1 files changed, 104 insertions, 60 deletions
diff --git a/config/squid3/34/squid_nac.xml b/config/squid3/34/squid_nac.xml
index 70fe162f..fb7accc3 100755
--- a/config/squid3/34/squid_nac.xml
+++ b/config/squid3/34/squid_nac.xml
@@ -2,57 +2,52 @@
 <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
 <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
 <packagegui>
-        <copyright>
-        <![CDATA[
+	<copyright>
+<![CDATA[
 /* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
 /*
-    authng.xml
-    part of pfSense (http://www.pfSense.com)
-    Copyright (C) 2007 to whom it may belong
-    Copyright (C) 2012-2014 Marcello Coutinho
-    All rights reserved.
-
-    Based on m0n0wall (http://m0n0.ch/wall)
-    Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-    All rights reserved.
-                                                                              */
-/* ========================================================================== */
+	squid_nac.xml
+	part of pfSense (https://www.pfSense.org/)
+	Copyright (C) 2012-2014 Marcello Coutinho
+	Copyright (C) 2015 ESF, LLC
+	All rights reserved.
+*/
+/* ====================================================================================== */
 /*
-    Redistribution and use in source and binary forms, with or without
-    modification, are permitted provided that the following conditions are met:
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
 
-     1. Redistributions of source code MUST retain the above copyright notice,
-        this list of conditions and the following disclaimer.
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
 
-     2. Redistributions in binary form must reproduce the above copyright
-        notice, this list of conditions and the following disclaimer in the
-        documentation and/or other materials provided with the distribution.
 
-    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-    POSSIBILITY OF SUCH DAMAGE.
-                                                                              */
-/* ========================================================================== */
-        ]]>
-        </copyright>
-    <description>Describe your package here</description>
-    <requirements>Describe your package requirements here</requirements>
-    <faq>Currently there are no FAQ items provided.</faq>
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+	]]>
+	</copyright>
 	<name>squidnac</name>
-	<version>none</version>
-	<title>Proxy server: Access control</title>
+	<version>0.3.5</version>
+	<title>Proxy Server: Access Control</title>
 	<include_file>/usr/local/pkg/squid.inc</include_file>
 	<tabs>
-	<tab>
-		<text>General</text>
+		<tab>
+			<text>General</text>
 			<url>/pkg_edit.php?xml=squid.xml&amp;id=0</url>
 		</tab>
 		<tab>
@@ -85,7 +80,7 @@
 			<url>/pkg.php?xml=squid_users.xml</url>
 		</tab>
 		<tab>
-			<text>Real time</text>
+			<text>Real Time</text>
 			<url>/squid_monitor.php</url>
 		</tab>
 		<tab>
@@ -99,9 +94,15 @@
 			<type>listtopic</type>
 		</field>
 		<field>
-			<fielddescr>Allowed subnets</fielddescr>
+			<fielddescr>Allowed Subnets</fielddescr>
 			<fieldname>allowed_subnets</fieldname>
-			<description>Enter each subnet on a new line that is allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.</description>
+			<description>
+				<![CDATA[
+				Enter each subnet on a new line that is allowed to use the proxy.<br/>
+				The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24).<br/><br/>
+				Note: The proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.
+				]]>
+			</description>
 			<type>textarea</type>
 			<cols>50</cols>
 			<rows>5</rows>
@@ -110,25 +111,42 @@
 		<field>
 			<fielddescr>Unrestricted IPs</fielddescr>
 			<fieldname>unrestricted_hosts</fieldname>
-			<description>Enter unrestricted IP address / network(in CIDR format) on a new line that is not to be filtered out by the other access control directives set in this page.</description>
+			<description>
+				<![CDATA[
+				Enter unrestricted IP address(es) / network(s) in CIDR format.<br/>
+				Configured entries will NOT be filtered out by the other access control directives set in this page.<br/>
+				<strong>Note: Put each entry on a separate line.</strong>
+				]]>
+			</description>
 			<type>textarea</type>
 			<cols>50</cols>
 			<rows>5</rows>
 			<encoding>base64</encoding>
 		</field>
 		<field>
-			<fielddescr>Banned host addresses</fielddescr>
+			<fielddescr>Banned Hosts Addresses</fielddescr>
 			<fieldname>banned_hosts</fieldname>
-			<description>Enter each IP address / network(in CIDR format) on a new line that is not to be allowed to use the proxy.</description>
+			<description>
+				<![CDATA[
+				Enter IP address(es) / network(s) in CIDR format.<br/>
+				Configured entries will NOT be allowed to use the proxy.<br/>
+				<strong>Note: Put each entry on a separate line.</strong>
+				]]>
+			</description>
 			<type>textarea</type>
 			<cols>50</cols>
 			<rows>5</rows>
 			<encoding>base64</encoding>
-		</field>	
+		</field>
 		<field>
 			<fielddescr>Whitelist</fielddescr>
 			<fieldname>whitelist</fieldname>
-			<description>Enter each destination domain on a new line that will be accessable to the users that are allowed to use the proxy. You also can use regular expressions.</description>
+			<description>
+				<![CDATA[
+				Destination domains that will be accessible to the users that are allowed to use the proxy.<br/>
+				<strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions.
+				]]>
+			</description>
 			<type>textarea</type>
 			<cols>50</cols>
 			<rows>5</rows>
@@ -137,46 +155,72 @@
 		<field>
 			<fielddescr>Blacklist</fielddescr>
 			<fieldname>blacklist</fieldname>
-			<description>Enter each destination domain on a new line that will be blocked to the users that are allowed to use the proxy. You also can use regular expressions.</description>
+			<description>
+				<![CDATA[
+				Destination domains that will be blocked for the users that are allowed to use the proxy.<br/>
+				<strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions.
+				]]>
+			</description>
 			<type>textarea</type>
 			<cols>50</cols>
 			<rows>5</rows>
 			<encoding>base64</encoding>
 		</field>
 		<field>
-			<fielddescr>Block user agents</fielddescr>
+			<fielddescr>Block User Agents</fielddescr>
 			<fieldname>block_user_agent</fieldname>
-			<description>Enter each user agent on a new line that will be blocked to the users that are allowed to use the proxy. You also can use regular expressions.</description>
+			<description>
+				<![CDATA[
+				Enter user agents that will be blocked for the users that are allowed to use the proxy.
+				<strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions.
+				]]>
+			</description>
 			<type>textarea</type>
 			<cols>50</cols>
 			<rows>5</rows>
 			<encoding>base64</encoding>
 		</field>
 		<field>
-			<fielddescr>Block MIME types (reply only)</fielddescr>
+			<fielddescr>Block MIME Types (Reply Only)</fielddescr>
 			<fieldname>block_reply_mime_type</fieldname>
-			<description>Enter each MIME type on a new line that will be blocked to the users that are allowed to use the proxy. You also can use regular expressions. Useful to block javascript (application/x-javascript).</description>
+			<description>
+				<![CDATA[
+				Enter <a href="http://www.iana.org/assignments/media-types/media-types.xhtml">MIME types</a> that will be blocked for the
+				users that are allowed to use the proxy. Useful to block javascript (application/javascript).<br/>
+				<strong>Note: Put each entry on a separate line.</strong> You also can use regular expressions.
+				]]>
+			</description>
 			<type>textarea</type>
 			<cols>50</cols>
 			<rows>5</rows>
 			<encoding>base64</encoding>
 		</field>
 		<field>
-			<name>Squid Allowed ports</name>
+			<name>Squid Allowed Ports</name>
 			<type>listtopic</type>
 		</field>
 		<field>
-			<fielddescr>acl safeports</fielddescr>
+			<fielddescr>ACL SafePorts</fielddescr>
 			<fieldname>addtl_ports</fieldname>
-			<description>This is a space-separated list of "safe ports" in addition to the already defined list: 21 70 80 210 280 443 488 563 591 631 777 901 1025-65535</description>
+			<description>
+				<![CDATA[
+				This is a space-separated list of "safe ports" <strong>in addition</strong> to the predefined default list.<br/>
+				Default list: 21 70 80 210 280 443 488 563 591 631 777 901 1025-65535
+				]]>
+			</description>
 			<type>input</type>
 			<size>60</size>
 			<default_value></default_value>
 		</field>
 		<field>
-			<fielddescr>acl sslports</fielddescr>
+			<fielddescr>ACL SSLPorts</fielddescr>
 			<fieldname>addtl_sslports</fieldname>
-			<description>This is a space-separated list of ports to allow SSL "CONNECT" in addition to the already defined list: 443 563</description>
+			<description>
+				<![CDATA[
+				This is a space-separated list of ports to allow SSL "CONNECT" to <strong>in addition</strong> to the predefined default list.<br/>
+				Default list: 443 563
+				]]>
+			</description>
 			<type>input</type>
 			<size>60</size>
 			<default_value></default_value>