diff options
Diffstat (limited to 'config/squid3/33')
-rw-r--r-- | config/squid3/33/check_ip.php | 7 | ||||
-rwxr-xr-x | config/squid3/33/squid.inc | 65 | ||||
-rw-r--r-- | config/squid3/33/squid.xml | 50 | ||||
-rwxr-xr-x | config/squid3/33/squid_ng.inc | 2 | ||||
-rwxr-xr-x | config/squid3/33/squid_ng.xml | 16 |
5 files changed, 88 insertions, 52 deletions
diff --git a/config/squid3/33/check_ip.php b/config/squid3/33/check_ip.php index 6c65ff3f..e16cee0b 100644 --- a/config/squid3/33/check_ip.php +++ b/config/squid3/33/check_ip.php @@ -49,10 +49,11 @@ if ($pf_version > 2.0){ $dbhandle = sqlite_open("$dir/$file", 0666, $error); if ($dbhandle){ $query = "select * from captiveportal"; - $result = sqlite_query($dbhandle, $query); + $result = sqlite_array_query($dbhandle, $query, SQLITE_ASSOC); if ($result){ - $row = sqlite_fetch_array($result, SQLITE_ASSOC); - $cp_db[]=implode(",",$row); + foreach ($result as $rownum => $row){ + $cp_db[$rownum]=implode(",",$row); + } sqlite_close($dbhandle); } } diff --git a/config/squid3/33/squid.inc b/config/squid3/33/squid.inc index c55160bc..e13e51d1 100755 --- a/config/squid3/33/squid.inc +++ b/config/squid3/33/squid.inc @@ -5,7 +5,7 @@ Copyright (C) 2006-2009 Scott Ullrich Copyright (C) 2006 Fernando Lemos Copyright (C) 2012 Martin Fuchs - Copyright (C) 2012-2013 Marcello Coutinho + Copyright (C) 2012-2014 Marcello Coutinho Copyright (C) 2013 Gekkenhuis All rights reserved. @@ -95,6 +95,15 @@ function squid_chown_recursive($dir, $user, $group) { } } +function squid_check_clamav_user($user) + { + exec("/usr/sbin/pw usershow {$user}",$sq_ex_output,$sq_ex_return); + $user_arg=($sq_ex_return == 0?"mod":"add"); + exec("/usr/sbin/pw user{$user_arg} {$user} -G wheel -u 9595 -s /sbin/nologin",$sq_ex_output,$sq_ex_return); + if ($sq_ex_return != 0) + log_error("Squid - Could not change clamav user settings. ".serialize($sq_ex_output)); + } + /* setup cache */ function squid_dash_z() { global $config; @@ -1310,8 +1319,27 @@ function squid_resync_antivirus(){ if (preg_match("/fr/i",$squid_config['error_language'])) $clwarn="clwarn.cgi.fr_FR"; if (preg_match("/pt_br/i",$squid_config['error_language'])) - $clwarn="clwarn.cgi.pt_BR"; - copy(SQUID_LOCALBASE."/libexec/squidclamav/{$clwarn}","/usr/local/www/clwarn.cgi"); + $clwarn="clwarn.cgi.pt_BR"; + $clwarn_file="/usr/local/www/clwarn.cgi"; + copy(SQUID_LOCALBASE."/libexec/squidclamav/{$clwarn}",$clwarn_file); + + #fix perl path on clwarn.cgi + $clwarn_file_new=file_get_contents($clwarn_file); + $c_pattern[]="@/usr/\S+/perl@"; + $c_replacement[]=SQUID_LOCALBASE."/bin/perl"; + /*$c_pattern[]="@redirect \S+/clwarn.cgi@"; + $gui_proto=$config['system']['webgui']['protocol']; + $gui_port=$config['system']['webgui']['port']; + if($gui_port == "") { + $gui_port($gui_proto == "http"?"80":"443"); + } + $c_replacement[]=SQUID_LOCALBASE."redirect {$gui_proto}://127.0.0.1:{$gui_port}/clwarn.cgi"; + */ + $clwarn_file_new=preg_replace($c_pattern, $c_replacement,$clwarn_file_new); + file_put_contents($clwarn_file, $clwarn_file_new,LOCK_EX); + + #fix clwarn.cgi file permission + chmod($clwarn_file,0755); $conf = <<< EOF icap_enable on @@ -1346,7 +1374,7 @@ EOF; if (!isset($clamav_clamd_enable)) $rc_file.='clamav_clamd_enable="YES"'."\n"; file_put_contents("/etc/rc.conf.local",$rc_file,LOCK_EX); - + squid_check_clamav_user('clamav'); #patch sample files to pfsense dirs #squidclamav.conf if (!file_exists(SQUID_LOCALBASE."/etc/c-icap/squidclamav.conf.sample")) @@ -1391,9 +1419,13 @@ EOF; foreach ($dirs as $dir_path => $dir_user){ if (!is_dir($dir_path)) make_dirs($dir_path); - squid_chown_recursive($dir_path, $dir_user, $dir_user); + squid_chown_recursive($dir_path, $dir_user, "wheel"); + } + #Check clamav database + if (count(glob("/var/db/clamav/*d"))==0){ + log_error("Squid - Missing /var/db/clamav/*.cvd or *.cld files. Running freshclam on background."); + mwexec_bg(SQUID_LOCALBASE."/bin/freshclam"); } - #check startup scripts on pfsense > 2.1 if (preg_match("/usr.pbi/",SQUID_LOCALBASE)){ $rcd_files = scandir(SQUID_LOCALBASE."/etc/rc.d"); @@ -1410,7 +1442,7 @@ EOF; #check antivirus daemons #check icap if (is_process_running("c-icap")){ - mwexec('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl'); + mwexec_bg('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl'); } else{ #check c-icap user on startup file @@ -1421,13 +1453,13 @@ EOF; $cicapr[0]='c_icap_user="clamav"}'; file_put_contents($c_icap_rcfile,preg_replace($cicapm,$cicapr,$sample_file),LOCK_EX); } - mwexec("/usr/local/etc/rc.d/c-icap start"); + mwexec_bg("/usr/local/etc/rc.d/c-icap start"); } #check clamav if (is_process_running("clamd")) mwexec_bg("/usr/local/etc/rc.d/clamav-clamd reload"); else - mwexec("/usr/local/etc/rc.d/clamav-clamd start"); + mwexec_bg("/usr/local/etc/rc.d/clamav-clamd start"); } return $conf; } @@ -1533,12 +1565,12 @@ include('/usr/local/pkg/squid_reverse.inc'); function squid_resync_auth() { global $config, $valid_acls; - - if (is_array($config['installedpackages']['squidauth']['config'])) - $settings = $config['installedpackages']['squidauth']['config'][0]; - else - $settings = array(); - + $write_config=0; + if (!is_array($config['installedpackages']['squidauth']['config'])){ + $config['installedpackages']['squidauth']['config'][]=array('auth_method'=> "none"); + $write_config++; + } + $settings = $config['installedpackages']['squidauth']['config'][0]; if (is_array($config['installedpackages']['squidnac']['config'])) $settingsnac = $config['installedpackages']['squidnac']['config'][0]; else @@ -1549,6 +1581,9 @@ function squid_resync_auth() { else $settingsconfig = array(); + if ($write_config > 0) + write_config(); + $conf = ''; // SSL interception acl options part 1 diff --git a/config/squid3/33/squid.xml b/config/squid3/33/squid.xml index a8bc0530..ef5a9c94 100644 --- a/config/squid3/33/squid.xml +++ b/config/squid3/33/squid.xml @@ -126,127 +126,127 @@ <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid.inc</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_general.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_general.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_peer.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_peer.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_uri.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_uri.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_sync.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_sync.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_sync.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_sync.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_cache.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_cache.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_nac.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_nac.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_ng.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_ng.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_ng.inc</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_ng.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_traffic.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_traffic.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_upstream.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_upstream.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse.inc</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_auth.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_auth.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_users.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_users.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_antivirus.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_antivirus.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/sqpmon.sh</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/sqpmon.sh</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/swapstate_check.php</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/swapstate_check.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_reverse_redir.xml</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_reverse_redir.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_monitor.php</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_monitor.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_monitor_data.php</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_monitor_data.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/squid_log_parser.php</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/squid_log_parser.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/shortcuts/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/pkg_squid.inc</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/pkg_squid.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid3/33/check_ip.php</item> + <item>https://packages.pfsense.org/packages/config/squid3/33/check_ip.php</item> </additional_files_needed> <fields> <field> diff --git a/config/squid3/33/squid_ng.inc b/config/squid3/33/squid_ng.inc index 0e1e0515..3b9ef405 100755 --- a/config/squid3/33/squid_ng.inc +++ b/config/squid3/33/squid_ng.inc @@ -803,7 +803,7 @@ function squid3_custom_php_install_command() { touch("/tmp/squid3_custom_php_install_command"); /* make sure this all exists, see: - * http://forum.pfsense.org/index.php?topic=23.msg2391#msg2391 + * https://forum.pfsense.org/index.php?topic=23.msg2391#msg2391 */ update_output_window("Setting up Squid environment..."); mwexec("mkdir -p /var/squid"); diff --git a/config/squid3/33/squid_ng.xml b/config/squid3/33/squid_ng.xml index 142536d6..b96b4eb2 100755 --- a/config/squid3/33/squid_ng.xml +++ b/config/squid3/33/squid_ng.xml @@ -102,42 +102,42 @@ <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.com/packages/config/squid/squid_cache.xml</item> + <item>https://packages.pfsense.org/packages/config/squid/squid_cache.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.com/packages/config/squid/squid_nac.xml</item> + <item>https://packages.pfsense.org/packages/config/squid/squid_nac.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.com/packages/config/squid/squid_ng.inc</item> + <item>https://packages.pfsense.org/packages/config/squid/squid_ng.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.com/packages/config/squid/squid_traffic.xml</item> + <item>https://packages.pfsense.org/packages/config/squid/squid_traffic.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.com/packages/config/squid/squid_upstream.xml</item> + <item>https://packages.pfsense.org/packages/config/squid/squid_upstream.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.com/packages/config/squid/squid_auth.xml</item> + <item>https://packages.pfsense.org/packages/config/squid/squid_auth.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.com/packages/config/squid/squid_auth.inc</item> + <item>https://packages.pfsense.org/packages/config/squid/squid_auth.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.com/packages/config/squid/squid_extauth.xml</item> + <item>https://packages.pfsense.org/packages/config/squid/squid_extauth.xml</item> </additional_files_needed> <fields> <field> |