<?xml version="1.0" encoding="utf-8"?>
<packagegui>
	<include_file>squid.inc</include_file>
	<name>squidnac</name>
	<title>Proxy server: Access control</title>
	<tabs>
		<tab>
			<text>General settings</text>
			<url>/pkg_edit.php?xml=squid.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>Upstream proxy</text>
			<url>/pkg_edit.php?xml=squid_upstream.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>Cache management</text>
			<url>/pkg_edit.php?xml=squid_cache.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>Access control</text>
			<url>/pkg_edit.php?xml=squid_nac.xml&amp;id=0</url>
			<active/>
		</tab>
		<tab>
			<text>Traffic management</text>
			<url>/pkg_edit.php?xml=squid_traffic.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>Auth settings</text>
			<url>/pkg_edit.php?xml=squid_auth.xml&amp;id=0</url>
		</tab>
		<tab>
			<text>Local users</text>
			<url>/pkg.php?xml=squid_users.xml</url>
		</tab>
	</tabs>
	<fields>
		<field>
			<fieldname>allowed_subnets</fieldname>
			<fielddescr>Allowed subnets</fielddescr>
			<description>Enter each subnet on a new line that is allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.</description>
			<type>textarea</type>
			<encoding>base64</encoding>
			<rows>5</rows>
			<cols>50</cols>
		</field>
		<field>
			<fieldname>unrestricted_hosts</fieldname>
			<fielddescr>Unrestricted IPs</fielddescr>
			<description>Enter each unrestricted IP address on a new line that is not to be filtered out by the other access control directives set in this page.</description>
			<type>textarea</type>
			<encoding>base64</encoding>
			<rows>5</rows>
			<cols>50</cols>
		</field>
		<field>
			<fieldname>banned_hosts</fieldname>
			<fielddescr>Banned host addresses</fielddescr>
			<description>Enter each IP address on a new line that is not to be allowed to use the proxy.</description>
			<type>textarea</type>
			<encoding>base64</encoding>
			<rows>5</rows>
			<cols>50</cols>
		</field>	
		<field>
			<fieldname>whitelist</fieldname>
			<fielddescr>Whitelist</fielddescr>
			<description>Enter each destination domain on a new line that will be accessable to the users that are allowed to use the proxy.</description>
			<type>textarea</type>
			<encoding>base64</encoding>
			<rows>5</rows>
			<cols>50</cols>
		</field>
		<field>
			<fieldname>blacklist</fieldname>
			<fielddescr>Blacklist</fielddescr>
			<description>Enter each destination domain on a new line that will be blocked to the users that are allowed to use the proxy.</description>
			<type>textarea</type>
			<encoding>base64</encoding>
			<rows>5</rows>
			<cols>50</cols>
		</field>
	</fields>
	<custom_php_validation_command>
		squid_validate_nac($_POST, &amp;$input_errors);
	</custom_php_validation_command>
	<custom_php_resync_config_command>
		squid_resync();
	</custom_php_resync_config_command>
</packagegui>