diff options
-rwxr-xr-x | config/squid3/34/squid_nac.xml | 164 |
1 files changed, 104 insertions, 60 deletions
diff --git a/config/squid3/34/squid_nac.xml b/config/squid3/34/squid_nac.xml index 70fe162f..fb7accc3 100755 --- a/config/squid3/34/squid_nac.xml +++ b/config/squid3/34/squid_nac.xml @@ -2,57 +2,52 @@ <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - Copyright (C) 2012-2014 Marcello Coutinho - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + squid_nac.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012-2014 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 1. Redistributions of source code MUST retain the above copyright notice, - this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>squidnac</name> - <version>none</version> - <title>Proxy server: Access control</title> + <version>0.3.5</version> + <title>Proxy Server: Access Control</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> - <tab> - <text>General</text> + <tab> + <text>General</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> @@ -85,7 +80,7 @@ <url>/pkg.php?xml=squid_users.xml</url> </tab> <tab> - <text>Real time</text> + <text>Real Time</text> <url>/squid_monitor.php</url> </tab> <tab> @@ -99,9 +94,15 @@ <type>listtopic</type> </field> <field> - <fielddescr>Allowed subnets</fielddescr> + <fielddescr>Allowed Subnets</fielddescr> <fieldname>allowed_subnets</fieldname> - <description>Enter each subnet on a new line that is allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.</description> + <description> + <![CDATA[ + Enter each subnet on a new line that is allowed to use the proxy.<br/> + The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24).<br/><br/> + Note: The proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy. + ]]> + </description> <type>textarea</type> <cols>50</cols> <rows>5</rows> @@ -110,25 +111,42 @@ <field> <fielddescr>Unrestricted IPs</fielddescr> <fieldname>unrestricted_hosts</fieldname> - <description>Enter unrestricted IP address / network(in CIDR format) on a new line that is not to be filtered out by the other access control directives set in this page.</description> + <description> + <![CDATA[ + Enter unrestricted IP address(es) / network(s) in CIDR format.<br/> + Configured entries will NOT be filtered out by the other access control directives set in this page.<br/> + <strong>Note: Put each entry on a separate line.</strong> + ]]> + </description> <type>textarea</type> <cols>50</cols> <rows>5</rows> <encoding>base64</encoding> </field> <field> - <fielddescr>Banned host addresses</fielddescr> + <fielddescr>Banned Hosts Addresses</fielddescr> <fieldname>banned_hosts</fieldname> - <description>Enter each IP address / network(in CIDR format) on a new line that is not to be allowed to use the proxy.</description> + <description> + <![CDATA[ + Enter IP address(es) / network(s) in CIDR format.<br/> + Configured entries will NOT be allowed to use the proxy.<br/> + <strong>Note: Put each entry on a separate line.</strong> + ]]> + </description> <type>textarea</type> <cols>50</cols> <rows>5</rows> <encoding>base64</encoding> - </field> + </field> <field> <fielddescr>Whitelist</fielddescr> <fieldname>whitelist</fieldname> - <description>Enter each destination domain on a new line that will be accessable to the users that are allowed to use the proxy. You also can use regular expressions.</description> + <description> + <![CDATA[ + Destination domains that will be accessible to the users that are allowed to use the proxy.<br/> + <strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions. + ]]> + </description> <type>textarea</type> <cols>50</cols> <rows>5</rows> @@ -137,46 +155,72 @@ <field> <fielddescr>Blacklist</fielddescr> <fieldname>blacklist</fieldname> - <description>Enter each destination domain on a new line that will be blocked to the users that are allowed to use the proxy. You also can use regular expressions.</description> + <description> + <![CDATA[ + Destination domains that will be blocked for the users that are allowed to use the proxy.<br/> + <strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions. + ]]> + </description> <type>textarea</type> <cols>50</cols> <rows>5</rows> <encoding>base64</encoding> </field> <field> - <fielddescr>Block user agents</fielddescr> + <fielddescr>Block User Agents</fielddescr> <fieldname>block_user_agent</fieldname> - <description>Enter each user agent on a new line that will be blocked to the users that are allowed to use the proxy. You also can use regular expressions.</description> + <description> + <![CDATA[ + Enter user agents that will be blocked for the users that are allowed to use the proxy. + <strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions. + ]]> + </description> <type>textarea</type> <cols>50</cols> <rows>5</rows> <encoding>base64</encoding> </field> <field> - <fielddescr>Block MIME types (reply only)</fielddescr> + <fielddescr>Block MIME Types (Reply Only)</fielddescr> <fieldname>block_reply_mime_type</fieldname> - <description>Enter each MIME type on a new line that will be blocked to the users that are allowed to use the proxy. You also can use regular expressions. Useful to block javascript (application/x-javascript).</description> + <description> + <![CDATA[ + Enter <a href="http://www.iana.org/assignments/media-types/media-types.xhtml">MIME types</a> that will be blocked for the + users that are allowed to use the proxy. Useful to block javascript (application/javascript).<br/> + <strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions. + ]]> + </description> <type>textarea</type> <cols>50</cols> <rows>5</rows> <encoding>base64</encoding> </field> <field> - <name>Squid Allowed ports</name> + <name>Squid Allowed Ports</name> <type>listtopic</type> </field> <field> - <fielddescr>acl safeports</fielddescr> + <fielddescr>ACL SafePorts</fielddescr> <fieldname>addtl_ports</fieldname> - <description>This is a space-separated list of "safe ports" in addition to the already defined list: 21 70 80 210 280 443 488 563 591 631 777 901 1025-65535</description> + <description> + <![CDATA[ + This is a space-separated list of "safe ports" <strong>in addition</strong> to the predefined default list.<br/> + Default list: 21 70 80 210 280 443 488 563 591 631 777 901 1025-65535 + ]]> + </description> <type>input</type> <size>60</size> <default_value></default_value> </field> <field> - <fielddescr>acl sslports</fielddescr> + <fielddescr>ACL SSLPorts</fielddescr> <fieldname>addtl_sslports</fieldname> - <description>This is a space-separated list of ports to allow SSL "CONNECT" in addition to the already defined list: 443 563</description> + <description> + <![CDATA[ + This is a space-separated list of ports to allow SSL "CONNECT" to <strong>in addition</strong> to the predefined default list.<br/> + Default list: 443 563 + ]]> + </description> <type>input</type> <size>60</size> <default_value></default_value> |