aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--config/squid3/34/squid_antivirus.inc24
-rwxr-xr-xconfig/squid3/34/squid_antivirus.xml12
-rw-r--r--config/squid3/34/squid_js.inc5
-rw-r--r--pkg_config.10.xml4
4 files changed, 40 insertions, 5 deletions
diff --git a/config/squid3/34/squid_antivirus.inc b/config/squid3/34/squid_antivirus.inc
index e22ae039..4bf9ea59 100644
--- a/config/squid3/34/squid_antivirus.inc
+++ b/config/squid3/34/squid_antivirus.inc
@@ -348,6 +348,28 @@ EOF;
if (!file_put_contents("{$cf}", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) {
log_error("[squid] Could not save generated {$cf} file!");
}
+ if ($antivirus_config['clamav_disable_stream_scanning'] == "on") {
+ $stream_exclude = <<< EOF
+# Do not scan (streamed) videos and audios
+abort ^.*\.(flv|f4f|mp(3|4))(\?.*)?$
+abort ^.*\.(m3u|pls|wmx|aac|mpeg)(\?.*)?$
+abortcontent ^video\/x-flv$
+abortcontent ^video\/mp4$
+abortcontent ^audio\/mp4$
+abortcontent ^.*audio\/mp4.*$
+abortcontent ^video\/webm$
+abortcontent ^audio\/webm$
+abortcontent ^video\/MP2T$
+abortcontent ^audio\/wmx$
+abortcontent ^audio\/mpeg$
+abortcontent ^audio\/aac$
+abortcontent ^.*application\/x-mms-framed.*$
+
+EOF;
+ if (!file_put_contents("{$cf}", "{$stream_exclude}", FILE_APPEND | LOCK_EX)) {
+ log_error("[squid] Could not add streaming exclusions to {$cf} file!");
+ }
+ }
} else {
log_error("[squid] Template not found; could not generate '{$cf}' file!");
}
@@ -468,6 +490,8 @@ function squid_antivirus_install_config_files() {
} else {
$squidclamav_r[2] = "{$config['system']['webgui']['protocol']}://{$config['system']['hostname']}.{$config['system']['domain']}:{$port}/squid_clwarn.php";
}
+ $squidclamav_m[3] = "@dnslookup\s1@";
+ $squidclamav_r[3] = "dnslookup 0";
if (!file_put_contents("{$cf}.pfsense", preg_replace($squidclamav_m, $squidclamav_r, $sample_file), LOCK_EX)) {
log_error("[squid] Could not save patched '{$cf}.pfsense' template file!");
}
diff --git a/config/squid3/34/squid_antivirus.xml b/config/squid3/34/squid_antivirus.xml
index 495ef342..e70acf55 100755
--- a/config/squid3/34/squid_antivirus.xml
+++ b/config/squid3/34/squid_antivirus.xml
@@ -42,7 +42,7 @@
]]>
</copyright>
<name>squidantivirus</name>
- <version>0.4.1</version>
+ <version>0.4.6</version>
<title>Proxy Server: Antivirus</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<tabs>
@@ -165,6 +165,16 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Exclude Audio/Video Streams</fielddescr>
+ <fieldname>clamav_disable_stream_scanning</fieldname>
+ <description>
+ <![CDATA[
+ This option disables antivirus scanning of streamed video and audio.
+ ]]>
+ </description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>ClamAV Database Update</fielddescr>
<fieldname>clamav_update</fieldname>
<description>
diff --git a/config/squid3/34/squid_js.inc b/config/squid3/34/squid_js.inc
index 59b75e60..33f1923d 100644
--- a/config/squid3/34/squid_js.inc
+++ b/config/squid3/34/squid_js.inc
@@ -215,11 +215,10 @@ function on_antivirus_advanced_config_changed() {
if (enable_advanced === 'disabled') {
document.iform['clamav_url'].disabled = 0;
document.iform['clamav_safebrowsing'].disabled = 0;
+ document.iform['clamav_disable_stream_scanning'].disabled = 0;
document.iform['clamav_update'].disabled = 0;
document.iform['clamav_dbregion'].disabled = 0;
document.iform['clamav_dbservers'].disabled = 0;
- document.iform['clamav_dbservers'].disabled = 0;
- document.iform['clamav_dbservers'].disabled = 0;
document.getElementById("load_advanced").disabled = 1;
document.iform['raw_squidclamav_conf'].disabled = 1;
document.iform['raw_squidclamav_conf'].value = '';
@@ -235,6 +234,8 @@ function on_antivirus_advanced_config_changed() {
document.iform['clamav_url'].disabled = 1;
document.iform['clamav_safebrowsing'].disabled = 1;
document.getElementById('clamav_safebrowsing').checked = 0;
+ document.iform['clamav_disable_stream_scanning'].disabled = 1;
+ document.getElementById('clamav_disable_stream_scanning').checked = 0;
document.iform['clamav_update'].disabled = 0;
document.iform['clamav_dbregion'].disabled = 1;
document.getElementById("clamav_dbregion").value = '';
diff --git a/pkg_config.10.xml b/pkg_config.10.xml
index 343f2575..eec3985f 100644
--- a/pkg_config.10.xml
+++ b/pkg_config.10.xml
@@ -1089,8 +1089,8 @@
<pkginfolink>https://forum.pfsense.org/index.php?topic=100167.0</pkginfolink>
<website>http://www.squid-cache.org/</website>
<category>Services</category>
- <version>0.4.5</version>
- <status>BETA</status>
+ <version>0.4.6</version>
+ <status>RC</status>
<required_version>2.2</required_version>
<maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer>
<run_depends>sbin/squid:www/squid libexec/squid/squid_radius_auth:www/squid_radius_auth lib/c_icap/virus_scan.so:www/c-icap-modules lib/c_icap/squidclamav.so:www/squidclamav</run_depends>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 19:55:30 +0000