From 5cb4d6ee8363c9566a287b71fbf4ba462aadb32e Mon Sep 17 00:00:00 2001 From: doktornotor Date: Fri, 25 Sep 2015 11:24:21 +0200 Subject: squid3 - code style fixes --- config/squid3/34/squid_reverse.xml | 311 +++++++++++++++++++++++-------------- 1 file changed, 198 insertions(+), 113 deletions(-) (limited to 'config') diff --git a/config/squid3/34/squid_reverse.xml b/config/squid3/34/squid_reverse.xml index 40fb0ec1..30b76c33 100755 --- a/config/squid3/34/squid_reverse.xml +++ b/config/squid3/34/squid_reverse.xml @@ -2,55 +2,51 @@ - - +. - All rights reserved. - */ -/* ========================================================================== */ + squid_reverse.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012-2014 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + squidreverse - none - Proxy server: Reverse Proxy + 0.3.5 + Proxy Server: Reverse Proxy /usr/local/pkg/squid.inc - + General /pkg_edit.php?xml=squid.xml&id=0 @@ -84,7 +80,7 @@ /pkg.php?xml=squid_users.xml - Real time + Real Time /squid_monitor.php @@ -94,37 +90,47 @@ - Squid Reverse proxy General Settings + Squid Reverse Proxy General Settings listtopic - Reverse Proxy interface + Reverse Proxy Interface reverse_interface - The interface(s) the reverse-proxy server will bind to. + + + Use CTRL + click to select multiple interfaces. + ]]> + interfaces_selection wan - User-defined reverse-proxy IPs + User Defined Reverse Proxy IPs reverse_ip - Squid will additionally bind to this user-defined IPs for reverse-proxy operation. Useful for virtual IPs such as CARP. Separate by semi-colons (;). + + + Note: Separate entries by semi-colons (;) + ]]> + input 70 - external FQDN + External FQDN reverse_external_fqdn - The external full-qualified-domain-name of the WAN address. + The external fully qualified domain name of the WAN IP address. input 70 - Reset TCP connections if request is unauthorized + Reset TCP Connections on Unauthorized Requests deny_info_tcp_reset - If this field is checked, the reverse-proxy will reset the TCP connection if the request is unauthorized. + If checked, the reverse proxy will reset the TCP connection if the request is unauthorized. checkbox on @@ -133,26 +139,41 @@ listtopic - Enable HTTP reverse mode + Enable HTTP Reverse Mode reverse_http - If this field is checked, the proxy-server will act in HTTP reverse mode. <br>(You have to add a rule with destination "WAN-address") + + + Note: You must add a proper firewall rule with destination 'WAN Address'. + ]]> + checkbox reverse_http_port,reverse_http_defsite off - reverse HTTP port + Reverse HTTP Port reverse_http_port - This is the port the HTTP reverse-proxy will listen on. (leave empty to use 80) + + + Default: 80 + ]]> + input 5 80 - reverse HTTP default site + Reverse HTTP Default Site reverse_http_defsite - This is the HTTP reverse default site. (leave empty to use the external fqdn) + + + Note: Leave empty to use 'External FQDN' value specified above. + ]]> + input 60 @@ -161,99 +182,135 @@ listtopic - Enable HTTPS reverse proxy + Enable HTTPS Reverse Proxy reverse_https - If this field is checked, the proxy-server will act in HTTPS reverse mode. <br>(You have to add a rule with destination "WAN-address") + + + Note: You must add a proper firewall rule with destination 'WAN Address'. + ]]> + checkbox reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_autodiscover,reverse_ssl_chain off - reverse HTTPS port + Reverse HTTPS Port reverse_https_port - This is the port the HTTPS reverse-proxy will listen on. (leave empty to use 443) + + + Default: 443 + ]]> + input 5 443 - reverse HTTPS default site + Reverse HTTPS Default Site reverse_https_defsite - This is the HTTPS reverse default site. (leave empty to use the external fqdn) + + + Note: Leave empty to use 'External FQDN' value specified above. + ]]> + input 60 - reverse SSL certificate + Reverse SSL Certificate reverse_ssl_cert Choose the SSL Server Certificate here. - select_source - + select_source + $config['cert'] descr refid - intermediate CA certificate (if needed) + Intermediate CA Certificate (If Needed) reverse_int_ca - Paste a signed certificate in X.509 PEM format here. + + PEM format here. + ]]> + textarea - 50 + 75 5 base64 - Ignore internal Certificate validation + Ignore Internal Certificate Validation reverse_ignore_ssl_valid - If this field is checked, internal certificate validation will be ignored. - checkbox + If checked, internal certificate validation will be ignored. + checkbox on - Enable OWA reverse proxy + Enable OWA Reverse Proxy reverse_owa - If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App. + If checked, Squid will act as an accelerator/SSL offloader for Outlook Web App. checkbox reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_webservice,reverse_owa_autodiscover - CAS-Array / OWA frontend IP address + CAS-Array / OWA Frontend IP Address reverse_owa_ip - These are the internal IPs of the CAS-Array (OWA frontend servers). Separate by semi-colons (;). + + + Note: Separate entries by semi-colons (;) + ]]> + input 70 Enable ActiveSync reverse_owa_activesync - If this field is checked, ActiveSync will be enabled. + If checked, ActiveSync will be enabled. checkbox Enable Outlook Anywhere reverse_owa_rpchttp - If this field is checked, RPC over HTTP will be enabled. + If checked, RPC over HTTP will be enabled. checkbox Enable MAPI HTTP reverse_owa_mapihttp - - This feature is only available with at least Exchange 2013 SP1]]> + + + This feature is only available with at least Microsoft Exchange 2013 SP1 + ]]> + checkbox Enable Exchange WebServices reverse_owa_webservice - - There are potential DoS side effects to its use, please avoid unless you must.]]> + + + There are potential DoS side effects to its use. Please avoid unless really required. + ]]> + checkbox Enable AutoDiscover reverse_owa_autodiscover - - You also should set up the autodiscover DNS-record to point to you WAN-IP.]]> + + + You also should set up the autodiscover DNS record to point to you WAN IP. + ]]> + checkbox @@ -261,49 +318,79 @@ listtopic - <b>peer definitions</b> <br>publishing hosts + + + Publishing Hosts + ]]> + reverse_cache_peer - - syntax: [peer alias];[internal ip address];[port];[HTTP / HTTPS]
- example: HOST1;192.168.0.1;80;HTTP
- WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>
+ +
+ Syntax: [peer alias];[internal ip address];[port];[HTTP/HTTPS]
+ Example: HOST1;192.168.0.1;80;HTTP
+ WARNING: Wrong syntax usage will result in Squid not starting! + ]]> +
textarea 60 10 base64
- <b>URI definitions</b> <br>published URIs + + + Published URIs + ]]> + reverse_uri - - syntax: [group the uri belongs to];[URI to publish](;[vhost fqdn])
- (a group can contain multiple URIs, without vhost fqdn the external fqdn is used, you also can specity http:// or https://)
- example: URI1;public;server.pfsense.org.
- WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>
+ +
+ Syntax: [group the uri belongs to];[URI to publish](;[vhost fqdn])
+ Example: URI1;public;server.example.com

+ Notes:
+ - A group can contain multiple URIs
+ - If [vhost fqdn] is ommited, 'External FQDN' is used
+ - You also can specify http:// or https://

+ WARNING: Wrong syntax usage will result in Squid not starting! + ]]> +
textarea 60 10 base64
- <b>ACL definitions</b> <br>published URIs + + + Published URIs + ]]> + reverse_acl - - syntax: [peer alias];[uri group alias]
example: HOST1;URI1
- WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>
+ + + Syntax: [peer alias];[uri group alias]
+ Example: HOST1;URI1
+ WARNING: Wrong syntax usage will result in Squid not starting! + ]]> +
textarea 60 10 base64
- - - + -->
squid_before_form_general($pkg); -- cgit v1.2.3