diff options
Diffstat (limited to 'config')
-rwxr-xr-x | config/squid3/34/squid_reverse_general.xml | 227 |
1 files changed, 142 insertions, 85 deletions
diff --git a/config/squid3/34/squid_reverse_general.xml b/config/squid3/34/squid_reverse_general.xml index 3317ae18..0338a817 100755 --- a/config/squid3/34/squid_reverse_general.xml +++ b/config/squid3/34/squid_reverse_general.xml @@ -2,56 +2,52 @@ <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - squid_reverse_general.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2012-2014 Marcello Coutinho - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + squid_reverse_general.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012-2014 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>squidreversegeneral</name> - <version>none</version> - <title>Reverse Proxy server: General</title> + <version>0.3.5</version> + <title>Reverse Proxy Server: General</title> <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> - <tab> - <text>General</text> + <tab> + <text>General</text> <url>/pkg_edit.php?xml=squid_reverse_general.xml&id=0</url> <active/> </tab> @@ -68,7 +64,7 @@ <url>/pkg.php?xml=squid_reverse_redir.xml</url> </tab> <tab> - <text>Real time</text> + <text>Real Time</text> <url>/squid_monitor.php?menu=reverse</url> </tab> <tab> @@ -78,37 +74,47 @@ </tabs> <fields> <field> - <name>Squid Reverse proxy General Settings</name> + <name>Squid Reverse Proxy General Settings</name> <type>listtopic</type> </field> <field> - <fielddescr>Reverse Proxy interface</fielddescr> + <fielddescr>Reverse Proxy Interface</fielddescr> <fieldname>reverse_interface</fieldname> - <description>The interface(s) the reverse-proxy server will bind to.</description> + <description> + <![CDATA[ + The interface(s) the reverse-proxy server will bind to.<br/> + Use CTRL + click to select multiple interfaces. + ]]> + </description> <type>interfaces_selection</type> <required/> <default_value>wan</default_value> <multiple/> </field> <field> - <fielddescr>User-defined reverse-proxy IPs</fielddescr> + <fielddescr>User Defined Reverse Proxy IPs</fielddescr> <fieldname>reverse_ip</fieldname> - <description>Squid will additionally bind to this user-defined IPs for reverse-proxy operation. Useful for virtual IPs such as CARP. Separate by semi-colons (;).</description> + <description> + <![CDATA[ + Squid will additionally bind to these user-defined IPs for reverse proxy operation. Useful for virtual IPs such as CARP.<br/> + <strong>Note: Separate entries by semi-colons (;)</strong> + ]]> + </description> <type>input</type> <size>70</size> </field> <field> - <fielddescr>external FQDN</fielddescr> + <fielddescr>External FQDN</fielddescr> <fieldname>reverse_external_fqdn</fieldname> - <description>The external full-qualified-domain-name of the WAN address.</description> + <description>The external fully qualified domain name of the WAN IP address.</description> <type>input</type> <required/> <size>70</size> </field> <field> - <fielddescr>Reset TCP connections if request is unauthorized</fielddescr> + <fielddescr>Reset TCP Connections on Unauthorized Requests</fielddescr> <fieldname>deny_info_tcp_reset</fieldname> - <description>If this field is checked, the reverse-proxy will reset the TCP connection if the request is unauthorized.</description> + <description>If checked, the reverse proxy will reset the TCP connection if the request is unauthorized.</description> <type>checkbox</type> <default_value>on</default_value> </field> @@ -117,26 +123,41 @@ <type>listtopic</type> </field> <field> - <fielddescr>Enable HTTP reverse mode</fielddescr> + <fielddescr>Enable HTTP Reverse Mode</fielddescr> <fieldname>reverse_http</fieldname> - <description>If this field is checked, the proxy-server will act in HTTP reverse mode. <br>(You have to add a rule with destination "WAN-address")</description> + <description> + <![CDATA[ + If checked, the proxy server will act in HTTP reverse mode.<br/> + <strong>Note: You must add a proper firewall rule with destination 'WAN Address'.</strong> + ]]> + </description> <type>checkbox</type> <enablefields>reverse_http_port,reverse_http_defsite</enablefields> <required/> <default_value>off</default_value> </field> <field> - <fielddescr>reverse HTTP port</fielddescr> + <fielddescr>Reverse HTTP Port</fielddescr> <fieldname>reverse_http_port</fieldname> - <description>This is the port the HTTP reverse-proxy will listen on. (leave empty to use 80)</description> + <description> + <![CDATA[ + This is the port the HTTP reverse proxy will listen on. Default value will be used if left empty.<br/> + Default: 80 + ]]> + </description> <type>input</type> <size>5</size> <default_value>80</default_value> </field> <field> - <fielddescr>reverse HTTP default site</fielddescr> + <fielddescr>Reverse HTTP Default Site</fielddescr> <fieldname>reverse_http_defsite</fieldname> - <description>This is the HTTP reverse default site. (leave empty to use the external fqdn)</description> + <description> + <![CDATA[ + This is the HTTP reverse proxy default site.<br/> + Note: Leave empty to use 'External FQDN' value specified above. + ]]> + </description> <type>input</type> <size>60</size> </field> @@ -145,103 +166,139 @@ <type>listtopic</type> </field> <field> - <fielddescr>Enable HTTPS reverse proxy</fielddescr> + <fielddescr>Enable HTTPS Reverse Proxy</fielddescr> <fieldname>reverse_https</fieldname> - <description>If this field is checked, the proxy-server will act in HTTPS reverse mode. <br>(You have to add a rule with destination "WAN-address")</description> + <description> + <![CDATA[ + If checked, the proxy server will act in HTTPS reverse mode.<br/> + <strong>Note: You must add a proper firewall rule with destination 'WAN Address'.</strong> + ]]> + </description> <type>checkbox</type> <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields> <required/> <default_value>off</default_value> </field> <field> - <fielddescr>reverse HTTPS port</fielddescr> + <fielddescr>Reverse HTTPS Port</fielddescr> <fieldname>reverse_https_port</fieldname> - <description>This is the port the HTTPS reverse-proxy will listen on. (leave empty to use 443)</description> + <description> + <![CDATA[ + This is the port the HTTPS reverse proxy will listen on. Default value will be used if left empty.<br/> + Default: 443 + ]]> + </description> <type>input</type> <size>5</size> <default_value>443</default_value> </field> <field> - <fielddescr>reverse HTTPS default site</fielddescr> + <fielddescr>Reverse HTTPS Default Site</fielddescr> <fieldname>reverse_https_defsite</fieldname> - <description>This is the HTTPS reverse default site. (leave empty to use the external fqdn)</description> + <description> + <![CDATA[ + This is the HTTPS reverse proxy default site.<br/> + Note: Leave empty to use 'External FQDN' value specified above. + ]]> + </description> <type>input</type> <size>60</size> </field> <field> - <fielddescr>reverse SSL certificate</fielddescr> + <fielddescr>Reverse SSL Certificate</fielddescr> <fieldname>reverse_ssl_cert</fieldname> <description>Choose the SSL Server Certificate here.</description> - <type>select_source</type> - <source><![CDATA[$config['cert']]]></source> + <type>select_source</type> + <source>$config['cert']</source> <source_name>descr</source_name> <source_value>refid</source_value> </field> <field> - <fielddescr>intermediate CA certificate (if needed)</fielddescr> + <fielddescr>Intermediate CA Certificate (If Needed)</fielddescr> <fieldname>reverse_int_ca</fieldname> - <description>Paste a signed certificate in X.509 PEM format here.</description> + <description> + <![CDATA[ + Paste a signed certificate in X.509 <strong>PEM format</strong> here. + ]]> + </description> <type>textarea</type> - <cols>50</cols> + <cols>75</cols> <rows>5</rows> <encoding>base64</encoding> </field> <field> - <fielddescr>Ignore internal Certificate validation</fielddescr> + <fielddescr>Ignore Internal Certificate Validation</fielddescr> <fieldname>reverse_ignore_ssl_valid</fieldname> - <description>If this field is checked, internal certificate validation will be ignored.</description> - <type>checkbox</type> + <description>If checked, internal certificate validation will be ignored.</description> + <type>checkbox</type> <default_value>on</default_value> </field> <field> - <name>OWA Reverse proxy General Settings</name> + <name>OWA Reverse Proxy General Settings</name> <type>listtopic</type> </field> <field> - <fielddescr>Enable OWA reverse proxy</fielddescr> + <fielddescr>Enable OWA Reverse Proxy</fielddescr> <fieldname>reverse_owa</fieldname> - <description>If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.</description> + <description>If checked, Squid will act as an accelerator/SSL offloader for Outlook Web App.</description> <type>checkbox</type> <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields> </field> <field> - <fielddescr>CAS-Array / OWA frontend IP address</fielddescr> + <fielddescr>CAS-Array / OWA Frontend IP Address</fielddescr> <fieldname>reverse_owa_ip</fieldname> - <description>These are the internal IPs of the CAS-Array (OWA frontend servers). Separate by semi-colons (;). </description> + <description> + <![CDATA[ + These are the internal IPs of the CAS-Array (OWA frontend servers).<br/> + <strong>Note: Separate entries by semi-colons (;)</strong> + ]]> + </description> <type>input</type> <size>70</size> </field> <field> <fielddescr>Enable ActiveSync</fielddescr> <fieldname>reverse_owa_activesync</fieldname> - <description>If this field is checked, ActiveSync will be enabled.</description> + <description>If checked, ActiveSync will be enabled.</description> <type>checkbox</type> </field> <field> <fielddescr>Enable Outlook Anywhere</fielddescr> <fieldname>reverse_owa_rpchttp</fieldname> - <description>If this field is checked, RPC over HTTP will be enabled.</description> + <description>If checked, RPC over HTTP will be enabled.</description> <type>checkbox</type> </field> <field> <fielddescr>Enable MAPI HTTP</fielddescr> <fieldname>reverse_owa_mapihttp</fieldname> - <description><![CDATA[If this field is checked, MAPI over HTTP will be enabled.<br> - <strong>This feature is only available with at least Exchange 2013 SP1</strong>]]></description> + <description> + <![CDATA[ + If checked, MAPI over HTTP will be enabled.<br/> + <strong>This feature is only available with at least Microsoft Exchange 2013 SP1</strong> + ]]> + </description> <type>checkbox</type> </field> <field> <fielddescr>Enable Exchange WebServices</fielddescr> <fieldname>reverse_owa_webservice</fieldname> - <description><![CDATA[If this field is checked, Exchange WebServices will be enabled.<br> - <strong>There are potential DoS side effects to its use, please avoid unless you must.</strong>]]></description> + <description> + <![CDATA[ + If checked, Exchange WebServices will be enabled.<br/> + <strong>There are potential DoS side effects to its use. Please avoid unless really required.</strong> + ]]> + </description> <type>checkbox</type> </field> <field> <fielddescr>Enable AutoDiscover</fielddescr> <fieldname>reverse_owa_autodiscover</fieldname> - <description><![CDATA[If this field is checked, AutoDiscover will be enabled.<br> - <strong>You also should set up the autodiscover DNS-record to point to you WAN-IP.</strong>]]></description> + <description> + <![CDATA[ + If checked, AutoDiscover will be enabled.<br/> + <strong>You also should set up the autodiscover DNS record to point to you WAN IP.</strong> + ]]> + </description> <type>checkbox</type> </field> </fields> |