aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/squid/squid.inc6
-rw-r--r--config/squid/squid_nac.xml16
2 files changed, 20 insertions, 2 deletions
diff --git a/config/squid/squid.inc b/config/squid/squid.inc
index 98192253..f3936567 100644
--- a/config/squid/squid.inc
+++ b/config/squid/squid.inc
@@ -797,14 +797,16 @@ function squid_resync_nac() {
$port = ($settings['proxy_port'] ? $settings['proxy_port'] : 3128);
$settings = $config['installedpackages']['squidnac']['config'][0];
$webgui_port = $config['system']['webgui']['port'];
+ $addtl_ports = $settings['addtl_ports'];
+ $addtl_sslports = $settings['addtl_sslports'];
$conf = <<<EOD
# Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
-acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port $port 1025-65535
-acl sslports port 443 563 $webgui_port
+acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port $port 1025-65535 $addtl_ports
+acl sslports port 443 563 $webgui_port $addtl_sslports
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
diff --git a/config/squid/squid_nac.xml b/config/squid/squid_nac.xml
index 193a89c6..401426a6 100644
--- a/config/squid/squid_nac.xml
+++ b/config/squid/squid_nac.xml
@@ -133,6 +133,22 @@
<type>input</type>
<size>60</size>
</field>
+ <field>
+ <fielddescr>acl safeports</fielddescr>
+ <fieldname>addtl_ports</fieldname>
+ <description>This is a space-separated list of "safe ports" in addition to the already defined list: 21 70 80 210 280 443 488 563 591 631 777 901 1025-65535</description>
+ <type>input</type>
+ <size>60</size>
+ <default_value></default_value>
+ </field>
+ <field>
+ <fielddescr>acl sslports</fielddescr>
+ <fieldname>addtl_sslports</fieldname>
+ <description>This is a space-separated list of ports to allow SSL "CONNECT" in addition to the already defined list: 443 563</description>
+ <type>input</type>
+ <size>60</size>
+ <default_value></default_value>
+ </field>
</fields>
<custom_php_validation_command>
squid_validate_nac($_POST, &amp;$input_errors);