<?xml version="1.0" encoding="utf-8"?> <packagegui> <include_file>squid.inc</include_file> <name>squidnac</name> <title>Proxy server: Access control</title> <tabs> <tab> <text>General settings</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> <text>Upstream proxy</text> <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> </tab> <tab> <text>Cache management</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> </tab> <tab> <text>Access control</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> <active/> </tab> <tab> <text>Traffic management</text> <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> </tab> <tab> <text>Auth settings</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> </tab> <tab> <text>Local users</text> <url>/pkg.php?xml=squid_users.xml</url> </tab> </tabs> <fields> <field> <fieldname>allowed_subnets</fieldname> <fielddescr>Allowed subnets</fielddescr> <description>Enter each subnet on a new line that is allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.</description> <type>textarea</type> <encoding>base64</encoding> <rows>5</rows> <cols>50</cols> </field> <field> <fieldname>unrestricted_hosts</fieldname> <fielddescr>Unrestricted IPs</fielddescr> <description>Enter each unrestricted IP address on a new line that is not to be filtered out by the other access control directives set in this page.</description> <type>textarea</type> <encoding>base64</encoding> <rows>5</rows> <cols>50</cols> </field> <field> <fieldname>banned_hosts</fieldname> <fielddescr>Banned host addresses</fielddescr> <description>Enter each IP address on a new line that is not to be allowed to use the proxy.</description> <type>textarea</type> <encoding>base64</encoding> <rows>5</rows> <cols>50</cols> </field> <field> <fieldname>whitelist</fieldname> <fielddescr>Whitelist</fielddescr> <description>Enter each destination domain on a new line that will be accessable to the users that are allowed to use the proxy.</description> <type>textarea</type> <encoding>base64</encoding> <rows>5</rows> <cols>50</cols> </field> <field> <fieldname>blacklist</fieldname> <fielddescr>Blacklist</fielddescr> <description>Enter each destination domain on a new line that will be blocked to the users that are allowed to use the proxy.</description> <type>textarea</type> <encoding>base64</encoding> <rows>5</rows> <cols>50</cols> </field> </fields> <custom_php_validation_command> squid_validate_nac($_POST, &$input_errors); </custom_php_validation_command> <custom_php_resync_config_command> squid_resync(); </custom_php_resync_config_command> </packagegui>