Update squidGuard. Changed GUI. Dest Domains as IP address now supported.

author: dvserg <dv_serg@mail.ru> 2010-11-14 23:21:30 +0300
committer: dvserg <dv_serg@mail.ru> 2010-11-14 23:21:30 +0300
commit: 117b7641cbaa8540368e1a0f2c8b5ac519681d90 (patch)
tree: 8d7116e6187657520ac1c203b66abc56321c608e /config/squidGuard
parent: ce2dfdcb381c904a293336c73cfad67af1310be6 (diff)
download: pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.tar.gz
pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.tar.bz2
pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.zip
5 files changed, 20 insertions, 17 deletions
diff --git a/config/squidGuard/squidguard.inc b/config/squidGuard/squidguard.inc
index f5df409a..025e5b50 100644
--- a/config/squidGuard/squidguard.inc
+++ b/config/squidGuard/squidguard.inc
@@ -829,7 +829,7 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
         $tbl .= "<td $color><select id=$tnm name=\"$tnm\">";
         if (substr_count($name, "all") === 0) {
             $tbl .= "<option value=none  name=\"----\"  $upt_A>----</option>";
-            $tbl .= "<option value=white name=\"white\" $upt_C>white</option>";
+            $tbl .= "<option value=white name=\"white\" $upt_C>whitelist</option>";
             $tbl .= "<option value=deny  name=\"deny\"  $upt_D>deny </option>";
             $tbl .= "<option value=allow name=\"allow\" $upt_B>allow</option>";
         }
@@ -867,7 +867,7 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
         $thdr = '';
         $hdr1up = "<big>Destination rules</big>";
         $hdr1ov = "<big>Destination rules in overtime</big>";
-        $hds3   = "ACCESS: 'white' - always pass; 'deny' - block; 'allow' - pass, if not blocked.";
+        $hds3   = "ACCESS: 'whitelist' - always pass; 'deny' - block; 'allow' - pass, if not blocked.";
         if ($enable_overtime) {
             $thdr .= "<tr><td colspan='8' align=left>$hds3</td></tr>";
             $thdr .= "<tr $color><th colspan='4' align=middle>$hdr1up</th><th colspan='4' align=middle>$hdr1ov</th></tr>";
diff --git a/config/squidGuard/squidguard_acl.xml b/config/squidGuard/squidguard_acl.xml
index fda12197..c47ab368 100644
--- a/config/squidGuard/squidguard_acl.xml
+++ b/config/squidGuard/squidguard_acl.xml
@@ -55,10 +55,10 @@
                         <fielddescr>Name</fielddescr>
                         <fieldname>name</fieldname>
                 </columnitem>
-                <columnitem>
+                <!--columnitem>
                         <fielddescr>Source</fielddescr>
                         <fieldname>source</fieldname>
-                </columnitem>
+                </columnitem-->
                 <!--columnitem>
                         <fielddescr>Destinations</fielddescr>
                         <fieldname>dest</fieldname>
@@ -162,6 +162,7 @@
                         <description>
                                 To make sure that people don't bypass the URL filter.
                                 by simply using the IP addresses instead of the fully qualified domain names, you can check this option.
+                                This option has no effect on the WhiteList.
                         </description>
                         <type>checkbox</type>
                 </field>
diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc
index f008ef2e..71724c90 100644
--- a/config/squidGuard/squidguard_configurator.inc
+++ b/config/squidGuard/squidguard_configurator.inc
@@ -913,7 +913,7 @@ function sg_create_config()
                     $acl[F_OVERDESTINATIONNAME] = "!in-addr {$acl[F_OVERDESTINATIONNAME]}";
                 }
 
-                # re-order acl pass (<allow><deny<all|none>)
+                # re-order acl pass (<white><!in-addr><deny><allow><all|none>)
                 $acl[F_DESTINATIONNAME]     = sg_aclpass_reorder($acl[F_DESTINATIONNAME]);
                 $acl[F_OVERDESTINATIONNAME] = sg_aclpass_reorder($acl[F_OVERDESTINATIONNAME]);
 
@@ -1102,7 +1102,7 @@ function sg_aclpass_reorder($pass)
 {
     $ar_pass = explode(" ", $pass);
 
-    # 'pass' order: <allow> <deny> <all|none>
+    # 'pass' order: <white> <!in_addr> <deny> <allow> <all|none>
     if (is_array($ar_pass)) {
         $pass_end = '';
         $pass_fst = array(); # whitelist - '^' prefix (will deleted)
@@ -1919,9 +1919,10 @@ function sg_check_dest($sgx, $input_errors)
     array_packitems(&$dm);
     array_packitems(&$ur);
 
-    # domain
-    foreach ($dm as $d_it)
-        if ($d_it && !is_domain_valid($d_it)) $elog[] = "Item '$d_it' is not a domain.";
+    # domain or ip
+    foreach ($dm as $d_it) {
+        if ($d_it && !is_domain_valid($d_it) && !is_ipaddr($d_it)) $elog[] = "Item '$d_it' is not a domain.";
+    }
 
     # url
     foreach ($ur as $u_it)
diff --git a/config/squidGuard/squidguard_default.xml b/config/squidGuard/squidguard_default.xml
index f3a7428c..50b76967 100644
--- a/config/squidGuard/squidguard_default.xml
+++ b/config/squidGuard/squidguard_default.xml
@@ -57,6 +57,7 @@
                         <description>
                                 To make sure that people don't bypass the URL filter
                                 by simply using the IP addresses instead of the fully qualified domain names, you can check this option.
+                                This option has no effect on the WhiteList.
                         </description>
                         <type>checkbox</type>
                 </field>
diff --git a/config/squidGuard/squidguard_dest.xml b/config/squidGuard/squidguard_dest.xml
index 35bbb6f8..53021ba3 100644
--- a/config/squidGuard/squidguard_dest.xml
+++ b/config/squidGuard/squidguard_dest.xml
@@ -51,18 +51,18 @@
                         <fielddescr>Destination name</fielddescr>
                         <fieldname>name</fieldname>
                 </columnitem>
-                <columnitem>
+                <!--columnitem>
                         <fielddescr>Domain list</fielddescr>
                         <fieldname>domains</fieldname>
-                </columnitem>
-                <columnitem>
+                </columnitem-->
+                <!--columnitem>
                         <fielddescr>URL list</fielddescr>
                         <fieldname>urls</fieldname>
-                </columnitem>
-                <columnitem>
+                </columnitem-->
+                <!--columnitem>
                         <fielddescr>Expressions</fielddescr>
                         <fieldname>expressions</fieldname>
-                </columnitem>
+                </columnitem-->
                 <columnitem>
                         <fielddescr>Redirect</fielddescr>
                         <fieldname>redirect</fieldname>
@@ -90,8 +90,8 @@
                         <fielddescr>Domains list</fielddescr>
                         <fieldname>domains</fieldname>
                         <description>
-                                Enter destination domains here. For separate domains names use ' '(space).
-                                &lt;p&gt; &lt;b&gt;Example:&lt;/b&gt; 'mail.ru e-mail.ru yahoo.com' .
+                                Enter destination domains or IP-address here. For separate use ' '(space).
+                                &lt;p&gt; &lt;b&gt;Example:&lt;/b&gt; 'mail.ru e-mail.ru yahoo.com 192.168.1.1' .
                         </description>
                         <type>textarea</type>
                         <cols>60</cols>
author	dvserg <dv_serg@mail.ru>	2010-11-14 23:21:30 +0300
committer	dvserg <dv_serg@mail.ru>	2010-11-14 23:21:30 +0300
commit	117b7641cbaa8540368e1a0f2c8b5ac519681d90 (patch)
tree	8d7116e6187657520ac1c203b66abc56321c608e /config/squidGuard
parent	ce2dfdcb381c904a293336c73cfad67af1310be6 (diff)
download	pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.tar.gz pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.tar.bz2 pfsense-packages-117b7641cbaa8540368e1a0f2c8b5ac519681d90.zip