From cc6865a3b52f9b325843c261ef18bda7af30666f Mon Sep 17 00:00:00 2001 From: Bill Marquette Date: Wed, 25 Oct 2006 16:30:22 +0000 Subject: Per trendchiller@forums http://forum.pfsense.org/index.php/topic,2434.msg14839.html#msg14839 unrestricted hosts really ought to be unrestricted also fix typo --- packages/squid.inc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/packages/squid.inc b/packages/squid.inc index afbd775a..c730e949 100644 --- a/packages/squid.inc +++ b/packages/squid.inc @@ -580,6 +580,11 @@ function squid_resync_auth() { foreach ($banned as $acl) $conf .= "http_access deny $acl\n"; + // Unrestricted hosts take precendence over blacklist + if (squid_is_valid_acl('unrestricted_hosts')) + $conf .= "http_access allow unrestricted_hosts\n"; + if (squid_is_valid_acl('unrestricted_macs')) + $conf .= "http_access allow unrestricted_macs\n"; // Whitelist and blacklist also take precendence if (squid_is_valid_acl('whitelist')) $conf .= "http_access allow whitelist\n"; @@ -591,7 +596,7 @@ function squid_resync_auth() { // Allow the remaining ACLs if no authentication is set if ($auth_method == 'none') { - $allowed = array('localnet', 'allowed_subnets', 'unrestricted_hosts', 'unrestricted_macs'); + $allowed = array('localnet', 'allowed_subnets'); $allowed = array_filter($allowed, 'squid_is_valid_acl'); foreach ($allowed as $acl) $conf .= "http_access allow $acl\n"; -- cgit v1.2.3