aboutsummaryrefslogtreecommitdiffstats
path: root/config/squid3
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2014-06-06 14:50:10 -0400
committerjim-p <jimp@pfsense.org>2014-06-06 14:50:10 -0400
commita5b25382c5f7499c674c966e6e50cca60137ab3f (patch)
treea02fbde5a7de1e16b3de6c703734f19fef6d8d0c /config/squid3
parentb8b3dd8ba70ecd4a928c4da509807a06ce98c0a6 (diff)
parent2768bbb36a730449c51654172c14ef87f9c2ea67 (diff)
downloadpfsense-packages-a5b25382c5f7499c674c966e6e50cca60137ab3f.tar.gz
pfsense-packages-a5b25382c5f7499c674c966e6e50cca60137ab3f.tar.bz2
pfsense-packages-a5b25382c5f7499c674c966e6e50cca60137ab3f.zip
Merge pull request #668 from trendchiller/master
Diffstat (limited to 'config/squid3')
-rw-r--r--config/squid3/31/squid_reverse.inc4
-rw-r--r--config/squid3/31/squid_reverse.xml15
-rw-r--r--config/squid3/31/squid_reverse_general.xml15
-rwxr-xr-xconfig/squid3/33/squid_reverse.inc15
-rwxr-xr-xconfig/squid3/33/squid_reverse.xml15
-rwxr-xr-xconfig/squid3/33/squid_reverse_general.xml20
6 files changed, 55 insertions, 29 deletions
diff --git a/config/squid3/31/squid_reverse.inc b/config/squid3/31/squid_reverse.inc
index 993508aa..92bef0fb 100644
--- a/config/squid3/31/squid_reverse.inc
+++ b/config/squid3/31/squid_reverse.inc
@@ -107,7 +107,7 @@ function squid_resync_reverse() {
foreach ($reverse_peers as $rp){
if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !=""){
$conf_peer = "#{$rp['description']}\n";
- $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASS ";
+ $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASS round-robin";
if($rp['protocol'] == 'HTTPS')
$conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto ";
$conf_peer .= "name=rvp_{$rp['name']}\n\n";
@@ -170,6 +170,8 @@ function squid_resync_reverse() {
array_push($owa_dirs,'Microsoft-Server-ActiveSync');
if($settings['reverse_owa_rpchttp'])
array_push($owa_dirs,'rpc/rpcproxy.dll','rpcwithcert/rpcproxy.dll');
+ if($settings['reverse_owa_mapihttp'])
+ array_push($owa_dirs,'mapi');
if($settings['reverse_owa_webservice']){
array_push($owa_dirs,'EWS');
$conf .= "ignore_expect_100 on\n";
diff --git a/config/squid3/31/squid_reverse.xml b/config/squid3/31/squid_reverse.xml
index 7c25c371..28d8cbcf 100644
--- a/config/squid3/31/squid_reverse.xml
+++ b/config/squid3/31/squid_reverse.xml
@@ -165,7 +165,7 @@
<fieldname>reverse_https</fieldname>
<description>If this field is checked, the proxy-server will act in HTTPS reverse mode. &lt;br&gt;(You have to add a rule with destination "WAN-address")</description>
<type>checkbox</type>
- <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields>
+ <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields>
<required/>
<default_value>off</default_value>
</field>
@@ -214,12 +214,12 @@
<fieldname>reverse_owa</fieldname>
<description>If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.</description>
<type>checkbox</type>
- <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields>
+ <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields>
</field>
<field>
- <fielddescr>OWA frontend IP address</fielddescr>
+ <fielddescr>CAS-Array / OWA frontend IP address</fielddescr>
<fieldname>reverse_owa_ip</fieldname>
- <description>This is the internal IP Address of the OWA frontend server.</description>
+ <description>This is the internal IP Address of the CAS-Array / OWA frontend server.</description>
<type>input</type>
<size>15</size>
</field>
@@ -236,6 +236,13 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Enable MAPI HTTP</fielddescr>
+ <fieldname>reverse_owa_mapihttp</fieldname>
+ <description><![CDATA[If this field is checked, MAPI over HTTP will be enabled.<br>
+ <strong>This feature is only available with at least Exchange 2013 SP1</strong>]]></description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>Enable Exchange WebServices</fielddescr>
<fieldname>reverse_owa_webservice</fieldname>
<description><![CDATA[If this field is checked, Exchange WebServices will be enabled.<br>
diff --git a/config/squid3/31/squid_reverse_general.xml b/config/squid3/31/squid_reverse_general.xml
index 2211bb20..029072a6 100644
--- a/config/squid3/31/squid_reverse_general.xml
+++ b/config/squid3/31/squid_reverse_general.xml
@@ -149,7 +149,7 @@
<fieldname>reverse_https</fieldname>
<description>If this field is checked, the proxy-server will act in HTTPS reverse mode. &lt;br&gt;(You have to add a rule with destination "WAN-address")</description>
<type>checkbox</type>
- <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields>
+ <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields>
<required/>
<default_value>off</default_value>
</field>
@@ -202,12 +202,12 @@
<fieldname>reverse_owa</fieldname>
<description>If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.</description>
<type>checkbox</type>
- <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields>
+ <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields>
</field>
<field>
- <fielddescr>OWA frontend IP address</fielddescr>
+ <fielddescr>CAS-Array / OWA frontend IP address</fielddescr>
<fieldname>reverse_owa_ip</fieldname>
- <description>This is the internal IP Address of the OWA frontend server.</description>
+ <description>This is the internal IP Address of the CAS-Array / OWA frontend server.</description>
<type>input</type>
<size>15</size>
</field>
@@ -224,6 +224,13 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Enable MAPI HTTP</fielddescr>
+ <fieldname>reverse_owa_mapihttp</fieldname>
+ <description><![CDATA[If this field is checked, MAPI over HTTP will be enabled.<br>
+ <strong>This feature is only available with at least Exchange 2013 SP1</strong>]]></description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>Enable Exchange WebServices</fielddescr>
<fieldname>reverse_owa_webservice</fieldname>
<description><![CDATA[If this field is checked, Exchange WebServices will be enabled.<br>
diff --git a/config/squid3/33/squid_reverse.inc b/config/squid3/33/squid_reverse.inc
index 34ff2366..eca216a1 100755
--- a/config/squid3/33/squid_reverse.inc
+++ b/config/squid3/33/squid_reverse.inc
@@ -89,9 +89,6 @@ function squid_resync_reverse() {
if(!empty($settings['reverse_ip'])) {
$reverse_ip = explode(";", ($settings['reverse_ip']));
foreach ($reverse_ip as $reip) {
- //IPv6 Addresses need to be enclosed in brackets
- if (strpos($reip, ':')) $reip = '[' . $reip . ']';
-
//HTTP
if (!empty($settings['reverse_http']))
$conf .= "http_port {$reip}:{$http_port} accel defaultsite={$http_defsite} vhost\n";
@@ -103,14 +100,14 @@ function squid_resync_reverse() {
//PEERS
if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])))
- $conf .= "cache_peer {$settings['reverse_owa_ip']} parent 443 0 proxy-only no-query originserver login=PASS connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs\n";
+ $conf .= "cache_peer {$settings['reverse_owa_ip']} parent 443 0 proxy-only no-query originserver login=PASSTHRU connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs\n";
$active_peers=array();
if (is_array($reverse_peers))
foreach ($reverse_peers as $rp){
if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !=""){
$conf_peer = "#{$rp['description']}\n";
- $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASS round-robin ";
+ $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASSTHRU round-robin";
if($rp['protocol'] == 'HTTPS')
$conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto ";
$conf_peer .= "name=rvp_{$rp['name']}\n\n";
@@ -173,10 +170,12 @@ function squid_resync_reverse() {
array_push($owa_dirs,'Microsoft-Server-ActiveSync');
if($settings['reverse_owa_rpchttp'])
array_push($owa_dirs,'rpc/rpcproxy.dll','rpcwithcert/rpcproxy.dll');
+ if($settings['reverse_owa_mapihttp'])
+ array_push($owa_dirs,'mapi');
if($settings['reverse_owa_webservice']){
array_push($owa_dirs,'EWS');
- //$conf .= "ignore_expect_100 on\n"; Obsolete on 3.3
- }
+ $conf .= "ignore_expect_100 on\n";
+ }
}
if (is_array($owa_dirs))
foreach ($owa_dirs as $owa_dir)
@@ -186,7 +185,7 @@ function squid_resync_reverse() {
$reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.');
$conf .= "acl OWA_URI_pfs url_regex -i ^https://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n";
}
- }
+ }
//$conf .= "ssl_unclean_shutdown on";
if (is_array($reverse_maps))
foreach ($reverse_maps as $rm){
diff --git a/config/squid3/33/squid_reverse.xml b/config/squid3/33/squid_reverse.xml
index 7c25c371..28d8cbcf 100755
--- a/config/squid3/33/squid_reverse.xml
+++ b/config/squid3/33/squid_reverse.xml
@@ -165,7 +165,7 @@
<fieldname>reverse_https</fieldname>
<description>If this field is checked, the proxy-server will act in HTTPS reverse mode. &lt;br&gt;(You have to add a rule with destination "WAN-address")</description>
<type>checkbox</type>
- <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields>
+ <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields>
<required/>
<default_value>off</default_value>
</field>
@@ -214,12 +214,12 @@
<fieldname>reverse_owa</fieldname>
<description>If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.</description>
<type>checkbox</type>
- <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields>
+ <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields>
</field>
<field>
- <fielddescr>OWA frontend IP address</fielddescr>
+ <fielddescr>CAS-Array / OWA frontend IP address</fielddescr>
<fieldname>reverse_owa_ip</fieldname>
- <description>This is the internal IP Address of the OWA frontend server.</description>
+ <description>This is the internal IP Address of the CAS-Array / OWA frontend server.</description>
<type>input</type>
<size>15</size>
</field>
@@ -236,6 +236,13 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Enable MAPI HTTP</fielddescr>
+ <fieldname>reverse_owa_mapihttp</fieldname>
+ <description><![CDATA[If this field is checked, MAPI over HTTP will be enabled.<br>
+ <strong>This feature is only available with at least Exchange 2013 SP1</strong>]]></description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>Enable Exchange WebServices</fielddescr>
<fieldname>reverse_owa_webservice</fieldname>
<description><![CDATA[If this field is checked, Exchange WebServices will be enabled.<br>
diff --git a/config/squid3/33/squid_reverse_general.xml b/config/squid3/33/squid_reverse_general.xml
index 374666d7..029072a6 100755
--- a/config/squid3/33/squid_reverse_general.xml
+++ b/config/squid3/33/squid_reverse_general.xml
@@ -149,7 +149,7 @@
<fieldname>reverse_https</fieldname>
<description>If this field is checked, the proxy-server will act in HTTPS reverse mode. &lt;br&gt;(You have to add a rule with destination "WAN-address")</description>
<type>checkbox</type>
- <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields>
+ <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields>
<required/>
<default_value>off</default_value>
</field>
@@ -200,17 +200,14 @@
<field>
<fielddescr>Enable OWA reverse proxy</fielddescr>
<fieldname>reverse_owa</fieldname>
- <description><![CDATA[If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.<br><br>
- See also:<br>
- <a target=_new href='http://support.microsoft.com/?scid=kb%3Ben-us%3B327800&x=17&y=16'>How to configure SSL Offloading for Outlook Web Access in Exchange 2000 Server and in Exchange Server 2003</a>
- ]]></description>
+ <description>If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.</description>
<type>checkbox</type>
- <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields>
+ <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields>
</field>
<field>
- <fielddescr>OWA frontend IP address</fielddescr>
+ <fielddescr>CAS-Array / OWA frontend IP address</fielddescr>
<fieldname>reverse_owa_ip</fieldname>
- <description>This is the internal IP Address of the OWA frontend server.</description>
+ <description>This is the internal IP Address of the CAS-Array / OWA frontend server.</description>
<type>input</type>
<size>15</size>
</field>
@@ -227,6 +224,13 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Enable MAPI HTTP</fielddescr>
+ <fieldname>reverse_owa_mapihttp</fieldname>
+ <description><![CDATA[If this field is checked, MAPI over HTTP will be enabled.<br>
+ <strong>This feature is only available with at least Exchange 2013 SP1</strong>]]></description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>Enable Exchange WebServices</fielddescr>
<fieldname>reverse_owa_webservice</fieldname>
<description><![CDATA[If this field is checked, Exchange WebServices will be enabled.<br>