aboutsummaryrefslogtreecommitdiffstats
path: root/config/squid3/34
diff options
context:
space:
mode:
authordoktornotor <notordoktor@gmail.com>2015-10-06 05:23:49 +0200
committerdoktornotor <notordoktor@gmail.com>2015-10-06 05:23:49 +0200
commit3fdfc319f7136be9cbd337c185a110ec620a99e4 (patch)
treee64b98a370f84104989a322d6798e461f72cd41f /config/squid3/34
parent0b7b038ad2a82751872d3c9c2df9412bcc7c7419 (diff)
downloadpfsense-packages-3fdfc319f7136be9cbd337c185a110ec620a99e4.tar.gz
pfsense-packages-3fdfc319f7136be9cbd337c185a110ec620a99e4.tar.bz2
pfsense-packages-3fdfc319f7136be9cbd337c185a110ec620a99e4.zip
Major rework of antivirus features logic
Users can either maintain raw config files manually now, or use the GUI options, but not both at the same time. There are some JS hacks in squid_js.inc.php to toggle various GUI options and features depending on whether raw config is being used or now, None of the previous configuration junk is migrated since it was just badly broken.
Diffstat (limited to 'config/squid3/34')
-rwxr-xr-xconfig/squid3/34/squid_antivirus.xml116
1 files changed, 83 insertions, 33 deletions
diff --git a/config/squid3/34/squid_antivirus.xml b/config/squid3/34/squid_antivirus.xml
index 94c788a0..e7d046f0 100755
--- a/config/squid3/34/squid_antivirus.xml
+++ b/config/squid3/34/squid_antivirus.xml
@@ -42,7 +42,7 @@
]]>
</copyright>
<name>squidantivirus</name>
- <version>0.3.8</version>
+ <version>0.3.9</version>
<title>Proxy server: Antivirus</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
@@ -88,6 +88,7 @@
<url>/pkg_edit.php?xml=squid_sync.xml</url>
</tab>
</tabs>
+ <advanced_options>enabled</advanced_options>
<fields>
<field>
<name>ClamAV Anti-Virus Integration Using C-ICAP</name>
@@ -99,15 +100,33 @@
<description>Enable Squid antivirus check using ClamAV.</description>
<type>checkbox</type>
</field>
- <!--
+ <field>
+ <fielddescr>Client Forward Options</fielddescr>
+ <fieldname>client_info</fieldname>
+ <description>
+ <![CDATA[
+ Select what client info to forward to ClamAV.
+ ]]>
+ </description>
+ <type>select</type>
+ <default_value>both</default_value>
+ <options>
+ <option><name>Send both client username and IP info (Default)</name><value>both</value></option>
+ <option><name>Send only client username</name><value>username</value></option>
+ <option><name>Send only client IP</name><value>ip</value></option>
+ <option><name>Do not send client info</name><value>none</value></option>
+ </options>
+ </field>
<field>
<fielddescr>Enable Manual Configuration</fielddescr>
<fieldname>enable_advanced</fieldname>
<description>
<![CDATA[
- When enabled, the options under 'ClamAV Anti-Virus Integration Using C-ICAP' no longer have any effect.<br/>
- You must edit the configuration files directly in the 'Advanced Options'.<br/>
- <strong><span class="errmsg">Warning:</span> Only enable this if you know what are you doing.</strong>
+ When enabled, the options below no longer have any effect.<br/>
+ You must edit the configuration files directly in the 'Advanced Features'.<br/>
+ <strong><span class="errmsg">Warning:</span> Only enable this if you know what are you doing.</strong><br/><br/>
+ After enabling manual configuration, click <input name='load_advanced' id='load_advanced' type='submit' value='Load Advanced' /> button once to load default configuration files.
+ To disable manual configuration again, select 'disabled' and click 'Save' button.
]]>
</description>
<type>select</type>
@@ -118,23 +137,19 @@
<default_value>disabled</default_value>
<onchange>on_antivirus_advanced_config_changed()</onchange>
</field>
- -->
<field>
- <fielddescr>Client Forward Options</fielddescr>
- <fieldname>client_info</fieldname>
+ <fielddescr>Redirect URL</fielddescr>
+ <fieldname>clamav_url</fieldname>
<description>
<![CDATA[
- Select what client info to forward to ClamAV.
+ When a virus is found then redirect the user to this URL.<br />
+ Leave empty to use the default Squid/pfSense WebGUI URL.<br/>
+ <strong>Example:</strong> http://proxy.example.com/blocked.html
]]>
</description>
- <type>select</type>
- <default_value>both</default_value>
- <options>
- <option><name>Send both client username and IP info (Default)</name><value>both</value></option>
- <option><name>Send only client username</name><value>username</value></option>
- <option><name>Send only client IP</name><value>ip</value></option>
- <option><name>Do not send client info</name><value>none</value></option>
- </options>
+ <type>input</type>
+ <cols>60</cols>
+
</field>
<field>
<fielddescr>Google Safe Browsing</fielddescr>
@@ -156,7 +171,7 @@
<![CDATA[
Optionally, you can schedule ClamAV definitions updates via cron.<br/>
Select the desired frequency here.<br/><br/>
- <input name='submit' type='submit' value='Update AV' />
+ <input name='update_av' id='update_av' type='submit' value='Update AV' />
Click the button to update AV databases now.<br/>
<strong>Note: This will take a while.</strong> Check /var/log/clamav/freshclam.log for progress information.
]]>
@@ -215,64 +230,99 @@
</description>
<type>input</type>
<cols>60</cols>
- <rows>5</rows>
- </field>
- <field>
- <name>Advanced Options</name>
- <type>listtopic</type>
</field>
<field>
<fielddescr>squidclamav.conf</fielddescr>
- <fieldname>squidclamav</fieldname>
- <description>squidclamav.conf file. Leave empty to load sample file. Edit only if you know what are you doing.</description>
+ <fieldname>raw_squidclamav_conf</fieldname>
+ <description>squidclamav.conf file. Edit only if you know what are you doing.</description>
<type>textarea</type>
<encoding>base64</encoding>
<cols>85</cols>
<rows>15</rows>
+ <advancedfield/>
</field>
<field>
<fielddescr>c-icap.conf</fielddescr>
- <fieldname>c-icap_conf</fieldname>
- <description>c-icap.conf file. Leave empty to load sample file. Edit only if you know what are you doing.</description>
+ <fieldname>raw_cicap_conf</fieldname>
+ <description>c-icap.conf file. Edit only if you know what are you doing.</description>
<type>textarea</type>
<encoding>base64</encoding>
<cols>85</cols>
<rows>15</rows>
+ <advancedfield/>
</field>
<field>
<fielddescr>c-icap.magic</fielddescr>
- <fieldname>c-icap_magic</fieldname>
- <description>c-icap.conf file. Leave empty to load sample file. Edit only if you know what are you doing.</description>
+ <fieldname>raw_cicap_magic</fieldname>
+ <description>c-icap.conf file. Edit only if you know what are you doing.</description>
<type>textarea</type>
<encoding>base64</encoding>
<cols>85</cols>
<rows>15</rows>
+ <advancedfield/>
</field>
<field>
<fielddescr>freshclam.conf</fielddescr>
- <fieldname>freshclam_conf</fieldname>
- <description>freshclam.conf file. Leave empty to load sample file. Edit only if you know what are you doing.</description>
+ <fieldname>raw_freshclam_conf</fieldname>
+ <description>freshclam.conf file. Edit only if you know what are you doing.</description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <cols>85</cols>
+ <rows>15</rows>
+ <advancedfield/>
+ </field>
+ <field>
+ <fielddescr>clamd.conf</fielddescr>
+ <fieldname>raw_clamd_conf</fieldname>
+ <description>clamd.conf file. Edit only if you know what are you doing.</description>
<type>textarea</type>
<encoding>base64</encoding>
<cols>85</cols>
<rows>15</rows>
+ <advancedfield/>
</field>
</fields>
- <!--
<custom_php_after_head_command>
squid_print_antivirus_advanced_config();
</custom_php_after_head_command>
<custom_php_before_form_command>
+ <![CDATA[
squid_print_antivirus_advanced_config2();
+ if ($_POST['enable_advanced'] == "enabled") {
+ $opts = array("clamav_url", "clamav_safebrowsing", "clamav_update", "clamav_dbregion", "clamav_dbservers");
+ foreach ($opts as $opt) {
+ if (isset($_POST[$opt])) {
+ unset($_POST[$opt]);
+ }
+ }
+ } else {
+ $opts = array("raw_squidclamav_conf", "raw_cicap_conf", "raw_cicap_magic", "raw_freshclam_conf", "raw_clamd_conf");
+ foreach ($opts as $opt) {
+ if (isset($_POST[$opt])) {
+ unset($_POST[$opt]);
+ }
+ }
+ }
+ ]]>
</custom_php_before_form_command>
<custom_php_after_form_command>
squid_print_antivirus_advanced_config2();
</custom_php_after_form_command>
- -->
<custom_php_validation_command>
squid_validate_antivirus($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
+ <![CDATA[
+ if ($_POST['load_advanced'] == "Load Advanced" ) {
+ return;
+ }
+ if ($_POST['update_av'] == 'Update AV') {
+ return;
+ }
+ if ($_POST['enable_advanced'] == "enabled" ) {
+ squid_antivirus_put_raw_config($_POST);
+ }
squid_resync();
+ ]]>
</custom_php_resync_config_command>
</packagegui>