aboutsummaryrefslogtreecommitdiffstats
path: root/config/squid3/33
diff options
context:
space:
mode:
Diffstat (limited to 'config/squid3/33')
-rw-r--r--config/squid3/33/check_ip.php7
-rwxr-xr-xconfig/squid3/33/squid.inc65
-rw-r--r--config/squid3/33/squid.xml50
-rwxr-xr-xconfig/squid3/33/squid_ng.inc2
-rwxr-xr-xconfig/squid3/33/squid_ng.xml16
5 files changed, 88 insertions, 52 deletions
diff --git a/config/squid3/33/check_ip.php b/config/squid3/33/check_ip.php
index 6c65ff3f..e16cee0b 100644
--- a/config/squid3/33/check_ip.php
+++ b/config/squid3/33/check_ip.php
@@ -49,10 +49,11 @@ if ($pf_version > 2.0){
$dbhandle = sqlite_open("$dir/$file", 0666, $error);
if ($dbhandle){
$query = "select * from captiveportal";
- $result = sqlite_query($dbhandle, $query);
+ $result = sqlite_array_query($dbhandle, $query, SQLITE_ASSOC);
if ($result){
- $row = sqlite_fetch_array($result, SQLITE_ASSOC);
- $cp_db[]=implode(",",$row);
+ foreach ($result as $rownum => $row){
+ $cp_db[$rownum]=implode(",",$row);
+ }
sqlite_close($dbhandle);
}
}
diff --git a/config/squid3/33/squid.inc b/config/squid3/33/squid.inc
index c55160bc..e13e51d1 100755
--- a/config/squid3/33/squid.inc
+++ b/config/squid3/33/squid.inc
@@ -5,7 +5,7 @@
Copyright (C) 2006-2009 Scott Ullrich
Copyright (C) 2006 Fernando Lemos
Copyright (C) 2012 Martin Fuchs
- Copyright (C) 2012-2013 Marcello Coutinho
+ Copyright (C) 2012-2014 Marcello Coutinho
Copyright (C) 2013 Gekkenhuis
All rights reserved.
@@ -95,6 +95,15 @@ function squid_chown_recursive($dir, $user, $group) {
}
}
+function squid_check_clamav_user($user)
+ {
+ exec("/usr/sbin/pw usershow {$user}",$sq_ex_output,$sq_ex_return);
+ $user_arg=($sq_ex_return == 0?"mod":"add");
+ exec("/usr/sbin/pw user{$user_arg} {$user} -G wheel -u 9595 -s /sbin/nologin",$sq_ex_output,$sq_ex_return);
+ if ($sq_ex_return != 0)
+ log_error("Squid - Could not change clamav user settings. ".serialize($sq_ex_output));
+ }
+
/* setup cache */
function squid_dash_z() {
global $config;
@@ -1310,8 +1319,27 @@ function squid_resync_antivirus(){
if (preg_match("/fr/i",$squid_config['error_language']))
$clwarn="clwarn.cgi.fr_FR";
if (preg_match("/pt_br/i",$squid_config['error_language']))
- $clwarn="clwarn.cgi.pt_BR";
- copy(SQUID_LOCALBASE."/libexec/squidclamav/{$clwarn}","/usr/local/www/clwarn.cgi");
+ $clwarn="clwarn.cgi.pt_BR";
+ $clwarn_file="/usr/local/www/clwarn.cgi";
+ copy(SQUID_LOCALBASE."/libexec/squidclamav/{$clwarn}",$clwarn_file);
+
+ #fix perl path on clwarn.cgi
+ $clwarn_file_new=file_get_contents($clwarn_file);
+ $c_pattern[]="@/usr/\S+/perl@";
+ $c_replacement[]=SQUID_LOCALBASE."/bin/perl";
+ /*$c_pattern[]="@redirect \S+/clwarn.cgi@";
+ $gui_proto=$config['system']['webgui']['protocol'];
+ $gui_port=$config['system']['webgui']['port'];
+ if($gui_port == "") {
+ $gui_port($gui_proto == "http"?"80":"443");
+ }
+ $c_replacement[]=SQUID_LOCALBASE."redirect {$gui_proto}://127.0.0.1:{$gui_port}/clwarn.cgi";
+ */
+ $clwarn_file_new=preg_replace($c_pattern, $c_replacement,$clwarn_file_new);
+ file_put_contents($clwarn_file, $clwarn_file_new,LOCK_EX);
+
+ #fix clwarn.cgi file permission
+ chmod($clwarn_file,0755);
$conf = <<< EOF
icap_enable on
@@ -1346,7 +1374,7 @@ EOF;
if (!isset($clamav_clamd_enable))
$rc_file.='clamav_clamd_enable="YES"'."\n";
file_put_contents("/etc/rc.conf.local",$rc_file,LOCK_EX);
-
+ squid_check_clamav_user('clamav');
#patch sample files to pfsense dirs
#squidclamav.conf
if (!file_exists(SQUID_LOCALBASE."/etc/c-icap/squidclamav.conf.sample"))
@@ -1391,9 +1419,13 @@ EOF;
foreach ($dirs as $dir_path => $dir_user){
if (!is_dir($dir_path))
make_dirs($dir_path);
- squid_chown_recursive($dir_path, $dir_user, $dir_user);
+ squid_chown_recursive($dir_path, $dir_user, "wheel");
+ }
+ #Check clamav database
+ if (count(glob("/var/db/clamav/*d"))==0){
+ log_error("Squid - Missing /var/db/clamav/*.cvd or *.cld files. Running freshclam on background.");
+ mwexec_bg(SQUID_LOCALBASE."/bin/freshclam");
}
-
#check startup scripts on pfsense > 2.1
if (preg_match("/usr.pbi/",SQUID_LOCALBASE)){
$rcd_files = scandir(SQUID_LOCALBASE."/etc/rc.d");
@@ -1410,7 +1442,7 @@ EOF;
#check antivirus daemons
#check icap
if (is_process_running("c-icap")){
- mwexec('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl');
+ mwexec_bg('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl');
}
else{
#check c-icap user on startup file
@@ -1421,13 +1453,13 @@ EOF;
$cicapr[0]='c_icap_user="clamav"}';
file_put_contents($c_icap_rcfile,preg_replace($cicapm,$cicapr,$sample_file),LOCK_EX);
}
- mwexec("/usr/local/etc/rc.d/c-icap start");
+ mwexec_bg("/usr/local/etc/rc.d/c-icap start");
}
#check clamav
if (is_process_running("clamd"))
mwexec_bg("/usr/local/etc/rc.d/clamav-clamd reload");
else
- mwexec("/usr/local/etc/rc.d/clamav-clamd start");
+ mwexec_bg("/usr/local/etc/rc.d/clamav-clamd start");
}
return $conf;
}
@@ -1533,12 +1565,12 @@ include('/usr/local/pkg/squid_reverse.inc');
function squid_resync_auth() {
global $config, $valid_acls;
-
- if (is_array($config['installedpackages']['squidauth']['config']))
- $settings = $config['installedpackages']['squidauth']['config'][0];
- else
- $settings = array();
-
+ $write_config=0;
+ if (!is_array($config['installedpackages']['squidauth']['config'])){
+ $config['installedpackages']['squidauth']['config'][]=array('auth_method'=> "none");
+ $write_config++;
+ }
+ $settings = $config['installedpackages']['squidauth']['config'][0];
if (is_array($config['installedpackages']['squidnac']['config']))
$settingsnac = $config['installedpackages']['squidnac']['config'][0];
else
@@ -1549,6 +1581,9 @@ function squid_resync_auth() {
else
$settingsconfig = array();
+ if ($write_config > 0)
+ write_config();
+
$conf = '';
// SSL interception acl options part 1
diff --git a/config/squid3/33/squid.xml b/config/squid3/33/squid.xml
index a8bc0530..ef5a9c94 100644
--- a/config/squid3/33/squid.xml
+++ b/config/squid3/33/squid.xml
@@ -126,127 +126,127 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid.inc</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_general.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_general.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_peer.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_peer.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_uri.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_uri.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_sync.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_sync.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_sync.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_sync.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_cache.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_cache.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_nac.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_nac.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_ng.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_ng.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_ng.inc</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_ng.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_traffic.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_traffic.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_upstream.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_upstream.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse.inc</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_auth.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_auth.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_users.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_users.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_antivirus.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_antivirus.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/sqpmon.sh</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/sqpmon.sh</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/swapstate_check.php</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/swapstate_check.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_redir.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_redir.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_monitor.php</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_monitor.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_monitor_data.php</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_monitor_data.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/squid_log_parser.php</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/squid_log_parser.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/shortcuts/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/pkg_squid.inc</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/pkg_squid.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/squid3/33/check_ip.php</item>
+ <item>https://packages.pfsense.org/packages/config/squid3/33/check_ip.php</item>
</additional_files_needed>
<fields>
<field>
diff --git a/config/squid3/33/squid_ng.inc b/config/squid3/33/squid_ng.inc
index 0e1e0515..3b9ef405 100755
--- a/config/squid3/33/squid_ng.inc
+++ b/config/squid3/33/squid_ng.inc
@@ -803,7 +803,7 @@ function squid3_custom_php_install_command() {
touch("/tmp/squid3_custom_php_install_command");
/* make sure this all exists, see:
- * http://forum.pfsense.org/index.php?topic=23.msg2391#msg2391
+ * https://forum.pfsense.org/index.php?topic=23.msg2391#msg2391
*/
update_output_window("Setting up Squid environment...");
mwexec("mkdir -p /var/squid");
diff --git a/config/squid3/33/squid_ng.xml b/config/squid3/33/squid_ng.xml
index 142536d6..b96b4eb2 100755
--- a/config/squid3/33/squid_ng.xml
+++ b/config/squid3/33/squid_ng.xml
@@ -102,42 +102,42 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid/squid_cache.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid/squid_cache.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid/squid_nac.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid/squid_nac.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid/squid_ng.inc</item>
+ <item>https://packages.pfsense.org/packages/config/squid/squid_ng.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid/squid_traffic.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid/squid_traffic.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid/squid_upstream.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid/squid_upstream.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid/squid_auth.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid/squid_auth.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid/squid_auth.inc</item>
+ <item>https://packages.pfsense.org/packages/config/squid/squid_auth.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid/squid_extauth.xml</item>
+ <item>https://packages.pfsense.org/packages/config/squid/squid_extauth.xml</item>
</additional_files_needed>
<fields>
<field>