diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2007-05-21 19:30:31 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2007-05-21 19:30:31 +0000 |
| commit | 014c1fd18a094cd1dfcab2584c944de5682469d5 (patch) | |
| tree | fa81090d1959027625bb42010990ca1642e2b8bc /packages/squid/squid.inc | |
| parent | 77225d8fd5b31e9dbde9577db4ce7aa4640d131d (diff) | |
| download | pfsense-packages-014c1fd18a094cd1dfcab2584c944de5682469d5.tar.gz pfsense-packages-014c1fd18a094cd1dfcab2584c944de5682469d5.tar.bz2 pfsense-packages-014c1fd18a094cd1dfcab2584c944de5682469d5.zip | |
Various fixes from Martin Fuchs:
* There's an issue with squid: it only accepts one interface, wven when selected more than one.
* A second issue ist hat squid forwards the internal ip which is nor wanted by everyone
Diffstat (limited to 'packages/squid/squid.inc')
| -rw-r--r-- | packages/squid/squid.inc | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/packages/squid/squid.inc b/packages/squid/squid.inc index 4fbe2c16..ecefe813 100644 --- a/packages/squid/squid.inc +++ b/packages/squid/squid.inc @@ -499,7 +499,7 @@ EOD; $conf .= "acl localnet src $src\n"; $valid_acls[] = 'localnet'; } - + if ($settings['disable_xforward']) $conf .= "forwarded_for off\n"; return $conf; } @@ -1024,17 +1024,19 @@ function squid_generate_rules($type) { switch($type) { case 'nat': - foreach ($ifaces as $iface) + foreach ($ifaces as $iface){ $rules .= "# Setup Squid proxy redirect\n"; $rules .= "rdr on $iface proto tcp from any to !($iface) port 80 -> 127.0.0.1 port 80\n"; $rules .= "\n"; + }; break; case 'filter': - foreach ($ifaces as $iface) + foreach ($ifaces as $iface){ $rules .= "# Setup squid pass rules for proxy\n"; $rules .= "pass in quick on $iface proto tcp from any to !($iface) port 80 flags S/SA keep state\n"; $rules .= "pass in quick on $iface proto tcp from any to !($iface) port $port flags S/SA keep state\n"; $rules .= "\n"; + }; break; default: break; |