From 9f2521ca8351e454e03193ddccbf5eb2166ec1fd Mon Sep 17 00:00:00 2001 From: Daniel Stefan Haischt Date: Sat, 1 Sep 2007 04:10:13 +0000 Subject: * added copyright header to each file * added XSL stylesheet to each file * added DTD to some files (TODO: Add DTD to the remaining files and validate them against the DTD) * added a Document Type Definition which allows to validate package files --- packages/squid-head/squid.xml | 114 ++++++++++++++++----------------- packages/squid-head/squid_auth.xml | 48 +++++++------- packages/squid-head/squid_cache.xml | 22 ++++--- packages/squid-head/squid_nac.xml | 32 ++++----- packages/squid-head/squid_traffic.xml | 58 +++++++++-------- packages/squid-head/squid_upstream.xml | 10 +-- packages/squid-head/squid_users.xml | 18 +++--- 7 files changed, 157 insertions(+), 145 deletions(-) (limited to 'packages/squid-head') diff --git a/packages/squid-head/squid.xml b/packages/squid-head/squid.xml index 04a06829..67f4c2aa 100644 --- a/packages/squid-head/squid.xml +++ b/packages/squid-head/squid.xml @@ -1,4 +1,5 @@ + @@ -44,41 +45,11 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. + squid + none + Proxy server: General settings squid.inc - - - http://www.pfsense.org/packages/config/squid.inc - - - http://www.pfsense.org/packages/config/squid_cache.xml - - - http://www.pfsense.org/packages/config/squid_nac.xml - - - http://www.pfsense.org/packages/config/squid_traffic.xml - - - http://www.pfsense.org/packages/config/squid_upstream.xml - - - http://www.pfsense.org/packages/config/squid_auth.xml - - - http://www.pfsense.org/packages/config/squid_users.xml - - - http://www.pfsense.org/packages/All/squid_monitor.sh - /usr/local/bin/ - 0755 - - - squid_install_command(); - - - squid_deinstall_command(); - Web proxy cache Modify the web proxy cache's settings @@ -87,14 +58,10 @@ Squid - Web proxy cache. squid.sh squid + Web proxy cache. - - - squid - Proxy server: General settings General settings @@ -126,81 +93,108 @@ /pkg.php?xml=squid_users.xml + + + http://www.pfsense.org/packages/config/squid.inc + + + http://www.pfsense.org/packages/config/squid_cache.xml + + + http://www.pfsense.org/packages/config/squid_nac.xml + + + http://www.pfsense.org/packages/config/squid_traffic.xml + + + http://www.pfsense.org/packages/config/squid_upstream.xml + + + http://www.pfsense.org/packages/config/squid_auth.xml + + + http://www.pfsense.org/packages/config/squid_users.xml + + + /usr/local/bin/ + 0755 + http://www.pfsense.org/packages/All/squid_monitor.sh + - active_interface Proxy interface + active_interface The interface(s) the proxy server will bind to. - lan - interfaces_selection + + lan - allow_interface Allow users on interface + allow_interface If this field is checked, the users connected to the interface selected in the 'Proxy interface' field will be allowed to use the proxy, i.e., there will be no need to add the interface's subnet to the list of allowed subnets. This is just a shortcut. - on - checkbox + + on - transparent_proxy Transparent proxy + transparent_proxy If transparent mode is enabled, all requests for destination port 80 will be forwarded to the proxy server without any additional configuration necessary. - checkbox + - log_enabled Enabled logging + log_enabled This will enable the access log. Don't switch this on if you don't have much disk space left. - log_query_terms,log_user_agents checkbox + log_query_terms,log_user_agents - proxy_port Proxy port + proxy_port This is the port the proxy server will listen on. - input 5 + 3128 - icp_port ICP port + icp_port This is the port the proxy server will send and receive ICP queries to and from neighbor caches. Leave this blank if you don't want the proxy server to communicate with neighbor caches through ICP. input 5 - visible_hostname Visible hostname + visible_hostname This is the hostname to be displayed in proxy server error messages. - localhost input + localhost - admin_email Administrator email + admin_email This is the email address displayed in error messages to the users. - admin@localhost input + admin@localhost Language error_language Select the language in which the proxy server will display error messages to users. - English select + English Redirect children redirect_children Specify the number of redirectors to spawn (if using redirectors at all) when launching Squid. If you leave this field blank, Squid will start 5 redirector processes. If your network load is high, feel free to increase this value (at the expense of a higher memory consumption). - 5 input + 5 @@ -212,4 +206,10 @@ squid_resync(); + + squid_install_command(); + + + squid_deinstall_command(); + diff --git a/packages/squid-head/squid_auth.xml b/packages/squid-head/squid_auth.xml index 05875c59..15910f97 100644 --- a/packages/squid-head/squid_auth.xml +++ b/packages/squid-head/squid_auth.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidauth + none Proxy server: Authentication + squid.inc General settings @@ -83,8 +85,8 @@ Authentication method auth_method Select an authentication method. This will allow users to be authenticated by local or external services. - none select + none @@ -95,99 +97,96 @@ on_auth_method_changed() - auth_server Authentication server + auth_server Enter here the IP or hostname of the server that will perform the authentication. For NT domain authentication, this is the Primary Domain Controller (PDC). input - auth_server_port Authentication server port + auth_server_port Enter here the port to use to connect to the authentication server. Leave this field blank to use the authentication method's default port. input - ldap_user LDAP server user DN + ldap_user Enter here the user distinguished name (DN) to bind to connect to the LDAP server (e.g., "cn=Administrator,cn=Users,dc=foobar,dc=com"). You can leave this field blank if you don't want to use authentication. input - ldap_password LDAP password + ldap_password Enter here the password to use to connect to the LDAP server. You may leave this field unfilled. password - ldap_basedn LDAP base DN + ldap_basedn For LDAP authentication, enter here the base DN for the search (e.g., "cn=Users,dc=foobar,dc=com"). input - ldap_filter LDAP filter + ldap_filter Enter the string to be used to filter the results of the search, or leave this blank to get the results unfiltered. This must be in compliance with RFC 2254, and ocurrences of the string "%s" will be set to the username given to the proxy. You generally want something like '(sAMAccountName=%s)' here. input (sAMAccountName=%s) - radius_secret RADIUS secret + radius_secret The RADIUS secret for RADIUS authentication. password - msnt_bdc Backup Domain Controller + msnt_bdc Enter the address of the Backup Domain Controller (BDC) or leave this field blank if you don't want to use a backup controller. input - msnt_domain NT domain + msnt_domain Enter the NT domain to be used. input - auth_prompt Authentication prompt + auth_prompt This string will be displayed at the top of the authentication request window. - Please enter your credentials to access the proxy input + Please enter your credentials to access the proxy - auth_processes Authentication processes + auth_processes The number of authenticator processes to spawn. If many authentications are expected within a short timeframe, increase this number accordingly. - 5 input + 5 - auth_ttl Authentication TTL + auth_ttl This specifies for how long (in minutes) the proxy server assumes an externally validated username and password combination is valid (Time To Live). When the TTL expires, the user will be prompted for credentials again. - 60 input + 60 - unrestricted_auth Requiere authentication for unrestricted hosts + unrestricted_auth If this option is enabled, even users tagged as unrestricted through access control are required to authenticate to use the proxy. checkbox - no_auth_hosts Subnets that don't need authentication + no_auth_hosts A comma-separated list of subnets (in CIDR range, e.g.: 10.5.0.0/16, 192.168.1.50/32) whose hosts won't be asked for authentication to access the proxy. textarea - 5 50 + 5 - - squid_print_javascript_auth(); - squid_validate_auth($_POST, &$input_errors); @@ -197,4 +196,7 @@ squid_resync(); + + squid_print_javascript_auth(); + diff --git a/packages/squid-head/squid_cache.xml b/packages/squid-head/squid_cache.xml index c50cef2e..3fe0475f 100644 --- a/packages/squid-head/squid_cache.xml +++ b/packages/squid-head/squid_cache.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidcache + none Proxy server: Cache management + squid.inc General settings @@ -83,40 +85,40 @@ Hard disk cache size harddisk_cache_size This is the amount of disk space (in megabytes) to use for cached objects. + input 100 - input Memory cache size memory_cache_size This is the amount of physical RAM (in megabytes) to be used for negative cache and in-transit objects. This value should not exceed more than 50% of the installed RAM. The minimum value is 1MB. + input 8 - input Minimum object size minimum_object_size Objects smaller than the size specified (in kilobytes) will not be saved on disk. The default value is 0, meaning there is no minimum. + input 0 - input Maximum object size maximum_object_size Objects larger than the size specified (in kilobytes) will not be saved on disk. If you wish to increase speed more than you want to save bandwidth, this should be set to a low value. + input 4 - input Level 1 subdirectories level1_subdirs Each level 1 (L1) directory contains 256 subdirectories, so a value of 256 L1 directories will use a total of 65536 directories for the hard disk cache. This will significantly slow down the startup process of the proxy service, but can speed up the caching under certain conditions. - 16 select + 16 @@ -131,8 +133,8 @@ Memory replacement policy memory_replacement The memory replacement policy determines which objects are purged from memory when space is needed. The default policy for memory replacement is GDSF. - heap GDSF select + heap GDSF @@ -144,8 +146,8 @@ Cache replacement policy cache_replacement The cache replacement policy decides which objects will remain in cache and which objects are replaced to create space for the new objects. The default policy for cache replacement is LFUDA. - heap LFUDA select + heap LFUDA @@ -158,15 +160,15 @@ donotcache The specified domains or IP addresses (separated by commas) will never be cached. textarea - 5 50 + 5 Enable offline mode enable_offline Enable this option and the proxy server will never try to validate cached objects. The offline mode also gives access to more cached information than the proposed feature would allow (stale cached versions, where the origin server should have been contacted). - checkbox + diff --git a/packages/squid-head/squid_nac.xml b/packages/squid-head/squid_nac.xml index bbeaa149..db49a1ba 100644 --- a/packages/squid-head/squid_nac.xml +++ b/packages/squid-head/squid_nac.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidnac + none Proxy server: Access control + squid.inc General settings @@ -80,60 +82,60 @@ - allowed_subnets Allowed subnets + allowed_subnets Those are the subnets (separated by commas) that are allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy. textarea - 5 50 + 5 - unrestricted_hosts Unrestricted IPs + unrestricted_hosts The IP addresses specified here (separated by commas) won't be filtered out by the other access control directives set in this page. textarea - 5 50 + 5 - unrestricted_macs Unrestricted MAC Addresses + unrestricted_macs The MAC addresses specified here (separated by commas) won't be filtered out by the other access control directives set in this page. textarea - 5 50 + 5 - banned_hosts Banned host addresses + banned_hosts The IP addresses specified here (separated by commas) won't be allowed to use the proxy. textarea - 5 50 + 5 - banned_macs Banned MAC addresses + banned_macs The MAC addresses specified here (separated by commas) won't be allowed to use the proxy. textarea - 5 50 + 5 - whitelist Whitelist + whitelist Those are the sites (separated by commas) that will be accessable to the users that are allowed to use the proxy. textarea - 5 50 + 5 - blacklist Blacklist + blacklist Those are the sites (separated by commas) that will be blocked to the users that are allowed to use the proxy. textarea - 5 50 + 5 diff --git a/packages/squid-head/squid_traffic.xml b/packages/squid-head/squid_traffic.xml index f9bf3c6a..d69f2510 100644 --- a/packages/squid-head/squid_traffic.xml +++ b/packages/squid-head/squid_traffic.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidtraffic + none Proxy server: Traffic management + squid.inc General settings @@ -80,90 +82,90 @@ - max_download_size Maximum download size + max_download_size Limit the maximum total download size to the size specified here (in kilobytes). Downloads bigger than the specified size will be denied. Set to 0 to disable. - 0 - input + + 0 - max_upload_size Maximum upload size + max_upload_size Limit the maximum total upload size to the size specified here (in kilobytes). Uploads bigger than the specified size will be denied. Set to 0 to disable. - 0 - input + + 0 - overall_capping Overall capping + overall_capping Caps the download speeds of the network that connects to the proxy as a whole at the specified size (in kilobytes per second). Set to 0 to disable. - 0 - input + + 0 - perhost_capping Per-host capping + perhost_capping Caps the download speeds of each user that connects to the proxy at the specified size (in kilobytes per second). Set to 0 to disable. - 0 - input + + 0 - overall_throttling Overall bandwidth throttling + overall_throttling This value specifies (in kilobytes per second) the bandwidth throttle for downloads. Users will gradually have their download speed increased according to this value. Set to 0 to disable bandwidth throttling. - 0 - input + + 0 - perhost_throttling Per-host throttling + perhost_throttling This value specifies the download throttling per host. Set to 0 to disable this. - 0 - input + + 0 - initial_bucket_level Initial bucket level + initial_bucket_level The initial bucket level is used to determine how much is put in each bucket when a connection is established. Set to 0 to set the initial bucket level to 100%. - 0 - input + + 0 - throttle_specific Throttle only specific extensions + throttle_specific Leave this checked to be able to choose the extensions that throttling will be applied to. Otherwise, all files will be throttled. - on checkbox throttle_binaries,throttle_cdimages,throttle_multimedia,throttle_others + on - throttle_binaries Throttle binary files + throttle_binaries Check this to apply bandwidth throttle to binary files. This includes compressed archives and executables. checkbox - throttle_cdimages Throttle CD images + throttle_cdimages Check this to apply bandwidth throttle to CD image files. checkbox - throttle_multimedia Throttle multimedia files + throttle_multimedia Check this to apply bandwidth throttle to multimedia files, such as movies or songs. checkbox - throttle_others Throttle other extensions + throttle_others Comma-separated list of extensions to apply bandwidth throttle to. input diff --git a/packages/squid-head/squid_upstream.xml b/packages/squid-head/squid_upstream.xml index 700163ec..b02a21b4 100644 --- a/packages/squid-head/squid_upstream.xml +++ b/packages/squid-head/squid_upstream.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidupstream + none Proxy server: Upstream proxy settings + squid.inc General settings @@ -83,9 +85,9 @@ Enable forwarding proxy_forwarding This option enables the proxy server to forward requests to an upstream server. - checkbox proxy_addr,proxy_port,icp_port,username,password + Hostname @@ -97,17 +99,17 @@ TCP port proxy_port Enter the port to use to connect to the upstream proxy. - 3128 input 5 + 3128 ICP port icp_port Enter the port to connect to the upstream proxy for the ICP protocol. Use port number 7 to disable ICP communication between the proxies. - 7 input 5 + 7 Username diff --git a/packages/squid-head/squid_users.xml b/packages/squid-head/squid_users.xml index 0854007c..34260817 100644 --- a/packages/squid-head/squid_users.xml +++ b/packages/squid-head/squid_users.xml @@ -1,4 +1,5 @@ + @@ -44,9 +45,10 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - squid.inc squidusers + none Proxy server: Local users + squid.inc A proxy server user has been deleted. A proxy server user has been created/modified. @@ -82,32 +84,32 @@ - username Username + username - description Description + description - username Username + username Enter the username here. - input + - password Password + password Enter the password here. - password + - description Description + description You may enter a description here for your reference (not parsed). input -- cgit v1.2.3