New Squid stuff, to be backported or whatever.

1 files changed, 101 insertions, 0 deletions

diff --git a/packages/squid-head/squid_nac.xml b/packages/squid-head/squid_nac.xml
new file mode 100644
index 00000000..b7bbf8c9
--- /dev/null
+++ b/packages/squid-head/squid_nac.xml
@@ -0,0 +1,101 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packagegui>
+	<include_file>squid.inc</include_file>
+	<name>squidnac</name>
+	<title>Proxy server: Access control</title>
+	<tabs>
+		<tab>
+			<text>General settings</text>
+			<url>/pkg_edit.php?xml=squid.xml&amp;id=0</url>
+		</tab>
+		<tab>
+			<text>Upstream proxy</text>
+			<url>/pkg_edit.php?xml=squid_upstream.xml&amp;id=0</url>
+		</tab>
+		<tab>
+			<text>Cache management</text>
+			<url>/pkg_edit.php?xml=squid_cache.xml&amp;id=0</url>
+		</tab>
+		<tab>
+			<text>Access control</text>
+			<url>/pkg_edit.php?xml=squid_nac.xml&amp;id=0</url>
+			<active/>
+		</tab>
+		<tab>
+			<text>Traffic management</text>
+			<url>/pkg_edit.php?xml=squid_traffic.xml&amp;id=0</url>
+		</tab>
+		<tab>
+			<text>Auth settings</text>
+			<url>/pkg_edit.php?xml=squid_auth.xml&amp;id=0</url>
+		</tab>
+		<tab>
+			<text>Local users</text>
+			<url>/pkg.php?xml=squid_users.xml</url>
+		</tab>
+	</tabs>
+	<fields>
+		<field>
+			<fieldname>allowed_subnets</fieldname>
+			<fielddescr>Allowed subnets</fielddescr>
+			<description>Those are the subnets (separated by commas) that are allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.</description>
+			<type>textarea</type>
+			<rows>5</rows>
+			<cols>50</cols>
+		</field>
+		<field>
+			<fieldname>unrestricted_hosts</fieldname>
+			<fielddescr>Unrestricted IPs</fielddescr>
+			<description>The IP addresses specified here (separated by commas) won't be filtered out by the other access control directives set in this page.</description>
+			<type>textarea</type>
+			<rows>5</rows>
+			<cols>50</cols>
+		</field>
+		<field>
+			<fieldname>unrestricted_macs</fieldname>
+			<fielddescr>Unrestricted MAC Addresses</fielddescr>
+			<description>The MAC addresses specified here (separated by commas) won't be filtered out by the other access control directives set in this page.</description>
+			<type>textarea</type>
+			<rows>5</rows>
+			<cols>50</cols>
+		</field>
+		<field>
+			<fieldname>banned_hosts</fieldname>
+			<fielddescr>Banned host addresses</fielddescr>
+			<description>The IP addresses specified here (separated by commas) won't be allowed to use the proxy.</description>
+			<type>textarea</type>
+			<rows>5</rows>
+			<cols>50</cols>
+		</field>	
+		<field>
+			<fieldname>banned_macs</fieldname>
+			<fielddescr>Banned MAC addresses</fielddescr>
+			<description>The MAC addresses specified here (separated by commas) won't be allowed to use the proxy.</description>
+			<type>textarea</type>
+			<rows>5</rows>
+			<cols>50</cols>
+		</field>
+		<field>
+			<fieldname>whitelist</fieldname>
+			<fielddescr>Whitelist</fielddescr>
+			<description>Those are the sites (separated by commas) that will be accessable to the users that are allowed to use the proxy.</description>
+			<type>textarea</type>
+			<rows>5</rows>
+			<cols>50</cols>
+		</field>
+		<field>
+			<fieldname>blacklist</fieldname>
+			<fielddescr>Blacklist</fielddescr>
+			<description>Those are the sites (separated by commas) that will be blocked to the users that are allowed to use the proxy.</description>
+			<type>textarea</type>
+			<rows>5</rows>
+			<cols>50</cols>
+		</field>
+	</fields>
+	<custom_php_validation_command>
+		squid_validate_nac($_POST, &amp;$input_errors);
+	</custom_php_validation_command>
+	<custom_php_resync_config_command>
+		squid_resync();
+	</custom_php_resync_config_command>
+</packagegui>