. All rights reserved. */ /* ========================================================================== */ /* Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /* ========================================================================== */ ]]> Describe your package here Describe your package requirements here Currently there are no FAQ items provided. squidreverse none Proxy server: Reverse Proxy /usr/local/pkg/squid.inc General /pkg_edit.php?xml=squid.xml&id=0 Upstream /pkg_edit.php?xml=squid_upstream.xml&id=0 Cache /pkg_edit.php?xml=squid_cache.xml&id=0 ACLs /pkg_edit.php?xml=squid_nac.xml&id=0 Traffic Mgmt /pkg_edit.php?xml=squid_traffic.xml&id=0 Reverse /pkg_edit.php?xml=squid_reverse.xml&id=0 Authentication /pkg_edit.php?xml=squid_auth.xml&id=0 Users /pkg.php?xml=squid_users.xml Real time /squid_monitor.php Sync /pkg_edit.php?xml=squid_sync.xml Squid Reverse proxy General Settings listtopic Reverse Proxy interface reverse_interface The interface(s) the reverse-proxy server will bind to. interfaces_selection wan User-defined reverse-proxy IPs reverse_ip Squid will additionally bind to this user-defined IPs for reverse-proxy operation. Useful for virtual IPs such as CARP. Separate by semi-colons (;). input 70 external FQDN reverse_external_fqdn The external full-qualified-domain-name of the WAN address. input 70 Reset TCP connections if request is unauthorized deny_info_tcp_reset If this field is checked, the reverse-proxy will reset the TCP connection if the request is unauthorized. checkbox on Squid Reverse HTTP Settings listtopic Enable HTTP reverse mode reverse_http If this field is checked, the proxy-server will act in HTTP reverse mode. <br>(You have to add a rule with destination "WAN-address") checkbox reverse_http_port,reverse_http_defsite off reverse HTTP port reverse_http_port This is the port the HTTP reverse-proxy will listen on. (leave empty to use 80) input 5 80 reverse HTTP default site reverse_http_defsite This is the HTTP reverse default site. (leave empty to use the external fqdn) input 60 Squid Reverse HTTPS Settings listtopic Enable HTTPS reverse proxy reverse_https If this field is checked, the proxy-server will act in HTTPS reverse mode. <br>(You have to add a rule with destination "WAN-address") checkbox reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_autodiscover,reverse_ssl_chain off reverse HTTPS port reverse_https_port This is the port the HTTPS reverse-proxy will listen on. (leave empty to use 443) input 5 443 reverse HTTPS default site reverse_https_defsite This is the HTTPS reverse default site. (leave empty to use the external fqdn) input 60 reverse SSL certificate reverse_ssl_cert Choose the SSL Server Certificate here. select_source descr refid intermediate CA certificate (if needed) reverse_int_ca Paste a signed certificate in X.509 PEM format here. textarea 50 5 base64 Ignore internal Certificate validation reverse_ignore_ssl_valid If this field is checked, internal certificate validation will be ignored. checkbox on Enable OWA reverse proxy reverse_owa If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App. checkbox reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_mapihttp,reverse_owa_webservice,reverse_owa_autodiscover CAS-Array / OWA frontend IP address reverse_owa_ip These are the internal IPs of the CAS-Array (OWA frontend servers). Separate by semi-colons (;). input 70 Enable ActiveSync reverse_owa_activesync If this field is checked, ActiveSync will be enabled. checkbox Enable Outlook Anywhere reverse_owa_rpchttp If this field is checked, RPC over HTTP will be enabled. checkbox Enable MAPI HTTP reverse_owa_mapihttp This feature is only available with at least Exchange 2013 SP1]]> checkbox Enable Exchange WebServices reverse_owa_webservice There are potential DoS side effects to its use, please avoid unless you must.]]> checkbox Enable AutoDiscover reverse_owa_autodiscover If this field is checked, AutoDiscover will be enabled. checkbox Squid Reverse Mappings listtopic <b>peer definitions</b> <br>publishing hosts reverse_cache_peer syntax: [peer alias];[internal ip address];[port];[HTTP / HTTPS]
example: HOST1;192.168.0.1;80;HTTP
WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>
textarea 60 10 base64
<b>URI definitions</b> <br>published URIs reverse_uri syntax: [group the uri belongs to];[URI to publish](;[vhost fqdn])
(a group can contain multiple URIs, without vhost fqdn the external fqdn is used, you also can specity http:// or https://)
example: URI1;public;server.pfsense.org.
WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>
textarea 60 10 base64
<b>ACL definitions</b> <br>published URIs reverse_acl syntax: [peer alias];[uri group alias]
example: HOST1;URI1
WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING]]>
textarea 60 10 base64
squid_before_form_general($pkg); squid_validate_reverse($_POST, $input_errors); squid_resync();