diff options
author | doktornotor <notordoktor@gmail.com> | 2015-12-01 22:31:33 +0100 |
---|---|---|
committer | doktornotor <notordoktor@gmail.com> | 2015-12-01 22:31:33 +0100 |
commit | 9c69bdb1fa2c86ddd80115c0c7d1a1c29cf2cd78 (patch) | |
tree | 9f523c0ebc603cdd96b2c6ecc382db7c7277e03e /config/squid3 | |
parent | 26f41b6b1136ac5216cd748c6e5e5254275c88a5 (diff) | |
download | pfsense-packages-9c69bdb1fa2c86ddd80115c0c7d1a1c29cf2cd78.tar.gz pfsense-packages-9c69bdb1fa2c86ddd80115c0c7d1a1c29cf2cd78.tar.bz2 pfsense-packages-9c69bdb1fa2c86ddd80115c0c7d1a1c29cf2cd78.zip |
Add option to disable AV scanning of streamed audio/video
Diffstat (limited to 'config/squid3')
-rw-r--r-- | config/squid3/34/squid_antivirus.inc | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/config/squid3/34/squid_antivirus.inc b/config/squid3/34/squid_antivirus.inc index e22ae039..4bf9ea59 100644 --- a/config/squid3/34/squid_antivirus.inc +++ b/config/squid3/34/squid_antivirus.inc @@ -348,6 +348,28 @@ EOF; if (!file_put_contents("{$cf}", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) { log_error("[squid] Could not save generated {$cf} file!"); } + if ($antivirus_config['clamav_disable_stream_scanning'] == "on") { + $stream_exclude = <<< EOF +# Do not scan (streamed) videos and audios +abort ^.*\.(flv|f4f|mp(3|4))(\?.*)?$ +abort ^.*\.(m3u|pls|wmx|aac|mpeg)(\?.*)?$ +abortcontent ^video\/x-flv$ +abortcontent ^video\/mp4$ +abortcontent ^audio\/mp4$ +abortcontent ^.*audio\/mp4.*$ +abortcontent ^video\/webm$ +abortcontent ^audio\/webm$ +abortcontent ^video\/MP2T$ +abortcontent ^audio\/wmx$ +abortcontent ^audio\/mpeg$ +abortcontent ^audio\/aac$ +abortcontent ^.*application\/x-mms-framed.*$ + +EOF; + if (!file_put_contents("{$cf}", "{$stream_exclude}", FILE_APPEND | LOCK_EX)) { + log_error("[squid] Could not add streaming exclusions to {$cf} file!"); + } + } } else { log_error("[squid] Template not found; could not generate '{$cf}' file!"); } @@ -468,6 +490,8 @@ function squid_antivirus_install_config_files() { } else { $squidclamav_r[2] = "{$config['system']['webgui']['protocol']}://{$config['system']['hostname']}.{$config['system']['domain']}:{$port}/squid_clwarn.php"; } + $squidclamav_m[3] = "@dnslookup\s1@"; + $squidclamav_r[3] = "dnslookup 0"; if (!file_put_contents("{$cf}.pfsense", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) { log_error("[squid] Could not save patched '{$cf}.pfsense' template file!"); } |