From 5165c64b1e6f8ac3ad34cb0f9db1595932ca2316 Mon Sep 17 00:00:00 2001 From: Daniel Stefan Haischt Date: Sat, 5 Aug 2006 02:04:32 +0000 Subject: - various bugfixes - added a exclusion list that lists IPs excluded from beeing served via transparent proxying --- packages/p3scan-pf/p3scan-pf-emer.xml | 4 ++ packages/p3scan-pf/p3scan-pf-msg.xml | 4 ++ packages/p3scan-pf/p3scan-pf-spam.xml | 4 ++ packages/p3scan-pf/p3scan-pf-transex.xml | 79 ++++++++++++++++++++++++++++++++ packages/p3scan-pf/p3scan-pf-vir.xml | 4 ++ packages/p3scan-pf/p3scan-pf.inc | 27 ++++++++++- packages/p3scan-pf/p3scan-pf.xml | 9 ++++ 7 files changed, 129 insertions(+), 2 deletions(-) create mode 100644 packages/p3scan-pf/p3scan-pf-transex.xml (limited to 'packages/p3scan-pf') diff --git a/packages/p3scan-pf/p3scan-pf-emer.xml b/packages/p3scan-pf/p3scan-pf-emer.xml index 30e20ab9..99a1ed02 100644 --- a/packages/p3scan-pf/p3scan-pf-emer.xml +++ b/packages/p3scan-pf/p3scan-pf-emer.xml @@ -10,6 +10,10 @@ Daemon Settings /pkg_edit.php?xml=p3scan-pf.xml&id=0 + + Transparent Proxy Exclusion + /pkg.php?xml=p3scan-pf-transex.xml + Message Processing /pkg_edit.php?xml=p3scan-pf-msg.xml&id=0 diff --git a/packages/p3scan-pf/p3scan-pf-msg.xml b/packages/p3scan-pf/p3scan-pf-msg.xml index fbe05a69..b928f034 100644 --- a/packages/p3scan-pf/p3scan-pf-msg.xml +++ b/packages/p3scan-pf/p3scan-pf-msg.xml @@ -16,6 +16,10 @@ Daemon Settings /pkg_edit.php?xml=p3scan-pf.xml&id=0 + + Transparent Proxy Exclusion + /pkg.php?xml=p3scan-pf-transex.xml + Message Processing /pkg_edit.php?xml=p3scan-pf-msg.xml&id=0 diff --git a/packages/p3scan-pf/p3scan-pf-spam.xml b/packages/p3scan-pf/p3scan-pf-spam.xml index 46023650..4ce9a95e 100644 --- a/packages/p3scan-pf/p3scan-pf-spam.xml +++ b/packages/p3scan-pf/p3scan-pf-spam.xml @@ -16,6 +16,10 @@ Daemon Settings /pkg_edit.php?xml=p3scan-pf.xml&id=0 + + Transparent Proxy Exclusion + /pkg.php?xml=p3scan-pf-transex.xml + Message Processing pkg_edit.php?xml=p3scan-pf-msg.xml&id=0 diff --git a/packages/p3scan-pf/p3scan-pf-transex.xml b/packages/p3scan-pf/p3scan-pf-transex.xml new file mode 100644 index 00000000..947031d9 --- /dev/null +++ b/packages/p3scan-pf/p3scan-pf-transex.xml @@ -0,0 +1,79 @@ + + + + p3scanpftransex + 1.0 + Services: POP3 Proxy: Exclude from Transparent Proxy + + Below you will have the opportunity to define specific IP addresses + which should be exempt from beeing served via transparent proxying. + + p3scan-pf.inc + + + Daemon Settings + /pkg_edit.php?xml=p3scan-pf.xml&id=0 + + + Transparent Proxy Exclusion + /pkg.php?xml=p3scan-pf-transex.xml + + + + Message Processing + /pkg_edit.php?xml=p3scan-pf-msg.xml&id=0 + + + Emergency Contact + /pkg.php?xml=p3scan-pf-emer.xml + + + Virus Scanner Settings + /pkg_edit.php?xml=p3scan-pf-vir.xml&id=0 + + + SPAM Settings + /pkg_edit.php?xml=p3scan-pf-spam.xml&id=0 + + + + ['installedpackages']['p3scanpf']['config']['virus'] + + + + Exempted IP + ip + + + Description + description + + + + + + Exempted IP + ip + Enter the IP to exempt from transparent proxy + input + + + Description + description + Enter the description for this item + input + + + + + sync_package_p3scan(); + + diff --git a/packages/p3scan-pf/p3scan-pf-vir.xml b/packages/p3scan-pf/p3scan-pf-vir.xml index b2f16a87..76356f3f 100644 --- a/packages/p3scan-pf/p3scan-pf-vir.xml +++ b/packages/p3scan-pf/p3scan-pf-vir.xml @@ -16,6 +16,10 @@ Daemon Settings /pkg_edit.php?xml=p3scan-pf.xml&id=0 + + Transparent Proxy Exclusion + /pkg.php?xml=p3scan-pf-transex.xml + Message Processing /pkg_edit.php?xml=p3scan-pf-msg.xml&id=0 diff --git a/packages/p3scan-pf/p3scan-pf.inc b/packages/p3scan-pf/p3scan-pf.inc index f9aa36c8..03a04942 100644 --- a/packages/p3scan-pf/p3scan-pf.inc +++ b/packages/p3scan-pf/p3scan-pf.inc @@ -327,9 +327,32 @@ function custom_php_deinstall_command() { conf_mount_ro(); } +function add_trans_table(){ + global $config; + conf_mount_rw(); + config_lock(); + + /* Flush all entries first, and then add them. */ + $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -t p3scan -T flush'); + if($p3scan_pf_result <> 0) { + file_notice("P3SCAN", "There were error(s) flushing the exclude table", "P3SCAN", ""); + } + if($config['installedpackages']['p3scanpftransex']['config'] != ""){ + foreach($config['installedpackages']['p3scanpftransex']['config'] as $tmp) { + $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -t p3scan -T add ' . $tmp['ip']); + if($p3scan_pf_result <> 0) { + file_notice("P3SCAN", "There were error(s) adding the ip " . $tmp['ip'], "P3SCAN", ""); + } + } + } + /* signal a reload of all files */ + conf_mount_ro(); + config_unlock(); +} + function remove_transparency() { $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -t p3scan -T flush'); - if($havp_pf_result <> 0) { + if($p3scan_pf_result <> 0) { file_notice("P3SCAN", "There were error(s) flushing the exclude table", "P3SCAN", ""); } } @@ -339,7 +362,7 @@ function setup_transparency() { $cfg = $config['installedpackages']['p3scanpf']['config'][0]; $trans_file = fopen("/tmp/p3scan_pf.rules","w"); fwrite($trans_file, "table persist\n"); - fwrite($trans_file, "rdr on " . $config['interfaces']['lan']['if'] . " inet proto tcp from ! to ! " . $config['interfaces']['lan']['ipaddr'] . " port = pop3 -> {$cfg['ip']} port {$cfg['port']} \n"); + fwrite($trans_file, "rdr on " . $config['interfaces']['lan']['if'] . " inet proto tcp from ! to ! " . $config['interfaces']['lan']['ipaddr'] . " port = pop3 -> {$cfg['ipaddr']} port {$cfg['port']} \n"); fclose($trans_file); $p3scan_pf_result = mwexec ('pfctl -a "rdr-package/p3scan" -f /tmp/p3scan_pf.rules'); if($p3scan_pf_result <> 0) { diff --git a/packages/p3scan-pf/p3scan-pf.xml b/packages/p3scan-pf/p3scan-pf.xml index 43615ef6..96c20de3 100644 --- a/packages/p3scan-pf/p3scan-pf.xml +++ b/packages/p3scan-pf/p3scan-pf.xml @@ -30,6 +30,10 @@ /pkg_edit.php?xml=p3scan-pf.xml&id=0 + + Transparent Proxy Exclusion + /pkg.php?xml=p3scan-pf-transex.xml + Message Processing /pkg_edit.php?xml=p3scan-pf-msg.xml&id=0 @@ -57,6 +61,11 @@ 0755 http://www.pfsense.com/packages/config/p3scan-pf/p3scan-pf-msg.xml + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/p3scan-pf/p3scan-pf-transex.xml + /usr/local/pkg/ 0755 -- cgit v1.2.3