aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/squid3/34/squid.inc34
-rw-r--r--config/squid3/34/squid_antivirus.inc87
-rwxr-xr-xconfig/squid3/34/squid_antivirus.xml10
-rw-r--r--config/squid3/34/squid_antivirus_status.widget.php12
-rwxr-xr-xconfig/squid3/34/squid_cache.xml8
-rwxr-xr-xconfig/squid3/34/squid_monitor.php134
-rwxr-xr-xconfig/squid3/34/squid_monitor_data.php119
-rwxr-xr-xconfig/squid3/34/squid_nac.xml9
-rwxr-xr-xconfig/squid3/34/squid_reverse.inc6
-rwxr-xr-xconfig/squid3/34/squid_reverse_sync.xml4
-rwxr-xr-xconfig/squid3/34/squid_sync.xml4
-rwxr-xr-xconfig/squid3/34/squid_traffic.xml5
-rwxr-xr-xconfig/squid3/34/squid_users.xml4
-rw-r--r--pkg_config.10.xml2
14 files changed, 345 insertions, 93 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index 07d1da26..3dafded6 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -502,8 +502,9 @@ function squid_install_command() {
// remove unwanted PBI rc script
unlink_if_exists("/usr/local/etc/rc.d/squid");
- // remove broken cronjob possibly left over after 'Clear Cache on Log Rotate' misfeature
+ // remove broken cronjobs possibly left over after 'Clear Cache on Log Rotate' misfeature
install_cron_job("/usr/local/pkg/swapstate_check.php clean;", false);
+ install_cron_job("/bin/rm /var/squid/cache/swap.state;", false);
}
@@ -516,12 +517,14 @@ function squid_deinstall_command() {
/* kill all running services */
update_output_window("Stopping and removing services...");
mwexec('/usr/local/etc/rc.d/sqp_monitor.sh stop');
- mwexec("/bin/ps awux | /usr/bin/grep '[s]quid' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
+ mwexec("/bin/ps awux | /usr/bin/egrep -i '[s]quid -f|\([s]quid\)' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
+ mwexec("/bin/ps awux | /usr/bin/grep '[d]iskd' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
mwexec("/bin/ps awux | /usr/bin/grep '[d]nsserver' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
mwexec("/bin/ps awux | /usr/bin/grep '[u]nlinkd' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
/* delete rc scripts */
unlink_if_exists('/usr/local/etc/rc.d/sqp_monitor.sh');
+ unlink_if_exists('/usr/local/etc/rc.d/squid.sh');
/* clean up created directories if 'Keep Settings/Data' is disabled */
if (is_array($config['installedpackages']['squidcache'])) {
@@ -600,6 +603,9 @@ function squid_deinstall_command() {
if (is_array($config['installedpackages']['squidreverseredir'])) {
unset($config['installedpackages']['squidreverseredir']);
}
+ if (is_array($config['installedpackages']['squidreverseuri'])) {
+ unset($config['installedpackages']['squidreverseuri']);
+ }
if (is_array($config['installedpackages']['squidsync'])) {
unset($config['installedpackages']['squidsync']);
}
@@ -953,7 +959,7 @@ function squid_validate_traffic($post, &$input_errors) {
if (!empty($post['quick_abort_min'])) {
$value = trim($post['quick_abort_min']);
- if ((!is_numericint($value)) && ($value !== -1)) {
+ if ((!is_numericint($value)) && ($value != "-1")) {
$input_errors[] = "'Finish when remaining KB' must contain a positive integer or '-1'.";
}
}
@@ -971,6 +977,14 @@ function squid_validate_traffic($post, &$input_errors) {
$input_errors[] = "'Finish when remaining %' must contain valid percentage (1-100).";
}
}
+
+ if ($post['throttle_specific'] == "on") {
+ $others = trim($post['throttle_others']);
+ if ($post['throttle_binaries'] == "" && $post['throttle_cdimages'] == "" && $post['throttle_multimedia'] == "" && $others == "") {
+ $input_errors[] = "'Throttle Only Specific Extensions' enabled but no extensions specified. Select some options under 'Squid Transfer Extension Settings' or disable this option.";
+ }
+ }
+
}
/* Proxy Server: Authentication input validation */
@@ -1065,12 +1079,21 @@ function squid_resync_general() {
// cert, key, version, cipher, options, clientca, cafile, capath, crlfile, dhparams, sslflags, sslcontext
$crt_pk = SQUID_CONFBASE . "/serverkey.pem";
$crt_capath = SQUID_LOCALBASE . "/share/certs/";
+ /* XXX: Bug #4453
+ * http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit#Modern_DH.2Fciphers_usage
+ */
+ //$sslproxy_cipher = "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS";
+ $sslproxy_cipher = "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS";
+ $sslproxy_dhparams = "/etc/dh-parameters.2048";
+ $sslproxy_options = "NO_SSLv2,NO_SSLv3,SINGLE_DH_USE";
file_put_contents($crt_pk, base64_decode($srv_cert['prv']) . base64_decode($srv_cert['crt']));
$sslcrtd_children = ($settings['sslcrtd_children'] ? $settings['sslcrtd_children'] : 5);
- $ssl_interception .= "ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=" . ($sslcrtd_children*2) . "MB cert={$crt_pk} capath={$crt_capath}\n";
+ $ssl_interception .= "ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=" . ($sslcrtd_children*2) . "MB cert={$crt_pk} capath={$crt_capath} cipher={$sslproxy_cipher} dhparams={$sslproxy_dhparams} options={$sslproxy_options}\n";
$interception_checks = "sslcrtd_program " . SQUID_LOCALBASE . "/libexec/squid/ssl_crtd -s " . SQUID_SSL_DB . " -M 4MB -b 2048\n";
$interception_checks .= "sslcrtd_children {$sslcrtd_children}\n";
$interception_checks .= "sslproxy_capath {$crt_capath}\n";
+ $interception_checks .= "sslproxy_options {$sslproxy_options}\n";
+ $interception_checks .= "sslproxy_cipher {$sslproxy_cipher}\n";
if (preg_match("/sslproxy_cert_error/", $settings["interception_checks"])) {
$interception_checks .= "sslproxy_cert_error allow all\n";
}
@@ -1620,6 +1643,7 @@ EOD;
$conf .= "delay_access 1 allow throttle_exts\n";
$conf .= "delay_access 1 deny allsrc\n";
} else {
+ unlink_if_exists(SQUID_ACLDIR . '/throttle_exts.acl');
$conf .= "delay_access 1 allow allsrc\n";
}
@@ -1766,7 +1790,7 @@ function squid_resync_auth() {
$conf .= "http_access allow $acl\n";
}
} else {
- $noauth = implode(' ', explode("\n", base64_decode($settings['no_auth_hosts'])));
+ $noauth = implode(' ', explode("\n", sq_text_area_decode($settings['no_auth_hosts'])));
if (!empty($noauth)) {
$conf .= "acl noauth src $noauth\n";
$valid_acls[] = 'noauth';
diff --git a/config/squid3/34/squid_antivirus.inc b/config/squid3/34/squid_antivirus.inc
index 9a678fa9..6e5823b7 100644
--- a/config/squid3/34/squid_antivirus.inc
+++ b/config/squid3/34/squid_antivirus.inc
@@ -42,9 +42,11 @@ function squid_check_clamav_user() {
return;
} else {
if (!exec("/usr/sbin/pw usershow clamav")) {
+ log_error("[squid] Adding clamav user.");
mwexec("/usr/sbin/pw useradd clamav -G wheel -u 9595 -s /sbin/nologin");
}
if (!exec("/usr/sbin/pw groupshow wheel | /usr/bin/grep clamav")) {
+ log_error("[squid] Adding clamav user to wheel group.");
mwexec("/usr/sbin/pw usermod clamav -G wheel");
}
}
@@ -98,7 +100,7 @@ function squid_install_freshclam_cron($should_install) {
/* Manually update ClamAV virus definitions via the GUI button */
function squid_update_clamav() {
squid_check_antivirus_dirs();
- log_error("[squid] Updating ClamAV definitions now... This will take a while. Check /var/log/clamav/freshclam.log for progress information.");
+ log_error("[squid] Updating ClamAV definitions now... This will take a while. Check freshclam log on the 'Real Time' tab for progress information.");
mwexec_bg(SQUID_BASE . "/bin/freshclam --config-file=" . SQUID_BASE . "/etc/freshclam.conf");
}
@@ -147,21 +149,10 @@ function squid_antivirus_install_command() {
/* Run on Squid package uninstall */
function squid_antivirus_deinstall_command() {
global $config, $keep;
- /* kill all running services */
- if (is_process_running("c-icap")) {
- mwexec('/bin/echo -n "stop" > /var/run/c-icap/c-icap.ctl');
- }
- mwexec("/bin/ps awux | /usr/bin/grep '[c]lamd' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
+ /* Stop all running services, remove rc scripts and cronjobs */
+ squid_stop_antivirus();
mwexec("/bin/ps awux | /usr/bin/grep '[f]reshclam' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill");
- /* remove cronjobs */
- squid_install_freshclam_cron(false);
-
- /* delete rc scripts */
- unlink_if_exists('/usr/local/etc/rc.d/squid.sh');
- unlink_if_exists("/usr/local/etc/rc.d/c-icap.sh");
- unlink_if_exists('/usr/local/etc/rc.d/clamd.sh');
-
/* clean up created PBI symlinks */
update_output_window("Finishing package cleanup.");
if (SQUID_LOCALBASE != '/usr/local') {
@@ -656,11 +647,11 @@ function squid_antivirus_put_raw_config($rawfiles) {
break;
case 'raw_freshclam_conf':
$confdir = "";
- $conffile = "freshclam.conf";
+ $conffile = "/freshclam.conf";
break;
case 'raw_clamd_conf':
$confdir = "";
- $conffile = "clamd.conf";
+ $conffile = "/clamd.conf";
break;
default:
$confdir = "";
@@ -677,10 +668,11 @@ function squid_antivirus_put_raw_config($rawfiles) {
/* Helper function for squid_antivirus_put_raw_config() */
function squid_antivirus_write_conffile($dir, $file, $text) {
if ($file && $text) {
- if (!file_put_contents(SQUID_LOCALBASE . "/etc" . "{$dir}" . "/{$file}", preg_replace("/\r\n/", "\n", base64_decode($text)), LOCK_EX)) {
- log_error("[squid] Could not save '{$file}' configuration file.");
+ $cfgfile = SQUID_LOCALBASE . "/etc" . "{$dir}" . "{$file}";
+ if (!file_put_contents("{$cfgfile}", preg_replace("/\r\n/", "\n", base64_decode($text)), LOCK_EX)) {
+ log_error("[squid] Could not save '{$cfgfile}' configuration file.");
} else {
- log_error("[squid] Saved '{$file}' configuration file.");
+ log_error("[squid] Saved '{$cfgfile}' configuration file.");
}
}
}
@@ -697,7 +689,7 @@ function squid_write_clamd_rcfile() {
$rc['start'] = <<< EOD
if [ ! -f /var/db/clamav/main.cvd -a ! -f /var/db/clamav/main.cld ]; then
- echo "Missing /var/db/clamav/*.cvd or *.cld files. You must run freshclam first"
+ echo "Missing /var/db/clamav/*.cvd or *.cld files. You must run freshclam first!"
exit 1
fi
@@ -717,6 +709,7 @@ fi
EOD;
conf_mount_rw();
+ log_error("[squid] Creating 'clamd.sh' rc script.");
write_rcfile($rc);
conf_mount_ro();
}
@@ -730,6 +723,7 @@ function squid_write_cicap_rcfile() {
$cicap_start_cmd = "LD_LIBRARY_PATH={$cicap_libdir} {$cicap_bin} -f {$cicap_conf}";
$cicap_stop_cmd = '/bin/echo -n "stop" > /var/run/c-icap/c-icap.ctl';
conf_mount_rw();
+ log_error("[squid] Creating '{$c_icap_rcfile}' rc script.");
write_rcfile(array(
"file" => "{$c_icap_rcfile}",
"start" => "{$cicap_start_cmd}",
@@ -739,7 +733,7 @@ function squid_write_cicap_rcfile() {
conf_mount_ro();
}
-/* (Re)start antivirus services if AV features are enabled; otherwise stop and disable them */
+/* (Re)start antivirus services if AV features are enabled */
function squid_restart_antivirus() {
global $config;
if (is_array($config['installedpackages']['squidantivirus'])) {
@@ -751,6 +745,7 @@ function squid_restart_antivirus() {
// reconfigure and (re)start service as needed if enabled, otherwise stop them
// do not (re)start antivirus services on boot
if (platform_booting()) {
+ log_error("[squid] Skipping antivirus services (re)start on boot.");
return;
}
@@ -758,7 +753,7 @@ function squid_restart_antivirus() {
// Check clamav database
if (count(glob("/var/db/clamav/*d")) == 0) {
log_error("[squid] Missing /var/db/clamav/*.cvd or *.cld files. Running freshclam in background.");
- log_error("[squid] Do NOT attempt to start ClamAV service until AV definitions are downloaded. Check /var/log/clamav/freshclam.log for progress information.");
+ log_error("[squid] Do NOT attempt to start ClamAV service until AV definitions are downloaded.");
squid_update_clamav();
} elseif ($antivirus_config['clamav_safebrowsing'] == "on" && !is_file("/var/db/clamav/safebrowsing.cvd")) {
log_error("[squid] Google Safe Browsing is enabled but missing safebrowsing.cvd definitions. Running freshclam in background.");
@@ -789,31 +784,55 @@ function squid_restart_antivirus() {
squid_write_cicap_rcfile();
}
if (is_process_running("c-icap")) {
+ log_error("[squid] Reloading C-ICAP...");
mwexec_bg('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl');
} else {
+ log_error("[squid] Starting C-ICAP...");
mwexec_bg("{$c_icap_rcfile} start");
}
} else {
// stop AV services and disable all C-ICAP/AV features
log_error("[squid] Antivirus features disabled.");
- if (is_process_running("clamd")) {
- log_error("[squid] Stopping and disabling ClamAV...");
- mwexec("/usr/bin/killall clamd");
- }
- unlink_if_exists("/usr/local/etc/rc.d/clamd.sh");
-
- // freshclam cronjob
- squid_install_freshclam_cron(false);
+ squid_stop_antivirus();
+ }
+}
- // check c-icap rcfile
+/* Stop AV services and disable all C-ICAP/AV features */
+function squid_stop_antivirus() {
+ // Stop C-ICAP
+ if (is_process_running("c-icap")) {
+ log_error("[squid] Stopping and disabling C-ICAP...");
+ mwexec('/bin/echo -n "stop" > /var/run/c-icap/c-icap.ctl');
+ sleep(5);
if (is_process_running("c-icap")) {
- log_error("[squid] Stopping and disabling C-ICAP...");
- mwexec('/bin/echo -n "stop" > /var/run/c-icap/c-icap.ctl');
+ log_error("[squid] C-ICAP still running, forcibly killing c-icap process(es).");
+ mwexec("/bin/ps awux | /usr/bin/grep '[c]-icap' | /usr/bin/awk '{ print $2 }' | /usr/bin/xargs kill -9");
+ }
+ }
+ unlink_if_exists("/usr/local/etc/rc.d/c-icap.sh");
+
+ // Stop ClamAV
+ if (is_process_running("clamd")) {
+ log_error("[squid] Stopping and disabling ClamAV...");
+ mwexec("/usr/bin/killall clamd");
+ // sleep for a couple of seconds to give clamd a chance to perform clean exit
+ for ($i = 0; $i < 10; $i++) {
+ if (is_process_running('clamd')) {
+ sleep(1);
+ }
}
- unlink_if_exists("/usr/local/etc/rc.d/c-icap.sh");
}
+ if (is_process_running("clamd")) {
+ log_error("[squid] ClamAV still running, forcibly killing clamd process(es).");
+ mwexec("/usr/bin/killall -9 clamd");
+ }
+ unlink_if_exists("/usr/local/etc/rc.d/clamd.sh");
+
+ // Remove freshclam cronjob
+ squid_install_freshclam_cron(false);
}
+
/*
* Input validation
*/
diff --git a/config/squid3/34/squid_antivirus.xml b/config/squid3/34/squid_antivirus.xml
index 44820257..495ef342 100755
--- a/config/squid3/34/squid_antivirus.xml
+++ b/config/squid3/34/squid_antivirus.xml
@@ -42,8 +42,8 @@
]]>
</copyright>
<name>squidantivirus</name>
- <version>0.4.0</version>
- <title>Proxy server: Antivirus</title>
+ <version>0.4.1</version>
+ <title>Proxy Server: Antivirus</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
<tab>
@@ -148,7 +148,7 @@
]]>
</description>
<type>input</type>
- <cols>60</cols>
+ <size>60</size>
</field>
<field>
@@ -173,7 +173,7 @@
Select the desired frequency here.<br/><br/>
<input name='update_av' id='update_av' type='submit' value='Update AV' />
Click the button to update AV databases now.<br/>
- <strong>Note: This will take a while.</strong> Check /var/log/clamav/freshclam.log for progress information.
+ <strong>Note: This will take a while.</strong> Check freshclam log on the <a href="squid_monitor.php">'Real Time' tab</a> for progress information.
]]>
</description>
<type>select</type>
@@ -229,7 +229,7 @@
]]>
</description>
<type>input</type>
- <cols>60</cols>
+ <size>60</size>
</field>
<field>
<fielddescr>squidclamav.conf</fielddescr>
diff --git a/config/squid3/34/squid_antivirus_status.widget.php b/config/squid3/34/squid_antivirus_status.widget.php
index 41c8c2fd..377b51f2 100644
--- a/config/squid3/34/squid_antivirus_status.widget.php
+++ b/config/squid3/34/squid_antivirus_status.widget.php
@@ -44,8 +44,8 @@ global $clamd_path, $cicap_cfg_path, $img;
$clamd_path = SQUID_BASE . "/bin/clamd";
$cicap_cfg_path = SQUID_LOCALBASE . "/bin/c-icap-config";
$img = array();
-$img['up'] = "<img src ='data:image/gif;base64,R0lGODlhCwALAIABACPcMP///yH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAh+QQBCgABACwAAAAACwALAAACFYwNpwi50eKK9NA722Puyf15GjgaBQA7' title='Service running' alt='' />";
-$img['down'] = "<img src ='data:image/gif;base64,R0lGODlhCwALAIABANwjI////yH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAh+QQBCgABACwAAAAACwALAAACFowDeYvKlsCD7sXZ5Iq89kpdFshoRwEAOw==' title='Service not running' alt='' />";
+$img['up'] = "<img src='data:image/gif;base64,R0lGODlhCwALAIABACPcMP///yH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAh+QQBCgABACwAAAAACwALAAACFYwNpwi50eKK9NA722Puyf15GjgaBQA7' title='Service running' alt='' />";
+$img['down'] = "<img src='data:image/gif;base64,R0lGODlhCwALAIABANwjI////yH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAh+QQBCgABACwAAAAACwALAAACFowDeYvKlsCD7sXZ5Iq89kpdFshoRwEAOw==' title='Service not running' alt='' />";
function squid_avdb_info($filename) {
$stl = "style='padding-top: 0px; padding-bottom: 0px; padding-left: 4px; padding-right: 4px; border-left: 1px solid #999999;'";
@@ -71,10 +71,10 @@ function squid_avdb_info($filename) {
function squid_antivirus_bases_info() {
$db = '<table width="100%" border="0" cellspacing="0" cellpadding="1"><tbody>';
$db .= '<tr class="vncellt" ><td>Database</td><td>Date</td><td>Version</td><td>Builder</td></tr>';
- $db .= squid_avdb_info("daily.cvd");
- $db .= squid_avdb_info("bytecode.cvd");
- $db .= squid_avdb_info("main.cvd");
- $db .= squid_avdb_info("safebrowsing.cvd");
+ $avdbs = array("daily.cvd", "daily.cld", "bytecode.cvd", "bytecode.cld", "main.cvd", "main.cld", "safebrowing.cvd", "safebrowing.cld");
+ foreach ($avdbs as $avdb) {
+ $db .= squid_avdb_info($avdb);
+ }
$db .= '</tbody></table>';
return $db;
}
diff --git a/config/squid3/34/squid_cache.xml b/config/squid3/34/squid_cache.xml
index 47471df9..b4f1aedf 100755
--- a/config/squid3/34/squid_cache.xml
+++ b/config/squid3/34/squid_cache.xml
@@ -42,8 +42,8 @@
]]>
</copyright>
<name>squidcache</name>
- <version>0.4.0</version>
- <title>Proxy Server: Cache management</title>
+ <version>0.4.1</version>
+ <title>Proxy Server: Cache Management</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
<tab>
@@ -410,7 +410,9 @@
// do not leave orphaned cachedirs if harddisk_cache_location changed
if ($_POST['harddisk_cache_location'] != $config['installedpackages']['squidcache']['config'][0]['harddisk_cache_location']) {
$oldcachedir = $config['installedpackages']['squidcache']['config'][0]['harddisk_cache_location'];
- $cachedir_changed = true;
+ if ($oldcachedir != "") {
+ $cachedir_changed = true;
+ }
}
]]>
</custom_php_command_before_form>
diff --git a/config/squid3/34/squid_monitor.php b/config/squid3/34/squid_monitor.php
index 80e15a64..840d9a60 100755
--- a/config/squid3/34/squid_monitor.php
+++ b/config/squid3/34/squid_monitor.php
@@ -74,7 +74,7 @@ include("head.inc");
$tab_array[] = array(gettext("Web Servers"), false, "/pkg.php?xml=squid_reverse_peer.xml");
$tab_array[] = array(gettext("Mappings"), false, "/pkg.php?xml=squid_reverse_uri.xml");
$tab_array[] = array(gettext("Redirects"), false, "/pkg.php?xml=squid_reverse_redir.xml");
- $tab_array[] = array(gettext("Real time"), true, "/squid_monitor.php?menu=reverse");
+ $tab_array[] = array(gettext("Real Time"), true, "/squid_monitor.php?menu=reverse");
$tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=squid_reverse_sync.xml");
} else {
$tab_array[] = array(gettext("General"), false, "/pkg_edit.php?xml=squid.xml&amp;id=0");
@@ -85,7 +85,7 @@ include("head.inc");
$tab_array[] = array(gettext("Traffic Mgmt"), false, "/pkg_edit.php?xml=squid_traffic.xml&amp;id=0");
$tab_array[] = array(gettext("Authentication"), false, "/pkg_edit.php?xml=squid_auth.xml&amp;id=0");
$tab_array[] = array(gettext("Users"), false, "/pkg.php?xml=squid_users.xml");
- $tab_array[] = array(gettext("Real time"), true, "/squid_monitor.php");
+ $tab_array[] = array(gettext("Real Time"), true, "/squid_monitor.php");
$tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=squid_sync.xml");
}
display_top_tabs($tab_array);
@@ -93,7 +93,7 @@ include("head.inc");
</td></tr>
<tr><td>
<div id="mainarea" style="padding-top: 0px; padding-bottom: 0px; ">
- <form id="paramsForm" name="paramsForm" method="post">
+ <form id="paramsForm" name="paramsForm" method="post" action="">
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="6">
<tbody>
<tr>
@@ -130,19 +130,39 @@ include("head.inc");
</table>
</form>
- <!-- Squid Table -->
+ <!-- Squid Access Table -->
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
- <tr>
- <td colspan="6" class="listtopic" align="center"><?=gettext("Squid Logs"); ?></td>
- </tr>
+ <thead><tr>
+ <td colspan="6" class="listtopic" align="center"><?=gettext("Squid - Access Logs"); ?></td>
+ </tr></thead>
<tbody id="squidView">
+ <tr><td>
<script type="text/javascript">
- // Call function to show squid log
showLog('squidView', 'squid_monitor_data.php', 'squid');
</script>
+ </td></tr>
+ </tbody>
+ </table>
+ </td></tr>
+ </tbody>
+ </table>
+ <!-- Squid Cache Table -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tbody>
+ <tr><td>
+ <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
+ <thead><tr>
+ <td colspan="2" class="listtopic" align="center"><?=gettext("Squid - Cache Logs"); ?></td>
+ </tr></thead>
+ <tbody id="squidCacheView">
+ <tr><td>
+ <script type="text/javascript">
+ showLog('squidCacheView', 'squid_monitor_data.php', 'squid_cache');
+ </script>
+ </td></tr>
</tbody>
</table>
</td></tr>
@@ -154,32 +174,110 @@ include("head.inc");
<tbody>
<tr><td>
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
- <tr>
+ <thead><tr>
<td colspan="5" class="listtopic" align="center"><?=gettext("SquidGuard Logs"); ?></td>
- </tr>
+ </tr></thead>
<tbody id="sguardView">
+ <tr><td>
<script type="text/javascript">
- // Call function to show squidGuard log
showLog('sguardView', 'squid_monitor_data.php', 'sguard');
</script>
+ </td></tr>
+ </tbody>
+ </table>
+ </td></tr>
+ </tbody>
+ </table>
+ <!-- C-ICAP Virus Table -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tbody>
+ <tr><td>
+ <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
+ <thead><tr>
+ <td colspan="6" class="listtopic" align="center"><?=gettext("C-ICAP - Virus Logs"); ?></td>
+ </tr></thead>
+ <tbody id="CICIAPVirusView">
+ <tr><td>
+ <script type="text/javascript">
+ showLog('CICIAPVirusView', 'squid_monitor_data.php', 'cicap_virus');
+ </script>
+ </td></tr>
+ </tbody>
+ </table>
+ </td></tr>
+ </tbody>
+ </table>
+ <!-- C-ICAP Access Table -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tbody>
+ <tr><td>
+ <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
+ <thead><tr>
+ <td colspan="2" class="listtopic" align="center"><?=gettext("C-ICAP - Access Logs"); ?></td>
+ </tr></thead>
+ <tbody id="CICAPAccessView">
+ <tr><td>
+ <script type="text/javascript">
+ showLog('CICAPAccessView', 'squid_monitor_data.php', 'cicap_access');
+ </script>
+ </td></tr>
+ </tbody>
+ </table>
+ </td></tr>
+ </tbody>
+ </table>
+ <!-- C-ICAP Server Table -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tbody>
+ <tr><td>
+ <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
+ <thead><tr>
+ <td colspan="2" class="listtopic" align="center"><?=gettext("C-ICAP - Server Logs"); ?></td>
+ </tr></thead>
+ <tbody id="CICAPServerView">
+ <tr><td>
+ <script type="text/javascript">
+ showLog('CICAPServerView', 'squid_monitor_data.php', 'cicap_server');
+ </script>
+ </td></tr>
+ </tbody>
+ </table>
+ </td></tr>
+ </tbody>
+ </table>
+ <!-- freshclam Table -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tbody>
+ <tr><td>
+ <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
+ <thead><tr>
+ <td colspan="1" class="listtopic" align="center"><?=gettext("ClamAV - freshclam Logs"); ?></td>
+ </tr></thead>
+ <tbody id="freshclamView">
+ <tr><td>
+ <script type="text/javascript">
+ showLog('freshclamView', 'squid_monitor_data.php', 'freshclam');
+ </script>
+ </td></tr>
</tbody>
</table>
</td></tr>
</tbody>
</table>
- <!-- clamav Table -->
+ <!-- clamd Table -->
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
- <tr>
- <td colspan="6" class="listtopic" align="center"><?=gettext("clamav Logs"); ?></td>
- </tr>
- <tbody id="clamView">
+ <thead><tr>
+ <td colspan="1" class="listtopic" align="center"><?=gettext("ClamAV - clamd Logs"); ?></td>
+ </tr></thead>
+ <tbody id="clamdView">
+ <tr><td>
<script type="text/javascript">
- // Call function to show squidGuard log
- showLog('clamView', 'squid_monitor_data.php', 'clamav');
+ showLog('clamdView', 'squid_monitor_data.php', 'clamd');
</script>
+ </td></tr>
</tbody>
</table>
</td></tr>
diff --git a/config/squid3/34/squid_monitor_data.php b/config/squid3/34/squid_monitor_data.php
index c2c3264d..747699cd 100755
--- a/config/squid3/34/squid_monitor_data.php
+++ b/config/squid3/34/squid_monitor_data.php
@@ -49,9 +49,6 @@ if ($_POST) {
// Split line by space delimiter
$logline = preg_split("/\s+/", $logent);
- // Apply date format to first line
- //$logline[0] = date("d.m.Y H:i:s",$logline[0]);
-
// Word wrap the URL
$logline[7] = htmlentities($logline[7]);
$logline[7] = html_autowrap($logline[7]);
@@ -62,7 +59,7 @@ if ($_POST) {
// Apply filter and color
// Need validate special chars
if ($filter != "") {
- $logline = preg_replace("@($filter)@i","<spam><font color='red'>$1</font></span>", $logline);
+ $logline = preg_replace("@($filter)@i","<span><font color='red'>$1</font></span>", $logline);
}
echo "<tr valign=\"top\">\n";
@@ -75,6 +72,30 @@ if ($_POST) {
echo "</tr>\n";
}
break;
+ case 'squid_cache';
+ // Define log file
+ $log = '/var/squid/logs/cache.log';
+ // Show table headers
+ show_tds(array("Date-Time", "Message"));
+ // Fetch lines
+ $logarr = fetch_log($log);
+ foreach ($logarr as $logent) {
+ // Split line by delimiter
+ $logline = preg_split("@\|@", $logent);
+
+ // Replace some build host nonsense and apply time format
+ $logline[0] = date("d.m.Y H:i:s", strtotime(str_replace("kid1", "", $logline[0])));
+
+ // Word wrap the message
+ $logline[1] = htmlentities($logline[1]);
+ $logline[1] = html_autowrap($logline[1]);
+
+ echo "<tr>\n";
+ echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n";
+ echo "<td class=\"listr\" nowrap=\"nowrap\">{$logline[1]}</td>\n";
+ echo "</tr>\n";
+ }
+ break;
case 'sguard';
$log = '/var/squidGuard/log/block.log';
// Show table headers
@@ -107,7 +128,7 @@ if ($_POST) {
echo "</tr>\n";
}
break;
- case 'clamav';
+ case 'cicap_virus';
// Define log file
$log = '/var/log/c-icap/virus.log';
// Show table headers
@@ -115,7 +136,7 @@ if ($_POST) {
// Fetch lines
$logarr = fetch_log($log);
foreach ($logarr as $logent) {
- // Split line by space delimiter
+ // Split line by delimiter
$logline = preg_split("/\|/", $logent);
// Apply time format
@@ -135,7 +156,91 @@ if ($_POST) {
echo "</tr>\n";
}
break;
- }
+ case 'cicap_access';
+ // Define log file
+ $log = '/var/log/c-icap/access.log';
+ // Show table headers
+ show_tds(array("Date-Time", "Message"));
+ // Fetch lines
+ $logarr = fetch_log($log);
+ foreach ($logarr as $logent) {
+ // Split line by delimiter
+ $logline = preg_split("/,/", $logent);
+
+ // Apply time format
+ $logline[0] = date("d.m.Y H:i:s", strtotime($logline[0]));
+
+ // Word wrap the message
+ $logline[1] = htmlentities($logline[1]);
+ $logline[1] = html_autowrap($logline[1]);
+
+ echo "<tr>\n";
+ echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n";
+ echo "<td class=\"listr\" nowrap=\"nowrap\">{$logline[1]}</td>\n";
+ echo "</tr>\n";
+ }
+ break;
+ case 'cicap_server';
+ // Define log file
+ $log = '/var/log/c-icap/server.log';
+ // Show table headers
+ show_tds(array("Date-Time", "Message"));
+ // Fetch lines
+ $logarr = fetch_log($log);
+ foreach ($logarr as $logent) {
+ // Split line by delimiter
+ $logline = preg_split("/,/", $logent);
+
+ // Apply time format
+ $logline[0] = date("d.m.Y H:i:s", strtotime($logline[0]));
+
+ // Word wrap the message
+ $logline[2] = htmlentities($logline[2]);
+ $logline[2] = html_autowrap($logline[2]);
+
+ echo "<tr>\n";
+ echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n";
+ echo "<td class=\"listr\" nowrap=\"nowrap\">{$logline[2]}</td>\n";
+ echo "</tr>\n";
+ }
+ break;
+ case 'freshclam';
+ // Define log file
+ $log = '/var/log/clamav/freshclam.log';
+ // Show table headers
+ show_tds(array("Message"));
+ // Fetch lines
+ $logarr = fetch_log($log);
+ foreach ($logarr as $logent) {
+ $logline = preg_split("/\n/", $logent);
+ // Word wrap the message
+ $logline[0] = htmlentities($logline[0]);
+ $logline[0] = html_autowrap($logline[0]);
+
+ echo "<tr>\n";
+ echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n";
+ echo "</tr>\n";
+ }
+ break;
+ case 'clamd';
+ // Define log file
+ $log = '/var/log/clamav/clamd.log';
+ // Show table headers
+ show_tds(array("Message"));
+ // Fetch lines
+ $logarr = fetch_log($log);
+ foreach ($logarr as $logent) {
+ $logline = preg_split("/\n/", $logent);
+ // Word wrap the message
+ $logline[0] = htmlentities($logline[0]);
+ $logline[0] = html_autowrap($logline[0]);
+
+ echo "<tr>\n";
+ echo "<td class=\"listlr\" nowrap=\"nowrap\">{$logline[0]}</td>\n";
+ echo "</tr>\n";
+ }
+ break;
+ }
}
/* Functions */
diff --git a/config/squid3/34/squid_nac.xml b/config/squid3/34/squid_nac.xml
index 4a81ac91..d621231f 100755
--- a/config/squid3/34/squid_nac.xml
+++ b/config/squid3/34/squid_nac.xml
@@ -42,7 +42,7 @@
]]>
</copyright>
<name>squidnac</name>
- <version>0.3.5</version>
+ <version>0.4.1</version>
<title>Proxy Server: Access Control</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
@@ -98,9 +98,10 @@
<fieldname>allowed_subnets</fieldname>
<description>
<![CDATA[
- Enter each subnet on a new line that is allowed to use the proxy.<br/>
- The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24).<br/><br/>
- Note: The proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.
+ Enter subnets that are allowed to use the proxy.<br/>
+ The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24).<br/>
+ The proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.<br/>
+ <strong>Note: Put each entry on a separate line.</strong>
]]>
</description>
<type>textarea</type>
diff --git a/config/squid3/34/squid_reverse.inc b/config/squid3/34/squid_reverse.inc
index 9693b21f..f19652b4 100755
--- a/config/squid3/34/squid_reverse.inc
+++ b/config/squid3/34/squid_reverse.inc
@@ -209,7 +209,11 @@ function squid_resync_reverse() {
}
if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])) && ($settings['reverse_owa_autodiscover'] == 'on')) {
- $reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.');
+ if (substr_count($settings['reverse_external_fqdn'], ".") > 1) {
+ $reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.');
+ } else {
+ $reverse_external_domain = $settings['reverse_external_fqdn'];
+ }
$conf .= "acl OWA_URI_pfs url_regex -i ^http://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n";
$conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n";
$conf .= "acl OWA_URI_pfs url_regex -i ^http://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n";
diff --git a/config/squid3/34/squid_reverse_sync.xml b/config/squid3/34/squid_reverse_sync.xml
index eb52540f..139c73c3 100755
--- a/config/squid3/34/squid_reverse_sync.xml
+++ b/config/squid3/34/squid_reverse_sync.xml
@@ -42,7 +42,7 @@
]]>
</copyright>
<name>squidsync</name>
- <version>0.3.7</version>
+ <version>0.4.1</version>
<title>Reverse Proxy Server: XMLRPC Sync</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
@@ -63,7 +63,7 @@
<url>/pkg.php?xml=squid_reverse_redir.xml</url>
</tab>
<tab>
- <text>Real time</text>
+ <text>Real Time</text>
<url>/squid_monitor.php?menu=reverse</url>
</tab>
<tab>
diff --git a/config/squid3/34/squid_sync.xml b/config/squid3/34/squid_sync.xml
index 60e1190c..2f86b7c6 100755
--- a/config/squid3/34/squid_sync.xml
+++ b/config/squid3/34/squid_sync.xml
@@ -42,8 +42,8 @@
]]>
</copyright>
<name>squidsync</name>
- <version>0.3.7</version>
- <title>Proxy server: XMLRPC Sync</title>
+ <version>0.4.1</version>
+ <title>Proxy Server: XMLRPC Sync</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
<tab>
diff --git a/config/squid3/34/squid_traffic.xml b/config/squid3/34/squid_traffic.xml
index bd01bbb7..810fa62d 100755
--- a/config/squid3/34/squid_traffic.xml
+++ b/config/squid3/34/squid_traffic.xml
@@ -42,8 +42,8 @@
]]>
</copyright>
<name>squidtraffic</name>
- <version>0.3.5</version>
- <title>Proxy server: Traffic Management</title>
+ <version>0.4.1</version>
+ <title>Proxy Server: Traffic Management</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
<tab>
@@ -160,7 +160,6 @@
<description>Leave this checked to be able to choose the extensions that throttling will be applied to. Otherwise, all files will be throttled.</description>
<type>checkbox</type>
<enablefields>throttle_binaries,throttle_cdimages,throttle_multimedia,throttle_others</enablefields>
- <default_value>on</default_value>
</field>
<field>
<fielddescr>Throttle Binary Files</fielddescr>
diff --git a/config/squid3/34/squid_users.xml b/config/squid3/34/squid_users.xml
index c47395b9..fb791b9e 100755
--- a/config/squid3/34/squid_users.xml
+++ b/config/squid3/34/squid_users.xml
@@ -42,8 +42,8 @@
]]>
</copyright>
<name>squidusers</name>
- <version>0.3.5</version>
- <title>Proxy server: Local users</title>
+ <version>0.4.1</version>
+ <title>Proxy Server: Local Users</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<delete_string>A proxy server user has been deleted.</delete_string>
<addedit_string>A proxy server user has been created/modified.</addedit_string>
diff --git a/pkg_config.10.xml b/pkg_config.10.xml
index 7dac43b3..2ed6336d 100644
--- a/pkg_config.10.xml
+++ b/pkg_config.10.xml
@@ -1052,7 +1052,7 @@
<pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink>
<website>http://www.squid-cache.org/</website>
<category>Network</category>
- <version>0.4.0</version>
+ <version>0.4.1</version>
<status>beta</status>
<required_version>2.2</required_version>
<maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer>