diff options
-rw-r--r-- | config/squid3/34/squid_antivirus.inc | 24 | ||||
-rwxr-xr-x | config/squid3/34/squid_antivirus.xml | 12 | ||||
-rw-r--r-- | config/squid3/34/squid_js.inc | 5 | ||||
-rw-r--r-- | pkg_config.10.xml | 4 |
4 files changed, 40 insertions, 5 deletions
diff --git a/config/squid3/34/squid_antivirus.inc b/config/squid3/34/squid_antivirus.inc index e22ae039..4bf9ea59 100644 --- a/config/squid3/34/squid_antivirus.inc +++ b/config/squid3/34/squid_antivirus.inc @@ -348,6 +348,28 @@ EOF; if (!file_put_contents("{$cf}", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) { log_error("[squid] Could not save generated {$cf} file!"); } + if ($antivirus_config['clamav_disable_stream_scanning'] == "on") { + $stream_exclude = <<< EOF +# Do not scan (streamed) videos and audios +abort ^.*\.(flv|f4f|mp(3|4))(\?.*)?$ +abort ^.*\.(m3u|pls|wmx|aac|mpeg)(\?.*)?$ +abortcontent ^video\/x-flv$ +abortcontent ^video\/mp4$ +abortcontent ^audio\/mp4$ +abortcontent ^.*audio\/mp4.*$ +abortcontent ^video\/webm$ +abortcontent ^audio\/webm$ +abortcontent ^video\/MP2T$ +abortcontent ^audio\/wmx$ +abortcontent ^audio\/mpeg$ +abortcontent ^audio\/aac$ +abortcontent ^.*application\/x-mms-framed.*$ + +EOF; + if (!file_put_contents("{$cf}", "{$stream_exclude}", FILE_APPEND | LOCK_EX)) { + log_error("[squid] Could not add streaming exclusions to {$cf} file!"); + } + } } else { log_error("[squid] Template not found; could not generate '{$cf}' file!"); } @@ -468,6 +490,8 @@ function squid_antivirus_install_config_files() { } else { $squidclamav_r[2] = "{$config['system']['webgui']['protocol']}://{$config['system']['hostname']}.{$config['system']['domain']}:{$port}/squid_clwarn.php"; } + $squidclamav_m[3] = "@dnslookup\s1@"; + $squidclamav_r[3] = "dnslookup 0"; if (!file_put_contents("{$cf}.pfsense", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) { log_error("[squid] Could not save patched '{$cf}.pfsense' template file!"); } diff --git a/config/squid3/34/squid_antivirus.xml b/config/squid3/34/squid_antivirus.xml index 495ef342..e70acf55 100755 --- a/config/squid3/34/squid_antivirus.xml +++ b/config/squid3/34/squid_antivirus.xml @@ -42,7 +42,7 @@ ]]> </copyright> <name>squidantivirus</name> - <version>0.4.1</version> + <version>0.4.6</version> <title>Proxy Server: Antivirus</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> @@ -165,6 +165,16 @@ <type>checkbox</type> </field> <field> + <fielddescr>Exclude Audio/Video Streams</fielddescr> + <fieldname>clamav_disable_stream_scanning</fieldname> + <description> + <![CDATA[ + This option disables antivirus scanning of streamed video and audio. + ]]> + </description> + <type>checkbox</type> + </field> + <field> <fielddescr>ClamAV Database Update</fielddescr> <fieldname>clamav_update</fieldname> <description> diff --git a/config/squid3/34/squid_js.inc b/config/squid3/34/squid_js.inc index 59b75e60..33f1923d 100644 --- a/config/squid3/34/squid_js.inc +++ b/config/squid3/34/squid_js.inc @@ -215,11 +215,10 @@ function on_antivirus_advanced_config_changed() { if (enable_advanced === 'disabled') { document.iform['clamav_url'].disabled = 0; document.iform['clamav_safebrowsing'].disabled = 0; + document.iform['clamav_disable_stream_scanning'].disabled = 0; document.iform['clamav_update'].disabled = 0; document.iform['clamav_dbregion'].disabled = 0; document.iform['clamav_dbservers'].disabled = 0; - document.iform['clamav_dbservers'].disabled = 0; - document.iform['clamav_dbservers'].disabled = 0; document.getElementById("load_advanced").disabled = 1; document.iform['raw_squidclamav_conf'].disabled = 1; document.iform['raw_squidclamav_conf'].value = ''; @@ -235,6 +234,8 @@ function on_antivirus_advanced_config_changed() { document.iform['clamav_url'].disabled = 1; document.iform['clamav_safebrowsing'].disabled = 1; document.getElementById('clamav_safebrowsing').checked = 0; + document.iform['clamav_disable_stream_scanning'].disabled = 1; + document.getElementById('clamav_disable_stream_scanning').checked = 0; document.iform['clamav_update'].disabled = 0; document.iform['clamav_dbregion'].disabled = 1; document.getElementById("clamav_dbregion").value = ''; diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 343f2575..eec3985f 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -1089,8 +1089,8 @@ <pkginfolink>https://forum.pfsense.org/index.php?topic=100167.0</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Services</category> - <version>0.4.5</version> - <status>BETA</status> + <version>0.4.6</version> + <status>RC</status> <required_version>2.2</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> <run_depends>sbin/squid:www/squid libexec/squid/squid_radius_auth:www/squid_radius_auth lib/c_icap/virus_scan.so:www/c-icap-modules lib/c_icap/squidclamav.so:www/squidclamav</run_depends> |