From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alexander Koch To: development@lists.ipfire.org Subject: [PATCH] squid / WPAD: Add exception-files for generation of proxy.pac Date: Sun, 14 Apr 2019 12:08:43 +0200 Message-ID: <1555236523-3509-1-git-send-email-ipfire@starkstromkonsument.de> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4065553737338314151==" List-Id: --===============4065553737338314151== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This patch extends the script /srv/web/ipfire/cgi-bin/proxy.cgi by additional= code for reading exceptions for URL's and IP's/Subnets from two new files: - /var/ipfire/proxy/advanced/acls/dst_noproxy_url.acl - /var/ipfire/proxy/advanced/acls/dst_noproxy_ip.acl as described in: https://wiki.ipfire.org/configuration/network/proxy/extend/a= dd_distri These can be used to define additional URL's, IP's and Subnets that should be= retrieved "DIRECT" and not via the proxy. The files have to be created by th= e user, as the WPAD-Feature is not enabled by default anyway. If the files ar= e not present or their size is 0, nothing is done. I'll revise the wiki-page,= after the patch is merged and the core update is released. Signed-off-by: Alexander Koch --- html/cgi-bin/proxy.cgi | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 6daa7fb..369a5cb 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -124,6 +124,9 @@ my $acl_ports_safe =3D "$acldir/ports_safe.acl"; my $acl_ports_ssl =3D "$acldir/ports_ssl.acl"; my $acl_include =3D "$acldir/include.acl"; =20 +my $acl_dst_noproxy_url =3D "$acldir/dst_noproxy_url.acl"; +my $acl_dst_noproxy_ip =3D "$acldir/dst_noproxy_ip.acl"; + my $updaccelversion =3D 'n/a'; my $urlfilterversion =3D 'n/a'; =20 @@ -2763,6 +2766,42 @@ END print FILE " (isInNet(host, \"$netsettings{'ORANGE_NETADDRESS'}\", \"$= netsettings{'ORANGE_NETMASK'}\")) ||\n"; } =20 + # Additional exceptions for URLs + # The file has to be created by the user and should contain one entry per l= ine + # Line-Format: + # e.g. *ipfire.org* + if (-s "$acl_dst_noproxy_url") { + undef @templist; + + open(NOPROXY,"$acl_dst_noproxy_url"); + @templist =3D ; + close(NOPROXY); + chomp (@templist); + + foreach (@templist) + { + print FILE " (shExpMatch(url, \"$_\")) ||\n"; + } + } + + # Additional exceptions for Subnets + # The file has to be created by the user and should contain one entry per l= ine + # Line-Format: "", "" + # e.g. "192.168.0.0", "255.255.255.0" + if (-s "$acl_dst_noproxy_ip") { + undef @templist; + + open(NOPROXY,"$acl_dst_noproxy_ip"); + @templist =3D ; + close(NOPROXY); + chomp (@templist); + + foreach (@templist) + { + print FILE " (isInNet(host, $_)) ||\n"; + } + } + print FILE <