aboutsummaryrefslogtreecommitdiffstats
path: root/config/squid
diff options
context:
space:
mode:
Diffstat (limited to 'config/squid')
-rw-r--r--config/squid/squid.inc113
1 files changed, 62 insertions, 51 deletions
diff --git a/config/squid/squid.inc b/config/squid/squid.inc
index 0f94c1e5..dbd8267f 100644
--- a/config/squid/squid.inc
+++ b/config/squid/squid.inc
@@ -285,6 +285,10 @@ function squid_before_form_general($pkg) {
function squid_validate_general($post, $input_errors) {
global $config;
+ $settings = $config['installedpackages']['squid']['config'][0];
+ $port = ($settings['proxy_port'] ? $settings['proxy_port'] : 3128);
+ $port = $post['proxy_port'] ? $post['proxy_port'] : $port;
+
$icp_port = trim($post['icp_port']);
if (!empty($icp_port) && !is_port($icp_port))
$input_errors[] = 'You must enter a valid port number in the \'ICP port\' field';
@@ -1218,63 +1222,70 @@ function squid_generate_rules($type) {
$ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces);
$port = ($squid_conf['proxy_port'] ? $squid_conf['proxy_port'] : 3128);
+ $fw_aliases = filter_generate_aliases();
+ if(strstr($fw_aliases, "pptp ="))
+ $PPTP_ALIAS = "\$pptp";
+ else
+ $PPTP_ALIAS = "\$PPTP";
+ if(strstr($fw_aliases, "PPPoE ="))
+ $PPPOE_ALIAS = "\$PPPoE";
+ else
+ $PPPOE_ALIAS = "\$pppoe";
+
switch($type) {
- case 'nat':
- $rules .= "\n# Setup Squid proxy redirect\n";
- if ($squid_conf['private_subnet_proxy_off'] == 'on') {
- foreach ($ifaces as $iface){
- $rules .= "no rdr on $iface proto tcp from any to { 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 } port 80\n";
- }
- }
- if (!empty($squid_conf['defined_ip_proxy_off'])) {
- $defined_ip_proxy_off = explode(";", $squid_conf['defined_ip_proxy_off']);
- $exempt_ip = "";
- foreach ($defined_ip_proxy_off as $ip_proxy_off) {
- if(!empty($ip_proxy_off)) {
- $ip_proxy_off = trim($ip_proxy_off);
- $exempt_ip .= ", $ip_proxy_off";
+ case 'nat':
+ $rules .= "\n# Setup Squid proxy redirect\n";
+ if ($squid_conf['private_subnet_proxy_off'] == 'on') {
+ foreach ($ifaces as $iface) {
+ $rules .= "no rdr on $iface proto tcp from any to { 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 } port 80\n";
}
}
- $exempt_ip = substr($exempt_ip,2);
+ if (!empty($squid_conf['defined_ip_proxy_off'])) {
+ $defined_ip_proxy_off = explode(";", $squid_conf['defined_ip_proxy_off']);
+ $exempt_ip = "";
+ foreach ($defined_ip_proxy_off as $ip_proxy_off) {
+ if(!empty($ip_proxy_off)) {
+ $ip_proxy_off = trim($ip_proxy_off);
+ $exempt_ip .= ", $ip_proxy_off";
+ }
+ }
+ $exempt_ip = substr($exempt_ip,2);
+ foreach ($ifaces as $iface) {
+ $rules .= "no rdr on $iface proto tcp from { $exempt_ip } to any port 80\n";
+ }
+ }
foreach ($ifaces as $iface) {
- $rules .= "no rdr on $iface proto tcp from { $exempt_ip } to any port 80\n";
- }
- }
- foreach ($ifaces as $iface) {
- $rules .= "rdr on $iface proto tcp from any to !($iface) port 80 -> 127.0.0.1 port 80\n";
- }
- /* Handle PPPOE case */
- if($config['pppoe']['mode'] == "off") {
- $rules .= "rdr on \$pppoe proto tcp from any to !(\$pppoe) port 80 -> 127.0.0.1 port 80\n";
- }
- /* Handle PPTP case */
-// if($config['pptpd']['mode'] != "off") {
-// <mode> is not present in config.xml after disabling "redir"
- if($config['pptpd']['mode'] == "server") {
- $rules .= "rdr on \$pptp proto tcp from any to !(\$pptp) port 80 -> 127.0.0.1 port 80\n";
- }
- $rules .= "\n";
- break;
- case 'filter':
- foreach ($ifaces as $iface){
- $rules .= "# Setup squid pass rules for proxy\n";
- $rules .= "pass in quick on $iface proto tcp from any to !($iface) port 80 flags S/SA keep state\n";
- $rules .= "pass in quick on $iface proto tcp from any to !($iface) port $port flags S/SA keep state\n";
+ $rules .= "rdr on $iface proto tcp from any to !($iface) port 80 -> 127.0.0.1 port 80\n";
+ }
+ /* Handle PPPOE case */
+ if($config['pppoe']['mode'] == "server" && $config['pppoe']['localip']) {
+ $rules .= "rdr on $PPPOE_ALIAS proto tcp from any to !127.0.0.1 port 80 -> 127.0.0.1 port 80\n";
+ }
+ /* Handle PPTP case */
+ if($config['pptpd']['mode'] == "server" && $config['pptpd']['localip']) {
+ $rules .= "rdr on $PPTP_ALIAS proto tcp from any to !127.0.0.1 port 80 -> 127.0.0.1 port 80\n";
+ }
$rules .= "\n";
- };
- if($config['pppoe']['mode'] == "off") {
- $rules .= "pass in quick on \$pppoe proto tcp from any to !(\$pppoe) port $port flags S/SA keep state\n";
- }
-// if($config['pptpd']['mode'] != "off") {
-// <mode> is not present in config.xml after disabling "redir"
- if($config['pptpd']['mode'] == "server") {
- $rules .= "pass in quick on \$pptp proto tcp from any to !(\$pptp) port $port flags S/SA keep state\n";
- }
- break;
- default:
- break;
+ break;
+ case 'filter':
+ foreach ($ifaces as $iface) {
+ $rules .= "# Setup squid pass rules for proxy\n";
+ $rules .= "pass in quick on $iface proto tcp from any to !($iface) port 80 flags S/SA keep state\n";
+ $rules .= "pass in quick on $iface proto tcp from any to !($iface) port $port flags S/SA keep state\n";
+ $rules .= "\n";
+ };
+ if($config['pppoe']['mode'] == "server" && $config['pppoe']['localip']) {
+ $rules .= "pass in quick on $PPPOE_ALIAS proto tcp from any to !127.0.0.1 port $port flags S/SA keep state\n";
+ }
+ if($config['pptpd']['mode'] == "server" && $config['pptpd']['localip']) {
+ $rules .= "pass in quick on $PPTP_ALIAS proto tcp from any to !127.0.0.1 port $port flags S/SA keep state\n";
+ }
+ break;
+ default:
+ break;
}
return $rules;
}
-?>
+
+?> \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-20 19:03:38 +0000