From 70505906ccee8e7875839a43a330433c83265d2e Mon Sep 17 00:00:00 2001 From: "D. V. Serg" Date: Wed, 20 Feb 2008 14:29:45 +0000 Subject: Deleted time option from 'Default'. Relise 'pass' ordering. Fixed big's. --- packages/squidGuard/squidguard.inc | 72 ++++++----- packages/squidGuard/squidguard_acl.xml | 15 +++ packages/squidGuard/squidguard_configurator.inc | 128 ++++++++++--------- packages/squidGuard/squidguard_default.xml | 32 ++--- packages/squidGuard/squidguard_src.xml | 160 ------------------------ 5 files changed, 131 insertions(+), 276 deletions(-) delete mode 100644 packages/squidGuard/squidguard_src.xml (limited to 'packages/squidGuard') diff --git a/packages/squidGuard/squidguard.inc b/packages/squidGuard/squidguard.inc index 0c63603d..d31e7cad 100644 --- a/packages/squidGuard/squidguard.inc +++ b/packages/squidGuard/squidguard.inc @@ -523,7 +523,7 @@ function squidguard_before_form($pkg) { // ----------------------------------------------------------------------------- // squidguard_before_form_acl // ----------------------------------------------------------------------------- -function squidguard_before_form_acl($pkg) { +function squidguard_before_form_acl($pkg, $is_acl=true) { global $config; global $g; $current_id = ''; @@ -639,7 +639,7 @@ function squidguard_before_form_acl($pkg) { foreach($pkg['fields']['field'] as $field) { if (($field['fieldname'] == 'dest')/* || ($field['fieldname'] == 'overdest')*/) { $fld = &$pkg['fields']['field'][$i]; - $fld['description'] .= make_grid_controls('checkbox', $dest_items); // insert to description custom controls + $fld['description'] .= make_grid_controls('checkbox', $dest_items, $is_acl); // insert to description custom controls } $i++; } @@ -866,7 +866,7 @@ function make_grid_blacklist() { // ----------------------------------------------------------------------------- // make_grid_controls // ----------------------------------------------------------------------------- -function make_grid_controls($type, $items) { +function make_grid_controls($type, $items, $enable_overtime = true) { $res = ''; $tbl = ''; $color = ''; @@ -900,25 +900,42 @@ function make_grid_controls($type, $items) { if ($ovt_val == 'deny') $ovt_deny = 'CHECKED'; $tbl .= ""; + // uptime table $tbl .= ""; - $tbl .= "$description [$name]"; + $tbl .= "$description [$name]"; $tbl .= ""; $tbl .= "deny access"; + // overtime table + if ($enable_overtime) { + $tbl .= ""; + $tbl .= "$description [$name]"; + $tbl .= ""; + $tbl .= "deny access"; + } else { - $tbl .= ""; - $tbl .= "$description [$name]"; - $tbl .= ""; - $tbl .= "deny access"; + } $tbl .= ""; } if (!empty($tbl)) { - $tbl = "Destinations in uptimeDestinations in overtime" . - "Select destinations for uptime rule - Select destination for overtime rule.
If time not defined, this part must be ignored" - . $tbl; + $thdr = ''; + if ($enable_overtime) { + $thdr = "" . + "Destinations in uptime" . + "Destinations in overtime" . + "Select destinations for uptime rule" . + "Select destination for overtime rule.
" . + "If time not defined, this part must be ignored"; + // formatting + $thdr .= ""; + } else { + $thdr = "Destinations in uptime" . + "Select destinations for uptime rule"; + // formatting + $thdr .= ""; + } - $res .= "" . $tbl . "
"; + $res .= " $thdr $tbl
"; } return $res; } @@ -1239,7 +1256,7 @@ function convert_pfxml_to_sgxml_source($pfconfig) { $sgx[FLD_NAME] = $pfx['name']; $sgx[FLD_IP] = $pfx['iplist']; $sgx[FLD_DOMAINS] = $pfx[FLD_DOMAINS]; - $sgx[FLD_LOG] = $pfx['enablelog']; + $sgx[FLD_LOG] = $pfx[FLD_ENABLELOG]; $sgx[FLD_DESCRIPTION] = $pfx['description']; $sgxml[FLD_ITEM][] = $sgx; } @@ -1264,7 +1281,7 @@ function convert_pfxml_to_sgxml_destination($pfconfig) { $sgx[FLD_EXPRESSIONS] = $pfx['expressions']; $sgx[FLD_REDIRECT] = $pfx[FLD_REDIRECT]; $sgx[FLD_DESCRIPTION] = $pfx['description']; - $sgx[FLD_LOG] = $pfx['enablelog']; + $sgx[FLD_LOG] = $pfx[FLD_ENABLELOG]; $sgxml[FLD_ITEM][] = $sgx; } } @@ -1282,9 +1299,9 @@ function convert_pfxml_to_sgxml_rewrite($pfconfig) { if (is_array($pfxml)) { foreach($pfxml as $pfx) { $sgx = array(); - $sgx[FLD_NAME] = $pfx['name']; + $sgx[FLD_NAME] = $pfx['name']; $sgx[FLD_DESCRIPTION] = $pfx['description']; - $sgx[FLD_LOG] = $pfx['enablelog']; + $sgx[FLD_LOG] = $pfx[FLD_ENABLELOG]; foreach($pfx['row'] as $pfx_row) { $sgx_row = array(); @@ -1340,13 +1357,14 @@ function convert_pfxml_to_sgxml_acl($pfconfig) { if (is_array($pfxml)) { foreach($pfxml as $pfx) { $sgx = array(); -# $sgx[FLD_NAME] = $pfx[FLD_SOURCE]; // [04-01-2008] previous ver - this field will removed $sgx[FLD_NAME] = $pfx[FLD_NAME]; // [04-01-2008] new ver $sgx[FLD_DESCRIPTION] = $pfx[FLD_DESCRIPTION]; $sgx[FLD_DISABLED] = $pfx[FLD_DISABLED]; $sgx[FLD_TIMENAME] = $pfx[FLD_TIME]; $sgx[FLD_REDIRECT] = $pfx[FLD_REDIRECT]; $sgx[FLD_REWRITENAME] = $pfx[FLD_REWRITE]; + $sgx[FLD_LOG] = $pfx[FLD_ENABLELOG]; + $sgx[FLD_NOTALLOWINGIP] = $pfx[FLD_NOTALLOWINGIP]; // for overtime $sgx[FLD_OVERREDIRECT] = $pfx[FLD_OVERREDIRECT]; @@ -1388,24 +1406,16 @@ function convert_pfxml_to_sgxml_default($pfconfig) { $sgx[FLD_TIMENAME] = $pfx[FLD_TIME]; $sgx[FLD_REDIRECT] = $pfx[FLD_REDIRECT]; $sgx[FLD_REWRITENAME] = $pfx[FLD_REWRITE]; - // for overtime - $sgx[FLD_OVERREDIRECT] = $pfx[FLD_OVERREDIRECT]; - $sgx[FLD_OVERREWRITENAME] = $pfx[FLD_OVERREWRITE]; + $sgx[FLD_LOG] = $pfx[FLD_ENABLELOG]; + $sgx[FLD_NOTALLOWINGIP] = $pfx[FLD_NOTALLOWINGIP]; // destinations - if (strpos($pfx['dest'], '[') === false) { - $sgx[FLD_DESTINATIONNAME] = trim($pfx['dest']); - $sgx[FLD_OVERDESTINATIONNAME] = ''; - } else { - $sgx[FLD_DESTINATIONNAME] = trim( substr($pfx['dest'], 0, strpos($pfx['dest'], '[')) ); - $sgx[FLD_OVERDESTINATIONNAME] = trim( strstr($pfx['dest'], '[') ); - $sgx[FLD_OVERDESTINATIONNAME] = trim( str_replace(']', '', $sgx[FLD_OVERDESTINATIONNAME]) ); - $sgx[FLD_OVERDESTINATIONNAME] = trim( str_replace('[', '', $sgx[FLD_OVERDESTINATIONNAME]) ); - } + if (strpos($pfx['dest'], '[') === false) + $sgx[FLD_DESTINATIONNAME] = trim($pfx['dest']); + else $sgx[FLD_DESTINATIONNAME] = trim( substr($pfx['dest'], 0, strpos($pfx['dest'], '[')) ); // !ATTENTION! '!all' must be convert to 'none' $sgx[FLD_DESTINATIONNAME] = str_replace("!all", "none", $sgx[FLD_DESTINATIONNAME]); - $sgx[FLD_OVERDESTINATIONNAME] = str_replace("!all", "none", $sgx[FLD_OVERDESTINATIONNAME]); return $sgx; } diff --git a/packages/squidGuard/squidguard_acl.xml b/packages/squidGuard/squidguard_acl.xml index b3f4d2d7..3439e674 100644 --- a/packages/squidGuard/squidguard_acl.xml +++ b/packages/squidGuard/squidguard_acl.xml @@ -154,6 +154,15 @@ input 100 + + Not to allow IP addresses in URL + notallowingip + + To make sure that people don't bypass the URL filter + by simply using the IP addresses instead of the fully qualified domain names, you can check this option. + + checkbox + Redirect redirect @@ -199,6 +208,12 @@ input 100 + + Enable log + enablelog + Check this for enable log. + checkbox + diff --git a/packages/squidGuard/squidguard_configurator.inc b/packages/squidGuard/squidguard_configurator.inc index 4e93098a..2a09fc62 100644 --- a/packages/squidGuard/squidguard_configurator.inc +++ b/packages/squidGuard/squidguard_configurator.inc @@ -60,7 +60,7 @@ define('FILES_DB_HEADER', ' # ------------------------------------------------------------------------------ '); -define('CONFIG_SG_HEADER', ' +define('CONFIG_SG_HEADER', " # ============================================================ # SquidGuard configuration file # @@ -69,7 +69,7 @@ define('CONFIG_SG_HEADER', ' # (C)2006 Serg Dvoriancev # email: dv_serg@mail.ru # ============================================================ -'); +"); define('ACL_WARNING_ABSENSE_PASS', "!WARNING! Absence PASS 'all' or 'none' added as 'none'"); @@ -148,6 +148,8 @@ define('SQUIDGUARD_LOG_LEVEL', 0); # ------------------------------------------------------------------------------ # define('FLT_DEFAULT_ALL', 'all'); +define('FLT_NOTALLOWIP', '!in-addr'); + # ------------------------------------------------------------------------------ # owner user name (squid system user - need for define rights access) # ------------------------------------------------------------------------------ @@ -229,6 +231,7 @@ define('FLD_TIMEDAYS', 'timedays'); define('FLD_DATRANGE', 'daterange'); define('FLD_TIMERANGE', 'sg_timerange'); define('FLD_REDIRECTMODE', 'redirect_mode'); // [redirect_mode] = rmod_int ; rmod_301; rmod_302; +define('FLD_NOTALLOWINGIP', 'notallowingip'); // not allowing ip in URL // transparent mode define('FLD_SQUID_TRANSPARENT_MODE', 'squid_transparent_mode'); @@ -842,9 +845,6 @@ function sg_build_config() { // --- Header --- $sgconf[] = CONFIG_SG_HEADER; - // redirector base url -# $redirect_base_url = sg_redirector_base_url(); - // init $sgconf[] = "logdir " . $squidguard_config[FLD_LOGDIR]; $sgconf[] = "dbhome " . $squidguard_config[FLD_DBHOME]; @@ -956,9 +956,6 @@ function sg_build_config() { if ($squidguard_config[FLD_DESTINATIONS]) { sg_addlog("sg_build_config: add destinations"); $sgconf[] = ""; -# $sgconf[] = "dest localhost { # fix localhost access problem on transparent proxy "; -# $sgconf[] = "\t ip 127.0.0.1"; -# $sgconf[] = "}"; $log_entr_added = ''; foreach($squidguard_config[FLD_DESTINATIONS][FLD_ITEM] as $dst) { $dstname = $dst[FLD_NAME]; @@ -1016,10 +1013,11 @@ function sg_build_config() { $log_entr_added = ''; foreach($squidguard_config[FLD_ACLS][FLD_ITEM] as $acl) { - // delete blacklist entries from 'pass' if blacklist disabled - if ($squidguard_config[FLD_BLACKLISTENABLED] !== 'on') { + if ($squidguard_config[FLD_BLACKLISTENABLED] !== 'on') { $tarray = explode(" ", $acl[FLD_DESTINATIONNAME]); $varray = explode(" ", $acl[FLD_OVERDESTINATIONNAME]); + + // delete blacklist entries from 'pass' if blacklist disabled foreach($entry_blacklist as $entry) { $tk = array_search($entry, $tarray); if ($tk !== false) unset ($tarray[$tk]); @@ -1033,11 +1031,22 @@ function sg_build_config() { $tk = array_search("!$entry", $varray); if ($tk !== false) unset ($varray[$tk]); } + $acl[FLD_DESTINATIONNAME] = implode (" ", $tarray); $acl[FLD_OVERDESTINATIONNAME] = implode (" ", $varray); } if (!$acl[FLD_DISABLED]) { + // not allowing IP in URL + if ($acl[FLD_NOTALLOWINGIP]) { + $acl[FLD_DESTINATIONNAME] = "!in-addr " . $acl[FLD_DESTINATIONNAME]; + $acl[FLD_OVERDESTINATIONNAME] = "!in-addr " . $acl[FLD_OVERDESTINATIONNAME]; + } + + // re-order acl pass () + $acl[FLD_DESTINATIONNAME] = sg_aclpass_reorder($acl[FLD_DESTINATIONNAME]); + $acl[FLD_OVERDESTINATIONNAME] = sg_aclpass_reorder($acl[FLD_OVERDESTINATIONNAME]); + if ($acl[FLD_DESCRIPTION]) $sgconf[] = "\t # " . $acl[FLD_DESCRIPTION]; @@ -1047,11 +1056,13 @@ function sg_build_config() { $sgconf[] = "\t\t pass " . $acl[FLD_DESTINATIONNAME]; if ($acl[FLD_REDIRECT]) { if (is_url($acl[FLD_REDIRECT])) - $sgconf[] = "\t\t redirect " . $redirect_user_url . rawurlencode($acl[FLD_REDIRECT]); - else $sgconf[] = "\t\t redirect " . $redirect_user_url . "?msg=" . htmlspecialchars($acl[FLD_REDIRECT]); + $sgconf[] = "\t\t redirect " . sg_redirector_base_url($acl[FLD_REDIRECT]); # $redirect_user_url . rawurlencode($acl[FLD_REDIRECT]); + else $sgconf[] = "\t\t redirect " . sg_redirector_base_url(''); # $redirect_user_url . "?msg=" . htmlspecialchars($acl[FLD_REDIRECT]); } if ($acl[FLD_REWRITENAME]) $sgconf[] = "\t\t rewrite " . $acl[FLD_REWRITENAME]; + if ($acl[FLD_LOG]) + $sgconf[] = "\t\t log " . SQUIDGUARD_ACCESSBLOCK_FILE; // overtime $sgconf[] = "\t } else {"; @@ -1060,6 +1071,8 @@ function sg_build_config() { $sgconf[] = "\t\t redirect " . sg_redirector_base_url($acl[FLD_OVERREDIRECT]); # $redirect_base_url . rawurlencode($acl[FLD_OVERREDIRECT]); if ($acl[FLD_OVERREWRITENAME]) $sgconf[] = "\t\t rewrite " . $acl[FLD_OVERREWRITENAME]; + if ($acl[FLD_LOG]) + $sgconf[] = "\t\t log " . SQUIDGUARD_ACCESSBLOCK_FILE; $sgconf[] = "\t }"; } else { @@ -1071,6 +1084,8 @@ function sg_build_config() { $sgconf[] = "\t\t redirect " . sg_redirector_base_url($acl[FLD_REDIRECT]); # $redirect_base_url . rawurlencode($acl[FLD_REDIRECT]); if ($acl[FLD_REWRITENAME]) $sgconf[] = "\t\t rewrite " . $acl[FLD_REWRITENAME]; + if ($acl[FLD_LOG]) + $sgconf[] = "\t\t log " . SQUIDGUARD_ACCESSBLOCK_FILE; $sgconf[] = "\t }"; } @@ -1091,7 +1106,6 @@ function sg_build_config() { // delete blacklist entries from 'pass' if blacklist disabled if ($squidguard_config[FLD_BLACKLISTENABLED] !== 'on') { $tarray = explode(" ", $def[FLD_DESTINATIONNAME]); - $varray = explode(" ", $def[FLD_OVERDESTINATIONNAME]); foreach($entry_blacklist as $entry) { $tk = array_search($entry , $tarray); if ($tk !== false) unset ($tarray[$tk]); @@ -1099,41 +1113,28 @@ function sg_build_config() { $tk = array_search("!$entry" , $tarray); if ($tk !== false) unset ($tarray[$tk]); - $tk = array_search($entry , $varray); - if ($tk !== false) unset ($varray[$tk]); - - $tk = array_search("!$entry" , $varray); - if ($tk !== false) unset ($varray[$tk]); } $def[FLD_DESTINATIONNAME] = implode (" ", $tarray); - $def[FLD_OVERDESTINATIONNAME] = implode (" ", $varray); } - if ($def[FLD_TIMENAME]) { - // ontime - $sgconf[] = "\t default within " . $def[FLD_TIMENAME] . " { "; - $sgconf[] = "\t\t pass " . $def[FLD_DESTINATIONNAME]; - if ($def[FLD_REDIRECT] && is_url($def[FLD_REDIRECT])) - $sgconf[] = "\t\t redirect " . sg_redirector_base_url($def[FLD_REDIRECT]); # $redirect_base_url . rawurlencode($def[FLD_REDIRECT]); - else $sgconf[] = "\t\t redirect " . sg_redirector_base_url(''); # $redirect_base_url; - // overtime - $sgconf[] = "\t } else {"; - $sgconf[] = "\t\t pass " . $def[FLD_OVERDESTINATIONNAME]; - if ($def[FLD_OVERREDIRECT] && is_url($def[FLD_OVERREDIRECT])) { - $sgconf[] = "\t\t redirect " . sg_redirector_base_url($def[FLD_OVERREDIRECT]); # $redirect_base_url . rawurlencode($def[FLD_OVERREDIRECT]); - } - else $sgconf[] = "\t\t redirect " . sg_redirector_base_url(''); # $redirect_base_url; - $sgconf[] = "\t }"; - } else { - // without time - $sgconf[] = "\t default { "; - $sgconf[] = "\t\t pass " . $def[FLD_DESTINATIONNAME]; - if ($def[FLD_REDIRECT] && is_url($def[FLD_REDIRECT])) { + // not allowing IP in URL + if ($def[FLD_NOTALLOWINGIP]) + $def[FLD_DESTINATIONNAME] = "!in-addr " . $def[FLD_DESTINATIONNAME]; + + // re-order acl pass () + $def[FLD_DESTINATIONNAME] = sg_aclpass_reorder($def[FLD_DESTINATIONNAME]); + + // 'Default' used without time + $sgconf[] = "\t default { "; + $sgconf[] = "\t\t pass " . $def[FLD_DESTINATIONNAME]; + if ($def[FLD_REDIRECT] && is_url($def[FLD_REDIRECT])) { $sgconf[] = "\t\t redirect " . sg_redirector_base_url($def[FLD_REDIRECT]); # $redirect_base_url . rawurlencode($def[FLD_REDIRECT]); - } - else $sgconf[] = "\t\t redirect " . sg_redirector_base_url(''); # $redirect_base_url; - $sgconf[] = "\t }"; } + else $sgconf[] = "\t\t redirect " . sg_redirector_base_url(''); # $redirect_base_url; + if ($def[FLD_LOG]) + $sgconf[] = "\t\t log " . SQUIDGUARD_ACCESSBLOCK_FILE; + $sgconf[] = "\t }"; + } // if def else { sg_addlog("sg_build_config: error - ACL 'default' is empty, use as default 'block all'."); @@ -1148,6 +1149,30 @@ function sg_build_config() { return $sgconf; } +// ------------------------------------------------------------ +// +// ------------------------------------------------------------ +function sg_aclpass_reorder($pass) { + $ar_pass = explode(" ", $pass); + + // 'pass' order: + if (is_array($ar_pass)) { + $pass_end = ''; + $pass_fst = array(); + $pass_lst = array(); + foreach ($ar_pass as $val) { + $tk = trim($val); + if ($tk === 'all' or $tk === 'none') + $pass_end = $val; + elseif (strpos($tk, "!") !== false) + $pass_lst[] = $val; + else $pass_fst[] = $val; + } + $ar_pass = array_merge($pass_fst, $pass_lst); + $ar_pass[] = $pass_end; + } + return implode(" ", $ar_pass); +} // ------------------------------------------------------------ // sg_check_config_data @@ -1356,25 +1381,6 @@ function sg_check_config_data () { $check_log[] = "ACL 'default' error: ontime pass list is empty."; } - // check overtime destinations - if ($time) { - if ($def[FLD_OVERDESTINATIONNAME]) { - $defoverdest = str_replace("!", "", $def[FLD_OVERDESTINATIONNAME]); - $defoverdest = explode(" ", $defoverdest); - $key_defoverdest = array_count_values($defoverdest); - foreach($defoverdest as $adest) { - // check duplicates destinations in acl - if ($key_defoverdest[$adest] > 1) - $check_log[] = "ACL 'default' error: duplicate overtime destination name '$adest'. Any destination must included once."; - // check destinations for exists - if ($adest and ($adest != 'all') and ($adest != 'none') and !$key_destinations[$adest]) - $check_log[] = "ACL 'default' error: overtime destination name '$adest' not found"; - } - } else { - $check_log[] = "ACL 'default' error: overtime pass list is empty."; - } - } - // check rewrite $rew = $def[FLD_REWRITENAME]; if ($rew and !$key_rewrites[$rew]) diff --git a/packages/squidGuard/squidguard_default.xml b/packages/squidGuard/squidguard_default.xml index 0354f1dd..3f83b267 100644 --- a/packages/squidGuard/squidguard_default.xml +++ b/packages/squidGuard/squidguard_default.xml @@ -44,12 +44,6 @@ - - Default Time - time - Enter time name in current which this rule permitted. - select - Default destination dest @@ -58,21 +52,17 @@ 100 - Default Redirect - redirect + Not to allow IP addresses in URL + notallowingip - Enter redirection URL, Tag or Error page code for this rule, or leave blank. <br> - Supported URL's: 'http://myurl', 'https://myurl'. <br> - Supported tags: 'blank', 'blank_img'. <br> - Supported error page codes: 3xx, 4xx, 5xx. Format: 'code' or 'code[space]reason message'. + To make sure that people don't bypass the URL filter + by simply using the IP addresses instead of the fully qualified domain names, you can check this option. - textarea - 65 - 2 + checkbox - Default overtime redirect - overredirect + Default Redirect + redirect Enter redirection URL, Tag or Error page code for this rule, or leave blank. <br> Supported URL's: 'http://myurl', 'https://myurl'. <br> @@ -89,12 +79,6 @@ Enter rewrite condition name for this rule, or leave blank. select - - Default overtime rewrite - overrewrite - Enter rewrite condition name for this rule, or leave blank. - select - Enable log enablelog @@ -107,7 +91,7 @@ squidguard_validate_acl(&$_POST, &$input_errors); - squidguard_before_form_acl(&$pkg); + squidguard_before_form_acl(&$pkg, false); squidGuard_print_javascript(); diff --git a/packages/squidGuard/squidguard_src.xml b/packages/squidGuard/squidguard_src.xml deleted file mode 100644 index 000528db..00000000 --- a/packages/squidGuard/squidguard_src.xml +++ /dev/null @@ -1,160 +0,0 @@ - - - - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - - squidguardsrc - none - Proxy Content filter SquidGuard: Sources - /usr/local/pkg/squidguard.inc - - A proxy server user has been deleted. - A proxy server user has been created/modified. - - - - General settings - /pkg_edit.php?xml=squidguard.xml&id=0 - - - Default - /pkg_edit.php?xml=squidguard_default.xml&id=0 - - - ACL - /pkg.php?xml=squidguard_acl.xml - - - Sources - /pkg.php?xml=squidguard_src.xml - - - - Destinations - /pkg.php?xml=squidguard_dest.xml - - - Times - /pkg.php?xml=squidguard_time.xml - - - Rewrites - /pkg.php?xml=squidguard_rewr.xml - - - Log - /pkg_edit.php?xml=squidguard_log.xml - - - - - - Order - order - - - Source name - name - - - IP list - iplist - - - domains list - domains - - - Description - description - - - - - - Source name - name - - You can enter name here. Name consist minimum 2 symbols, first from which letter. <br> - All other symbols is [a-Z_0-9]. Source name must be <b>unique</b> . - - input - - 80 - - - Order - order - - Order source in list. <br> - <b>Note:</b> <br> - Sources order have very high importance. Sources are evaluated on a first-match basis. <br> - If your sources have an overlaying ranges, then act will be first in list. <br> - <b>For example:</b> <br> - Wrong order: <br> - First source entry is the range 10.0.0.0/24 and second entry is 10.0.0.15 (or 10.0.0.15/32 ) <br> - Right order: <br> - First source entry is the single ip 10.0.0.15 (or 10.0.0.15/32 ) then the overlaying range 10.0.0.0/24 <br> - - input - 5 - - - IP addresses - iplist - - Enter IP addresses here with space(' ') divider. <br> - IP addresses must have format:<br> - single example: '192.168.0.1' <br> - range examples: <br> - '192.168.0.0/24', '192.168.1.0/255.255.255.0', '192.168.1.1-192.168.1.10' <br> - - textarea - 50 - 10 - - - Domains - domains - - Enter domains names here with space(' ') divider. <br> - Example: <b>'foo.bar'</b> match <b>'foo.bar'</b> or <b>'*.foo.bar'</b>. - - textarea - 50 - 10 - - - Enable log - enablelog - Check this for enable log. - checkbox - - - Description - description - - input - 80 - - - - - squidguard_before_form_src(&$pkg); - - - squidGuard_print_javascript(); - - - squidguard_validate_source($_POST, &$input_errors); - - - squidguard_resync_src(); - - - squidguard_resync_src(); - - -- cgit v1.2.3