aboutsummaryrefslogtreecommitdiffstats
path: root/config/squidGuard
diff options
context:
space:
mode:
authordvserg <dv_serg@mail.ru>2010-11-14 23:21:30 +0300
committerdvserg <dv_serg@mail.ru>2010-11-14 23:21:30 +0300
commit117b7641cbaa8540368e1a0f2c8b5ac519681d90 (patch)
tree8d7116e6187657520ac1c203b66abc56321c608e /config/squidGuard
parentce2dfdcb381c904a293336c73cfad67af1310be6 (diff)
downloadpfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.tar.gz
pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.tar.bz2
pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.zip
Update squidGuard. Changed GUI. Dest Domains as IP address now supported.
Diffstat (limited to 'config/squidGuard')
-rw-r--r--config/squidGuard/squidguard.inc4
-rw-r--r--config/squidGuard/squidguard_acl.xml5
-rw-r--r--config/squidGuard/squidguard_configurator.inc11
-rw-r--r--config/squidGuard/squidguard_default.xml1
-rw-r--r--config/squidGuard/squidguard_dest.xml16
5 files changed, 20 insertions, 17 deletions
diff --git a/config/squidGuard/squidguard.inc b/config/squidGuard/squidguard.inc
index f5df409a..025e5b50 100644
--- a/config/squidGuard/squidguard.inc
+++ b/config/squidGuard/squidguard.inc
@@ -829,7 +829,7 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
$tbl .= "<td $color><select id=$tnm name=\"$tnm\">";
if (substr_count($name, "all") === 0) {
$tbl .= "<option value=none name=\"----\" $upt_A>----</option>";
- $tbl .= "<option value=white name=\"white\" $upt_C>white</option>";
+ $tbl .= "<option value=white name=\"white\" $upt_C>whitelist</option>";
$tbl .= "<option value=deny name=\"deny\" $upt_D>deny </option>";
$tbl .= "<option value=allow name=\"allow\" $upt_B>allow</option>";
}
@@ -867,7 +867,7 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
$thdr = '';
$hdr1up = "<big>Destination rules</big>";
$hdr1ov = "<big>Destination rules in overtime</big>";
- $hds3 = "ACCESS: 'white' - always pass; 'deny' - block; 'allow' - pass, if not blocked.";
+ $hds3 = "ACCESS: 'whitelist' - always pass; 'deny' - block; 'allow' - pass, if not blocked.";
if ($enable_overtime) {
$thdr .= "<tr><td colspan='8' align=left>$hds3</td></tr>";
$thdr .= "<tr $color><th colspan='4' align=middle>$hdr1up</th><th colspan='4' align=middle>$hdr1ov</th></tr>";
diff --git a/config/squidGuard/squidguard_acl.xml b/config/squidGuard/squidguard_acl.xml
index fda12197..c47ab368 100644
--- a/config/squidGuard/squidguard_acl.xml
+++ b/config/squidGuard/squidguard_acl.xml
@@ -55,10 +55,10 @@
<fielddescr>Name</fielddescr>
<fieldname>name</fieldname>
</columnitem>
- <columnitem>
+ <!--columnitem>
<fielddescr>Source</fielddescr>
<fieldname>source</fieldname>
- </columnitem>
+ </columnitem-->
<!--columnitem>
<fielddescr>Destinations</fielddescr>
<fieldname>dest</fieldname>
@@ -162,6 +162,7 @@
<description>
To make sure that people don't bypass the URL filter.
by simply using the IP addresses instead of the fully qualified domain names, you can check this option.
+ This option has no effect on the WhiteList.
</description>
<type>checkbox</type>
</field>
diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc
index f008ef2e..71724c90 100644
--- a/config/squidGuard/squidguard_configurator.inc
+++ b/config/squidGuard/squidguard_configurator.inc
@@ -913,7 +913,7 @@ function sg_create_config()
$acl[F_OVERDESTINATIONNAME] = "!in-addr {$acl[F_OVERDESTINATIONNAME]}";
}
- # re-order acl pass (<allow><deny<all|none>)
+ # re-order acl pass (<white><!in-addr><deny><allow><all|none>)
$acl[F_DESTINATIONNAME] = sg_aclpass_reorder($acl[F_DESTINATIONNAME]);
$acl[F_OVERDESTINATIONNAME] = sg_aclpass_reorder($acl[F_OVERDESTINATIONNAME]);
@@ -1102,7 +1102,7 @@ function sg_aclpass_reorder($pass)
{
$ar_pass = explode(" ", $pass);
- # 'pass' order: <allow> <deny> <all|none>
+ # 'pass' order: <white> <!in_addr> <deny> <allow> <all|none>
if (is_array($ar_pass)) {
$pass_end = '';
$pass_fst = array(); # whitelist - '^' prefix (will deleted)
@@ -1919,9 +1919,10 @@ function sg_check_dest($sgx, $input_errors)
array_packitems(&$dm);
array_packitems(&$ur);
- # domain
- foreach ($dm as $d_it)
- if ($d_it && !is_domain_valid($d_it)) $elog[] = "Item '$d_it' is not a domain.";
+ # domain or ip
+ foreach ($dm as $d_it) {
+ if ($d_it && !is_domain_valid($d_it) && !is_ipaddr($d_it)) $elog[] = "Item '$d_it' is not a domain.";
+ }
# url
foreach ($ur as $u_it)
diff --git a/config/squidGuard/squidguard_default.xml b/config/squidGuard/squidguard_default.xml
index f3a7428c..50b76967 100644
--- a/config/squidGuard/squidguard_default.xml
+++ b/config/squidGuard/squidguard_default.xml
@@ -57,6 +57,7 @@
<description>
To make sure that people don't bypass the URL filter
by simply using the IP addresses instead of the fully qualified domain names, you can check this option.
+ This option has no effect on the WhiteList.
</description>
<type>checkbox</type>
</field>
diff --git a/config/squidGuard/squidguard_dest.xml b/config/squidGuard/squidguard_dest.xml
index 35bbb6f8..53021ba3 100644
--- a/config/squidGuard/squidguard_dest.xml
+++ b/config/squidGuard/squidguard_dest.xml
@@ -51,18 +51,18 @@
<fielddescr>Destination name</fielddescr>
<fieldname>name</fieldname>
</columnitem>
- <columnitem>
+ <!--columnitem>
<fielddescr>Domain list</fielddescr>
<fieldname>domains</fieldname>
- </columnitem>
- <columnitem>
+ </columnitem-->
+ <!--columnitem>
<fielddescr>URL list</fielddescr>
<fieldname>urls</fieldname>
- </columnitem>
- <columnitem>
+ </columnitem-->
+ <!--columnitem>
<fielddescr>Expressions</fielddescr>
<fieldname>expressions</fieldname>
- </columnitem>
+ </columnitem-->
<columnitem>
<fielddescr>Redirect</fielddescr>
<fieldname>redirect</fieldname>
@@ -90,8 +90,8 @@
<fielddescr>Domains list</fielddescr>
<fieldname>domains</fieldname>
<description>
- Enter destination domains here. For separate domains names use ' '(space).
- &lt;p&gt; &lt;b&gt;Example:&lt;/b&gt; 'mail.ru e-mail.ru yahoo.com' .
+ Enter destination domains or IP-address here. For separate use ' '(space).
+ &lt;p&gt; &lt;b&gt;Example:&lt;/b&gt; 'mail.ru e-mail.ru yahoo.com 192.168.1.1' .
</description>
<type>textarea</type>
<cols>60</cols>