query originserver login=PASSTHRU connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs\n"; - + + if(!empty($settings['reverse_owa_ip'])) { + $reverse_owa_ip = explode(";", ($settings['reverse_owa_ip'])); + $casnr = 0; + foreach ($reverse_owa_ip as $reowaip) { + $casnr++; + $conf .= "cache_peer {$reowaip} parent 443 0 proxy-only no-query originserver login=PASSTHRU connection-auth=on round-robin ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_{$casnr}_pfs\n"; + } + } + $active_peers=array(); if (is_array($reverse_peers)) foreach ($reverse_peers as $rp){ if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !=""){ $conf_peer = "#{$rp['description']}\n"; - $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASSTHRU round-robin "; + $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASSTHRU connection-auth=on round-robin "; if($rp['protocol'] == 'HTTPS') $conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto "; $conf_peer .= "name=rvp_{$rp['name']}\n\n"; @@ -210,8 +218,13 @@ function squid_resync_reverse() { //ACCESS if ($settings['reverse_owa'] == 'on' && !empty($settings['reverse_owa_ip']) && $settings['reverse_https'] =="on") { - $conf .= "cache_peer_access OWA_HOST_pfs allow OWA_URI_pfs\n"; - $conf .= "cache_peer_access OWA_HOST_pfs deny allsrc\n"; + + for($cascnt=1;$cascnt<$casnr+1;$cascnt++) + { + $conf .= "cache_peer_access OWA_HOST_{$cascnt}_pfs allow OWA_URI_pfs\n"; + $conf .= "cache_peer_access OWA_HOST_{$cascnt}_pfs deny allsrc\n"; + } + $conf .= "never_direct allow OWA_URI_pfs\n"; $conf .= "http_access allow OWA_URI_pfs\n"; } |