diff options
Diffstat (limited to 'packages/squid')
| -rw-r--r-- | packages/squid/squid.xml | 152 | ||||
| -rw-r--r-- | packages/squid/squid_auth.xml | 68 | ||||
| -rw-r--r-- | packages/squid/squid_cache.xml | 30 | ||||
| -rw-r--r-- | packages/squid/squid_extauth.xml | 8 | ||||
| -rw-r--r-- | packages/squid/squid_nac.xml | 34 | ||||
| -rw-r--r-- | packages/squid/squid_ng.xml | 79 | ||||
| -rw-r--r-- | packages/squid/squid_traffic.xml | 40 | ||||
| -rw-r--r-- | packages/squid/squid_upstream.xml | 10 | ||||
| -rw-r--r-- | packages/squid/squid_users.xml | 18 |
9 files changed, 226 insertions, 213 deletions
diff --git a/packages/squid/squid.xml b/packages/squid/squid.xml index f17c4be2..0370aff2 100644 --- a/packages/squid/squid.xml +++ b/packages/squid/squid.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -46,7 +47,51 @@ <faq>Currently there are no FAQ items provided.</faq> <name>squid</name> <version>2.6.5_1-p15</version> + <title>Proxy server: General settings</title> <include_file>/usr/local/pkg/squid.inc</include_file> + <menu> + <name>Proxy server</name> + <tooltiptext>Modify the proxy server's settings</tooltiptext> + <section>Services</section> + <url>/pkg_edit.php?xml=squid.xml&id=0</url> + </menu> + <service> + <name>squid</name> + <rcfile>squid.sh</rcfile> + <executable>squid</executable> + <description>Proxy server Service</description> + </service> + <tabs> + <tab> + <text>General settings</text> + <url>/pkg_edit.php?xml=squid.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Upstream proxy</text> + <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + </tab> + <tab> + <text>Cache management</text> + <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> + </tab> + <tab> + <text>Access control</text> + <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> + </tab> + <tab> + <text>Traffic management</text> + <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> + </tab> + <tab> + <text>Auth settings</text> + <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> + </tab> + <tab> + <text>Local users</text> + <url>/pkg.php?xml=squid_users.xml</url> + </tab> + </tabs> <!-- Installation --> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> @@ -89,139 +134,94 @@ <item>http://www.pfsense.org/packages/config/squid/squid_users.xml</item> </additional_files_needed> <additional_files_needed> - <item>http://www.pfsense.org/packages/config/squid/proxy_monitor.sh</item> <prefix>/usr/local/etc/rc.d/</prefix> <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid/proxy_monitor.sh</item> </additional_files_needed> <additional_files_needed> - <item>http://www.pfsense.org/packages/config/squid/squid_cache.xml</item> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid/squid_cache.xml</item> </additional_files_needed> - <menu> - <name>Proxy server</name> - <tooltiptext>Modify the proxy server's settings</tooltiptext> - <section>Services</section> - <url>/pkg_edit.php?xml=squid.xml&id=0</url> - </menu> - <service> - <name>squid</name> - <description>Proxy server Service</description> - <rcfile>squid.sh</rcfile> - <executable>squid</executable> - </service> - <!-- Interface --> - <title>Proxy server: General settings</title> - <tabs> - <tab> - <text>General settings</text> - <url>/pkg_edit.php?xml=squid.xml&id=0</url> - <active/> - </tab> - <tab> - <text>Upstream proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> - </tab> - <tab> - <text>Cache management</text> - <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> - </tab> - <tab> - <text>Access control</text> - <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> - </tab> - <tab> - <text>Traffic management</text> - <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> - </tab> - <tab> - <text>Auth settings</text> - <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> - </tab> - <tab> - <text>Local users</text> - <url>/pkg.php?xml=squid_users.xml</url> - </tab> - </tabs> <fields> <field> - <fieldname>active_interface</fieldname> <fielddescr>Proxy interface</fielddescr> + <fieldname>active_interface</fieldname> <description>The interface(s) the proxy server will bind to.</description> - <default_value>lan</default_value> - <required/> <type>interfaces_selection</type> + <required/> + <default_value>lan</default_value> <multiple/> </field> <field> - <fieldname>allow_interface</fieldname> <fielddescr>Allow users on interface</fielddescr> + <fieldname>allow_interface</fieldname> <description>If this field is checked, the users connected to the interface selected in the 'Proxy interface' field will be allowed to use the proxy, i.e., there will be no need to add the interface's subnet to the list of allowed subnets. This is just a shortcut.</description> - <default_value>on</default_value> - <required/> <type>checkbox</type> + <required/> + <default_value>on</default_value> </field> <field> - <fieldname>transparent_proxy</fieldname> <fielddescr>Transparent proxy</fielddescr> + <fieldname>transparent_proxy</fieldname> <description>If transparent mode is enabled, all requests for destination port 80 will be forwarded to the proxy server without any additional configuration necessary.</description> - <required/> <type>checkbox</type> + <required/> </field> <field> - <fieldname>log_enabled</fieldname> <fielddescr>Enabled logging</fielddescr> + <fieldname>log_enabled</fieldname> <description>This will enable the access log. Don't switch this on if you don't have much disk space left.</description> - <enablefields>log_query_terms,log_user_agents</enablefields> <type>checkbox</type> + <enablefields>log_query_terms,log_user_agents</enablefields> </field> <field> - <fieldname>log_dir</fieldname> <fielddescr>Log store directory</fielddescr> + <fieldname>log_dir</fieldname> <description>The directory where the log will be stored (note: do not end with a / mark)</description> - <required/> <type>input</type> <size>60</size> + <required/> <default_value>/var/squid/log</default_value> </field> <field> - <fieldname>proxy_port</fieldname> <fielddescr>Proxy port</fielddescr> + <fieldname>proxy_port</fieldname> <description>This is the port the proxy server will listen on.</description> - <required/> <type>input</type> <size>5</size> + <required/> <default_value>3128</default_value> </field> <field> - <fieldname>icp_port</fieldname> <fielddescr>ICP port</fielddescr> + <fieldname>icp_port</fieldname> <description>This is the port the Proxy Server will send and receive ICP queries to and from neighbor caches. Leave this blank if you don't want the proxy server to communicate with neighbor caches through ICP.</description> <type>input</type> <size>5</size> </field> <field> - <fieldname>visible_hostname</fieldname> <fielddescr>Visible hostname</fielddescr> + <fieldname>visible_hostname</fieldname> <description>This is the URL to be displayed in proxy server error messages.</description> - <default_value>localhost</default_value> <type>input</type> <size>60</size> + <default_value>localhost</default_value> </field> <field> - <fieldname>admin_email</fieldname> <fielddescr>Administrator email</fielddescr> + <fieldname>admin_email</fieldname> <description>This is the email address displayed in error messages to the users.</description> - <default_value>admin@localhost</default_value> <type>input</type> <size>60</size> + <default_value>admin@localhost</default_value> </field> <field> <fielddescr>Language</fielddescr> <fieldname>error_language</fieldname> <description>Select the language in which the proxy server will display error messages to users.</description> - <default_value>English</default_value> <type>select</type> + <default_value>English</default_value> </field> <field> <fielddescr>Disable X-Forward</fielddescr> @@ -240,37 +240,37 @@ <fieldname>uri_whitespace</fieldname> <description><b> strip:</b> The whitespace characters are stripped out of the URL. This is the behavior recommended by RFC2396. <p> <b> deny:</b> The request is denied. The user receives an "Invalid Request" message.<p> <b> allow:</b> The request is allowed and the URI is not changed. The whitespace characters remain in the URI.<p> <b> encode:</b> The request is allowed and the whitespace characters are encoded according to RFC1738.<p> <b> chop:</b> The request is allowed and the URI is chopped at the first whitespace.</description> <type>select</type> + <default_value>strip</default_value> <options> <option> - <value>strip</value> <name>strip</name> + <value>strip</value> </option> <option> - <value>deny</value> <name>deny</name> + <value>deny</value> </option> <option> - <value>allow</value> <name>allow</name> + <value>allow</value> </option> <option> - <value>encode</value> <name>encode</name> + <value>encode</value> </option> <option> - <value>chop</value> <name>chop</name> + <value>chop</value> </option> </options> - <default_value>strip</default_value> </field> </fields> - <custom_add_php_command> - squid_resync(); - </custom_add_php_command> <custom_php_command_before_form> squid_before_form_general(&$pkg); </custom_php_command_before_form> + <custom_add_php_command> + squid_resync(); + </custom_add_php_command> <custom_php_validation_command> squid_validate_general($_POST, &$input_errors); </custom_php_validation_command> diff --git a/packages/squid/squid_auth.xml b/packages/squid/squid_auth.xml index d763bb72..b3e7c5c1 100644 --- a/packages/squid/squid_auth.xml +++ b/packages/squid/squid_auth.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -44,9 +45,10 @@ <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> - <include_file>squid.inc</include_file> <name>squidauth</name> + <version>none</version> <title>Proxy server: Authentication</title> + <include_file>squid.inc</include_file> <tabs> <tab> <text>General settings</text> @@ -83,9 +85,9 @@ <fielddescr>Authentication method</fielddescr> <fieldname>auth_method</fieldname> <description>Select an authentication method. This will allow users to be authenticated by local or external services.</description> - <default_value>none</default_value> - <required/> <type>select</type> + <required/> + <default_value>none</default_value> <options> <option><name>None</name><value>none</value></option> <option><name>Local</name><value>local</value></option> @@ -96,128 +98,128 @@ <onchange>on_auth_method_changed()</onchange> </field> <field> - <fieldname>ldap_version</fieldname> <fielddescr>LDAP version</fielddescr> + <fieldname>ldap_version</fieldname> <description>Enter LDAP protocol version (2 or 3).</description> - <default_value>2</default_value> <type>select</type> + <default_value>2</default_value> <options> <option><name>2</name><value>2</value></option> <option><name>3</name><value>3</value></option> </options> </field> <field> - <fieldname>auth_server</fieldname> <fielddescr>Authentication server</fielddescr> + <fieldname>auth_server</fieldname> <description>Enter here the IP or hostname of the server that will perform the authentication.</description> <type>input</type> <size>60</size> </field> <field> - <fieldname>auth_server_port</fieldname> <fielddescr>Authentication server port</fielddescr> + <fieldname>auth_server_port</fieldname> <description>Enter here the port to use to connect to the authentication server. Leave this field blank to use the authentication method's default port.</description> <type>input</type> <size>60</size> </field> <field> - <fieldname>ldap_user</fieldname> <fielddescr>LDAP server user DN</fielddescr> + <fieldname>ldap_user</fieldname> <description>Enter here the user DN to use to connect to the LDAP server.</description> <type>input</type> <size>60</size> </field> <field> - <fieldname>ldap_pass</fieldname> <fielddescr>LDAP password</fielddescr> + <fieldname>ldap_pass</fieldname> <description>Enter here the password to use to connect to the LDAP server.</description> <type>password</type> <size>60</size> </field> <field> - <fieldname>ldap_basedomain</fieldname> <fielddescr>LDAP base domain</fielddescr> + <fieldname>ldap_basedomain</fieldname> <description>For LDAP authentication, enter here the base domain in the LDAP server.</description> <type>input</type> <size>60</size> </field> <field> - <fieldname>ldap_filter</fieldname> <fielddescr>LDAP search filter</fielddescr> - <default_value>(&(objectClass=person)(uid=%s))</default_value> + <fieldname>ldap_filter</fieldname> <description>Enter LDAP search filter.</description> <type>input</type> <size>60</size> + <default_value>(&(objectClass=person)(uid=%s))</default_value> </field> <field> - <fieldname>radius_secret</fieldname> <fielddescr>RADIUS secret</fielddescr> + <fieldname>radius_secret</fieldname> <description>The RADIUS secret for RADIUS authentication.</description> <type>password</type> <size>60</size> </field> <field> - <fieldname>msnt_secondary</fieldname> <fielddescr>Secondary NT servers</fielddescr> + <fieldname>msnt_secondary</fieldname> <description>Comma-separated list of secondary servers to be used for NT domain authentication.</description> <type>input</type> <size>60</size> </field> <field> - <fieldname>auth_prompt</fieldname> <fielddescr>Authentication prompt</fielddescr> + <fieldname>auth_prompt</fieldname> <description>This string will be displayed at the top of the authentication request window.</description> - <default_value>Please enter your credentials to access the proxy</default_value> <type>input</type> + <default_value>Please enter your credentials to access the proxy</default_value> </field> <field> - <fieldname>auth_processes</fieldname> <fielddescr>Authentication processes</fielddescr> + <fieldname>auth_processes</fieldname> <description>The number of authenticator processes to spawn. If many authentications are expected within a short timeframe, increase this number accordingly.</description> - <default_value>5</default_value> <type>input</type> <size>60</size> + <default_value>5</default_value> </field> <field> - <fieldname>auth_ttl</fieldname> <fielddescr>Authentication TTL</fielddescr> + <fieldname>auth_ttl</fieldname> <description>This specifies for how long (in minutes) the proxy server assumes an externally validated username and password combination is valid (Time To Live). When the TTL expires, the user will be prompted for credentials again.</description> - <default_value>60</default_value> <type>input</type> <size>60</size> + <default_value>60</default_value> </field> <field> - <fieldname>unrestricted_auth</fieldname> <fielddescr>Requiere authentication for unrestricted hosts</fielddescr> + <fieldname>unrestricted_auth</fieldname> <description>If this option is enabled, even users tagged as unrestricted through access control are required to authenticate to use the proxy.</description> <type>checkbox</type> </field> <field> - <fieldname>no_auth_hosts</fieldname> <fielddescr>Subnets that don't need authentication</fielddescr> + <fieldname>no_auth_hosts</fieldname> <description>Enter each subnet or IP address on a new line (in CIDR format, e.g.: 10.5.0.0/16, 192.168.1.50/32) that should not be asked for authentication to access the proxy.</description> <type>textarea</type> - <encoding>base64</encoding> - <rows>5</rows> <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> </field> </fields> - <custom_php_after_head_command> - $transparent_proxy = ($config['installedpackages']['squid']['config'][0]['transparent_proxy'] == 'on'); - if($transparent_proxy) - $input_errors[] = "Authentication cannot be enabled while transparent proxy mode is enabled"; - squid_print_javascript_auth(); - </custom_php_after_head_command> <custom_php_validation_command> squid_validate_auth($_POST, &$input_errors); </custom_php_validation_command> - <custom_php_before_form_command> - squid_print_javascript_auth2(); - </custom_php_before_form_command> <custom_php_after_form_command> squid_print_javascript_auth2(); </custom_php_after_form_command> <custom_php_resync_config_command> squid_resync(); </custom_php_resync_config_command> + <custom_php_before_form_command> + squid_print_javascript_auth2(); + </custom_php_before_form_command> + <custom_php_after_head_command> + $transparent_proxy = ($config['installedpackages']['squid']['config'][0]['transparent_proxy'] == 'on'); + if($transparent_proxy) + $input_errors[] = "Authentication cannot be enabled while transparent proxy mode is enabled"; + squid_print_javascript_auth(); + </custom_php_after_head_command> </packagegui> diff --git a/packages/squid/squid_cache.xml b/packages/squid/squid_cache.xml index f70918a9..861f96b8 100644 --- a/packages/squid/squid_cache.xml +++ b/packages/squid/squid_cache.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -44,9 +45,10 @@ <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> - <include_file>squid.inc</include_file> <name>squidcache</name> + <version>none</version> <title>Proxy server: Cache management</title> + <include_file>squid.inc</include_file> <tabs> <tab> <text>General settings</text> @@ -83,49 +85,49 @@ <fielddescr>Hard disk cache size</fielddescr> <fieldname>harddisk_cache_size</fieldname> <description>This is the amount of disk space (in megabytes) to use for cached objects.</description> + <type>input</type> <required/> <default_value>100</default_value> - <type>input</type> </field> <field> <fielddescr>Hard disk cache location</fielddescr> <fieldname>harddisk_cache_location</fieldname> <description>This is the directory where the cache will be stored. (note: do not end with a /). If you change this location, squid needs to make a new cache, this could take a while</description> + <type>input</type> + <size>60</size> <required/> <default_value>/var/squid/cache</default_value> - <size>60</size> - <type>input</type> </field> <field> <fielddescr>Memory cache size</fielddescr> <fieldname>memory_cache_size</fieldname> <description>This is the amount of physical RAM (in megabytes) to be used for negative cache and in-transit objects. This value should not exceed more than 50% of the installed RAM. The minimum value is 1MB.</description> + <type>input</type> <required/> <default_value>8</default_value> - <type>input</type> </field> <field> <fielddescr>Minimum object size</fielddescr> <fieldname>minimum_object_size</fieldname> <description>Objects smaller than the size specified (in kilobytes) will not be saved on disk. The default value is 0, meaning there is no minimum.</description> - <required/> - <default_value>0</default_value> <type>input</type> + <required /> + <default_value>0</default_value> </field> <field> <fielddescr>Maximum object size</fielddescr> <fieldname>maximum_object_size</fieldname> <description>Objects larger than the size specified (in kilobytes) will not be saved on disk. If you wish to increase speed more than you want to save bandwidth, this should be set to a low value.</description> + <type>input</type> <required/> <default_value>4</default_value> - <type>input</type> </field> <field> <fielddescr>Level 1 subdirectories</fielddescr> <fieldname>level1_subdirs</fieldname> <description>Each level-1 directory contains 256 subdirectories, so a value of 256 level-1 directories will use a total of 65536 directories for the hard disk cache. This will significantly slow down the startup process of the proxy service, but can speed up the caching under certain conditions.</description> - <default_value>16</default_value> <type>select</type> + <default_value>16</default_value> <options> <option><name>4</name><value>4</value></option> <option><name>8</name><value>8</value></option> @@ -140,8 +142,8 @@ <fielddescr>Memory replacement policy</fielddescr> <fieldname>memory_replacement</fieldname> <description>The memory replacement policy determines which objects are purged from memory when space is needed. The default policy for memory replacement is GDSF. <p> <b> LRU: Last Recently Used Policy </b> - The LRU policies keep recently referenced objects. i.e., it replaces the object that has not been accessed for the longest time. <p> <b> Heap GDSF: Greedy-Dual Size Frequency </b> - The Heap GDSF policy optimizes object-hit rate by keeping smaller, popular objects in cache. It achieves a lower byte hit rate than LFUDA though, since it evicts larger (possibly popular) objects. <p> <b> Heap LFUDA: Least Frequently Used with Dynamic Aging </b> - The Heap LFUDA policy keeps popular objects in cache regardless of their size and thus optimizes byte hit rate at the expense of hit rate since one large, popular object will prevent many smaller, slightly less popular objects from being cached. <p> <b> Heap LRU: Last Recently Used </b> - Works like LRU, but uses a heap instead. <p> Note: If using the LFUDA replacement policy, the value of Maximum Object Size should be increased above its default of 12KB to maximize the potential byte hit rate improvement of LFUDA.</description> - <default_value>heap GDSF</default_value> <type>select</type> + <default_value>heap GDSF</default_value> <options> <option><name>LRU</name><value>lru</value></option> <option><name>Heap LFUDA</name><value>heap LFUDA</value></option> @@ -153,8 +155,8 @@ <fielddescr>Cache replacement policy</fielddescr> <fieldname>cache_replacement</fieldname> <description>The cache replacement policy decides which objects will remain in cache and which objects are replaced to create space for the new objects. The default policy for cache replacement is LFUDA. Please see the type descriptions specified in the memory replacement policy for additional detail.</description> - <default_value>heap LFUDA</default_value> <type>select</type> + <default_value>heap LFUDA</default_value> <options> <option><name>LRU</name><value>lru</value></option> <option><name>Heap LFUDA</name><value>heap LFUDA</value></option> @@ -167,16 +169,16 @@ <fieldname>donotcache</fieldname> <description>Enter each domain or IP address on a new line that should never be cached.</description> <type>textarea</type> - <encoding>base64</encoding> - <rows>5</rows> <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> </field> <field> <fielddescr>Enable offline mode</fielddescr> <fieldname>enable_offline</fieldname> <description>Enable this option and the proxy server will never try to validate cached objects. The offline mode gives access to more cached information than the proposed feature would allow (stale cached versions, where the origin server should have been contacted).</description> - <required/> <type>checkbox</type> + <required/> </field> </fields> <custom_php_command_before_form> diff --git a/packages/squid/squid_extauth.xml b/packages/squid/squid_extauth.xml index a465f81d..745e85d5 100644 --- a/packages/squid/squid_extauth.xml +++ b/packages/squid/squid_extauth.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -45,11 +46,9 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>squidextnoauth</name> + <version>none</version> <title>Services: Proxy Server -> Extended Authentication Settings</title> - <configpath>installedpackages->package->squidextnoauth->configuration->settings</configpath> - <aftersaveredirect>/pkg_edit.php?xml=squid_extauth.xml&id=0</aftersaveredirect> - <tabs> <tab> <text>General Settings</text> @@ -88,11 +87,12 @@ </tab> </tabs> - + <configpath>installedpackages->package->squidextnoauth->configuration->settings</configpath> <fields> <field> <fielddescr>No Authentication Defined</fielddescr> <fieldname>no_auth</fieldname> + <type>text</type> </field> </fields> diff --git a/packages/squid/squid_nac.xml b/packages/squid/squid_nac.xml index 4e68c062..435671a2 100644 --- a/packages/squid/squid_nac.xml +++ b/packages/squid/squid_nac.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -44,9 +45,10 @@ <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> - <include_file>squid.inc</include_file> <name>squidnac</name> + <version>none</version> <title>Proxy server: Access control</title> + <include_file>squid.inc</include_file> <tabs> <tab> <text>General settings</text> @@ -80,49 +82,49 @@ </tabs> <fields> <field> - <fieldname>allowed_subnets</fieldname> <fielddescr>Allowed subnets</fielddescr> + <fieldname>allowed_subnets</fieldname> <description>Enter each subnet on a new line that is allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.</description> <type>textarea</type> - <encoding>base64</encoding> - <rows>5</rows> <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> </field> <field> - <fieldname>unrestricted_hosts</fieldname> <fielddescr>Unrestricted IPs</fielddescr> + <fieldname>unrestricted_hosts</fieldname> <description>Enter each unrestricted IP address on a new line that is not to be filtered out by the other access control directives set in this page.</description> <type>textarea</type> - <encoding>base64</encoding> - <rows>5</rows> <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> </field> <field> - <fieldname>banned_hosts</fieldname> <fielddescr>Banned host addresses</fielddescr> + <fieldname>banned_hosts</fieldname> <description>Enter each IP address on a new line that is not to be allowed to use the proxy.</description> <type>textarea</type> - <encoding>base64</encoding> - <rows>5</rows> <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> </field> <field> - <fieldname>whitelist</fieldname> <fielddescr>Whitelist</fielddescr> + <fieldname>whitelist</fieldname> <description>Enter each destination domain on a new line that will be accessable to the users that are allowed to use the proxy.</description> <type>textarea</type> - <encoding>base64</encoding> - <rows>5</rows> <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> </field> <field> - <fieldname>blacklist</fieldname> <fielddescr>Blacklist</fielddescr> + <fieldname>blacklist</fieldname> <description>Enter each destination domain on a new line that will be blocked to the users that are allowed to use the proxy.</description> <type>textarea</type> - <encoding>base64</encoding> - <rows>5</rows> <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> </field> </fields> <custom_php_validation_command> diff --git a/packages/squid/squid_ng.xml b/packages/squid/squid_ng.xml index 4c9667af..5949606e 100644 --- a/packages/squid/squid_ng.xml +++ b/packages/squid/squid_ng.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -45,12 +46,11 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>squid</name> + <version>2.5.12_4</version> <title>Services: Proxy Server</title> <category>Security</category> - <version>2.5.12_4</version> - <include_file>/usr/local/pkg/squid_ng.inc</include_file> - <configpath>installedpackages->package->squidng->configuration->settings</configpath> <aftersaveredirect>/pkg_edit.php?xml=squid_ng.xml&id=0</aftersaveredirect> + <include_file>/usr/local/pkg/squid_ng.inc</include_file> <menu> <name>Squid</name> <tooltiptext>Modify settings for Proxy Server</tooltiptext> @@ -67,6 +67,38 @@ <name>squid</name> <rcfile>squid.sh</rcfile> </service> + <tabs> + <tab> + <text>General Settings</text> + <url>/pkg_edit.php?xml=squid.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Upstream Proxy</text> + <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + </tab> + <tab> + <text>Cache Mgmt</text> + <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> + </tab> + <tab> + <text>Network Access Control</text> + <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> + </tab> + <tab> + <text>Traffic Mgmt</text> + <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> + </tab> + <tab> + <text>Auth Settings</text> + <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> + </tab> + <tab> + <text>Extended Auth Settings</text> + <url>/pkg_edit.php?xml=squid_extauth.xml&id=0</url> + </tab> + </tabs> + <configpath>installedpackages->package->squidng->configuration->settings</configpath> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> @@ -107,37 +139,6 @@ <chmod>0755</chmod> <item>http://www.pfsense.com/packages/config/squid/squid_extauth.xml</item> </additional_files_needed> - <tabs> - <tab> - <text>General Settings</text> - <url>/pkg_edit.php?xml=squid.xml&id=0</url> - <active/> - </tab> - <tab> - <text>Upstream Proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> - </tab> - <tab> - <text>Cache Mgmt</text> - <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> - </tab> - <tab> - <text>Network Access Control</text> - <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> - </tab> - <tab> - <text>Traffic Mgmt</text> - <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> - </tab> - <tab> - <text>Auth Settings</text> - <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> - </tab> - <tab> - <text>Extended Auth Settings</text> - <url>/pkg_edit.php?xml=squid_extauth.xml&id=0</url> - </tab> - </tabs> <fields> <field> <fielddescr>Proxy Listening Interface</fielddescr> @@ -176,33 +177,33 @@ <type>checkbox</type> </field> <field> - <combinefieldsend>true</combinefieldsend> <fielddescr>Proxy Port</fielddescr> <fieldname>proxy_port</fieldname> <description>This is the port the Proxy Server will listen for client requests on. The default is 3128.</description> - <size>4</size> <type>input</type> + <size>4</size> + <combinefieldsend>true</combinefieldsend> </field> <field> <fielddescr>ICP Port</fielddescr> <fieldname>icp_port</fieldname> <description>This is the port the Proxy Server will send and receive ICP queries to and from neighbor caches. The default value is 0, which means this function is disabled.</description> - <size>4</size> <type>input</type> + <size>4</size> </field> <field> <fielddescr>Visible Hostname</fielddescr> <fieldname>visible_hostname</fieldname> <description>This URL is displayed on the Proxy Server error messages.</description> - <size>35</size> <type>input</type> + <size>35</size> </field> <field> <fielddescr>Cache Administrator E-Mail</fielddescr> <fieldname>cache_admin_email</fieldname> <description>This E-Mail address is displayed on the Proxy Server error messages.</description> - <size>35</size> <type>input</type> + <size>35</size> </field> <field> <fielddescr>Error Messages Language</fielddescr> diff --git a/packages/squid/squid_traffic.xml b/packages/squid/squid_traffic.xml index bfad2c06..1556be66 100644 --- a/packages/squid/squid_traffic.xml +++ b/packages/squid/squid_traffic.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -44,9 +45,10 @@ <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> - <include_file>squid.inc</include_file> <name>squidtraffic</name> + <version>none</version> <title>Proxy server: Traffic management</title> + <include_file>squid.inc</include_file> <tabs> <tab> <text>General settings</text> @@ -80,66 +82,66 @@ </tabs> <fields> <field> - <fieldname>max_download_size</fieldname> <fielddescr>Maximum download size</fielddescr> + <fieldname>max_download_size</fieldname> <description>Limit the maximum total download size to the size specified here (in kilobytes). Set to 0 to disable.</description> - <default_value>0</default_value> - <required/> <type>input</type> + <required/> + <default_value>0</default_value> </field> <field> - <fieldname>max_upload_size</fieldname> <fielddescr>Maximum upload size</fielddescr> + <fieldname>max_upload_size</fieldname> <description>Limit the maximum total upload size to the size specified here (in kilobytes). Set to 0 to disable.</description> - <default_value>0</default_value> - <required/> <type>input</type> + <required/> + <default_value>0</default_value> </field> <field> - <fieldname>overall_throttling</fieldname> <fielddescr>Overall bandwidth throttling</fielddescr> + <fieldname>overall_throttling</fieldname> <description>This value specifies (in kilobytes per second) the bandwidth throttle for downloads. Users will gradually have their download speed increased according to this value. Set to 0 to disable bandwidth throttling.</description> - <default_value>0</default_value> - <required/> <type>input</type> + <required/> + <default_value>0</default_value> </field> <field> - <fieldname>perhost_throttling</fieldname> <fielddescr>Per-host throttling</fielddescr> + <fieldname>perhost_throttling</fieldname> <description>This value specifies the download throttling per host. Set to 0 to disable this.</description> - <default_value>0</default_value> - <required/> <type>input</type> + <required/> + <default_value>0</default_value> </field> <field> - <fieldname>throttle_specific</fieldname> <fielddescr>Throttle only specific extensions</fielddescr> + <fieldname>throttle_specific</fieldname> <description>Leave this checked to be able to choose the extensions that throttling will be applied to. Otherwise, all files will be throttled.</description> - <default_value>on</default_value> <type>checkbox</type> <enablefields>throttle_binaries,throttle_cdimages,throttle_multimedia,throttle_others</enablefields> + <default_value>on</default_value> </field> <field> - <fieldname>throttle_binaries</fieldname> <fielddescr>Throttle binary files</fielddescr> + <fieldname>throttle_binaries</fieldname> <description>Check this to apply bandwidth throttle to binary files. This includes compressed archives and executables.</description> <type>checkbox</type> </field> <field> - <fieldname>throttle_cdimages</fieldname> <fielddescr>Throttle CD images</fielddescr> + <fieldname>throttle_cdimages</fieldname> <description>Check this to apply bandwidth throttle to CD image files.</description> <type>checkbox</type> </field> <field> - <fieldname>throttle_multimedia</fieldname> <fielddescr>Throttle multimedia files</fielddescr> + <fieldname>throttle_multimedia</fieldname> <description>Check this to apply bandwidth throttle to multimedia files, such as movies or songs.</description> <type>checkbox</type> </field> <field> - <fieldname>throttle_others</fieldname> <fielddescr>Throttle other extensions</fielddescr> + <fieldname>throttle_others</fieldname> <description>Comma-separated list of extensions to apply bandwidth throttle to.</description> <type>input</type> <size>60</size> diff --git a/packages/squid/squid_upstream.xml b/packages/squid/squid_upstream.xml index 6abac9cf..1102c672 100644 --- a/packages/squid/squid_upstream.xml +++ b/packages/squid/squid_upstream.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -44,9 +45,10 @@ <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> - <include_file>squid.inc</include_file> <name>squidupstream</name> + <version>none</version> <title>Proxy server: Upstream proxy settings</title> + <include_file>squid.inc</include_file> <tabs> <tab> <text>General settings</text> @@ -83,9 +85,9 @@ <fielddescr>Enable forwarding</fielddescr> <fieldname>proxy_forwarding</fieldname> <description>This option enables the proxy server to forward requests to an upstream server.</description> - <required/> <type>checkbox</type> <enablefields>proxy_addr,proxy_port,icp_port,username,password</enablefields> + <required/> </field> <field> <fielddescr>Hostname</fielddescr> @@ -97,17 +99,17 @@ <fielddescr>TCP port</fielddescr> <fieldname>proxy_port</fieldname> <description>Enter the port to use to connect to the upstream proxy.</description> - <default_value>3128</default_value> <type>input</type> <size>5</size> + <default_value>3128</default_value> </field> <field> <fielddescr>ICP port</fielddescr> <fieldname>icp_port</fieldname> <description>Enter the port to connect to the upstream proxy for the ICP protocol. Use port number 7 to disable ICP communication between the proxies.</description> - <default_value>7</default_value> <type>input</type> <size>5</size> + <default_value>7</default_value> </field> <field> <fielddescr>Username</fielddescr> diff --git a/packages/squid/squid_users.xml b/packages/squid/squid_users.xml index 0854007c..34260817 100644 --- a/packages/squid/squid_users.xml +++ b/packages/squid/squid_users.xml @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> @@ -44,9 +45,10 @@ <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> - <include_file>squid.inc</include_file> <name>squidusers</name> + <version>none</version> <title>Proxy server: Local users</title> + <include_file>squid.inc</include_file> <delete_string>A proxy server user has been deleted.</delete_string> <addedit_string>A proxy server user has been created/modified.</addedit_string> <tabs> @@ -82,32 +84,32 @@ </tabs> <adddeleteeditpagefields> <columnitem> - <fieldname>username</fieldname> <fielddescr>Username</fielddescr> + <fieldname>username</fieldname> </columnitem> <columnitem> - <fieldname>description</fieldname> <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> </columnitem> </adddeleteeditpagefields> <fields> <field> - <fieldname>username</fieldname> <fielddescr>Username</fielddescr> + <fieldname>username</fieldname> <description>Enter the username here.</description> - <required/> <type>input</type> + <required/> </field> <field> - <fieldname>password</fieldname> <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> <description>Enter the password here.</description> - <required/> <type>password</type> + <required/> </field> <field> - <fieldname>description</fieldname> <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> <description>You may enter a description here for your reference (not parsed).</description> <type>input</type> </field> |