From f57d04e10aca00827a329ea49097a47ba94c2a39 Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Tue, 1 Apr 2014 23:49:01 -0300 Subject: squid3-dev - add option to enable and disable ICMP pinger helper Thanks to bellera --- config/squid3/33/squid.inc | 14 ++++++++++++-- config/squid3/33/squid.xml | 6 ++++++ 2 files changed, 18 insertions(+), 2 deletions(-) (limited to 'config/squid3') diff --git a/config/squid3/33/squid.inc b/config/squid3/33/squid.inc index c0daa512..75806a00 100755 --- a/config/squid3/33/squid.inc +++ b/config/squid3/33/squid.inc @@ -943,6 +943,8 @@ function squid_resync_general() { } $logdir_cache = $logdir . '/cache.log'; $logdir_access = ($settings['log_enabled'] == 'on' ? $logdir . '/access.log' : '/dev/null'); + $pinger_helper = ($settings['disable_pinger']) =='on' ? 'off' : 'on'; + $pinger_program=SQUID_LOCALBASE."/libexec/squid/pinger"; $conf .= <<< EOD icp_port {$icp_port} @@ -957,6 +959,9 @@ cache_mgr {$email} access_log {$logdir_access} cache_log {$logdir_cache} cache_store_log none +netdb_filename {$logdir}/netdb.state +pinger_enable {$pinger_helper} +pinger_program {$pinger_program} {$interception_checks} EOD; @@ -1661,10 +1666,10 @@ function squid_resync_auth() { } // SSL interception acl options part 2 - if ($settingsconfig['ssl_proxy'] == "on"){ + /*if ($settingsconfig['ssl_proxy'] == "on"){ $conf .= "always_direct allow all\n"; $conf .= "ssl_bump server-first all\n"; - } + }*/ // Include squidguard denied acl log in squid if ($settingsconfig['log_sqd']) @@ -1742,6 +1747,11 @@ EOD; // Custom User Options after authentication definition $conf .= "# Custom options after auth\n".sq_text_area_decode($settingsconfig['custom_options2_squid3'])."\n\n"; + // SSL interception acl options part 2 + if ($settingsconfig['ssl_proxy'] == "on"){ + $conf .= "always_direct allow all\n"; + $conf .= "ssl_bump server-first all\n"; + } // Onto the ACLs $password = array('localnet', 'allowed_subnets'); $passwordless = array('unrestricted_hosts'); diff --git a/config/squid3/33/squid.xml b/config/squid3/33/squid.xml index 1cbf2338..bf740221 100644 --- a/config/squid3/33/squid.xml +++ b/config/squid3/33/squid.xml @@ -300,6 +300,12 @@ checkbox + + Disable ICMP + disable_pinger + + checkbox + Use alternate DNS-servers for the proxy-server dns_nameservers -- cgit v1.2.3