diff options
author | Rajkumar S <raj@pfsense.org> | 2006-06-16 16:07:43 +0000 |
---|---|---|
committer | Rajkumar S <raj@pfsense.org> | 2006-06-16 16:07:43 +0000 |
commit | 08cb1970c5e44cc203439521fe231d8540ad8b8a (patch) | |
tree | 4ec09383a40912431583365d5a457b5cb79efed4 /packages/havp.inc | |
parent | 87ab2f973453f53aa972e366995d0909bf77f638 (diff) | |
download | pfsense-packages-08cb1970c5e44cc203439521fe231d8540ad8b8a.tar.gz pfsense-packages-08cb1970c5e44cc203439521fe231d8540ad8b8a.tar.bz2 pfsense-packages-08cb1970c5e44cc203439521fe231d8540ad8b8a.zip |
Added maxdownloadsize, trickling and maxscansize options, Added Transparency exclude functionality, updated havp to new version, bumped package version
Diffstat (limited to 'packages/havp.inc')
-rw-r--r-- | packages/havp.inc | 65 |
1 files changed, 55 insertions, 10 deletions
diff --git a/packages/havp.inc b/packages/havp.inc index ce4e8e88..a7ddc37f 100644 --- a/packages/havp.inc +++ b/packages/havp.inc @@ -9,6 +9,7 @@ require_once('pfsense-utils.inc'); part of the HAVP package for pfSense Copyright (C) 2006 Rajkumar S <raj@linuxense.com> All rights reserved. + $Id$ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -58,21 +59,18 @@ function sync_package_havp() { if ($tmp['maxservers'] != "") fwrite($fd,"MAXSERVERS " . $tmp['maxservers'] . "\n"); if ($tmp['port'] != "") fwrite($fd,"PORT " . $tmp['port'] . "\n"); if ($tmp['source_address'] != "") fwrite($fd,"SOURCE_ADDRESS " . $tmp['source_address'] . " \n"); - if ($tmp['dbreload'] != "") fwrite($fd,"DBRELOAD" . $tmp['dbreload'] . " \n"); - if ($tmp['parentproxy'] != "") fwrite($fd,"PARENTPROXY" . $tmp['parentproxy'] . " \n"); - if ($tmp['parentport'] != "") fwrite($fd,"PARENTPORT" . $tmp['parentport'] . " \n"); + if ($tmp['dbreload'] != "") fwrite($fd,"DBRELOAD " . $tmp['dbreload'] . " \n"); + if ($tmp['parentproxy'] != "") fwrite($fd,"PARENTPROXY " . $tmp['parentproxy'] . " \n"); + if ($tmp['parentport'] != "") fwrite($fd,"PARENTPORT " . $tmp['parentport'] . " \n"); + if ($tmp['maxscansize'] != "") fwrite($fd,"MAXSCANSIZE " . $tmp['maxscansize'] . " \n"); + if ($tmp['trickling'] != "") fwrite($fd,"TRICKLING " . $tmp['trickling'] . " \n"); + if ($tmp['maxdownloadsize'] != "") fwrite($fd,"MAXDOWNLOADSIZE " . $tmp['maxdownloadsize'] . " \n"); /* If Transparent then, don't bother with bind address */ if ($tmp['transparent'] == "on"){ fwrite($fd,"TRANSPARENT true\n"); fwrite($fd,"BIND_ADDRESS 127.0.0.1\n"); - $trans_file = fopen("/tmp/havp_pf.rules","w"); - fwrite($trans_file, "rdr on " . $config['interfaces']['lan']['if'] . " inet proto tcp from any to ! " . $config['interfaces']['lan']['ipaddr'] . " port = http -> 127.0.0.1 port 8080 \n"); - fclose($trans_file); - $havp_pf_result = mwexec ("pfctl -a rdr-package/havp -f /tmp/havp_pf.rules"); - if($havp_pf_result <> 0) { - file_notice("HAVP", "There were error(s) loading the transparency rules", "HAVP", ""); - } + setup_transparency(); } else { fwrite($fd,"TRANSPARENT false\n"); @@ -82,6 +80,7 @@ function sync_package_havp() { fwrite($fd,"BIND_ADDRESS " . $config['interfaces']['lan']['ipaddr'] . " \n"); } $havp_pf_result = mwexec ("pfctl -a rdr-package/havp -F nat"); + $havp_pf_result = mwexec ("pfctl -t havp -T kill"); if($havp_pf_result <> 0) { file_notice("HAVP", "There were error(s) clearing the transparency rules", "HAVP", ""); } @@ -169,4 +168,50 @@ function sync_package_havp_blacklist() { conf_mount_ro(); config_unlock(); } + +function add_trans_table(){ + global $config; + conf_mount_rw(); + config_lock(); + + # Flush all entries first, and then add them. + $havp_pf_result = mwexec ('pfctl -a "rdr-package/havp" -t havp -T flush'); + if($havp_pf_result <> 0) { + file_notice("HAVP", "There were error(s) flushing the exclude table", "HAVP", ""); + } + if($config['installedpackages']['havptransexclude']['config'] != ""){ + foreach($config['installedpackages']['havptransexclude']['config'] as $tmp) { + $havp_pf_result = mwexec ('pfctl -a "rdr-package/havp" -t havp -T add ' . $tmp['ip']); + if($havp_pf_result <> 0) { + file_notice("HAVP", "There were error(s) adding the ip " . $tmp['ip'], "HAVP", ""); + } + } + } + /* signal a reload of all files */ + conf_mount_ro(); + config_unlock(); +} + +function setup_transparency(){ + global $config; + $trans_file = fopen("/tmp/havp_pf.rules","w"); + fwrite($trans_file, "table <havp> persist\n"); + fwrite($trans_file, "rdr on " . $config['interfaces']['lan']['if'] . " inet proto tcp from !<havp> to ! " . $config['interfaces']['lan']['ipaddr'] . " port = http -> 127.0.0.1 port 8080 \n"); + fclose($trans_file); + $havp_pf_result = mwexec ('pfctl -a "rdr-package/havp" -f /tmp/havp_pf.rules'); + if($havp_pf_result <> 0) { + file_notice("HAVP", "There were error(s) loading the transparency rules", "HAVP", ""); + } + add_trans_table(); +} + +function transparency_init(){ + global $config; + if($config['installedpackages']['havp']['config'] != "") { + if($config['installedpackages']['havp']['config'][0]['transparent'] == "on") { + setup_transparency(); + } + } +} + ?> |