From cc6865a3b52f9b325843c261ef18bda7af30666f Mon Sep 17 00:00:00 2001
From: Bill Marquette <billm@pfsense.org>
Date: Wed, 25 Oct 2006 16:30:22 +0000
Subject: Per trendchiller@forums
 http://forum.pfsense.org/index.php/topic,2434.msg14839.html#msg14839
 unrestricted hosts really ought to be unrestricted also fix typo

---
 packages/squid.inc | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/packages/squid.inc b/packages/squid.inc
index afbd775a..c730e949 100644
--- a/packages/squid.inc
+++ b/packages/squid.inc
@@ -580,6 +580,11 @@ function squid_resync_auth() {
 	foreach ($banned as $acl)
 			$conf .= "http_access deny $acl\n";
 
+	// Unrestricted hosts take precendence over blacklist
+	if (squid_is_valid_acl('unrestricted_hosts'))
+		$conf .= "http_access allow unrestricted_hosts\n";
+	if (squid_is_valid_acl('unrestricted_macs'))
+		$conf .= "http_access allow unrestricted_macs\n";
 	// Whitelist and blacklist also take precendence
 	if (squid_is_valid_acl('whitelist'))
 		$conf .= "http_access allow whitelist\n";
@@ -591,7 +596,7 @@ function squid_resync_auth() {
 
 	// Allow the remaining ACLs if no authentication is set
 	if ($auth_method == 'none') {
-		$allowed = array('localnet', 'allowed_subnets', 'unrestricted_hosts', 'unrestricted_macs');
+		$allowed = array('localnet', 'allowed_subnets');
 		$allowed = array_filter($allowed, 'squid_is_valid_acl');
 		foreach ($allowed as $acl)
 			$conf .= "http_access allow $acl\n";
-- 
cgit v1.2.3