From 9f2521ca8351e454e03193ddccbf5eb2166ec1fd Mon Sep 17 00:00:00 2001 From: Daniel Stefan Haischt Date: Sat, 1 Sep 2007 04:10:13 +0000 Subject: * added copyright header to each file * added XSL stylesheet to each file * added DTD to some files (TODO: Add DTD to the remaining files and validate them against the DTD) * added a Document Type Definition which allows to validate package files --- packages/arping/arping.xml | 14 +-- packages/dspam/pkg/p3scan-pf-vir.xml | 12 +-- packages/lightsquid/lightsquid.xml | 153 ++++++++++++++++--------------- packages/miniupnpd/miniupnpd.xml | 43 ++++----- packages/nmap/nmap.xml | 19 ++-- packages/nut/nut.xml | 49 +++++----- packages/p3scan-pf/p3scan-pf-emer.xml | 1 + packages/p3scan-pf/p3scan-pf-msg.xml | 11 ++- packages/p3scan-pf/p3scan-pf-spam.xml | 3 +- packages/p3scan-pf/p3scan-pf-transex.xml | 1 + packages/p3scan-pf/p3scan-pf-vir.xml | 19 ++-- packages/p3scan-pf/p3scan-pf.xml | 19 ++-- packages/phpsysinfo/phpsysinfo.xml | 23 ++--- packages/quagga/quagga.xml | 8 +- packages/routed/routed.xml | 21 ++--- packages/schema/packages.dtd | 108 +++++++++++++++++++++- packages/snort/snort.xml | 115 +++++++++++------------ packages/snort/snort_advanced.xml | 6 +- packages/snort/snort_whitelist.xml | 1 + packages/squid-head/squid.xml | 114 +++++++++++------------ packages/squid-head/squid_auth.xml | 48 +++++----- packages/squid-head/squid_cache.xml | 22 +++-- packages/squid-head/squid_nac.xml | 32 ++++--- packages/squid-head/squid_traffic.xml | 58 ++++++------ packages/squid-head/squid_upstream.xml | 10 +- packages/squid-head/squid_users.xml | 18 ++-- packages/squid/squid.xml | 152 +++++++++++++++--------------- packages/squid/squid_auth.xml | 68 +++++++------- packages/squid/squid_cache.xml | 30 +++--- packages/squid/squid_extauth.xml | 8 +- packages/squid/squid_nac.xml | 34 +++---- packages/squid/squid_ng.xml | 79 ++++++++-------- packages/squid/squid_traffic.xml | 40 ++++---- packages/squid/squid_upstream.xml | 10 +- packages/squid/squid_users.xml | 18 ++-- packages/sshterm/sshterm.xml | 25 +++-- packages/test_package/test_package.xml | 99 ++++++++++---------- packages/tinydns/tinydns.xml | 71 +++++++------- packages/tinydns/tinydns_domains.xml | 48 +++++----- packages/tinydns/tinydns_sync.xml | 13 +-- 40 files changed, 885 insertions(+), 738 deletions(-) diff --git a/packages/arping/arping.xml b/packages/arping/arping.xml index be3e8654..e8619496 100644 --- a/packages/arping/arping.xml +++ b/packages/arping/arping.xml @@ -1,5 +1,5 @@ - + @@ -48,11 +48,7 @@ arping 2.6.0.2 Services: arping - - /usr/local/pkg/ - 077 - http://www.pfsense.com/packages/config/arping/arping.inc - + /usr/local/pkg/arping.inc Arping Host to arp ping @@ -63,7 +59,6 @@ arping arping - /usr/local/pkg/arping.inc arping Settings @@ -71,6 +66,11 @@ + + /usr/local/pkg/ + 077 + http://www.pfsense.com/packages/config/arping/arping.inc + Host IP or Mac diff --git a/packages/dspam/pkg/p3scan-pf-vir.xml b/packages/dspam/pkg/p3scan-pf-vir.xml index 720b847a..ed68b8cf 100644 --- a/packages/dspam/pkg/p3scan-pf-vir.xml +++ b/packages/dspam/pkg/p3scan-pf-vir.xml @@ -97,12 +97,12 @@ 1 clamd - - - - - - + + + + + + diff --git a/packages/lightsquid/lightsquid.xml b/packages/lightsquid/lightsquid.xml index 6e219702..e5d48e34 100644 --- a/packages/lightsquid/lightsquid.xml +++ b/packages/lightsquid/lightsquid.xml @@ -1,4 +1,5 @@ + @@ -45,9 +46,9 @@ Describe your package requirements here Currently there are no FAQ items provided. lightsquid + 1.7.1_1 Services: Proxy server Report(LightSquid) -> Settings Status - 1.7.1_1 /usr/local/pkg/lightsquid.inc @@ -57,14 +58,6 @@
Status
/pkg_edit.php?xml=lightsquid.xml&id=0 - - http://www.pfsense.com/packages/config/lightsquid/lightsquid.inc - - - http://www.pfsense.com/packages/All/lightsquid_tpl.tbz - /var/tmp/ - 0755 - Settings @@ -76,61 +69,69 @@ /lightsquid/index.cgi + + http://www.pfsense.com/packages/config/lightsquid/lightsquid.inc + + + /var/tmp/ + 0755 + http://www.pfsense.com/packages/All/lightsquid_tpl.tbz + - lightsquid_lang Language + lightsquid_lang Select report language select eng - - - - - - - - - - - + + + + + + + + + + + - lightsquid_barcolor Bar color + lightsquid_barcolor Select bar color select orange - - - - - - + + + + + + - lightsquid_template Report scheme + lightsquid_template Select report scheme select base - - - - + + + + - lightsquid_ip2name IP resolve method (future) + lightsquid_ip2name <table cellpadding=1 cellspacing=0 style="text-align: left;"> <tbody> <tr><th colspan=2> Select IP to Name resolve method (take effect only on new data): </th><tr> @@ -145,18 +146,18 @@ select dns - - - - - - + + + + + + - lightsquid_refreshsheduler_time Refresh sheduler + lightsquid_refreshsheduler_time Select data refresh period. System will execute task every XX time as from 00:00 hours. <br> For example: if selected 2h - system wil start task at 0-2-4-..-24h. <br> @@ -171,25 +172,25 @@ select lhp_none - - - - - - - - - - - - - - + + + + + + + + + + + + + + - lightsquid_squidrotatelog_sheduler_time Squid rotate log sheduler + lightsquid_squidrotatelog_sheduler_time Select squid log rotate period. System will execute task every XX time as from 00:00 hours. <br> This option will allow the updating of the faster <br> @@ -201,30 +202,30 @@ select lsr_none - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + - lightsquid_skipurl Skip url + lightsquid_skipurl If you want skip some sites from stat, example our local www server Example, if you want skip LOCAL site, put it here diff --git a/packages/miniupnpd/miniupnpd.xml b/packages/miniupnpd/miniupnpd.xml index 6ebf7dfc..bbf4977b 100644 --- a/packages/miniupnpd/miniupnpd.xml +++ b/packages/miniupnpd/miniupnpd.xml @@ -1,4 +1,5 @@ + @@ -44,33 +45,18 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - Services: MiniUPnPd miniupnpd 20070521 + Services: MiniUPnPd Change - /usr/local/pkg/miniupnpd.inc /status_upnp.php + /usr/local/pkg/miniupnpd.inc MiniUPnPd Set miniupnpd settings such as interfaces to listen on.
Services
/status_upnp.php - - http://www.pfsense.org/packages/config/miniupnpd/miniupnpd.inc - /usr/local/pkg/ - 0755 - - - http://www.pfsense.org/packages/config/miniupnpd/status_upnp.php - /usr/local/www/ - 0755 - - - /usr/local/sbin/ - 0755 - http://www.pfsense.com/packages/config/miniupnpd/sbin/miniupnpd - miniupnpd miniupnpd.sh @@ -87,6 +73,21 @@ + + /usr/local/pkg/ + 0755 + http://www.pfsense.org/packages/config/miniupnpd/miniupnpd.inc + + + /usr/local/www/ + 0755 + http://www.pfsense.org/packages/config/miniupnpd/status_upnp.php + + + /usr/local/sbin/ + 0755 + http://www.pfsense.com/packages/config/miniupnpd/sbin/miniupnpd + Enable MiniUPnPd @@ -96,12 +97,12 @@ Interfaces (generally LAN) iface_array - lan - true - 3 - interfaces_selection You can use the CTRL or COMMAND key to select multiple interfaces. + interfaces_selection + 3 + lan + true Maximum Download Speed (Kbits/second) diff --git a/packages/nmap/nmap.xml b/packages/nmap/nmap.xml index d242a7be..d2fa42ee 100644 --- a/packages/nmap/nmap.xml +++ b/packages/nmap/nmap.xml @@ -1,4 +1,5 @@ + @@ -47,9 +48,10 @@ nmap 4.11 Diagnostics: NMap - true - yes Scan + yes + true + /usr/local/pkg/nmap.inc NMap @@ -80,34 +82,33 @@ - Scan method + Scan method -P0 - Do not try to ping hosts at all before scanning them. noping This allows the scanning of networks that don't allow ICMP echo requests (or responses) through their firewall. microsoft.com is an example of such a network, and thus you should always use -P0 or -PT80 when port scanning microsoft.com. Note the "ping" in this contecx may involve more than the traditional ICMP echo request packet. Nmap supports many such probes, including arbitrary combinations of TCP, UDP, and ICMP probes. By default, Nmap sends an ICMP echo request and a TCP ACK packet to port 80. checkbox + Do not try to ping hosts at all before scanning them. -sV - Try to identify service versions servicever After TCP and/or UDP ports are discovered using one of the other scan methods, version detection communicates with those ports to try and determine more about what is actually running. A file called nmap-service-probes is used to determine the best probes for detecting various services and the match strings to expect. Nmap tries to determine the service protocol (e.g. ftp, ssh, telnet, http), the application name (e.g. ISC Bind, Apache httpd, Solaris telnetd), the version number, and sometimes miscellaneous details like whether an X server is open to connections or the SSH protocol version) checkbox + Try to identify service versions -O - Turn on OS detection osdetect This option activates remote host identification via TCP/IP fingerprinting. In other words, it uses a bunch of techniques to detect subtleties in the underlying operating system network stack of the computers you are scanning. It uses this information to create a "fingerprint" which it compares with its database of known OS fingerprints (the nmap-os-fingerprints file) to decide what type of system you are scanning checkbox + Turn on OS detection - /usr/local/pkg/nmap.inc - - nmap_custom_add_php_command(); + + diff --git a/packages/nut/nut.xml b/packages/nut/nut.xml index d2f4e97e..d878a3c2 100644 --- a/packages/nut/nut.xml +++ b/packages/nut/nut.xml @@ -1,4 +1,5 @@ + @@ -44,28 +45,18 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - Services: NUT nut 2.0.5 + Services: NUT Change - /usr/local/pkg/nut.inc /status_nut.php + /usr/local/pkg/nut.inc NUT Set Network UPS Tools settings.
Services
/status_nut.php - - http://www.pfsense.com/packages/config/nut/nut.inc - /usr/local/pkg/ - 0755 - - - http://www.pfsense.com/packages/config/nut/status_nut.php - /usr/local/www/ - 0755 - nut nut.sh @@ -82,6 +73,16 @@ + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/nut/nut.inc + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/nut/status_nut.php + UPS Monitoring @@ -111,9 +112,9 @@ <strong>Local UPS Model</strong> driver - select If generic or cable specified in parenthesis you need to select the appropriate option below. + select @@ -453,16 +454,16 @@ select diff --git a/packages/p3scan-pf/p3scan-pf-emer.xml b/packages/p3scan-pf/p3scan-pf-emer.xml index 12a78e09..da39aef8 100644 --- a/packages/p3scan-pf/p3scan-pf-emer.xml +++ b/packages/p3scan-pf/p3scan-pf-emer.xml @@ -1,4 +1,5 @@ + diff --git a/packages/p3scan-pf/p3scan-pf-msg.xml b/packages/p3scan-pf/p3scan-pf-msg.xml index 00c29acf..d3f81aa2 100644 --- a/packages/p3scan-pf/p3scan-pf-msg.xml +++ b/packages/p3scan-pf/p3scan-pf-msg.xml @@ -1,4 +1,5 @@ + @@ -53,8 +54,8 @@ set, you are still required to save this page if you are editing this page for the very first time! - p3scan-pf.inc pkg_edit.php?xml=p3scan-pf-msg.xml&id=0 + p3scan-pf.inc Daemon Settings @@ -107,8 +108,8 @@ bytesfree The number of KB's there must be free before processing any mail. input - 10000 + 10000 Broken Email Clients @@ -139,8 +140,8 @@ input 60 - Subject: "[Virus] found in a mail to you:" <virus name> + Subject: "[Virus] found in a mail to you:" <virus name> Notify @@ -152,8 +153,8 @@ input 60 - Per instruction, the message has been deleted. + Per instruction, the message has been deleted. SMTP Reject @@ -165,8 +166,8 @@ input 60 - Virus detected! P3scan rejected message! + Virus detected! P3scan rejected message! Check SMTP size diff --git a/packages/p3scan-pf/p3scan-pf-spam.xml b/packages/p3scan-pf/p3scan-pf-spam.xml index 60de13e6..86301a50 100644 --- a/packages/p3scan-pf/p3scan-pf-spam.xml +++ b/packages/p3scan-pf/p3scan-pf-spam.xml @@ -1,4 +1,5 @@ + @@ -53,8 +54,8 @@ set, you are still required to save this page if you are editing this page for the very first time! - p3scan-pf.inc pkg_edit.php?xml=p3scan-pf-spam.xml&id=0 + p3scan-pf.inc Daemon Settings diff --git a/packages/p3scan-pf/p3scan-pf-transex.xml b/packages/p3scan-pf/p3scan-pf-transex.xml index 343529cb..e1b2070a 100644 --- a/packages/p3scan-pf/p3scan-pf-transex.xml +++ b/packages/p3scan-pf/p3scan-pf-transex.xml @@ -1,4 +1,5 @@ + diff --git a/packages/p3scan-pf/p3scan-pf-vir.xml b/packages/p3scan-pf/p3scan-pf-vir.xml index 8a04c6e1..d96e8a87 100644 --- a/packages/p3scan-pf/p3scan-pf-vir.xml +++ b/packages/p3scan-pf/p3scan-pf-vir.xml @@ -1,4 +1,5 @@ + @@ -53,8 +54,8 @@ set, you are still required to save this page if you are editing this page for the very first time! - p3scan-pf.inc pkg_edit.php?xml=p3scan-pf-vir.xml&id=0 + p3scan-pf.inc Daemon Settings @@ -97,15 +98,15 @@ scannertype Select here which type of scanner you want to use. select - clamd 1 + clamd - - - - - - + + + + + + @@ -113,8 +114,8 @@ scanner Depends on scannertype. input - 127.0.0.1:3310 + 127.0.0.1:3310 Scanner Returncode diff --git a/packages/p3scan-pf/p3scan-pf.xml b/packages/p3scan-pf/p3scan-pf.xml index 4594aaec..f309cb50 100644 --- a/packages/p3scan-pf/p3scan-pf.xml +++ b/packages/p3scan-pf/p3scan-pf.xml @@ -1,4 +1,5 @@ + @@ -52,15 +53,15 @@ set, you are still required to save this page if you are editing this page for the very first time! - p3scan-pf.inc pkg_edit.php?xml=p3scan-pf.xml&id=0 + p3scan-pf.inc POP3 Proxy + A transparent POP3-Proxy with virus-scanning capabilities
Services
p3scan-pf.xml /pkg_edit.php?xml=p3scan-pf.xml&id=0 - A transparent POP3-Proxy with virus-scanning capabilities p3scan-pf @@ -147,56 +148,56 @@ ipaddr The <acronym title="Internet Protocol">IP</acronym> Address we listen on. input - 127.0.0.1 + 127.0.0.1 Port port The <acronym title="Transmission Control Protocol">TCP</acronym> port on we should listen. input - 8110 + 8110 SSL Port sslport The TCP <acronym title="Secure Sockets Layer">SSL</acronym> port on we should listen. input - 995 + 995 Target IP targetip Target IP is the IP to connect (0.0.0.0 enables transparent mode). input - 0.0.0.0 + 0.0.0.0 Target Port targetport Target Port is the port to connect. - 8110 input + 8110 Email Port emailport The port we should listen on to scan outgoing email messages. input - 25 + 25 Daemon User daemonuser The username the daemon should run as. input - root + root RIP @@ -70,6 +67,9 @@ ['installedpackages']['routed']['config'] + + http://www.pfsense.org/packages/config/routed/routed.inc + @@ -83,24 +83,24 @@ Interfaces iface_array + Select the interfaces that RIP will bind to. You can use the CTRL or COMMAND key to select multiple interfaces. + interfaces_selection + 3 + lan true - 3 - interfaces_selection - Select the interfaces that RIP will bind to. You can use the CTRL or COMMAND key to select multiple interfaces. - RIP Version ripversion select + 2 Select which RIP version the daemon will listen/advertise using. - RIPv2 password @@ -111,7 +111,6 @@ input - pkg_edit.php?xml=routed.xml&id=0 diff --git a/packages/schema/packages.dtd b/packages/schema/packages.dtd index e685c609..3f42b948 100644 --- a/packages/schema/packages.dtd +++ b/packages/schema/packages.dtd @@ -1,4 +1,7 @@ + + + + + + + + + + + + + + + + + + + - + + + + + + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + + + - + + + + + + + + + + + + + + + + + + + + + + + + + - + + + + + diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml index e020b41d..c3846201 100644 --- a/packages/snort/snort.xml +++ b/packages/snort/snort.xml @@ -1,4 +1,5 @@ + @@ -44,15 +45,56 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - Services: Snort Snort 2.6.0.2 + Services: Snort + /usr/local/pkg/snort.inc Snort Setup snort specific settings
Services
/pkg_edit.php?xml=snort.xml&id=0 + + snort + snort.sh + snort + + + + Settings + /pkg_edit.php?xml=snort.xml&id=0 + + + + Update Rules + /snort_download_rules.php + + + Categories + /snort_rulesets.php + + + Rules + /snort_rules.php + + + Blocked + /snort_blocked.php + + + Whitelist + /pkg.php?xml=snort_whitelist.xml + + + Alerts + /snort_alerts.php + + + Advanced + /pkg_edit.php?xml=snort_advanced.xml&id=0 + + /usr/local/pkg/ 077 @@ -118,56 +160,15 @@ 077 http://www.pfsense.com/packages/config/snort/snort_advanced.xml - - snort - snort.sh - snort - - /usr/local/pkg/snort.inc - - - Settings - /pkg_edit.php?xml=snort.xml&id=0 - - - - Update Rules - /snort_download_rules.php - - - Categories - /snort_rulesets.php - - - Rules - /snort_rules.php - - - Blocked - /snort_blocked.php - - - Whitelist - /pkg.php?xml=snort_whitelist.xml - - - Alerts - /snort_alerts.php - - - Advanced - /pkg_edit.php?xml=snort_advanced.xml&id=0 - - Interface iface_array Select all WAN type interfaces + interfaces_selection + 3 lan true - 3 - interfaces_selection Performance @@ -176,32 +177,32 @@ select @@ -209,9 +210,9 @@ Oinkmaster code oinkmastercode Obtain a snort.org Oinkmaster code and paste here. - input 60 + Snort.org subscriber @@ -258,15 +259,15 @@ checkbox - - sync_package_snort_reinstall(); - sync_package_snort(); - + sync_package_snort(); - + + + sync_package_snort_reinstall(); + snort_deinstall(); diff --git a/packages/snort/snort_advanced.xml b/packages/snort/snort_advanced.xml index 51fcaa90..35db6945 100644 --- a/packages/snort/snort_advanced.xml +++ b/packages/snort/snort_advanced.xml @@ -1,4 +1,5 @@ + @@ -44,8 +45,9 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - Services: Snort Advanced SnortAdvanced + none + Services: Snort Advanced /usr/local/pkg/snort.inc @@ -106,8 +108,8 @@ configpassthru Add items to here will be automatically inserted into the running snort configuration textarea - 5 40 + 5 diff --git a/packages/snort/snort_whitelist.xml b/packages/snort/snort_whitelist.xml index 54347b74..5ac41802 100644 --- a/packages/snort/snort_whitelist.xml +++ b/packages/snort/snort_whitelist.xml @@ -1,4 +1,5 @@ + diff --git a/packages/squid-head/squid.xml b/packages/squid-head/squid.xml index 04a06829..67f4c2aa 100644 --- a/packages/squid-head/squid.xml +++ b/packages/squid-head/squid.xml @@ -1,4 +1,5 @@ + @@ -44,41 +45,11 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. + squid + none + Proxy server: General settings squid.inc - - - http://www.pfsense.org/packages/config/squid.inc - - - http://www.pfsense.org/packages/config/squid_cache.xml - - - http://www.pfsense.org/packages/config/squid_nac.xml - - - http://www.pfsense.org/packages/config/squid_traffic.xml - - - http://www.pfsense.org/packages/config/squid_upstream.xml - - - http://www.pfsense.org/packages/config/squid_auth.xml - - - http://www.pfsense.org/packages/config/squid_users.xml - - - http://www.pfsense.org/packages/All/squid_monitor.sh - /usr/local/bin/ - 0755 - - - squid_install_command(); - - - squid_deinstall_command(); - Web proxy cache Modify the web proxy cache's settings @@ -87,14 +58,10 @@ Squid - Web proxy cache. squid.sh squid + Web proxy cache. - - - squid - Proxy server: General settings General settings @@ -126,81 +93,108 @@ /pkg.php?xml=squid_users.xml + + + http://www.pfsense.org/packages/config/squid.inc + + + http://www.pfsense.org/packages/config/squid_cache.xml + + + http://www.pfsense.org/packages/config/squid_nac.xml + + + http://www.pfsense.org/packages/config/squid_traffic.xml + + + http://www.pfsense.org/packages/config/squid_upstream.xml + + + http://www.pfsense.org/packages/config/squid_auth.xml + + + http://www.pfsense.org/packages/config/squid_users.xml + + + /usr/local/bin/ + 0755 + http://www.pfsense.org/packages/All/squid_monitor.sh + - active_interface Proxy interface + active_interface The interface(s) the proxy server will bind to. - lan - interfaces_selection + + lan - allow_interface Allow users on interface + allow_interface If this field is checked, the users connected to the interface selected in the 'Proxy interface' field will be allowed to use the proxy, i.e., there will be no need to add the interface's subnet to the list of allowed subnets. This is just a shortcut. - on - checkbox + + on - transparent_proxy Transparent proxy + transparent_proxy If transparent mode is enabled, all requests for destination port 80 will be forwarded to the proxy server without any additional configuration necessary. - checkbox + - log_enabled Enabled logging + log_enabled This will enable the access log. Don't switch this on if you don't have much disk space left. - log_query_terms,log_user_agents checkbox + log_query_terms,log_user_agents - proxy_port Proxy port + proxy_port This is the port the proxy server will listen on. - input 5 + 3128 - icp_port ICP port + icp_port This is the port the proxy server will send and receive ICP queries to and from neighbor caches. Leave this blank if you don't want the proxy server to communicate with neighbor caches through ICP. input 5 - visible_hostname Visible hostname + visible_hostname This is the hostname to be displayed in proxy server error messages. - localhost input + localhost - admin_email Administrator email + admin_email This is the email address displayed in error messages to the users. - admin@localhost input + admin@localhost Language error_language Select the language in which the proxy server will display error messages to users. - English select + English Redirect children redirect_children Specify the number of redirectors to spawn (if using redirectors at all) when launching Squid. If you leave this field blank, Squid will start 5 redirector processes. If your network load is high, feel free to increase this value (at the expense of a higher memory consumption). - 5 input + 5 @@ -212,4 +206,10 @@ squid_resync(); + + squid_install_command(); + + + squid_deinstall_command(); + diff --git a/packages/squid-head/squid_auth.xml b/packages/squid-head/squid_auth.xml index 05875c59..15910f97 100644 --- a/packages/squid-head/squid_auth.xml +++ b/packages/squid-head/squid_auth.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidauth + none Proxy server: Authentication + squid.inc General settings @@ -83,8 +85,8 @@ Authentication method auth_method Select an authentication method. This will allow users to be authenticated by local or external services. - none select + none @@ -95,99 +97,96 @@ on_auth_method_changed() - auth_server Authentication server + auth_server Enter here the IP or hostname of the server that will perform the authentication. For NT domain authentication, this is the Primary Domain Controller (PDC). input - auth_server_port Authentication server port + auth_server_port Enter here the port to use to connect to the authentication server. Leave this field blank to use the authentication method's default port. input - ldap_user LDAP server user DN + ldap_user Enter here the user distinguished name (DN) to bind to connect to the LDAP server (e.g., "cn=Administrator,cn=Users,dc=foobar,dc=com"). You can leave this field blank if you don't want to use authentication. input - ldap_password LDAP password + ldap_password Enter here the password to use to connect to the LDAP server. You may leave this field unfilled. password - ldap_basedn LDAP base DN + ldap_basedn For LDAP authentication, enter here the base DN for the search (e.g., "cn=Users,dc=foobar,dc=com"). input - ldap_filter LDAP filter + ldap_filter Enter the string to be used to filter the results of the search, or leave this blank to get the results unfiltered. This must be in compliance with RFC 2254, and ocurrences of the string "%s" will be set to the username given to the proxy. You generally want something like '(sAMAccountName=%s)' here. input (sAMAccountName=%s) - radius_secret RADIUS secret + radius_secret The RADIUS secret for RADIUS authentication. password - msnt_bdc Backup Domain Controller + msnt_bdc Enter the address of the Backup Domain Controller (BDC) or leave this field blank if you don't want to use a backup controller. input - msnt_domain NT domain + msnt_domain Enter the NT domain to be used. input - auth_prompt Authentication prompt + auth_prompt This string will be displayed at the top of the authentication request window. - Please enter your credentials to access the proxy input + Please enter your credentials to access the proxy - auth_processes Authentication processes + auth_processes The number of authenticator processes to spawn. If many authentications are expected within a short timeframe, increase this number accordingly. - 5 input + 5 - auth_ttl Authentication TTL + auth_ttl This specifies for how long (in minutes) the proxy server assumes an externally validated username and password combination is valid (Time To Live). When the TTL expires, the user will be prompted for credentials again. - 60 input + 60 - unrestricted_auth Requiere authentication for unrestricted hosts + unrestricted_auth If this option is enabled, even users tagged as unrestricted through access control are required to authenticate to use the proxy. checkbox - no_auth_hosts Subnets that don't need authentication + no_auth_hosts A comma-separated list of subnets (in CIDR range, e.g.: 10.5.0.0/16, 192.168.1.50/32) whose hosts won't be asked for authentication to access the proxy. textarea - 5 50 + 5 - - squid_print_javascript_auth(); - squid_validate_auth($_POST, &$input_errors); @@ -197,4 +196,7 @@ squid_resync(); + + squid_print_javascript_auth(); + diff --git a/packages/squid-head/squid_cache.xml b/packages/squid-head/squid_cache.xml index c50cef2e..3fe0475f 100644 --- a/packages/squid-head/squid_cache.xml +++ b/packages/squid-head/squid_cache.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidcache + none Proxy server: Cache management + squid.inc General settings @@ -83,40 +85,40 @@ Hard disk cache size harddisk_cache_size This is the amount of disk space (in megabytes) to use for cached objects. + input 100 - input Memory cache size memory_cache_size This is the amount of physical RAM (in megabytes) to be used for negative cache and in-transit objects. This value should not exceed more than 50% of the installed RAM. The minimum value is 1MB. + input 8 - input Minimum object size minimum_object_size Objects smaller than the size specified (in kilobytes) will not be saved on disk. The default value is 0, meaning there is no minimum. + input 0 - input Maximum object size maximum_object_size Objects larger than the size specified (in kilobytes) will not be saved on disk. If you wish to increase speed more than you want to save bandwidth, this should be set to a low value. + input 4 - input Level 1 subdirectories level1_subdirs Each level 1 (L1) directory contains 256 subdirectories, so a value of 256 L1 directories will use a total of 65536 directories for the hard disk cache. This will significantly slow down the startup process of the proxy service, but can speed up the caching under certain conditions. - 16 select + 16 @@ -131,8 +133,8 @@ Memory replacement policy memory_replacement The memory replacement policy determines which objects are purged from memory when space is needed. The default policy for memory replacement is GDSF. - heap GDSF select + heap GDSF @@ -144,8 +146,8 @@ Cache replacement policy cache_replacement The cache replacement policy decides which objects will remain in cache and which objects are replaced to create space for the new objects. The default policy for cache replacement is LFUDA. - heap LFUDA select + heap LFUDA @@ -158,15 +160,15 @@ donotcache The specified domains or IP addresses (separated by commas) will never be cached. textarea - 5 50 + 5 Enable offline mode enable_offline Enable this option and the proxy server will never try to validate cached objects. The offline mode also gives access to more cached information than the proposed feature would allow (stale cached versions, where the origin server should have been contacted). - checkbox + diff --git a/packages/squid-head/squid_nac.xml b/packages/squid-head/squid_nac.xml index bbeaa149..db49a1ba 100644 --- a/packages/squid-head/squid_nac.xml +++ b/packages/squid-head/squid_nac.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidnac + none Proxy server: Access control + squid.inc General settings @@ -80,60 +82,60 @@ - allowed_subnets Allowed subnets + allowed_subnets Those are the subnets (separated by commas) that are allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy. textarea - 5 50 + 5 - unrestricted_hosts Unrestricted IPs + unrestricted_hosts The IP addresses specified here (separated by commas) won't be filtered out by the other access control directives set in this page. textarea - 5 50 + 5 - unrestricted_macs Unrestricted MAC Addresses + unrestricted_macs The MAC addresses specified here (separated by commas) won't be filtered out by the other access control directives set in this page. textarea - 5 50 + 5 - banned_hosts Banned host addresses + banned_hosts The IP addresses specified here (separated by commas) won't be allowed to use the proxy. textarea - 5 50 + 5 - banned_macs Banned MAC addresses + banned_macs The MAC addresses specified here (separated by commas) won't be allowed to use the proxy. textarea - 5 50 + 5 - whitelist Whitelist + whitelist Those are the sites (separated by commas) that will be accessable to the users that are allowed to use the proxy. textarea - 5 50 + 5 - blacklist Blacklist + blacklist Those are the sites (separated by commas) that will be blocked to the users that are allowed to use the proxy. textarea - 5 50 + 5 diff --git a/packages/squid-head/squid_traffic.xml b/packages/squid-head/squid_traffic.xml index f9bf3c6a..d69f2510 100644 --- a/packages/squid-head/squid_traffic.xml +++ b/packages/squid-head/squid_traffic.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidtraffic + none Proxy server: Traffic management + squid.inc General settings @@ -80,90 +82,90 @@ - max_download_size Maximum download size + max_download_size Limit the maximum total download size to the size specified here (in kilobytes). Downloads bigger than the specified size will be denied. Set to 0 to disable. - 0 - input + + 0 - max_upload_size Maximum upload size + max_upload_size Limit the maximum total upload size to the size specified here (in kilobytes). Uploads bigger than the specified size will be denied. Set to 0 to disable. - 0 - input + + 0 - overall_capping Overall capping + overall_capping Caps the download speeds of the network that connects to the proxy as a whole at the specified size (in kilobytes per second). Set to 0 to disable. - 0 - input + + 0 - perhost_capping Per-host capping + perhost_capping Caps the download speeds of each user that connects to the proxy at the specified size (in kilobytes per second). Set to 0 to disable. - 0 - input + + 0 - overall_throttling Overall bandwidth throttling + overall_throttling This value specifies (in kilobytes per second) the bandwidth throttle for downloads. Users will gradually have their download speed increased according to this value. Set to 0 to disable bandwidth throttling. - 0 - input + + 0 - perhost_throttling Per-host throttling + perhost_throttling This value specifies the download throttling per host. Set to 0 to disable this. - 0 - input + + 0 - initial_bucket_level Initial bucket level + initial_bucket_level The initial bucket level is used to determine how much is put in each bucket when a connection is established. Set to 0 to set the initial bucket level to 100%. - 0 - input + + 0 - throttle_specific Throttle only specific extensions + throttle_specific Leave this checked to be able to choose the extensions that throttling will be applied to. Otherwise, all files will be throttled. - on checkbox throttle_binaries,throttle_cdimages,throttle_multimedia,throttle_others + on - throttle_binaries Throttle binary files + throttle_binaries Check this to apply bandwidth throttle to binary files. This includes compressed archives and executables. checkbox - throttle_cdimages Throttle CD images + throttle_cdimages Check this to apply bandwidth throttle to CD image files. checkbox - throttle_multimedia Throttle multimedia files + throttle_multimedia Check this to apply bandwidth throttle to multimedia files, such as movies or songs. checkbox - throttle_others Throttle other extensions + throttle_others Comma-separated list of extensions to apply bandwidth throttle to. input diff --git a/packages/squid-head/squid_upstream.xml b/packages/squid-head/squid_upstream.xml index 700163ec..b02a21b4 100644 --- a/packages/squid-head/squid_upstream.xml +++ b/packages/squid-head/squid_upstream.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidupstream + none Proxy server: Upstream proxy settings + squid.inc General settings @@ -83,9 +85,9 @@ Enable forwarding proxy_forwarding This option enables the proxy server to forward requests to an upstream server. - checkbox proxy_addr,proxy_port,icp_port,username,password + Hostname @@ -97,17 +99,17 @@ TCP port proxy_port Enter the port to use to connect to the upstream proxy. - 3128 input 5 + 3128 ICP port icp_port Enter the port to connect to the upstream proxy for the ICP protocol. Use port number 7 to disable ICP communication between the proxies. - 7 input 5 + 7 Username diff --git a/packages/squid-head/squid_users.xml b/packages/squid-head/squid_users.xml index 0854007c..34260817 100644 --- a/packages/squid-head/squid_users.xml +++ b/packages/squid-head/squid_users.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidusers + none Proxy server: Local users + squid.inc A proxy server user has been deleted. A proxy server user has been created/modified. @@ -82,32 +84,32 @@ - username Username + username - description Description + description - username Username + username Enter the username here. - input + - password Password + password Enter the password here. - password + - description Description + description You may enter a description here for your reference (not parsed). input diff --git a/packages/squid/squid.xml b/packages/squid/squid.xml index f17c4be2..0370aff2 100644 --- a/packages/squid/squid.xml +++ b/packages/squid/squid.xml @@ -1,4 +1,5 @@ + @@ -46,7 +47,51 @@ Currently there are no FAQ items provided. squid 2.6.5_1-p15 + Proxy server: General settings /usr/local/pkg/squid.inc + + Proxy server + Modify the proxy server's settings +
Services
+ /pkg_edit.php?xml=squid.xml&id=0 + + + squid + squid.sh + squid + Proxy server Service + + + + General settings + /pkg_edit.php?xml=squid.xml&id=0 + + + + Upstream proxy + /pkg_edit.php?xml=squid_upstream.xml&id=0 + + + Cache management + /pkg_edit.php?xml=squid_cache.xml&id=0 + + + Access control + /pkg_edit.php?xml=squid_nac.xml&id=0 + + + Traffic management + /pkg_edit.php?xml=squid_traffic.xml&id=0 + + + Auth settings + /pkg_edit.php?xml=squid_auth.xml&id=0 + + + Local users + /pkg.php?xml=squid_users.xml + + /usr/local/pkg/ @@ -89,139 +134,94 @@ http://www.pfsense.org/packages/config/squid/squid_users.xml - http://www.pfsense.org/packages/config/squid/proxy_monitor.sh /usr/local/etc/rc.d/ 0755 + http://www.pfsense.org/packages/config/squid/proxy_monitor.sh - http://www.pfsense.org/packages/config/squid/squid_cache.xml /usr/local/pkg/ 0755 + http://www.pfsense.org/packages/config/squid/squid_cache.xml - - Proxy server - Modify the proxy server's settings -
Services
- /pkg_edit.php?xml=squid.xml&id=0 - - - squid - Proxy server Service - squid.sh - squid - - - Proxy server: General settings - - - General settings - /pkg_edit.php?xml=squid.xml&id=0 - - - - Upstream proxy - /pkg_edit.php?xml=squid_upstream.xml&id=0 - - - Cache management - /pkg_edit.php?xml=squid_cache.xml&id=0 - - - Access control - /pkg_edit.php?xml=squid_nac.xml&id=0 - - - Traffic management - /pkg_edit.php?xml=squid_traffic.xml&id=0 - - - Auth settings - /pkg_edit.php?xml=squid_auth.xml&id=0 - - - Local users - /pkg.php?xml=squid_users.xml - - - active_interface Proxy interface + active_interface The interface(s) the proxy server will bind to. - lan - interfaces_selection + + lan - allow_interface Allow users on interface + allow_interface If this field is checked, the users connected to the interface selected in the 'Proxy interface' field will be allowed to use the proxy, i.e., there will be no need to add the interface's subnet to the list of allowed subnets. This is just a shortcut. - on - checkbox + + on - transparent_proxy Transparent proxy + transparent_proxy If transparent mode is enabled, all requests for destination port 80 will be forwarded to the proxy server without any additional configuration necessary. - checkbox + - log_enabled Enabled logging + log_enabled This will enable the access log. Don't switch this on if you don't have much disk space left. - log_query_terms,log_user_agents checkbox + log_query_terms,log_user_agents - log_dir Log store directory + log_dir The directory where the log will be stored (note: do not end with a / mark) - input 60 + /var/squid/log - proxy_port Proxy port + proxy_port This is the port the proxy server will listen on. - input 5 + 3128 - icp_port ICP port + icp_port This is the port the Proxy Server will send and receive ICP queries to and from neighbor caches. Leave this blank if you don't want the proxy server to communicate with neighbor caches through ICP. input 5 - visible_hostname Visible hostname + visible_hostname This is the URL to be displayed in proxy server error messages. - localhost input 60 + localhost - admin_email Administrator email + admin_email This is the email address displayed in error messages to the users. - admin@localhost input 60 + admin@localhost Language error_language Select the language in which the proxy server will display error messages to users. - English select + English Disable X-Forward @@ -240,37 +240,37 @@ uri_whitespace <b> strip:</b> The whitespace characters are stripped out of the URL. This is the behavior recommended by RFC2396. <p> <b> deny:</b> The request is denied. The user receives an "Invalid Request" message.<p> <b> allow:</b> The request is allowed and the URI is not changed. The whitespace characters remain in the URI.<p> <b> encode:</b> The request is allowed and the whitespace characters are encoded according to RFC1738.<p> <b> chop:</b> The request is allowed and the URI is chopped at the first whitespace. select + strip - strip - - squid_resync(); - squid_before_form_general(&$pkg); + + squid_resync(); + squid_validate_general($_POST, &$input_errors); diff --git a/packages/squid/squid_auth.xml b/packages/squid/squid_auth.xml index d763bb72..b3e7c5c1 100644 --- a/packages/squid/squid_auth.xml +++ b/packages/squid/squid_auth.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidauth + none Proxy server: Authentication + squid.inc General settings @@ -83,9 +85,9 @@ Authentication method auth_method Select an authentication method. This will allow users to be authenticated by local or external services. - none - select + + none @@ -96,128 +98,128 @@ on_auth_method_changed() - ldap_version LDAP version + ldap_version Enter LDAP protocol version (2 or 3). - 2 select + 2 - auth_server Authentication server + auth_server Enter here the IP or hostname of the server that will perform the authentication. input 60 - auth_server_port Authentication server port + auth_server_port Enter here the port to use to connect to the authentication server. Leave this field blank to use the authentication method's default port. input 60 - ldap_user LDAP server user DN + ldap_user Enter here the user DN to use to connect to the LDAP server. input 60 - ldap_pass LDAP password + ldap_pass Enter here the password to use to connect to the LDAP server. password 60 - ldap_basedomain LDAP base domain + ldap_basedomain For LDAP authentication, enter here the base domain in the LDAP server. input 60 - ldap_filter LDAP search filter - (&(objectClass=person)(uid=%s)) + ldap_filter Enter LDAP search filter. input 60 + (&(objectClass=person)(uid=%s)) - radius_secret RADIUS secret + radius_secret The RADIUS secret for RADIUS authentication. password 60 - msnt_secondary Secondary NT servers + msnt_secondary Comma-separated list of secondary servers to be used for NT domain authentication. input 60 - auth_prompt Authentication prompt + auth_prompt This string will be displayed at the top of the authentication request window. - Please enter your credentials to access the proxy input + Please enter your credentials to access the proxy - auth_processes Authentication processes + auth_processes The number of authenticator processes to spawn. If many authentications are expected within a short timeframe, increase this number accordingly. - 5 input 60 + 5 - auth_ttl Authentication TTL + auth_ttl This specifies for how long (in minutes) the proxy server assumes an externally validated username and password combination is valid (Time To Live). When the TTL expires, the user will be prompted for credentials again. - 60 input 60 + 60 - unrestricted_auth Requiere authentication for unrestricted hosts + unrestricted_auth If this option is enabled, even users tagged as unrestricted through access control are required to authenticate to use the proxy. checkbox - no_auth_hosts Subnets that don't need authentication + no_auth_hosts Enter each subnet or IP address on a new line (in CIDR format, e.g.: 10.5.0.0/16, 192.168.1.50/32) that should not be asked for authentication to access the proxy. textarea - base64 - 5 50 + 5 + base64 - - $transparent_proxy = ($config['installedpackages']['squid']['config'][0]['transparent_proxy'] == 'on'); - if($transparent_proxy) - $input_errors[] = "Authentication cannot be enabled while transparent proxy mode is enabled"; - squid_print_javascript_auth(); - squid_validate_auth($_POST, &$input_errors); - - squid_print_javascript_auth2(); - squid_print_javascript_auth2(); squid_resync(); + + squid_print_javascript_auth2(); + + + $transparent_proxy = ($config['installedpackages']['squid']['config'][0]['transparent_proxy'] == 'on'); + if($transparent_proxy) + $input_errors[] = "Authentication cannot be enabled while transparent proxy mode is enabled"; + squid_print_javascript_auth(); + diff --git a/packages/squid/squid_cache.xml b/packages/squid/squid_cache.xml index f70918a9..861f96b8 100644 --- a/packages/squid/squid_cache.xml +++ b/packages/squid/squid_cache.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidcache + none Proxy server: Cache management + squid.inc General settings @@ -83,49 +85,49 @@ Hard disk cache size harddisk_cache_size This is the amount of disk space (in megabytes) to use for cached objects. + input 100 - input Hard disk cache location harddisk_cache_location This is the directory where the cache will be stored. (note: do not end with a /). If you change this location, squid needs to make a new cache, this could take a while + input + 60 /var/squid/cache - 60 - input Memory cache size memory_cache_size This is the amount of physical RAM (in megabytes) to be used for negative cache and in-transit objects. This value should not exceed more than 50% of the installed RAM. The minimum value is 1MB. + input 8 - input Minimum object size minimum_object_size Objects smaller than the size specified (in kilobytes) will not be saved on disk. The default value is 0, meaning there is no minimum. - - 0 input + + 0 Maximum object size maximum_object_size Objects larger than the size specified (in kilobytes) will not be saved on disk. If you wish to increase speed more than you want to save bandwidth, this should be set to a low value. + input 4 - input Level 1 subdirectories level1_subdirs Each level-1 directory contains 256 subdirectories, so a value of 256 level-1 directories will use a total of 65536 directories for the hard disk cache. This will significantly slow down the startup process of the proxy service, but can speed up the caching under certain conditions. - 16 select + 16 @@ -140,8 +142,8 @@ Memory replacement policy memory_replacement The memory replacement policy determines which objects are purged from memory when space is needed. The default policy for memory replacement is GDSF. <p> <b> LRU: Last Recently Used Policy </b> - The LRU policies keep recently referenced objects. i.e., it replaces the object that has not been accessed for the longest time. <p> <b> Heap GDSF: Greedy-Dual Size Frequency </b> - The Heap GDSF policy optimizes object-hit rate by keeping smaller, popular objects in cache. It achieves a lower byte hit rate than LFUDA though, since it evicts larger (possibly popular) objects. <p> <b> Heap LFUDA: Least Frequently Used with Dynamic Aging </b> - The Heap LFUDA policy keeps popular objects in cache regardless of their size and thus optimizes byte hit rate at the expense of hit rate since one large, popular object will prevent many smaller, slightly less popular objects from being cached. <p> <b> Heap LRU: Last Recently Used </b> - Works like LRU, but uses a heap instead. <p> Note: If using the LFUDA replacement policy, the value of Maximum Object Size should be increased above its default of 12KB to maximize the potential byte hit rate improvement of LFUDA. - heap GDSF select + heap GDSF @@ -153,8 +155,8 @@ Cache replacement policy cache_replacement The cache replacement policy decides which objects will remain in cache and which objects are replaced to create space for the new objects. The default policy for cache replacement is LFUDA. Please see the type descriptions specified in the memory replacement policy for additional detail. - heap LFUDA select + heap LFUDA @@ -167,16 +169,16 @@ donotcache Enter each domain or IP address on a new line that should never be cached. textarea - base64 - 5 50 + 5 + base64 Enable offline mode enable_offline Enable this option and the proxy server will never try to validate cached objects. The offline mode gives access to more cached information than the proposed feature would allow (stale cached versions, where the origin server should have been contacted). - checkbox + diff --git a/packages/squid/squid_extauth.xml b/packages/squid/squid_extauth.xml index a465f81d..745e85d5 100644 --- a/packages/squid/squid_extauth.xml +++ b/packages/squid/squid_extauth.xml @@ -1,4 +1,5 @@ + @@ -45,11 +46,9 @@ Describe your package requirements here Currently there are no FAQ items provided. squidextnoauth + none Services: Proxy Server -> Extended Authentication Settings - installedpackages->package->squidextnoauth->configuration->settings - /pkg_edit.php?xml=squid_extauth.xml&id=0 - General Settings @@ -88,11 +87,12 @@ - + installedpackages->package->squidextnoauth->configuration->settings No Authentication Defined no_auth + text diff --git a/packages/squid/squid_nac.xml b/packages/squid/squid_nac.xml index 4e68c062..435671a2 100644 --- a/packages/squid/squid_nac.xml +++ b/packages/squid/squid_nac.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidnac + none Proxy server: Access control + squid.inc General settings @@ -80,49 +82,49 @@ - allowed_subnets Allowed subnets + allowed_subnets Enter each subnet on a new line that is allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy. textarea - base64 - 5 50 + 5 + base64 - unrestricted_hosts Unrestricted IPs + unrestricted_hosts Enter each unrestricted IP address on a new line that is not to be filtered out by the other access control directives set in this page. textarea - base64 - 5 50 + 5 + base64 - banned_hosts Banned host addresses + banned_hosts Enter each IP address on a new line that is not to be allowed to use the proxy. textarea - base64 - 5 50 + 5 + base64 - whitelist Whitelist + whitelist Enter each destination domain on a new line that will be accessable to the users that are allowed to use the proxy. textarea - base64 - 5 50 + 5 + base64 - blacklist Blacklist + blacklist Enter each destination domain on a new line that will be blocked to the users that are allowed to use the proxy. textarea - base64 - 5 50 + 5 + base64 diff --git a/packages/squid/squid_ng.xml b/packages/squid/squid_ng.xml index 4c9667af..5949606e 100644 --- a/packages/squid/squid_ng.xml +++ b/packages/squid/squid_ng.xml @@ -1,4 +1,5 @@ + @@ -45,12 +46,11 @@ Describe your package requirements here Currently there are no FAQ items provided. squid + 2.5.12_4 Services: Proxy Server Security - 2.5.12_4 - /usr/local/pkg/squid_ng.inc - installedpackages->package->squidng->configuration->settings /pkg_edit.php?xml=squid_ng.xml&id=0 + /usr/local/pkg/squid_ng.inc Squid Modify settings for Proxy Server @@ -67,6 +67,38 @@ squid squid.sh + + + General Settings + /pkg_edit.php?xml=squid.xml&id=0 + + + + Upstream Proxy + /pkg_edit.php?xml=squid_upstream.xml&id=0 + + + Cache Mgmt + /pkg_edit.php?xml=squid_cache.xml&id=0 + + + Network Access Control + /pkg_edit.php?xml=squid_nac.xml&id=0 + + + Traffic Mgmt + /pkg_edit.php?xml=squid_traffic.xml&id=0 + + + Auth Settings + /pkg_edit.php?xml=squid_auth.xml&id=0 + + + Extended Auth Settings + /pkg_edit.php?xml=squid_extauth.xml&id=0 + + + installedpackages->package->squidng->configuration->settings /usr/local/pkg/ 0755 @@ -107,37 +139,6 @@ 0755 http://www.pfsense.com/packages/config/squid/squid_extauth.xml - - - General Settings - /pkg_edit.php?xml=squid.xml&id=0 - - - - Upstream Proxy - /pkg_edit.php?xml=squid_upstream.xml&id=0 - - - Cache Mgmt - /pkg_edit.php?xml=squid_cache.xml&id=0 - - - Network Access Control - /pkg_edit.php?xml=squid_nac.xml&id=0 - - - Traffic Mgmt - /pkg_edit.php?xml=squid_traffic.xml&id=0 - - - Auth Settings - /pkg_edit.php?xml=squid_auth.xml&id=0 - - - Extended Auth Settings - /pkg_edit.php?xml=squid_extauth.xml&id=0 - - Proxy Listening Interface @@ -176,33 +177,33 @@ checkbox - true Proxy Port proxy_port This is the port the Proxy Server will listen for client requests on. The default is 3128. - 4 input + 4 + true ICP Port icp_port This is the port the Proxy Server will send and receive ICP queries to and from neighbor caches. The default value is 0, which means this function is disabled. - 4 input + 4 Visible Hostname visible_hostname This URL is displayed on the Proxy Server error messages. - 35 input + 35 Cache Administrator E-Mail cache_admin_email This E-Mail address is displayed on the Proxy Server error messages. - 35 input + 35 Error Messages Language diff --git a/packages/squid/squid_traffic.xml b/packages/squid/squid_traffic.xml index bfad2c06..1556be66 100644 --- a/packages/squid/squid_traffic.xml +++ b/packages/squid/squid_traffic.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidtraffic + none Proxy server: Traffic management + squid.inc General settings @@ -80,66 +82,66 @@ - max_download_size Maximum download size + max_download_size Limit the maximum total download size to the size specified here (in kilobytes). Set to 0 to disable. - 0 - input + + 0 - max_upload_size Maximum upload size + max_upload_size Limit the maximum total upload size to the size specified here (in kilobytes). Set to 0 to disable. - 0 - input + + 0 - overall_throttling Overall bandwidth throttling + overall_throttling This value specifies (in kilobytes per second) the bandwidth throttle for downloads. Users will gradually have their download speed increased according to this value. Set to 0 to disable bandwidth throttling. - 0 - input + + 0 - perhost_throttling Per-host throttling + perhost_throttling This value specifies the download throttling per host. Set to 0 to disable this. - 0 - input + + 0 - throttle_specific Throttle only specific extensions + throttle_specific Leave this checked to be able to choose the extensions that throttling will be applied to. Otherwise, all files will be throttled. - on checkbox throttle_binaries,throttle_cdimages,throttle_multimedia,throttle_others + on - throttle_binaries Throttle binary files + throttle_binaries Check this to apply bandwidth throttle to binary files. This includes compressed archives and executables. checkbox - throttle_cdimages Throttle CD images + throttle_cdimages Check this to apply bandwidth throttle to CD image files. checkbox - throttle_multimedia Throttle multimedia files + throttle_multimedia Check this to apply bandwidth throttle to multimedia files, such as movies or songs. checkbox - throttle_others Throttle other extensions + throttle_others Comma-separated list of extensions to apply bandwidth throttle to. input 60 diff --git a/packages/squid/squid_upstream.xml b/packages/squid/squid_upstream.xml index 6abac9cf..1102c672 100644 --- a/packages/squid/squid_upstream.xml +++ b/packages/squid/squid_upstream.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidupstream + none Proxy server: Upstream proxy settings + squid.inc General settings @@ -83,9 +85,9 @@ Enable forwarding proxy_forwarding This option enables the proxy server to forward requests to an upstream server. - checkbox proxy_addr,proxy_port,icp_port,username,password + Hostname @@ -97,17 +99,17 @@ TCP port proxy_port Enter the port to use to connect to the upstream proxy. - 3128 input 5 + 3128 ICP port icp_port Enter the port to connect to the upstream proxy for the ICP protocol. Use port number 7 to disable ICP communication between the proxies. - 7 input 5 + 7 Username diff --git a/packages/squid/squid_users.xml b/packages/squid/squid_users.xml index 0854007c..34260817 100644 --- a/packages/squid/squid_users.xml +++ b/packages/squid/squid_users.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidusers + none Proxy server: Local users + squid.inc A proxy server user has been deleted. A proxy server user has been created/modified. @@ -82,32 +84,32 @@ - username Username + username - description Description + description - username Username + username Enter the username here. - input + - password Password + password Enter the password here. - password + - description Description + description You may enter a description here for your reference (not parsed). input diff --git a/packages/sshterm/sshterm.xml b/packages/sshterm/sshterm.xml index e3ef219d..80907d0a 100644 --- a/packages/sshterm/sshterm.xml +++ b/packages/sshterm/sshterm.xml @@ -1,4 +1,5 @@ + @@ -47,18 +48,7 @@ sshterm 1.0 Diagnostics: Shell - - - /usr/local/www/ - 0755 - http://www.pfsense.org/packages/config/sshterm/diag_shell_head.php - - - /usr/local/www/ - 0755 - http://www.pfsense.org/packages/config/sshterm/diag_shell_releng.php - - + Shell @@ -71,13 +61,22 @@ items will be stored in that location --> ['installedpackages']['sshterm']['config'] + + /usr/local/www/ + 0755 + http://www.pfsense.org/packages/config/sshterm/diag_shell_head.php + + + /usr/local/www/ + 0755 + http://www.pfsense.org/packages/config/sshterm/diag_shell_releng.php + - diff --git a/packages/test_package/test_package.xml b/packages/test_package/test_package.xml index 66b3816d..192a2d54 100644 --- a/packages/test_package/test_package.xml +++ b/packages/test_package/test_package.xml @@ -1,4 +1,5 @@ + @@ -44,15 +45,48 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - Services: Snort Snort 2.6.0.2 + Services: Snort + /usr/local/pkg/snort.inc Snort Setup snort specific settings
Services
/pkg_edit.php?xml=snort.xml&id=0 + + snort + snort.sh + snort + + + + Snort Settings + /pkg_edit.php?xml=snort.xml&id=0 + + + + Update Snort Rules + /snort_download_rules.php + + + Snort Rulesets + /snort_rulesets.php + + + Snort Blocked + /snort_blocked.php + + + Snort Whitelist + /pkg.php?xml=snort_whitelist.xml + + + Snort Alerts + /snort_alerts.php + + /usr/local/pkg/ 077 @@ -98,48 +132,15 @@ 077 http://www.pfsense.com/packages/config/snort/snort_dynamic_ip_reload.php - - snort - snort.sh - snort - - /usr/local/pkg/snort.inc - - - Snort Settings - /pkg_edit.php?xml=snort.xml&id=0 - - - - Update Snort Rules - /snort_download_rules.php - - - Snort Rulesets - /snort_rulesets.php - - - Snort Blocked - /snort_blocked.php - - - Snort Whitelist - /pkg.php?xml=snort_whitelist.xml - - - Snort Alerts - /snort_alerts.php - - Interface iface_array Select all WAN type interfaces + interfaces_selection + 3 lan true - 3 - interfaces_selection Performance @@ -148,33 +149,33 @@ select @@ -182,9 +183,9 @@ Oinkmaster code oinkmastercode Obtain a snort.org Oinkmaster code and paste here. - input 60 + Block offenders @@ -200,13 +201,13 @@ checkbox - - sync_package_snort_reinstall(); - sync_package_snort(); - + sync_package_snort(); - + + + sync_package_snort_reinstall(); + \ No newline at end of file diff --git a/packages/tinydns/tinydns.xml b/packages/tinydns/tinydns.xml index b4aaa4fe..ac9359c5 100644 --- a/packages/tinydns/tinydns.xml +++ b/packages/tinydns/tinydns.xml @@ -1,4 +1,5 @@ + @@ -46,8 +47,9 @@ Currently there are no FAQ items provided. tinydns 1.0 - installedpackages->package->tinydns DNS Cache-Server: Settings + /pkg_edit.php?xml=tinydns.xml&id=0 + /usr/local/pkg/tinydns.inc DNS Servers @@ -81,7 +83,7 @@ /pkg_edit.php?xml=tinydns_sync.xml&id=0 - /pkg_edit.php?xml=tinydns.xml&id=0 + installedpackages->package->tinydns /usr/local/pkg/ 077 @@ -137,31 +139,6 @@ 077 http://www.pfsense.com/packages/config/tinydns/tinydns_sync.xml - - tinydns_custom_php_install_command(); - - - tinydns_custom_php_deinstall_command(); - - - tinydns_custom_php_changeip_command(); - tinydns_custom_php_install_command(); - tinydns_create_zone_file(); - tinydns_setup_ping_items(); - - - tinydns_custom_php_changeip_command(); - tinydns_custom_php_install_command(); - tinydns_create_zone_file(); - tinydns_setup_ping_items(); - - - tinydns_custom_php_changeip_command(); - tinydns_custom_php_install_command(); - tinydns_create_zone_file(); - tinydns_setup_ping_items(); - - /usr/local/pkg/tinydns.inc Enable DNS Forwarders @@ -182,57 +159,81 @@ checkbox - ipaddress IP Address + ipaddress Bind TinyDNS to this IP address. Enable DNS Forwarders bind TinyDNS to the LAN IP. input - refreshinterval Refresh Interval + refreshinterval Controls how often the monitoring ip adresses are polled input - syncxmlrpc XMLRPC Sync + syncxmlrpc Sync TinyDNS configuration to backup firewalls checkbox - minsegment Minimum segment size + minsegment Recommended size: 10240 or larger. input 10240 - maxfilesize Maximum file size + maxfilesize Recommended size: 10240 or larger. input 10240 - maxsegment Max Segment size + maxsegment Recommended size: 20480 or larger. input 20480 - maxfd Maximum file descriptors + maxfd Recommended size: 100 or larger. input 100 - maxchild Maximum children processes + maxchild Recommended size: 40 or larger. input 40 + + tinydns_custom_php_changeip_command(); + tinydns_custom_php_install_command(); + tinydns_create_zone_file(); + tinydns_setup_ping_items(); + + + tinydns_custom_php_changeip_command(); + tinydns_custom_php_install_command(); + tinydns_create_zone_file(); + tinydns_setup_ping_items(); + + + tinydns_custom_php_changeip_command(); + tinydns_custom_php_install_command(); + tinydns_create_zone_file(); + tinydns_setup_ping_items(); + + + tinydns_custom_php_install_command(); + + + tinydns_custom_php_deinstall_command(); + diff --git a/packages/tinydns/tinydns_domains.xml b/packages/tinydns/tinydns_domains.xml index 2e9213d6..2a7bf6e6 100644 --- a/packages/tinydns/tinydns_domains.xml +++ b/packages/tinydns/tinydns_domains.xml @@ -1,4 +1,5 @@ + @@ -45,9 +46,9 @@ Describe your package requirements here Currently there are no FAQ items provided. tinydnsdomains - installedpackages->package->tinydnsdomains - /usr/local/pkg/tinydns.inc + none TinyDNS: Domains + /usr/local/pkg/tinydns.inc Settings @@ -75,6 +76,7 @@ /pkg_edit.php?xml=tinydns_sync.xml&id=0 + installedpackages->package->tinydnsdomains Fully Qualified Domain Name (Hostname) @@ -95,29 +97,29 @@ - hostname Hostname or FQDN www.exampledomain.com + hostname The DNS server will supply Records for the Fully Qualified Domain Name that is entered - input 35 + Record type recordtype DNS Record types. A, PTR, MX, NS, SOA, TXT, CNAME - select 1 + - - - - - - - - + + + + + + + + @@ -127,32 +129,34 @@ checkbox - ipaddress FQDN or IP Address + ipaddress IP Address for A Records. FQDN or Hostname for SOA, PTR, CNAME Records. For NS Records an IP:FQDN - input 40 + - ttl DNS record time to live + ttl input 35 - monitorip IP to ping to ensure service is up + monitorip input 35 - threshhold Time in minutes before DNS switches to backup host + threshhold input 35 + none + none rowhelper @@ -192,14 +196,14 @@ - - tinydns_create_zone_file(); - tinydns_setup_ping_items(); - tinydns_create_zone_file(); tinydns_setup_ping_items(); + + tinydns_create_zone_file(); + tinydns_setup_ping_items(); + tinydns_create_zone_file(); tinydns_setup_ping_items(); diff --git a/packages/tinydns/tinydns_sync.xml b/packages/tinydns/tinydns_sync.xml index 2097acc0..2156aaba 100644 --- a/packages/tinydns/tinydns_sync.xml +++ b/packages/tinydns/tinydns_sync.xml @@ -1,4 +1,5 @@ + @@ -46,11 +47,7 @@ Currently there are no FAQ items provided. tinydnssync 1.0 - installedpackages->package->tinydns TinyDNS: Manual Sync - - tinydns_do_xmlrpc_sync($_POST['ipaddress'], $_POST['password']); - /usr/local/pkg/tinydns.inc @@ -79,18 +76,22 @@ + installedpackages->package->tinydns - ipaddress IP Address + ipaddress The IP address that TinyDNS will Sync its data to. input - password Password + password Admin password on remote firewall to faciliate sync password + + tinydns_do_xmlrpc_sync($_POST['ipaddress'], $_POST['password']); + -- cgit v1.2.3