From fd27296d65a33e68f89846831ba45178df3a56fb Mon Sep 17 00:00:00 2001 From: jim-p Date: Mon, 2 May 2011 11:08:01 -0400 Subject: Also allow subnets in the proxy bypass fields. --- config/squid/squid.inc | 4 ++-- config/squid/squid.xml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'config/squid') diff --git a/config/squid/squid.inc b/config/squid/squid.inc index 61498294..5a17d8c9 100644 --- a/config/squid/squid.inc +++ b/config/squid/squid.inc @@ -362,14 +362,14 @@ function squid_validate_general($post, $input_errors) { foreach (array('defined_ip_proxy_off') as $hosts) { foreach (explode(";", $post[$hosts]) as $host) { $host = trim($host); - if (!empty($host) && !is_ipaddr($host) && !is_alias($host) && !is_hostname($host)) + if (!empty($host) && !is_ipaddr($host) && !is_alias($host) && !is_hostname($host) && !is_subnet($host)) $input_errors[] = "The entry '$host' is not a valid IP address, hostname, or alias"; } } foreach (array('defined_ip_proxy_off_dest') as $hosts) { foreach (explode(";", $post[$hosts]) as $host) { $host = trim($host); - if (!empty($host) && !is_ipaddr($host) && !is_alias($host) && !is_hostname($host)) + if (!empty($host) && !is_ipaddr($host) && !is_alias($host) && !is_hostname($host) && !is_subnet($host)) $input_errors[] = "The entry '$host' is not a valid IP address, hostname, or alias"; } } diff --git a/config/squid/squid.xml b/config/squid/squid.xml index fe648a18..4ce0af0f 100644 --- a/config/squid/squid.xml +++ b/config/squid/squid.xml @@ -177,14 +177,14 @@ Bypass proxy for these source IPs defined_ip_proxy_off - Do not forward traffic from these <b>source</b> IPs, hostnames, or aliases through the proxy server but directly through the firewall. Separate by semi-colons (;). + Do not forward traffic from these <b>source</b> IPs, CIDR nets, hostnames, or aliases through the proxy server but directly through the firewall. Separate by semi-colons (;). input 80 Bypass proxy for these destination IPs defined_ip_proxy_off_dest - Do not proxy traffic going to these <b>destination</b> IPs, hostnames, or aliases, but let it pass directly through the firewall. Separate by semi-colons (;). + Do not proxy traffic going to these <b>destination</b> IPs, CIDR nets, hostnames, or aliases, but let it pass directly through the firewall. Separate by semi-colons (;). input 80 -- cgit v1.2.3