.
All rights reserved.
*/
/* ========================================================================== */
/*
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
/* ========================================================================== */
]]>
Describe your package hereDescribe your package requirements hereCurrently there are no FAQ items provided.squidreversenoneProxy server: Reverse Proxy/usr/local/pkg/squid.incGeneral/pkg_edit.php?xml=squid.xml&id=0Upstream/pkg_edit.php?xml=squid_upstream.xml&id=0Cache/pkg_edit.php?xml=squid_cache.xml&id=0ACLs/pkg_edit.php?xml=squid_nac.xml&id=0Traffic Mgmt/pkg_edit.php?xml=squid_traffic.xml&id=0Reverse/pkg_edit.php?xml=squid_reverse.xml&id=0Authentication/pkg_edit.php?xml=squid_auth.xml&id=0Users/pkg.php?xml=squid_users.xmlReal time/squid_monitor.phpSync/pkg_edit.php?xml=squid_sync.xmlSquid Reverse proxy General SettingslisttopicReverse Proxy interfacereverse_interfaceThe interface(s) the reverse-proxy server will bind to.interfaces_selectionwanUser-defined reverse-proxy IPsreverse_ipSquid will additionally bind to this user-defined IPs for reverse-proxy operation. Useful for virtual IPs such as CARP. Separate by semi-colons (;).input70external FQDNreverse_external_fqdnThe external full-qualified-domain-name of the WAN address.input70Reset TCP connections if request is unauthorizeddeny_info_tcp_resetIf this field is checked, the reverse-proxy will reset the TCP connection if the request is unauthorized.checkboxonSquid Reverse HTTP SettingslisttopicEnable HTTP reverse modereverse_httpIf this field is checked, the proxy-server will act in HTTP reverse mode. <br>(You have to add a rule with destination "WAN-address")checkboxreverse_http_port,reverse_http_defsiteoffreverse HTTP portreverse_http_portThis is the port the HTTP reverse-proxy will listen on. (leave empty to use 80)input580reverse HTTP default sitereverse_http_defsiteThis is the HTTP reverse default site. (leave empty to use the external fqdn)input60Squid Reverse HTTPS SettingslisttopicEnable HTTPS reverse proxyreverse_httpsIf this field is checked, the proxy-server will act in HTTPS reverse mode. <br>(You have to add a rule with destination "WAN-address")checkboxreverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_autodiscover,reverse_ssl_chainoffreverse HTTPS portreverse_https_portThis is the port the HTTPS reverse-proxy will listen on. (leave empty to use 443)input5443reverse HTTPS default sitereverse_https_defsiteThis is the HTTPS reverse default site. (leave empty to use the external fqdn)input60reverse SSL certificatereverse_ssl_certChoose the SSL Server Certificate here.select_sourcedescrrefidintermediate CA certificate (if needed)reverse_int_caPaste a signed certificate in X.509 PEM format here.textarea505base64Ignore internal Certificate validationreverse_ignore_ssl_validIf this field is checked, internal certificate validation will be ignored.checkboxonEnable OWA reverse proxyreverse_owaIf this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.checkboxreverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_webservice,reverse_owa_autodiscoverCAS-Array / OWA frontend IP addressreverse_owa_ipThese are the internal IPs of the CAS-Array (OWA frontend servers). Separate by semi-colons (;). input70Enable ActiveSyncreverse_owa_activesyncIf this field is checked, ActiveSync will be enabled.checkboxEnable Outlook Anywherereverse_owa_rpchttpIf this field is checked, RPC over HTTP will be enabled.checkboxEnable MAPI HTTPreverse_owa_mapihttpThis feature is only available with at least Exchange 2013 SP1]]>checkboxEnable Exchange WebServicesreverse_owa_webserviceThere are potential DoS side effects to its use, please avoid unless you must.]]>checkboxEnable AutoDiscoverreverse_owa_autodiscoverIf this field is checked, AutoDiscover will be enabled.checkboxSquid Reverse Mappingslisttopic<b>peer definitions</b> <br>publishing hostsreverse_cache_peer
syntax: [peer alias];[internal ip address];[port];[HTTP / HTTPS]
example: HOST1;192.168.0.1;80;HTTP WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>textarea6010base64<b>URI definitions</b> <br>published URIsreverse_uri
syntax: [group the uri belongs to];[URI to publish](;[vhost fqdn])
(a group can contain multiple URIs, without vhost fqdn the external fqdn is used, you also can specity http:// or https://)
example: URI1;public;server.pfsense.org. WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>textarea6010base64<b>ACL definitions</b> <br>published URIsreverse_acl
syntax: [peer alias];[uri group alias] example: HOST1;URI1 WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>textarea6010base64
squid_before_form_general($pkg);
squid_validate_reverse($_POST, $input_errors);
squid_resync();