<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
<packagegui>
	<copyright>
	<![CDATA[
/* $Id$ */
/* ========================================================================== */
/*
    dansguardian_config.xml
    part of the dansguardian for pfSense
    Copyright (C) 2012-2013 Marcello Coutinho

    All rights reserved.            
			                                                                  */
/* ========================================================================== */
/*
    Redistribution and use in source and binary forms, with or without
    modification, are permitted provided that the following conditions are met:

     1. Redistributions of source code MUST retain the above copyright notice,
        this list of conditions and the following disclaimer.

     2. Redistributions in binary form must reproduce the above copyright
        notice, this list of conditions and the following disclaimer in the
        documentation and/or other materials provided with the distribution.

    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
    POSSIBILITY OF SUCH DAMAGE.
                                                                              */
/* ========================================================================== */
	]]>
	</copyright>
	<description>Describe your package here</description>
	<requirements>Describe your package requirements here</requirements>
	<faq>Currently there are no FAQ items provided.</faq>
	<name>dansguardianconfig</name>
	<version>1.0</version>
	<title>Services: Dansguardian</title>
	<include_file>/usr/local/pkg/dansguardian.inc</include_file>
	<tabs>
		<tab>
			<text>Daemon</text>
			<url>/pkg_edit.php?xml=dansguardian.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>General</text>
			<url>/pkg_edit.php?xml=dansguardian_config.xml&amp;id=0</url>
			<active/>
		</tab>
		<tab>
			<text>Limits</text>
			<url>/pkg_edit.php?xml=dansguardian_limits.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>Blacklist</text>
			<url>/pkg_edit.php?xml=dansguardian_blacklist.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>ACLs</text>
			<url>/pkg.php?xml=dansguardian_site_acl.xml</url>
		</tab>
		<tab>
			<text>LDAP</text>
			<url>/pkg.php?xml=dansguardian_ldap.xml</url>
		</tab>
		<tab>
			<text>Groups</text>
			<url>/pkg.php?xml=dansguardian_groups.xml</url>
		</tab>
		<tab>
			<text>Users</text>
			<url>/pkg_edit.php?xml=dansguardian_users.xml</url>
		</tab>
		<tab>
			<text>IPs</text>
			<url>/pkg_edit.php?xml=dansguardian_ips.xml</url>
		</tab>
		<tab>
			<text>Report and log</text>
			<url>/pkg_edit.php?xml=dansguardian_log.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>Sync</text>
			<url>/pkg_edit.php?xml=dansguardian_sync.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>Help</text>
			<url>/dansguardian_about.php</url>
		</tab>
</tabs>
	<fields>
		<field>
			<name>Config Settings</name>
			<type>listtopic</type>
		</field>
		<field>
			<fielddescr>Auth Plugins</fielddescr>
			<fieldname>auth_plugin</fieldname>
			<description><![CDATA[This option handle the extraction of client usernames from various sources, such as Proxy-Authorisation headers and ident servers, 
								enabling requests to be handled according to the settings of the user's filter group.<br>
								Use CTRL + click for multiple select.<br>
						<strong>Note: Do NOT select more then one auth plugin if you plan to use more then one listening interface.</strong>]]></description>
	    	<type>select</type>
 				<options>
 				<option><name>Proxy-Basic</name><value>/usr/local/etc/dansguardian/authplugins/proxy-basic.conf</value></option>
 				<option><name>Proxy-Digest</name><value>/usr/local/etc/dansguardian/authplugins/proxy-digest.conf</value></option>
 				<option><name>Proxy-Ntlm</name><value>/usr/local/etc/dansguardian/authplugins/proxy-ntlm.conf</value></option>
 				<option><name>Ident</name><value>/usr/local/etc/dansguardian/authplugins/ident.conf</value></option>
 				<option><name>Ip Address</name><value>/usr/local/etc/dansguardian/authplugins/ip.conf</value></option>
 				<option><name>none</name><value>none</value></option>
 				</options>
 				<multiple/>
 				<size>7</size>
		</field>
		<field>
			<fielddescr>Scan Options</fielddescr>
			<fieldname>scan_options</fieldname>
			<description><![CDATA[Scan options. Default values are in ( )<br>
								Use CTRL + click for multiple select.]]></description>
	    	<type>select</type>
 				<options>
 				<option><name>Scan clean cache (on)</name><value>scancleancache</value></option>
 				<option><name>Hex decode content (off)</name><value>hexdecodecontent</value></option>
 				<option><name>Force quick search (off)</name><value>forcequicksearch</value></option>
 				<option><name>Reverse address lookups (off)</name><value>reverseaddresslookups</value></option>
 				<option><name>Reverse client ip lookups (off)</name><value>reverseclientiplookups</value></option>
 				<option><name>Log client hostnames (off)</name><value>logclienthostnames</value></option>
 				<option><name>Create list cache files (on)</name><value>createlistcachefiles</value></option>
 				<option><name>Prefer cached lists (off)</name><value>prefercachedlists</value></option>
 				<option><name>deletedownloadedtempfiles (on)</name><value>deletedownloadedtempfiles</value></option>
 				</options>
 				<multiple/>
 				<size>10</size>
		</field>
		<field>
			<fielddescr>Weighted phrase mode</fielddescr>
			<fieldname>weightedphrasemode</fieldname>
			<description><![CDATA[IMPORTANT: Note that setting this to "0" turns off all features which extract phrases from page content, 
			including banned & exception phrases (not just weighted), search term filtering, and scanning for links to banned URLs.]]></description>
	    	<type>select</type>
 				<options>
 				<option><name>Singular = each weighted phrase found only counts once on a page. (default)</name><value>2</value></option>
 				<option><name>Normal = normal weighted phrase operation.</name><value>1</value></option>
 				<option><name>Off = do not use the weighted phrase feature.</name><value>0</value></option>
 				</options>
		</field>
		<field>
			<fielddescr>Lower casing options</fielddescr>
			<fieldname>preservecase</fieldname>
			<description><![CDATA[When a document is scanned the uppercase letters are converted to lower case in order to compare them with the phrases.<br>
			However this can break Big5 and other 16-bit texts.  If needed preserve the case.]]></description>
	    	<type>select</type>
 				<options>
 				<option><name>Force lower case (default)</name><value>0</value></option>
 				<option><name>Do not change case</name><value>1</value></option>
 				<option><name>Scan first in lower case, then in original case</name><value>2</value></option>
 				</options>
		</field>
		<field>
			<fielddescr>Phrase filter mode</fielddescr>
			<fieldname>phrasefiltermode</fieldname>
			<description><![CDATA[Smart, Raw and Meta/Title phrase content filtering options<br>
							Smart is where the multiple spaces and HTML are removed before phrase filtering<br>
							Raw is where the raw HTML including meta tags are phrase filtered<br>
							Meta/Title is where only meta and title tags are phrase filtered (v. quick)<br>
							CPU usage can be effectively halved by using setting 0 or 1 compared to 2]]></description>
	    	<type>select</type>
 				<options>
 				<option><name>use both (default)</name><value>2</value></option>
 				<option><name>meta/title</name><value>3</value></option>
 				<option><name>smart only</name><value>1</value></option>
 				<option><name>raw only</name><value>0</value></option>
 				</options>
		</field>
			<field>
			<fielddescr>Url cache number</fielddescr>
			<fieldname>urlcachenumber</fieldname>
			<type>input</type>
			<size>10</size>
			<description><![CDATA[Positive (clean) result caching for URLs Caches good pages so they don't need to be scanned again.It also works with AV plugins.<br>
			0 = off (recommended for ISPs with users with disimilar browsing)<br>
			<strong>1000 = recommended for most user</strong><br>
			5000 = suggested max upper limit<br>
			If you're using an AV plugin then use at least 5000.]]></description>
		</field>
		<field>
			<fielddescr>Url cache age</fielddescr>
			<fieldname>urlcacheage</fieldname>
			<type>input</type>
			<size>10</size>
			<description><![CDATA[Age before cache are stale and should be ignored in seconds<br>
			<strong>900 = 15 mins(recommended)</strong><br>
			0 = never]]></description>
		</field>
		<field>
			<name>SSL man in the middle Filtering</name>
			<type>listtopic</type>
		</field>
		<field>
			<fielddescr>CA</fielddescr>
			<fieldname>dca</fieldname>
			<description><![CDATA[Select Certificate Authority to use when SSL filtering is enabled on Group options<br>
								To create a CA on pfsense, go to <strong>system -> Cert Manager<strong>]]></description>
	    	<type>select_source</type>
			<source><![CDATA[$config['ca']]]></source>
			<source_name>descr</source_name>
			<source_value>refid</source_value>
		</field>
		<field>
			<fielddescr>Cert</fielddescr>
			<fieldname>dcert</fieldname>
			<description><![CDATA[Select Certificate pair to use when SSL filtering is enabled on Group options<br>
								To create a Certificate on pfsense, go to <strong>system -> Cert Manager<strong>]]></description>
	    	<type>select_source</type>
			<source><![CDATA[$config['cert']]]></source>
			<source_name>descr</source_name>
			<source_value>refid</source_value>
		</field>
		<field>
			<name>Content Scanner</name>
			<type>listtopic</type>
		</field>
		<field>
			<fielddescr>Content Scanners (antivirus)</fielddescr>
			<fieldname>content_scanners</fieldname>
			<description><![CDATA[Content Scanners options. Default values are in ( )]]></description>
	    	<type>select</type>
 				<options>
 				<option><name>clamdscan (off)</name><value>/usr/local/etc/dansguardian/contentscanners/clamdscan.conf</value></option>
 				<option><name>icapscan (off)</name><value>/usr/local/etc/dansguardian/contentscanners/icapscan.conf</value></option>
 				</options>
 				<multiple/>
 				<size>3</size>
		</field>
		<field>
			<fielddescr>freshclam frequency</fielddescr>
			<fieldname>cron</fieldname>
			<description><![CDATA[Default:<strong>Every day</strong><br>
							Select how often pfsense will update clamd virus database]]></description>
	    	<type>select</type>
 				<options>
 				<option><name>Every day</name><value>day</value></option>
				<option><name>Every 2 days</name><value>02days</value></option>
				<option><name>Once a week</name><value>week</value></option>
				<option><name>Never</name><value>never</value></option>
				</options>
		</field>
		<field>
			<fielddescr>Content scanner timeout</fielddescr>
			<fieldname>contentscannertimeout</fieldname>
			<type>input</type>
			<size>10</size>
			<description><![CDATA[<strong>Default is 60</strong><br>
						  Some of the content scanners support using a timeout value to stop processing (eg AV scanning) the file if it takes too long.<br>
						  If supported this will be used.<br>
						  The default of 60 seconds is probably reasonable.]]></description>
		</field>
		<field>
			<fielddescr>Content scan exceptions</fielddescr>
			<fieldname>contentscanexceptions</fieldname>
			<type>checkbox</type>
			<description><![CDATA[If 'on' exception sites, urls, users etc will be scanned.<br>
			This is probably not desirable behavour as exceptions are supposed to be trusted and will increase load.<br>
			Correct use of grey lists are a better idea.]]></description>
		</field>
		<field>
			<fielddescr>ICAP URL</fielddescr>
			<fieldname>contentscannertimeout</fieldname>
			<type>input</type>
			<size>40</size>
			<description><![CDATA[Enter ICAP URL in <strong>icap://icapserver:1344/avscan</strong> format<br>
						  Use hostname rather than IP address and Always specify the port]]></description>
		</field>
	
		<field>
			<name>Misc settings</name>
			<type>listtopic</type>
		</field>
		<field>
			<fielddescr>Misc Options</fielddescr>
			<fieldname>misc_options</fieldname>
			<description><![CDATA[Misc options. Default values are in ( )]]></description>
	    	<type>select</type>
 				<options>
 				<option><name>recheckreplacedurls (off)</name><value>recheckreplacedurls</value></option>
 				<option><name>forwardedfor (off)</name><value>forwardedfor</value></option>
 				<option><name>usexforwardedfor (off)</name><value>usexforwardedfor</value></option>
 				</options>
 				<multiple/>
 				<size>4</size>
		</field>
	</fields>
	<custom_php_install_command>
		dansguardian_php_install_command();
	</custom_php_install_command>
	<custom_php_deinstall_command>
		dansguardian_php_deinstall_command();
	</custom_php_deinstall_command>
	<custom_php_validation_command>
		dansguardian_validate_input($_POST, &amp;$input_errors);
	</custom_php_validation_command>	
	<custom_php_resync_config_command>
		sync_package_dansguardian();
	</custom_php_resync_config_command>
</packagegui>