From f7a259d092d49b92e056f3253f33f0bec02b6cf4 Mon Sep 17 00:00:00 2001 From: Seth Mos Date: Tue, 16 Jan 2007 12:08:31 +0000 Subject: Version Bump p10 * 1st attempt to fix empty white and blacklist squid.conf errors --- packages/squid/squid.inc | 56 +++++++++++++++++++++++++++++++----------------- packages/squid/squid.xml | 2 +- 2 files changed, 37 insertions(+), 21 deletions(-) (limited to 'packages/squid') diff --git a/packages/squid/squid.inc b/packages/squid/squid.inc index ebf8e702..9dccb9b1 100644 --- a/packages/squid/squid.inc +++ b/packages/squid/squid.inc @@ -590,9 +590,12 @@ delay_initial_bucket_level 100 EOD; - foreach (array('unrestricted_hosts') as $item) { - if (in_array($item, $valid_acls)) - $conf .= "delay_access 1 deny $item\n"; + if(! empty($settings['unrestricted_hosts'])) { + foreach (array('unrestricted_hosts') as $item) { + if (in_array($item, $valid_acls)) + $conf .= "# Do not throttle unrestricted hosts\n"; + $conf .= "delay_access 1 deny $item\n"; + } } if ($settings['throttle_specific'] == 'on') { @@ -634,29 +637,41 @@ function squid_resync_auth() { $conf = ''; // Deny the banned guys before allowing the good guys - $banned = array( 'banned_hosts', - ); + $banned = array('banned_hosts'); $banned = array_filter($banned, 'squid_is_valid_acl'); - foreach ($banned as $acl) + foreach ($banned as $acl) { + if(! empty($settings[$banned])) { $conf .= "http_access deny $acl\n"; + } + } // Unrestricted hosts take precendence over blacklist - if (squid_is_valid_acl('unrestricted_hosts')) - $conf .= "# These hosts do not have any ACL\n"; - $conf .= "http_access allow unrestricted_hosts\n"; + if(! empty($settings['unrestricted_hosts'])) { + if (squid_is_valid_acl('unrestricted_hosts')) { + $conf .= "# These hosts do not have any restrictions\n"; + $conf .= "http_access allow unrestricted_hosts\n"; + } + } + if(! empty($settings['unrestricted_macs'])) { + if (squid_is_valid_acl('unrestricted_macs')) { + $conf .= "# These hosts do not have any restrictions\n"; + $conf .= "http_access allow unrestricted_macs\n"; + } + } // Whitelist and blacklist also take precendence - if (squid_is_valid_acl('whitelist')) - $conf .= "# Always allow access to whitelist domains\n"; - $conf .= "http_access allow whitelist\n"; - if (squid_is_valid_acl('blacklist')) - $conf .= "# Block access to blacklist domains\n"; - $conf .= "http_access deny blacklist\n"; - - // Allow locanet if it is enabled and defined - if (squid_is_valid_acl('localnet')) - $conf .= "# Allow local network(s) on interface(s)\n"; - $conf .= "http_access allow localnet\n"; + if(! empty($settings['whitelist'])) { + if (squid_is_valid_acl('whitelist')) { + $conf .= "# Always allow access to whitelist domains\n"; + $conf .= "http_access allow whitelist\n"; + } + } + if(! empty($settings['blacklist'])) { + if (squid_is_valid_acl('blacklist')) { + $conf .= "# Block access to blacklist domains\n"; + $conf .= "http_access deny blacklist\n"; + } + } $transparent_proxy = ($config['installedpackages']['squid']['config'][0]['transparent_proxy'] == 'on'); $auth_method = (($settings['auth_method'] && !$transparent_proxy) ? $settings['auth_method'] : 'none'); @@ -667,6 +682,7 @@ function squid_resync_auth() { $allowed = array('localnet', 'allowed_subnets'); $allowed = array_filter($allowed, 'squid_is_valid_acl'); foreach ($allowed as $acl) + $conf .= "# Allow local network(s) on interface(s)\n"; $conf .= "http_access allow $acl\n"; } } diff --git a/packages/squid/squid.xml b/packages/squid/squid.xml index e09382f2..67bb6a25 100644 --- a/packages/squid/squid.xml +++ b/packages/squid/squid.xml @@ -1,7 +1,7 @@ squid - 2.6.5_1-p9 + 2.6.5_1-p10 /usr/local/pkg/squid.inc -- cgit v1.2.3