aboutsummaryrefslogtreecommitdiffstats
path: root/config/squid3
diff options
context:
space:
mode:
authorChris Buechler <cmb@pfsense.org>2015-12-01 19:08:22 -0600
committerChris Buechler <cmb@pfsense.org>2015-12-01 19:08:22 -0600
commitf658cd9051dcf73460125751b9f95bf41d0333c9 (patch)
treeb864358ab9982c08ae444782ba7cee371f1f5d3a /config/squid3
parented94a2663b00fe7d5c7bf20443b043fe420dc659 (diff)
parent0e7b5b67fdc119051914ad47e409bc688ba5aae9 (diff)
downloadpfsense-packages-f658cd9051dcf73460125751b9f95bf41d0333c9.tar.gz
pfsense-packages-f658cd9051dcf73460125751b9f95bf41d0333c9.tar.bz2
pfsense-packages-f658cd9051dcf73460125751b9f95bf41d0333c9.zip
Merge pull request #1196 from doktornotor/patch-1
Diffstat (limited to 'config/squid3')
-rw-r--r--config/squid3/34/squid_antivirus.inc24
-rwxr-xr-xconfig/squid3/34/squid_antivirus.xml12
-rw-r--r--config/squid3/34/squid_js.inc5
3 files changed, 38 insertions, 3 deletions
diff --git a/config/squid3/34/squid_antivirus.inc b/config/squid3/34/squid_antivirus.inc
index e22ae039..4bf9ea59 100644
--- a/config/squid3/34/squid_antivirus.inc
+++ b/config/squid3/34/squid_antivirus.inc
@@ -348,6 +348,28 @@ EOF;
if (!file_put_contents("{$cf}", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) {
log_error("[squid] Could not save generated {$cf} file!");
}
+ if ($antivirus_config['clamav_disable_stream_scanning'] == "on") {
+ $stream_exclude = <<< EOF
+# Do not scan (streamed) videos and audios
+abort ^.*\.(flv|f4f|mp(3|4))(\?.*)?$
+abort ^.*\.(m3u|pls|wmx|aac|mpeg)(\?.*)?$
+abortcontent ^video\/x-flv$
+abortcontent ^video\/mp4$
+abortcontent ^audio\/mp4$
+abortcontent ^.*audio\/mp4.*$
+abortcontent ^video\/webm$
+abortcontent ^audio\/webm$
+abortcontent ^video\/MP2T$
+abortcontent ^audio\/wmx$
+abortcontent ^audio\/mpeg$
+abortcontent ^audio\/aac$
+abortcontent ^.*application\/x-mms-framed.*$
+
+EOF;
+ if (!file_put_contents("{$cf}", "{$stream_exclude}", FILE_APPEND | LOCK_EX)) {
+ log_error("[squid] Could not add streaming exclusions to {$cf} file!");
+ }
+ }
} else {
log_error("[squid] Template not found; could not generate '{$cf}' file!");
}
@@ -468,6 +490,8 @@ function squid_antivirus_install_config_files() {
} else {
$squidclamav_r[2] = "{$config['system']['webgui']['protocol']}://{$config['system']['hostname']}.{$config['system']['domain']}:{$port}/squid_clwarn.php";
}
+ $squidclamav_m[3] = "@dnslookup\s1@";
+ $squidclamav_r[3] = "dnslookup 0";
if (!file_put_contents("{$cf}.pfsense", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) {
log_error("[squid] Could not save patched '{$cf}.pfsense' template file!");
}
diff --git a/config/squid3/34/squid_antivirus.xml b/config/squid3/34/squid_antivirus.xml
index 495ef342..e70acf55 100755
--- a/config/squid3/34/squid_antivirus.xml
+++ b/config/squid3/34/squid_antivirus.xml
@@ -42,7 +42,7 @@
]]>
</copyright>
<name>squidantivirus</name>
- <version>0.4.1</version>
+ <version>0.4.6</version>
<title>Proxy Server: Antivirus</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
@@ -165,6 +165,16 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Exclude Audio/Video Streams</fielddescr>
+ <fieldname>clamav_disable_stream_scanning</fieldname>
+ <description>
+ <![CDATA[
+ This option disables antivirus scanning of streamed video and audio.
+ ]]>
+ </description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>ClamAV Database Update</fielddescr>
<fieldname>clamav_update</fieldname>
<description>
diff --git a/config/squid3/34/squid_js.inc b/config/squid3/34/squid_js.inc
index 59b75e60..33f1923d 100644
--- a/config/squid3/34/squid_js.inc
+++ b/config/squid3/34/squid_js.inc
@@ -215,11 +215,10 @@ function on_antivirus_advanced_config_changed() {
if (enable_advanced === 'disabled') {
document.iform['clamav_url'].disabled = 0;
document.iform['clamav_safebrowsing'].disabled = 0;
+ document.iform['clamav_disable_stream_scanning'].disabled = 0;
document.iform['clamav_update'].disabled = 0;
document.iform['clamav_dbregion'].disabled = 0;
document.iform['clamav_dbservers'].disabled = 0;
- document.iform['clamav_dbservers'].disabled = 0;
- document.iform['clamav_dbservers'].disabled = 0;
document.getElementById("load_advanced").disabled = 1;
document.iform['raw_squidclamav_conf'].disabled = 1;
document.iform['raw_squidclamav_conf'].value = '';
@@ -235,6 +234,8 @@ function on_antivirus_advanced_config_changed() {
document.iform['clamav_url'].disabled = 1;
document.iform['clamav_safebrowsing'].disabled = 1;
document.getElementById('clamav_safebrowsing').checked = 0;
+ document.iform['clamav_disable_stream_scanning'].disabled = 1;
+ document.getElementById('clamav_disable_stream_scanning').checked = 0;
document.iform['clamav_update'].disabled = 0;
document.iform['clamav_dbregion'].disabled = 1;
document.getElementById("clamav_dbregion").value = '';