diff options
| author | Bill Marquette <billm@pfsense.org> | 2006-10-25 16:30:22 +0000 |
|---|---|---|
| committer | Bill Marquette <billm@pfsense.org> | 2006-10-25 16:30:22 +0000 |
| commit | cc6865a3b52f9b325843c261ef18bda7af30666f (patch) | |
| tree | f2e754c30bb437feb958d8de842c83c894d91f0e /packages/squid.inc | |
| parent | 4be6f896b10add5392503a0d2c6242dfc9f6598d (diff) | |
| download | pfsense-packages-cc6865a3b52f9b325843c261ef18bda7af30666f.tar.gz pfsense-packages-cc6865a3b52f9b325843c261ef18bda7af30666f.tar.bz2 pfsense-packages-cc6865a3b52f9b325843c261ef18bda7af30666f.zip | |
Per trendchiller@forums
http://forum.pfsense.org/index.php/topic,2434.msg14839.html#msg14839
unrestricted hosts really ought to be unrestricted
also fix typo
Diffstat (limited to 'packages/squid.inc')
| -rw-r--r-- | packages/squid.inc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/packages/squid.inc b/packages/squid.inc index afbd775a..c730e949 100644 --- a/packages/squid.inc +++ b/packages/squid.inc @@ -580,6 +580,11 @@ function squid_resync_auth() { foreach ($banned as $acl) $conf .= "http_access deny $acl\n"; + // Unrestricted hosts take precendence over blacklist + if (squid_is_valid_acl('unrestricted_hosts')) + $conf .= "http_access allow unrestricted_hosts\n"; + if (squid_is_valid_acl('unrestricted_macs')) + $conf .= "http_access allow unrestricted_macs\n"; // Whitelist and blacklist also take precendence if (squid_is_valid_acl('whitelist')) $conf .= "http_access allow whitelist\n"; @@ -591,7 +596,7 @@ function squid_resync_auth() { // Allow the remaining ACLs if no authentication is set if ($auth_method == 'none') { - $allowed = array('localnet', 'allowed_subnets', 'unrestricted_hosts', 'unrestricted_macs'); + $allowed = array('localnet', 'allowed_subnets'); $allowed = array_filter($allowed, 'squid_is_valid_acl'); foreach ($allowed as $acl) $conf .= "http_access allow $acl\n"; |