aboutsummaryrefslogtreecommitdiffstats
path: root/packages/squid_ng.xml
diff options
context:
space:
mode:
Diffstat (limited to 'packages/squid_ng.xml')
-rw-r--r--packages/squid_ng.xml224
1 files changed, 103 insertions, 121 deletions
diff --git a/packages/squid_ng.xml b/packages/squid_ng.xml
index ccfed7f2..7d3cb5c8 100644
--- a/packages/squid_ng.xml
+++ b/packages/squid_ng.xml
@@ -2,115 +2,73 @@
<packagegui>
<name>squid</name>
- <title>Services: Squid Advanced Proxy</title>
+ <title>Services: Proxy Server</title>
<category>Security</category>
<version>2.5.10_4</version>
<configpath>installedpackages->package->squidng->configuration->settings</configpath>
- <!-- This defines the location where the config is stored within pfSense's
- xml based global store -->
<aftersaveredirect>/pkg_edit.php?xml=squid_ng.xml&amp;id=0</aftersaveredirect>
-
- <additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/squid_cache.xml</item>
+
+ <menu>
+ <name>Squid</name>
+ <tooltiptext>Modify settings for Proxy Server</tooltiptext>
+ <section>Services</section>
+ <url>/pkg_edit.php?xml=squid_ng.xml&amp;id=0</url>
+ </menu>
+
+ <!-- TODO: Add xml to parse proxy logs into readable format
+ <menu>
+ <name>Proxy Log</name>
+ <section>Status</section>
+ <configfile>squid_log.xml</configfile>
+ </menu> -->
+
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/squid_cache.xml</item>
</additional_files_needed>
- <additional_files_needed>
+
+ <additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
<item>http://www.pfsense.com/packages/config/squid_nac.xml</item>
</additional_files_needed>
- <additional_files_needed>
+
+ <additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
<item>http://www.pfsense.com/packages/config/squid_ng.inc</item>
</additional_files_needed>
- <additional_files_needed>
+
+ <additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
<item>http://www.pfsense.com/packages/config/squid_traffic.xml</item>
</additional_files_needed>
- <additional_files_needed>
+
+ <additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0755</chmod>
<item>http://www.pfsense.com/packages/config/squid_upstream.xml</item>
</additional_files_needed>
+
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/squid_auth.xml</item>
+ </additional_files_needed>
- <menu>
- <name>Squid</name>
- <tooltiptext>Modify settings for Squid Advanced Proxy</tooltiptext>
- <section>Services</section>
- <url>/pkg_edit.php?xml=squid_ng.xml&amp;id=0</url>
- </menu>
-
- <!-- TODO: Add xml to parse proxy logs into readable format
- <menu>
- <name>Proxy Log</name>
- <section>Status</section>
- <configfile>squid_log.xml</configfile>
- </menu> -->
-
- <files>
- <file>
- <type>package</type>
- <location>http://www.pfsense.org/packages/All/squid-2.5.STABLE10.tbz</location>
- </file>
- <file>
- <type>package</type>
- <location>ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/www/squidGuard-1.2.0_1.tbz</location>
- </file>
-
- <!-- retrieves the configuration file for upstream proxy settings -->
-
- <file>
- <type>configfile</type>
- <location>http://www.pfsense.com/packages/config/squid_ng.inc</location>
- </file>
-
- <file>
- <type>configfile</type>
- <location>http://www.pfsense.com/packages/config/squid_upstream.xml</location>
- </file>
-
- <!-- retrieves the configuration file for cache management -->
- <file>
- <type>configfile</type>
- <location>http://www.pfsense.com/packages/config/squid_cache.xml</location>
- </file>
-
- <!-- retrieves the configuration file for network access control -->
- <file>
- <type>configfile</type>
- <location>http://www.pfsense.com/packages/config/squid_nac.xml</location>
- </file>
-
- <!-- retrieves the configuration file for traffic management -->
- <file>
- <type>configfile</type>
- <location>http://www.pfsense.com/packages/config/squid_traffic.xml</location>
- </file>
-
- <!-- TODO: retrieves the configuration file for authentication settings
- <file>
- <type>configfile</type>
- <location>http://www.pfsense.com/packages/config/squid_auth.xml</location>
- </file>
- -->
-
- <!-- TODO: retrieves the configuration file for user definitions
- <file>
- <type>configfile</type>
- <location>http://www.pfsense.com/packages/config/squid_users.xml</location>
- </file>
- -->
-
- </files>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/squid_extauth.xml</item>
+ </additional_files_needed>
<tabs>
<tab>
<text>General Settings</text>
- <url>/pkg_edit.php?xml=squid_ng.xml&amp;id=0</url>
+ <url>/pkg_edit.php?xml=squid.xml&amp;id=0</url>
<active/>
</tab>
@@ -134,17 +92,15 @@
<url>/pkg_edit.php?xml=squid_traffic.xml&amp;id=0</url>
</tab>
- <!--
<tab>
- <text>Authentication Settings</text>
+ <text>Auth Settings</text>
<url>/pkg_edit.php?xml=squid_auth.xml&amp;id=0</url>
</tab>
<tab>
- <text>Users</text>
- <url>/pkg_edit.php?xml=squid_users.xml&amp;id=0</url>
+ <text>Extended Auth Settings</text>
+ <url>/pkg_edit.php?xml=squid_extauth.xml&amp;id=0</url>
</tab>
- -->
</tabs>
<fields>
@@ -274,16 +230,13 @@
$fout = fopen("/usr/local/etc/squid/squid.conf","w");
fwrite($fout, "#\n");
- fwrite($fout, "# This file was automatically generated by the pfSense package manager\n");
- fwrite($fout, "# This default policy enables transparent proxy with no local disk logging\n");
+ fwrite($fout, "# This file was automatically generated by the pfSense package manager.\n");
+ fwrite($fout, "# This default policy enables transparent proxy with no local disk logging.\n");
fwrite($fout, "#\n");
fwrite($fout, "shutdown_lifetime 5 seconds\n");
fwrite($fout, "icp_port 0\n");
fwrite($fout, "\n");
-
- fwrite($fout, "http_port 3128\n");
- fwrite($fout, "\n");
-
+
fwrite($fout, "acl QUERY urlpath_regex cgi-bin \?\n");
fwrite($fout, "no_cache deny QUERY\n");
fwrite($fout, "\n");
@@ -292,13 +245,13 @@
fwrite($fout, "\n");
fwrite($fout, "cache_mem 8 MB\n");
- fwrite($fout, "cache_dir ufs /var/squid/cache 500 16 256\n");
+ fwrite($fout, "cache_dir diskd /var/squid/cache 500 16 256\n");
fwrite($fout, "\n");
fwrite($fout, "error_directory /usr/local/etc/squid/errors/English\n");
fwrite($fout, "\n");
- fwrite($fout, "memory_replacement_policy heap LRU\n");
+ fwrite($fout, "memory_replacement_policy heap GDSF\n");
fwrite($fout, "cache_replacement_policy heap GDSF\n");
fwrite($fout, "\n");
@@ -347,19 +300,12 @@
fwrite($fout, "#Set custom configured ACLs\n");
fwrite($fout, "http_access deny all\n");
fwrite($fout, "visible_hostname pfSense\n");
- fwrite($fout, "httpd_accel_host virtual\n");
- fwrite($fout, "httpd_accel_port 80\n");
- fwrite($fout, "httpd_accel_with_proxy on\n");
- fwrite($fout, "httpd_accel_uses_host_header on\n");
+ fwrite($fout, "\n");
+
fwrite($fout, "cache_effective_user squid\n");
fwrite($fout, "cache_effective_group squid\n");
fwrite($fout, "\n");
- fwrite($fout, "#Strip HTTP Header\n");
- fwrite($fout, "header_access X-Forwarded-For deny all\n");
- fwrite($fout, "header_access Via deny all\n");
- fwrite($fout, "\n");
-
fwrite($fout, "maximum_object_size 4096 KB\n");
fwrite($fout, "minimum_object_size 0 KB\n");
fwrite($fout, "\n");
@@ -368,6 +314,11 @@
fwrite($fout, "reply_body_max_size 0 allow all\n");
fwrite($fout, "\n");
+ fwrite($fout, "httpd_accel_host virtual\n");
+ fwrite($fout, "httpd_accel_port 80\n");
+ fwrite($fout, "httpd_accel_with_proxy on\n");
+ fwrite($fout, "httpd_accel_uses_host_header on\n");
+
fclose($fout);
} <!-- end function write_static_squid_config() -->
</custom_php_global_functions>
@@ -380,38 +331,69 @@
</custom_add_php_command_late>
<custom_php_install_command>
- write_static_squid_config(); <!-- write initial config to work -->
+ write_static_squid_config(); <!-- write initial static config for transparent proxy -->
- update_output_window("Creating initialization scripts...");
+ update_output_window("Creating Proxy Server initialization scripts...");
$fout = fopen("/usr/local/etc/rc.d/squid.sh","w");
fwrite($fout, "#!/bin/sh\n");
- fwrite($fout, "$pfSense: /usr/local/sbin/rc.d/squid.sh; created " . date(DATE_RFC822) . " mcapp\n");
- fwrite($fout, "\n");
- fwrite($fout, "touch /tmp/ro_root_mount\n\n");
- fwrite($fout, "/usr/local/sbin/squid -D\n\n");
- fwrite($fout, "touch /tmp/filter_dirty\n\n");
+ fwrite($fout, "#$pfSense: /usr/local/sbin/rc.d/squid.sh\n\n");
+ fwrite($fout, "touch /tmp/ro_root_mount\n");
+ fwrite($fout, "/usr/local/sbin/squid -D\n");
+ fwrite($fout, "touch /tmp/filter_dirty\n");
fclose($fout);
- chmod("/usr/local/etc/rc.d/squid.sh", 755);
+ mwexec("chmod 755 /usr/local/etc/rc.d/squid.sh");
+
+ <!-- create log directory hierarchies if they don't exist -->
+ update_output_window("Creating required directory hierarchies...");
+
+ if (!file_exists("/var/squid/logs")) {
+ mwexec("mkdir -p /var/squid/logs");
+ mwexec("chown squid:squid /var/squid/logs");
+ }
if (!file_exists("/var/squid/cache")) {
- update_output_window("Initializing Cache... This may take a moment...");
- mwexec("/usr/local/sbin/squid -z");
+ mwexec("mkdir -p /var/squid/cache");
+ mwexec("chown squid:squid /var/squid/cache");
+ }
+
+ if (!file_exists("/usr/local/etc/squid/advanced/acls")) {
+ mwexec("mkdir -p /usr/local/etc/squid/advanced/acls");
+ mwexec("chown squid:squid /usr/local/etc/squid/advanced/acls");
}
- update_output_window("Starting Squid Advanced Proxy...");
- mwexec_bg("/usr/local/etc/rc.d/squid.sh");
+ if (!file_exists("/usr/local/etc/squid/advanced/ncsa")) {
+ mwexec("mkdir -p /usr/local/etc/squid/advanced/ncsa");
+ mwexec("chown squid:squid /usr/local/etc/squid/advanced/ncsa");
+ }
+
+ if (!file_exists("/usr/local/etc/squid/advanced/ntlm")) {
+ mwexec("mkdir -p /usr/local/etc/squid/advanced/ntlm");
+ mwexec("chown squid:squid /usr/local/etc/squid/advanced/ntlm");
+ }
+
+ if (!file_exists("/usr/local/etc/squid/advanced/radius")) {
+ mwexec("mkdir -p /usr/local/etc/squid/advanced/radius");
+ mwexec("chown squid:squid /usr/local/etc/squid/advanced/radius");
+ }
+
+ update_output_window("Initializing Cache... This may take a moment...");
+ mwexec("/usr/local/sbin/squid -z");
+
+ update_output_window("Starting Proxy Server...");
+ mwexec("/usr/local/etc/rc.d/squid.sh");
filter_configure();
</custom_php_install_command>
<custom_php_deinstall_command>
- rmdir_recursive("/usr/local/squid");
- unlink_if_exists("/var/mail/squid");
- unlink_if_exists("/usr/local/etc/rc.d/squid");
- unlink_if_exists("/usr/local/etc/squid/squid.conf");
+ mwexec("rm -rf /usr/local/squid");
+ mwexec("rm -rf /var/squid/cache");
+ mwexec("rm -rf /usr/local/etc/squid");
+
+ unlink_if_exists("/usr/local/etc/rc.d/squid.sh");
unlink_if_exists("/usr/local/etc/squid");
unlink_if_exists("/usr/local/libexec/squid");
- rmdir_recursive("/usr/local/etc/squid");
+
filter_configure();
</custom_php_deinstall_command>