diff options
author | dvserg <dv_serg@mail.ru> | 2010-11-14 23:21:30 +0300 |
---|---|---|
committer | dvserg <dv_serg@mail.ru> | 2010-11-14 23:21:30 +0300 |
commit | 117b7641cbaa8540368e1a0f2c8b5ac519681d90 (patch) | |
tree | 8d7116e6187657520ac1c203b66abc56321c608e /config/squidGuard | |
parent | ce2dfdcb381c904a293336c73cfad67af1310be6 (diff) | |
download | pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.tar.gz pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.tar.bz2 pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.zip |
Update squidGuard. Changed GUI. Dest Domains as IP address now supported.
Diffstat (limited to 'config/squidGuard')
-rw-r--r-- | config/squidGuard/squidguard.inc | 4 | ||||
-rw-r--r-- | config/squidGuard/squidguard_acl.xml | 5 | ||||
-rw-r--r-- | config/squidGuard/squidguard_configurator.inc | 11 | ||||
-rw-r--r-- | config/squidGuard/squidguard_default.xml | 1 | ||||
-rw-r--r-- | config/squidGuard/squidguard_dest.xml | 16 |
5 files changed, 20 insertions, 17 deletions
diff --git a/config/squidGuard/squidguard.inc b/config/squidGuard/squidguard.inc index f5df409a..025e5b50 100644 --- a/config/squidGuard/squidguard.inc +++ b/config/squidGuard/squidguard.inc @@ -829,7 +829,7 @@ function make_grid_controls($type, $items, $enable_overtime = true) { $tbl .= "<td $color><select id=$tnm name=\"$tnm\">"; if (substr_count($name, "all") === 0) { $tbl .= "<option value=none name=\"----\" $upt_A>----</option>"; - $tbl .= "<option value=white name=\"white\" $upt_C>white</option>"; + $tbl .= "<option value=white name=\"white\" $upt_C>whitelist</option>"; $tbl .= "<option value=deny name=\"deny\" $upt_D>deny </option>"; $tbl .= "<option value=allow name=\"allow\" $upt_B>allow</option>"; } @@ -867,7 +867,7 @@ function make_grid_controls($type, $items, $enable_overtime = true) { $thdr = ''; $hdr1up = "<big>Destination rules</big>"; $hdr1ov = "<big>Destination rules in overtime</big>"; - $hds3 = "ACCESS: 'white' - always pass; 'deny' - block; 'allow' - pass, if not blocked."; + $hds3 = "ACCESS: 'whitelist' - always pass; 'deny' - block; 'allow' - pass, if not blocked."; if ($enable_overtime) { $thdr .= "<tr><td colspan='8' align=left>$hds3</td></tr>"; $thdr .= "<tr $color><th colspan='4' align=middle>$hdr1up</th><th colspan='4' align=middle>$hdr1ov</th></tr>"; diff --git a/config/squidGuard/squidguard_acl.xml b/config/squidGuard/squidguard_acl.xml index fda12197..c47ab368 100644 --- a/config/squidGuard/squidguard_acl.xml +++ b/config/squidGuard/squidguard_acl.xml @@ -55,10 +55,10 @@ <fielddescr>Name</fielddescr> <fieldname>name</fieldname> </columnitem> - <columnitem> + <!--columnitem> <fielddescr>Source</fielddescr> <fieldname>source</fieldname> - </columnitem> + </columnitem--> <!--columnitem> <fielddescr>Destinations</fielddescr> <fieldname>dest</fieldname> @@ -162,6 +162,7 @@ <description> To make sure that people don't bypass the URL filter. by simply using the IP addresses instead of the fully qualified domain names, you can check this option. + This option has no effect on the WhiteList. </description> <type>checkbox</type> </field> diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc index f008ef2e..71724c90 100644 --- a/config/squidGuard/squidguard_configurator.inc +++ b/config/squidGuard/squidguard_configurator.inc @@ -913,7 +913,7 @@ function sg_create_config() $acl[F_OVERDESTINATIONNAME] = "!in-addr {$acl[F_OVERDESTINATIONNAME]}"; } - # re-order acl pass (<allow><deny<all|none>) + # re-order acl pass (<white><!in-addr><deny><allow><all|none>) $acl[F_DESTINATIONNAME] = sg_aclpass_reorder($acl[F_DESTINATIONNAME]); $acl[F_OVERDESTINATIONNAME] = sg_aclpass_reorder($acl[F_OVERDESTINATIONNAME]); @@ -1102,7 +1102,7 @@ function sg_aclpass_reorder($pass) { $ar_pass = explode(" ", $pass); - # 'pass' order: <allow> <deny> <all|none> + # 'pass' order: <white> <!in_addr> <deny> <allow> <all|none> if (is_array($ar_pass)) { $pass_end = ''; $pass_fst = array(); # whitelist - '^' prefix (will deleted) @@ -1919,9 +1919,10 @@ function sg_check_dest($sgx, $input_errors) array_packitems(&$dm); array_packitems(&$ur); - # domain - foreach ($dm as $d_it) - if ($d_it && !is_domain_valid($d_it)) $elog[] = "Item '$d_it' is not a domain."; + # domain or ip + foreach ($dm as $d_it) { + if ($d_it && !is_domain_valid($d_it) && !is_ipaddr($d_it)) $elog[] = "Item '$d_it' is not a domain."; + } # url foreach ($ur as $u_it) diff --git a/config/squidGuard/squidguard_default.xml b/config/squidGuard/squidguard_default.xml index f3a7428c..50b76967 100644 --- a/config/squidGuard/squidguard_default.xml +++ b/config/squidGuard/squidguard_default.xml @@ -57,6 +57,7 @@ <description> To make sure that people don't bypass the URL filter by simply using the IP addresses instead of the fully qualified domain names, you can check this option. + This option has no effect on the WhiteList. </description> <type>checkbox</type> </field> diff --git a/config/squidGuard/squidguard_dest.xml b/config/squidGuard/squidguard_dest.xml index 35bbb6f8..53021ba3 100644 --- a/config/squidGuard/squidguard_dest.xml +++ b/config/squidGuard/squidguard_dest.xml @@ -51,18 +51,18 @@ <fielddescr>Destination name</fielddescr> <fieldname>name</fieldname> </columnitem> - <columnitem> + <!--columnitem> <fielddescr>Domain list</fielddescr> <fieldname>domains</fieldname> - </columnitem> - <columnitem> + </columnitem--> + <!--columnitem> <fielddescr>URL list</fielddescr> <fieldname>urls</fieldname> - </columnitem> - <columnitem> + </columnitem--> + <!--columnitem> <fielddescr>Expressions</fielddescr> <fieldname>expressions</fieldname> - </columnitem> + </columnitem--> <columnitem> <fielddescr>Redirect</fielddescr> <fieldname>redirect</fieldname> @@ -90,8 +90,8 @@ <fielddescr>Domains list</fielddescr> <fieldname>domains</fieldname> <description> - Enter destination domains here. For separate domains names use ' '(space). - <p> <b>Example:</b> 'mail.ru e-mail.ru yahoo.com' . + Enter destination domains or IP-address here. For separate use ' '(space). + <p> <b>Example:</b> 'mail.ru e-mail.ru yahoo.com 192.168.1.1' . </description> <type>textarea</type> <cols>60</cols> |