diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-01-30 20:52:13 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-01-30 20:52:13 +0000 |
commit | 47758ed474913a0140b7bc280e50823c07715eb0 (patch) | |
tree | 1447177d1201a0b01e3497f443cf53084beb08fd /packages | |
parent | a412c065347c4f66926cb238aacaf30c8c13cb72 (diff) | |
download | pfsense-packages-47758ed474913a0140b7bc280e50823c07715eb0.tar.gz pfsense-packages-47758ed474913a0140b7bc280e50823c07715eb0.tar.bz2 pfsense-packages-47758ed474913a0140b7bc280e50823c07715eb0.zip |
Finish up squid.conf. Thanks to bkw for generqating the squid.conf
Diffstat (limited to 'packages')
-rw-r--r-- | packages/squid.xml | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/packages/squid.xml b/packages/squid.xml index 6a5bebda..36ae5cc9 100644 --- a/packages/squid.xml +++ b/packages/squid.xml @@ -9,12 +9,27 @@ <custom_php_install_command> echo "<pre>"; system("/bin/mkdir /usr/local/etc/squid"); + $lancfg = $config['interfaces']['lan']; + $lanif = $lancfg['if']; + $lanip = $lancfg['ipaddr']; + $lansa = gen_subnet($lancfg['ipaddr'], $lancfg['subnet']); + $lansn = $lancfg['subnet']; + $netmask = ""; $fout = fopen("/usr/local/etc/squid/squid.conf","w"); - fwrite($fout, "http_port 127.0.0.1:3128\n"); - fwrite($fout, "http_access deny to_localhost\n"); - fwrite($fout, "acl our_networks src 10.0.0.0/8\n"); - fwrite($fout, "http_access allow our_networks\n"); - fwrite($fout, "visible_hostname insomnia.benzedrine.cx\n"); + fwrite($fout, "# cat squid.conf\n"); + fwrite($fout, "http_port 3128\n"); + fwrite($fout, "icp_port 0\n"); + fwrite($fout, "acl localnet src " . $lansa . "/" . $lansn . "\n"); + fwrite($fout, "acl all src " . $lansa . "/" . $lansn . "\n"); + fwrite($fout, "acl localhost src 127.0.0.1/255.255.255.255\n"); + fwrite($fout, "acl Safe_ports port 80 443 210 119 70 21 1025-65535\n"); + fwrite($fout, "acl CONNECT method CONNECT\n"); + fwrite($fout, "http_access allow localnet\n"); + fwrite($fout, "http_access allow localhost\n"); + fwrite($fout, "http_access deny !Safe_ports\n"); + fwrite($fout, "http_access deny CONNECT\n"); + fwrite($fout, "http_access deny all\n"); + fwrite($fout, "visible_hostname pfSense\n"); fwrite($fout, "httpd_accel_host virtual\n"); fwrite($fout, "httpd_accel_port 80\n"); fwrite($fout, "httpd_accel_with_proxy on\n"); |