This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via e0c4ed1783d665d6f341d00e506395c507198807 (commit) via ce1f04ee404bc373169cd2e8efa7804206bc85de (commit) via c2f1b8183c5f4eb335e89676b46b11eb460b3b89 (commit) via cdd4cf4094df9562f53e175ece8f0bcc4a1cf2f1 (commit) via d68e150e865c86f8a8f784da242701215325abad (commit) via a1018d86ae3d01342758b93e6782735f7b3aa47f (commit) via 6df2d5288768ba0557b3070a52b20db95f3b88fa (commit) via fa286b133085da2776087d7890b57f96a400cc58 (commit) via 5c2a76f7b3799b78e2d9fb33d5f3d7d408b8314b (commit) via dc637f087fe07ab26ae1dee00133da69bab5e6a1 (commit) via ea72700a3b5f53680b218e9261593806bdc5f7d4 (commit) via eedca6e36c1131ce5542da5ccbfbb5667648c024 (commit) via 1a3323f2e6aa4ebe701f2e61a6829c8bedb7eb10 (commit) from 79b89b90e4b9425e29551bd8ceb8a85cd224c62d (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit e0c4ed1783d665d6f341d00e506395c507198807 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 16:14:01 2019 +0100
core127: Ship updated proxy.cgi and regenerate configuration
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ce1f04ee404bc373169cd2e8efa7804206bc85de Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 16:09:46 2019 +0100
proxy: Allow selecting throttled bandwidth in MBit/s
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit c2f1b8183c5f4eb335e89676b46b11eb460b3b89 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 16:02:05 2019 +0100
proxy: Suggest modern defaults for cache memory and disk
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cdd4cf4094df9562f53e175ece8f0bcc4a1cf2f1 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 16:00:05 2019 +0100
proxy: Drop support for throttling only certain mime types
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit d68e150e865c86f8a8f784da242701215325abad Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:54:56 2019 +0100
proxy: Drop web browser check
This is neither reliable nor up to date and is therefore removed
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a1018d86ae3d01342758b93e6782735f7b3aa47f Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:49:18 2019 +0100
proxy: Set authentication TTL for NTLM authentication also
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6df2d5288768ba0557b3070a52b20db95f3b88fa Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:48:32 2019 +0100
proxy: Use correct authentication cache TTL for AD
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit fa286b133085da2776087d7890b57f96a400cc58 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:46:20 2019 +0100
proxy: Use entered setting for auth children for AD
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5c2a76f7b3799b78e2d9fb33d5f3d7d408b8314b Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:44:19 2019 +0100
proxy: Use correct realm for AD authentication
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit dc637f087fe07ab26ae1dee00133da69bab5e6a1 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:37:00 2019 +0100
proxy: Remove AUTH_IPCACHE_TTL
This is potentially dangerous to set larger than zero.
Authentication is perfomed on basis of IP addresses which is not a good idea at all.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ea72700a3b5f53680b218e9261593806bdc5f7d4 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:27:54 2019 +0100
proxy: Drop NTLM authentication
This is the authentication againt NT 4.0 style domain controllers.
squid has dropped support for this in the 4.5 release and nobody should be using these old domain controllers any more.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit eedca6e36c1131ce5542da5ccbfbb5667648c024 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 03:33:37 2019 +0100
squid: Run as many redirectors as we have CPU cores
This makes sure that we use the optimal ratio of memory and CPU usage.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org Tested-by: Daniel Weismüller daniel.weismueller@ipfire.org Tested-by: Matthias Fischer matthias.fischer@ipfire.org
commit 1a3323f2e6aa4ebe701f2e61a6829c8bedb7eb10 Author: Daniel Weismüller daniel.weismueller@ipfire.org Date: Tue Oct 30 12:06:59 2018 +0100
BUG 11786 - squid: Remove setting for filter processes the number of Squid processes
I added a function to determine the number of cores. Now the number of squid processes will be equal to the number of logical cores. Further I removed the possibility of changing the number of squid processes in the proxy.cgi
Signed-off-by: Daniel Weismüller daniel.weismueller@ipfire.org Signed-off-by: root root@ipfire.test
-----------------------------------------------------------------------
Summary of changes: config/cfgroot/general-functions.pl | 7 + config/cfgroot/useragents | 25 -- config/rootfiles/common/configroot | 1 - config/rootfiles/core/127/filelists/files | 1 + config/rootfiles/core/127/update.sh | 3 + doc/language_issues.de | 29 ++ doc/language_issues.en | 29 -- doc/language_issues.es | 29 +- doc/language_issues.fr | 29 ++ doc/language_issues.it | 29 ++ doc/language_issues.nl | 29 +- doc/language_issues.pl | 29 +- doc/language_issues.ru | 29 +- doc/language_issues.tr | 29 ++ html/cgi-bin/proxy.cgi | 429 +++--------------------------- lfs/configroot | 1 - 16 files changed, 271 insertions(+), 457 deletions(-) delete mode 100644 config/cfgroot/useragents
Difference in files: diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index 0577afe28..e8495e885 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -1165,5 +1165,12 @@ sub dnssec_status() {
return $status; } +sub number_cpu_cores() { + open my $cpuinfo, "/proc/cpuinfo" or die "Can't open cpuinfo: $!\n"; + my $cores = scalar (map /^processor/, <$cpuinfo>); + close $cpuinfo; + + return $cores; +}
1; diff --git a/config/cfgroot/useragents b/config/cfgroot/useragents deleted file mode 100644 index d5164fd63..000000000 --- a/config/cfgroot/useragents +++ /dev/null @@ -1,25 +0,0 @@ -APTGET,apt-get,(APT-HTTP) -AOL,AOL,(AOL) -AVANT,AvantBrowser,(avantbrowser) -CHROME,Chrome,(Chrome) -FIREFOX,Firefox,(Firefox) -FRONTPAGE,FrontPage,(FrontPage) -GEARTH,Google Earth,(kh_lt/LT) -GECKO,Gecko compatible,(Gecko) -GETRIGHT,GetRight,(GetRight) -GOZILLA,Go!Zilla,(Go!Zilla) -GOOGLE,Google Toolbar,(Google\sToolbar) -JAVA,Java,(Java) -KONQUEROR,Konqueror,(Konqueror) -LIBWWWPERL,libwww-perl,(libwww-perl) -LYNX,Lynx,(Lynx) -MSIE,Internet Explorer,(MSIE.*[)]$) -NETSCAPE,Netscape,(^Mozilla/4.[7|8])|(Netscape) -OPERA,Opera,(Opera) -SAFARI,Safari,(Safari) -SYMLU,Symantec LiveUpdate,(Symantec\sLiveUpdate) -THUNDERBIRD,Thunderbird,(Thunderbird) -WGA,WGA,(LegitCheck) -WGET,Wget,(Wget) -WINUPD,Windows Update,(Industry\sUpdate\sControl)|(Windows\sUpdate)|(Service\sPack\sSetup)|(Progressive\sDownload)|(Windows-Update-Agent)|(Microsoft\sBITS) -WMP,Media Player,(Windows-Media-Player)|(NSPlayer) diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot index 6f5d2fe2f..fa18a0525 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -151,7 +151,6 @@ var/ipfire/proxy #var/ipfire/proxy/advanced/cre #var/ipfire/proxy/advanced/cre/enable #var/ipfire/proxy/advanced/settings -#var/ipfire/proxy/advanced/useragents #var/ipfire/proxy/calamaris #var/ipfire/proxy/calamaris/bin #var/ipfire/proxy/settings diff --git a/config/rootfiles/core/127/filelists/files b/config/rootfiles/core/127/filelists/files index 0416427be..cb705e3c1 100644 --- a/config/rootfiles/core/127/filelists/files +++ b/config/rootfiles/core/127/filelists/files @@ -8,4 +8,5 @@ etc/rc.d/init.d/unbound srv/web/ipfire/cgi-bin/dnsforward.cgi srv/web/ipfire/cgi-bin/ids.cgi srv/web/ipfire/cgi-bin/ovpnmain.cgi +srv/web/ipfire/cgi-bin/proxy.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi diff --git a/config/rootfiles/core/127/update.sh b/config/rootfiles/core/127/update.sh index 624ebe492..a8a206eab 100644 --- a/config/rootfiles/core/127/update.sh +++ b/config/rootfiles/core/127/update.sh @@ -45,6 +45,9 @@ ldconfig # Update Language cache /usr/local/bin/update-lang-cache
+# Regenerate squid configuration file +sudo -u nobody /srv/web/ipfire/cgi-bin/proxy.cgi + # Start services /etc/init.d/unbound restart /etc/init.d/squid start diff --git a/doc/language_issues.de b/doc/language_issues.de index e2048d7d1..f8b84c651 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -45,9 +45,24 @@ WARNING: translation string unused: addon WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,13 +71,27 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour diff --git a/doc/language_issues.en b/doc/language_issues.en index 458300d84..6dcf03929 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -121,13 +121,11 @@ WARNING: untranslated string: advproxy AUTH method ident = identd WARNING: untranslated string: advproxy AUTH method ldap = LDAP WARNING: untranslated string: advproxy AUTH method ncsa = Local WARNING: untranslated string: advproxy AUTH method none = None -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy AUTH method radius = RADIUS WARNING: untranslated string: advproxy AUTH no auth = Domains without authentication (one per line) WARNING: untranslated string: advproxy AUTH number of auth processes = Number of authentication processes WARNING: untranslated string: advproxy AUTH realm = Authentication realm prompt -WARNING: untranslated string: advproxy AUTH user IP cache TTL = User/IP cache TTL (in minutes) WARNING: untranslated string: advproxy IDENT authorized users = Authorized users (one per line) WARNING: untranslated string: advproxy IDENT aware hosts = Ident aware hosts (one per line) WARNING: untranslated string: advproxy IDENT identd settings = Common identd settings @@ -169,17 +167,6 @@ WARNING: untranslated string: advproxy NCSA update user = Update user WARNING: untranslated string: advproxy NCSA user accounts = User accounts WARNING: untranslated string: advproxy NCSA user management = User management WARNING: untranslated string: advproxy NCSA username = Username -WARNING: untranslated string: advproxy NTLM BDC hostname = BDC hostname -WARNING: untranslated string: advproxy NTLM PDC hostname = PDC hostname -WARNING: untranslated string: advproxy NTLM auth mode = Authentication mode -WARNING: untranslated string: advproxy NTLM authorized users = Authorized domain users (one per line) -WARNING: untranslated string: advproxy NTLM domain = Domain -WARNING: untranslated string: advproxy NTLM domain settings = Common domain settings -WARNING: untranslated string: advproxy NTLM unauthorized users = Unauthorized domain users (one per line) -WARNING: untranslated string: advproxy NTLM use integrated auth = Enable Windows integrated authentication -WARNING: untranslated string: advproxy NTLM use negative access list = Use negative access control -WARNING: untranslated string: advproxy NTLM use positive access list = Use positive access control -WARNING: untranslated string: advproxy NTLM user based access restrictions = User based access restrictions WARNING: untranslated string: advproxy RADIUS authorized users = Authorized users (one per line) WARNING: untranslated string: advproxy RADIUS identifier = Identifier WARNING: untranslated string: advproxy RADIUS port = Port @@ -190,13 +177,11 @@ WARNING: untranslated string: advproxy RADIUS unauthorized users = Unauthorized WARNING: untranslated string: advproxy RADIUS use negative access list = Use negative access control WARNING: untranslated string: advproxy RADIUS use positive access list = Use positive access control WARNING: untranslated string: advproxy RADIUS user based access restrictions = User based access restrictions -WARNING: untranslated string: advproxy UA enable filter = Enable browser check WARNING: untranslated string: advproxy access = Access WARNING: untranslated string: advproxy admin mail = Cache administrator e-mail WARNING: untranslated string: advproxy advanced web proxy = Advanced Web Proxy WARNING: untranslated string: advproxy advanced web proxy configuration = Advanced web proxy configuration WARNING: untranslated string: advproxy allowed subnets = Allowed subnets (one per line) -WARNING: untranslated string: advproxy allowed web browsers = Allowed clients for web access WARNING: untranslated string: advproxy back to main page = Back to main page WARNING: untranslated string: advproxy banned ip clients = Banned IP addresses (one per line) WARNING: untranslated string: advproxy banned mac clients = Banned MAC addresses (one per line) @@ -208,7 +193,6 @@ WARNING: untranslated string: advproxy classroom extensions = Classroom extensio WARNING: untranslated string: advproxy clear cache = Clear Cache WARNING: untranslated string: advproxy client IP forwarding = Client IP address forwarding WARNING: untranslated string: advproxy common settings = Common settings -WARNING: untranslated string: advproxy content based throttling = Enable content based throttling WARNING: untranslated string: advproxy cre disabled = The management interface has been disabled by the administrator WARNING: untranslated string: advproxy cre group definitions = Classroom group definitions WARNING: untranslated string: advproxy cre supervisors = Supervisor IP addresses (one per line) @@ -220,15 +204,12 @@ WARNING: untranslated string: advproxy errmsg acl cannot be empty = Access contr WARNING: untranslated string: advproxy errmsg auth cache ttl = Invalid value for authentication cache TTL WARNING: untranslated string: advproxy errmsg auth children = Invalid number of authentication processes WARNING: untranslated string: advproxy errmsg auth ipcache may not be null = Authentication cache TTL may not be 0 when using IP address limits -WARNING: untranslated string: advproxy errmsg auth ipcache ttl = Invalid value for user/IP cache TTL WARNING: untranslated string: advproxy errmsg cache = The RAM cache size is greater than the harddisk cache size: WARNING: untranslated string: advproxy errmsg hdd cache size = Invalid value for harddisk cache size (min 10 MB required) WARNING: untranslated string: advproxy errmsg ident timeout = Invalid ident timeout -WARNING: untranslated string: advproxy errmsg invalid bdc = Invalid hostname for backup domain controller WARNING: untranslated string: advproxy errmsg invalid destination port = Invalid destination port WARNING: untranslated string: advproxy errmsg invalid ip or mask = Invalid IP address or network mask WARNING: untranslated string: advproxy errmsg invalid mac = Invalid MAC address -WARNING: untranslated string: advproxy errmsg invalid pdc = Invalid hostname for primary domain controller WARNING: untranslated string: advproxy errmsg invalid proxy port = Invalid proxy port WARNING: untranslated string: advproxy errmsg invalid upstream proxy = Invalid upstream proxy IP/hostname WARNING: untranslated string: advproxy errmsg invalid upstream proxy username or password setting = Invalid upstream proxy username or password setting @@ -238,11 +219,8 @@ WARNING: untranslated string: advproxy errmsg ldap port = Invalid LDAP port numb WARNING: untranslated string: advproxy errmsg ldap server = Invalid IP address/hostname for LDAP Server WARNING: untranslated string: advproxy errmsg max userip = Invalid number of IP addresses per user WARNING: untranslated string: advproxy errmsg mem cache size = Invalid value for memory cache size -WARNING: untranslated string: advproxy errmsg no browser = At least one browser or client must be selected for web access WARNING: untranslated string: advproxy errmsg no username = Username can not be empty WARNING: untranslated string: advproxy errmsg non-transparent proxy required = Web proxy must be running in non-transparent mode for authentication -WARNING: untranslated string: advproxy errmsg ntlm domain = Windows domain name required -WARNING: untranslated string: advproxy errmsg ntlm pdc = Hostname for primary domain controller required WARNING: untranslated string: advproxy errmsg password length = Invalid value for password length WARNING: untranslated string: advproxy errmsg password length 1 = Password must have at least WARNING: untranslated string: advproxy errmsg password length 2 = characters @@ -261,7 +239,6 @@ WARNING: untranslated string: advproxy from = From WARNING: untranslated string: advproxy group access control = Group based access control WARNING: untranslated string: advproxy group required = Required group WARNING: untranslated string: advproxy hdd cache size = Harddisk cache size (MB) -WARNING: untranslated string: advproxy invalid num of children = Invalid number of filter processes WARNING: untranslated string: advproxy log enabled = Log enabled WARNING: untranslated string: advproxy log query = Log query terms WARNING: untranslated string: advproxy log settings = Log settings @@ -276,7 +253,6 @@ WARNING: untranslated string: advproxy mode deny = deny WARNING: untranslated string: advproxy monday = Mon WARNING: untranslated string: advproxy network based access = Network based access control WARNING: untranslated string: advproxy no cache sites = Do not cache these domains (one per line) -WARNING: untranslated string: advproxy no clients defined = No clients defined WARNING: untranslated string: advproxy no connection auth = No connection oriented authentication forwarding WARNING: untranslated string: advproxy no cre groups = There are no access groups available WARNING: untranslated string: advproxy no internal proxy on blue = Disable internal proxy access from BLUE to other subnets @@ -289,7 +265,6 @@ WARNING: untranslated string: advproxy privacy = Privacy WARNING: untranslated string: advproxy proxy port = Proxy port WARNING: untranslated string: advproxy proxy port transparent = Transparent port WARNING: untranslated string: advproxy ram cache size = Memory cache size (MB) -WARNING: untranslated string: advproxy redirector children = Number of filter processes WARNING: untranslated string: advproxy reset = Reset WARNING: untranslated string: advproxy saturday = Sat WARNING: untranslated string: advproxy save and restart = Save and Restart @@ -301,9 +276,6 @@ WARNING: untranslated string: advproxy standard ports = Allowed standard ports ( WARNING: untranslated string: advproxy sunday = Sun WARNING: untranslated string: advproxy supervisor password = Supervisor password WARNING: untranslated string: advproxy suppress version = Suppress version information -WARNING: untranslated string: advproxy throttle binary = Binary files -WARNING: untranslated string: advproxy throttle dskimg = CD images -WARNING: untranslated string: advproxy throttle mmedia = Multimedia WARNING: untranslated string: advproxy throttling per host on = Limit per host on WARNING: untranslated string: advproxy throttling total on = Overall limit on WARNING: untranslated string: advproxy throttling unlimited = unlimited @@ -325,7 +297,6 @@ WARNING: untranslated string: advproxy url filter = URL filter WARNING: untranslated string: advproxy username forwarding = Username forwarding WARNING: untranslated string: advproxy via forwarding = Proxy address forwarding WARNING: untranslated string: advproxy visible hostname = Visible hostname -WARNING: untranslated string: advproxy web browser = Web browser WARNING: untranslated string: advproxy wednesday = Wed WARNING: untranslated string: age second = second WARNING: untranslated string: aktiv = Active diff --git a/doc/language_issues.es b/doc/language_issues.es index 538115aae..6485fccbc 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -22,9 +22,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -33,14 +47,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -670,7 +698,6 @@ WARNING: untranslated string: Set time on boot = Force setting the system clock WARNING: untranslated string: addons = Addons WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 463a16f7c..06f5a0f55 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -45,9 +45,24 @@ WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,14 +71,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour diff --git a/doc/language_issues.it b/doc/language_issues.it index 6a541735f..ba746410a 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -23,9 +23,24 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +49,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour diff --git a/doc/language_issues.nl b/doc/language_issues.nl index daa5d6a96..883c6ba02 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -23,9 +23,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +48,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -746,7 +774,6 @@ WARNING: untranslated string: Number of Countries for the pie chart = Number of WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication WARNING: untranslated string: advproxy group access control = Group based access control diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 538115aae..6485fccbc 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -22,9 +22,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -33,14 +47,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -670,7 +698,6 @@ WARNING: untranslated string: Set time on boot = Force setting the system clock WARNING: untranslated string: addons = Addons WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 4a55a54da..88ba126a1 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -23,9 +23,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +48,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -672,7 +700,6 @@ WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: addons = Addons WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 7a9179996..f4aca5b7e 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -45,9 +45,24 @@ WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,14 +71,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 738425b9a..0bf72fed2 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -56,17 +56,11 @@ my %mainsettings=(); my %checked=(); my %selected=();
-my @throttle_limits=(64,128,256,384,512,768,1024,1280,1536,1792,2048,2560,3072,3584,4096,5120,6144,7168,8192,10240,12288,16384,20480); -my $throttle_binary="7z|arj|bin|bz2|cab|exe|gz|lzh|rar|sea|tar|tgz|xz|zip"; -my $throttle_dskimg="b5t|bin|bwt|ccd|cdi|cue|gho|img|iso|mds|nrg|pqi|vmdk"; -my $throttle_mmedia="aiff?|asf|avi|divx|mov|mp3|mpe?g|ogg|qt|ra?m|ts|vob"; +my @throttle_limits=(64,128,256,512,1024,1536,2048,3072,4096,5120,6144,7168,8192,10240,16384,20480,51200,102400);
my $def_ports_safe="80 # http\n21 # ftp\n443 # https\n563 # snews\n70 # gopher\n210 # wais\n1025-65535 # unregistered ports\n280 # http-mgmt\n488 # gss-http\n591 # filemaker\n777 # multiling http\n800 # Squids port (for icons)\n"; my $def_ports_ssl="443 # https\n563 # snews\n";
-my @useragent=(); -my @useragentlist=(); - my $hintcolour='#FFFFCC'; my $ncsa_buttontext=''; my $language=''; @@ -89,7 +83,6 @@ my $errormessage='';
my $acldir = "${General::swroot}/proxy/advanced/acls"; my $ncsadir = "${General::swroot}/proxy/advanced/ncsa"; -my $ntlmdir = "${General::swroot}/proxy/advanced/ntlm"; my $raddir = "${General::swroot}/proxy/advanced/radius"; my $identdir = "${General::swroot}/proxy/advanced/ident"; my $credir = "${General::swroot}/proxy/advanced/cre"; @@ -99,7 +92,6 @@ my $stdgrp = "$ncsadir/standard.grp"; my $extgrp = "$ncsadir/extended.grp"; my $disgrp = "$ncsadir/disabled.grp";
-my $browserdb = "${General::swroot}/proxy/advanced/useragents"; my $mimetypes = "${General::swroot}/proxy/advanced/mimetypes"; my $throttled_urls = "${General::swroot}/proxy/advanced/throttle";
@@ -137,7 +129,6 @@ my $urlfilterversion = 'n/a';
unless (-d "$acldir") { mkdir("$acldir"); } unless (-d "$ncsadir") { mkdir("$ncsadir"); } -unless (-d "$ntlmdir") { mkdir("$ntlmdir"); } unless (-d "$raddir") { mkdir("$raddir"); } unless (-d "$identdir") { mkdir("$identdir"); } unless (-d "$credir") { mkdir("$credir"); } @@ -170,15 +161,10 @@ unless (-e $acl_ports_safe) { system("touch $acl_ports_safe"); } unless (-e $acl_ports_ssl) { system("touch $acl_ports_ssl"); } unless (-e $acl_include) { system("touch $acl_include"); }
-unless (-e $browserdb) { system("touch $browserdb"); } unless (-e $mimetypes) { system("touch $mimetypes"); }
my $HAVE_NTLM_AUTH = (-e "/usr/bin/ntlm_auth");
-open FILE, $browserdb; -@useragentlist = sort { reverse(substr(reverse(substr($a,index($a,',')+1)),index(reverse(substr($a,index($a,','))),',')+1)) cmp reverse(substr(reverse(substr($b,index($b,',')+1)),index(reverse(substr($b,index($b,','))),',')+1))} grep !/(^$)|(^\s*#)/,<FILE>; -close(FILE); - &General::readhash("${General::swroot}/ethernet/settings", %netsettings); &General::readhash("${General::swroot}/main/settings", %mainsettings);
@@ -217,8 +203,8 @@ $proxysettings{'CACHEMGR'} = 'off'; $proxysettings{'LOGQUERY'} = 'off'; $proxysettings{'LOGUSERAGENT'} = 'off'; $proxysettings{'FILEDESCRIPTORS'} = '16384'; -$proxysettings{'CACHE_MEM'} = '2'; -$proxysettings{'CACHE_SIZE'} = '50'; +$proxysettings{'CACHE_MEM'} = '128'; +$proxysettings{'CACHE_SIZE'} = '0'; $proxysettings{'MAX_SIZE'} = '4096'; $proxysettings{'MIN_SIZE'} = '0'; $proxysettings{'MEM_POLICY'} = 'LRU'; @@ -241,18 +227,13 @@ $proxysettings{'THROTTLING_GREEN_TOTAL'} = 'unlimited'; $proxysettings{'THROTTLING_GREEN_HOST'} = 'unlimited'; $proxysettings{'THROTTLING_BLUE_TOTAL'} = 'unlimited'; $proxysettings{'THROTTLING_BLUE_HOST'} = 'unlimited'; -$proxysettings{'THROTTLE_BINARY'} = 'off'; -$proxysettings{'THROTTLE_DSKIMG'} = 'off'; -$proxysettings{'THROTTLE_MMEDIA'} = 'off'; $proxysettings{'ENABLE_MIME_FILTER'} = 'off'; -$proxysettings{'ENABLE_BROWSER_CHECK'} = 'off'; $proxysettings{'FAKE_USERAGENT'} = ''; $proxysettings{'FAKE_REFERER'} = ''; $proxysettings{'AUTH_METHOD'} = 'none'; $proxysettings{'AUTH_REALM'} = ''; $proxysettings{'AUTH_MAX_USERIP'} = ''; $proxysettings{'AUTH_CACHE_TTL'} = '60'; -$proxysettings{'AUTH_IPCACHE_TTL'} = '0'; $proxysettings{'AUTH_CHILDREN'} = '5'; $proxysettings{'NCSA_MIN_PASS_LEN'} = '6'; $proxysettings{'NCSA_BYPASS_REDIR'} = 'off'; @@ -287,7 +268,6 @@ $proxysettings{'IDENT_USER_ACL'} = 'positive'; $proxysettings{'ENABLE_FILTER'} = 'off'; $proxysettings{'ENABLE_UPDXLRATOR'} = 'off'; $proxysettings{'ENABLE_CLAMAV'} = 'off'; -$proxysettings{'CHILDREN'} = '10';
$ncsa_buttontext = $Lang::tr{'advproxy NCSA create user'};
@@ -436,27 +416,6 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'} { $errormessage = $Lang::tr{'invalid maximum incoming size'}; goto ERROR; - } - if (!($proxysettings{'CHILDREN'} =~ /^\d+$/) || ($proxysettings{'CHILDREN'} < 1)) - { - $errormessage = $Lang::tr{'advproxy invalid num of children'}; - goto ERROR; - } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') - { - $browser_regexp = ''; - foreach (@useragentlist) - { - chomp; - @useragent = split(/,/); - if ($proxysettings{'UA_'.$useragent[0]} eq 'on') { $browser_regexp .= "$useragent[2]|"; } - } - chop($browser_regexp); - if (!$browser_regexp) - { - $errormessage = $Lang::tr{'advproxy errmsg no browser'}; - goto ERROR; - } } if (!($proxysettings{'AUTH_METHOD'} eq 'none')) { @@ -480,23 +439,18 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'} } } } - if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && - ((!($proxysettings{'AUTH_MAX_USERIP'} =~ /^\d+/)) || ($proxysettings{'AUTH_MAX_USERIP'} < 1) || ($proxysettings{'AUTH_MAX_USERIP'} > 255))) - { - $errormessage = $Lang::tr{'advproxy errmsg max userip'}; - goto ERROR; - } if (!($proxysettings{'AUTH_CACHE_TTL'} =~ /^\d+/)) { $errormessage = $Lang::tr{'advproxy errmsg auth cache ttl'}; goto ERROR; } - if (!($proxysettings{'AUTH_IPCACHE_TTL'} =~ /^\d+/)) + if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && + ((!($proxysettings{'AUTH_MAX_USERIP'} =~ /^\d+/)) || ($proxysettings{'AUTH_MAX_USERIP'} < 1) || ($proxysettings{'AUTH_MAX_USERIP'} > 255))) { - $errormessage = $Lang::tr{'advproxy errmsg auth ipcache ttl'}; + $errormessage = $Lang::tr{'advproxy errmsg max userip'}; goto ERROR; } - if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && ($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) + if (!($proxysettings{'AUTH_MAX_USERIP'} eq '')) { $errormessage = $Lang::tr{'advproxy errmsg auth ipcache may not be null'}; goto ERROR; @@ -552,33 +506,6 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'} } } } - if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') - { - if ($proxysettings{'NTLM_DOMAIN'} eq '') - { - $errormessage = $Lang::tr{'advproxy errmsg ntlm domain'}; - goto ERROR; - } - if ($proxysettings{'NTLM_PDC'} eq '') - { - $errormessage = $Lang::tr{'advproxy errmsg ntlm pdc'}; - goto ERROR; - } - if (!&General::validhostname($proxysettings{'NTLM_PDC'})) - { - $errormessage = $Lang::tr{'advproxy errmsg invalid pdc'}; - goto ERROR; - } - if ((!($proxysettings{'NTLM_BDC'} eq '')) && (!&General::validhostname($proxysettings{'NTLM_BDC'}))) - { - $errormessage = $Lang::tr{'advproxy errmsg invalid bdc'}; - goto ERROR; - } - - $proxysettings{'NTLM_DOMAIN'} = lc($proxysettings{'NTLM_DOMAIN'}); - $proxysettings{'NTLM_PDC'} = lc($proxysettings{'NTLM_PDC'}); - $proxysettings{'NTLM_BDC'} = lc($proxysettings{'NTLM_BDC'}); - } if ($proxysettings{'AUTH_METHOD'} eq 'radius') { if (!&General::validip($proxysettings{'RADIUS_SERVER'})) @@ -834,36 +761,14 @@ $selected{'THROTTLING_GREEN_HOST'}{$proxysettings{'THROTTLING_GREEN_HOST'}} = "s $selected{'THROTTLING_BLUE_TOTAL'}{$proxysettings{'THROTTLING_BLUE_TOTAL'}} = "selected='selected'"; $selected{'THROTTLING_BLUE_HOST'}{$proxysettings{'THROTTLING_BLUE_HOST'}} = "selected='selected'";
-$checked{'THROTTLE_BINARY'}{'off'} = ''; -$checked{'THROTTLE_BINARY'}{'on'} = ''; -$checked{'THROTTLE_BINARY'}{$proxysettings{'THROTTLE_BINARY'}} = "checked='checked'"; -$checked{'THROTTLE_DSKIMG'}{'off'} = ''; -$checked{'THROTTLE_DSKIMG'}{'on'} = ''; -$checked{'THROTTLE_DSKIMG'}{$proxysettings{'THROTTLE_DSKIMG'}} = "checked='checked'"; -$checked{'THROTTLE_MMEDIA'}{'off'} = ''; -$checked{'THROTTLE_MMEDIA'}{'on'} = ''; -$checked{'THROTTLE_MMEDIA'}{$proxysettings{'THROTTLE_MMEDIA'}} = "checked='checked'"; - $checked{'ENABLE_MIME_FILTER'}{'off'} = ''; $checked{'ENABLE_MIME_FILTER'}{'on'} = ''; $checked{'ENABLE_MIME_FILTER'}{$proxysettings{'ENABLE_MIME_FILTER'}} = "checked='checked'";
-$checked{'ENABLE_BROWSER_CHECK'}{'off'} = ''; -$checked{'ENABLE_BROWSER_CHECK'}{'on'} = ''; -$checked{'ENABLE_BROWSER_CHECK'}{$proxysettings{'ENABLE_BROWSER_CHECK'}} = "checked='checked'"; - -foreach (@useragentlist) { - @useragent = split(/,/); - $checked{'UA_'.$useragent[0]}{'off'} = ''; - $checked{'UA_'.$useragent[0]}{'on'} = ''; - $checked{'UA_'.$useragent[0]}{$proxysettings{'UA_'.$useragent[0]}} = "checked='checked'"; -} - $checked{'AUTH_METHOD'}{'none'} = ''; $checked{'AUTH_METHOD'}{'ncsa'} = ''; $checked{'AUTH_METHOD'}{'ident'} = ''; $checked{'AUTH_METHOD'}{'ldap'} = ''; -$checked{'AUTH_METHOD'}{'ntlm'} = ''; $checked{'AUTH_METHOD'}{'ntlm-auth'} = ''; $checked{'AUTH_METHOD'}{'radius'} = ''; $checked{'AUTH_METHOD'}{$proxysettings{'AUTH_METHOD'}} = "checked='checked'"; @@ -1034,12 +939,8 @@ print <<END </table> <hr size='1'> <table width='100%'> -<tr><td class='base' colspan='4'><b>$Lang::tr{'advproxy redirector children'}</b></td></tr> -<tr><td class='base' >$Lang::tr{'processes'}: <img src='/blob.gif' alt='*' /><input type='text' name='CHILDREN' value='$proxysettings{'CHILDREN'}' size='5' /></td> END ; -my $count = `ip n| wc -l`; -if ( $count < 1 ){$count = 1;} if ( -e "/usr/bin/squidclamav" ) { print "<td class='base'><b>".$Lang::tr{'advproxy squidclamav'}."</b><br />"; if ( ! -e "/var/run/clamav/clamd.pid" ){ @@ -1048,18 +949,16 @@ if ( -e "/usr/bin/squidclamav" ) { } else { print $Lang::tr{'advproxy enabled'}."<input type='checkbox' name='ENABLE_CLAMAV' ".$checked{'ENABLE_CLAMAV'}{'on'}." /><br />"; - print "+ ".int(( $count**(1/3)) * 8);} +} print "</td>"; } else { print "<td></td>"; } print "<td class='base'><a href='/cgi-bin/urlfilter.cgi'><b>".$Lang::tr{'advproxy url filter'}."</a></b><br />"; print $Lang::tr{'advproxy enabled'}."<input type='checkbox' name='ENABLE_FILTER' ".$checked{'ENABLE_FILTER'}{'on'}." /><br />"; -print "+ ".int(($count**(1/3)) * 6); print "</td>"; print "<td class='base'><a href='/cgi-bin/updatexlrator.cgi'><b>".$Lang::tr{'advproxy update accelerator'}."</a></b><br />"; print $Lang::tr{'advproxy enabled'}."<input type='checkbox' name='ENABLE_UPDXLRATOR' ".$checked{'ENABLE_UPDXLRATOR'}{'on'}." /><br />"; -print "+ ".int(($count**(1/3)) * 5); print "</td></tr>"; print <<END </table> @@ -1531,7 +1430,15 @@ END ;
foreach (@throttle_limits) { - print "\t<option value='$_' $selected{'THROTTLING_GREEN_TOTAL'}{$_}>$_ kbit/s</option>\n"; + my $val = $_; + my $unit = "kbit/s"; + + if ($val >= 1024) { + $unit = "Mbit/s"; + $val /= 1024; + } + + print "\t<option value='$_' $selected{'THROTTLING_GREEN_TOTAL'}{$_}>$val $unit</option>\n"; }
print <<END @@ -1594,21 +1501,6 @@ END
print <<END </table> -<table width='100%'> -<tr> - <td colspan='4'><i>$Lang::tr{'advproxy content based throttling'}:</i></td> -</tr> -<tr> - <td width='15%' class='base'>$Lang::tr{'advproxy throttle binary'}:</td> - <td width='10%'><input type='checkbox' name='THROTTLE_BINARY' $checked{'THROTTLE_BINARY'}{'on'} /></td> - <td width='15%' class='base'>$Lang::tr{'advproxy throttle dskimg'}:</td> - <td width='10%'><input type='checkbox' name='THROTTLE_DSKIMG' $checked{'THROTTLE_DSKIMG'}{'on'} /></td> - <td width='15%' class='base'>$Lang::tr{'advproxy throttle mmedia'}:</td> - <td width='10%'><input type='checkbox' name='THROTTLE_MMEDIA' $checked{'THROTTLE_MMEDIA'}{'on'} /></td> - <td width='15%'> </td> - <td width='10%'> </td> -</tr> -</table> <hr size='1'> <table width='100%'> <tr> @@ -1642,42 +1534,7 @@ print <<END </table>
<hr size='1'> -<table width='100%'> -<tr> - <td colspan='4'><b>$Lang::tr{'advproxy web browser'}</b> $Lang::tr{'advproxy UA enable filter'}:<input type='checkbox' name='ENABLE_BROWSER_CHECK' $checked{'ENABLE_BROWSER_CHECK'}{'on'} /></td> -</tr> -END -; -if ( $proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on' ){ -print <<END -<tr> - <td colspan='4'><i> -END -; -if (@useragentlist) { print "$Lang::tr{'advproxy allowed web browsers'}:"; } else { print "$Lang::tr{'advproxy no clients defined'}"; } -print <<END -</i></td> -</tr> -</table> -<table width='100%'> -END -;
-for ($n=0; $n<=@useragentlist; $n = $n + $i) { - for ($i=0; $i<=3; $i++) { - if ($i eq 0) { print "<tr>\n"; } - if (($n+$i) < @useragentlist) { - @useragent = split(/,/,@useragentlist[$n+$i]); - print "<td width='15%'>$useragent[1]:</td>\n"; - print "<td width='10%'><input type='checkbox' name='UA_$useragent[0]' $checked{'UA_'.$useragent[0]}{'on'} /></td>\n"; - } - if ($i eq 3) { print "</tr>\n"; } - } -} -} -print <<END -</table> -<hr size='1'> <table width='100%'> <tr> <td><b>$Lang::tr{'advproxy privacy'}</b></td> @@ -1711,7 +1568,6 @@ print <<END; <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ncsa' $checked{'AUTH_METHOD'}{'ncsa'} />$Lang::tr{'advproxy AUTH method ncsa'}</td> <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ident' $checked{'AUTH_METHOD'}{'ident'} />$Lang::tr{'advproxy AUTH method ident'}</td> <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ldap' $checked{'AUTH_METHOD'}{'ldap'} />$Lang::tr{'advproxy AUTH method ldap'}</td> - <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ntlm' $checked{'AUTH_METHOD'}{'ntlm'} />$Lang::tr{'advproxy AUTH method ntlm'}</td> END
if ($HAVE_NTLM_AUTH) { @@ -1789,10 +1645,6 @@ print <<END <td class='base'>$Lang::tr{'advproxy AUTH limit of IP addresses'}:</td> <td><input type='text' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td> </tr> -<tr> - <td class='base'>$Lang::tr{'advproxy AUTH user IP cache TTL'}:</td> - <td><input type='text' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td> -</tr> <tr> <td class='base'>$Lang::tr{'advproxy AUTH always required'}:</td> <td><input type='checkbox' name='AUTH_ALWAYS_REQUIRED' $checked{'AUTH_ALWAYS_REQUIRED'}{'on'} /></td> @@ -1926,80 +1778,6 @@ if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print <<END END ; }
-# =================================================================== -# NTLM auth settings -# =================================================================== - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { -print <<END -<hr size='1'> -<table width='100%'> -<tr> - <td colspan='6'><b>$Lang::tr{'advproxy NTLM domain settings'}</b></td> -</tr> -<tr> - <td class='base'>$Lang::tr{'advproxy NTLM domain'}:</td> - <td><input type='text' name='NTLM_DOMAIN' value='$proxysettings{'NTLM_DOMAIN'}' size='15' /></td> - <td class='base'>$Lang::tr{'advproxy NTLM PDC hostname'}:</td> - <td><input type='text' name='NTLM_PDC' value='$proxysettings{'NTLM_PDC'}' size='14' /></td> - <td class='base'>$Lang::tr{'advproxy NTLM BDC hostname'}:</td> - <td><input type='text' name='NTLM_BDC' value='$proxysettings{'NTLM_BDC'}' size='14' /></td> -</tr> -</table> -<hr size ='1'> -<table width='100%'> -<tr> - <td colspan='3'><b>$Lang::tr{'advproxy NTLM auth mode'}</b></td> -</tr> -<tr> - <td width='25%' class='base' width='25%'>$Lang::tr{'advproxy NTLM use integrated auth'}:</td> - <td width='20%'><input type='checkbox' name='NTLM_ENABLE_INT_AUTH' $checked{'NTLM_ENABLE_INT_AUTH'}{'on'} /></td> - <td> </td> -</tr> -</table> -<hr size ='1'> -<table width='100%'> -<tr> - <td colspan='4'><b>$Lang::tr{'advproxy NTLM user based access restrictions'}</b></td> -</tr> -<tr> - <td width='25%' class='base'>$Lang::tr{'advproxy enabled'}:</td> - <td width='20%'><input type='checkbox' name='NTLM_ENABLE_ACL' $checked{'NTLM_ENABLE_ACL'}{'on'} /></td> - <td width='25%'> </td> - <td width='30%'> </td> -</tr> -<tr> - <td colspan='2'><input type='radio' name='NTLM_USER_ACL' value='positive' $checked{'NTLM_USER_ACL'}{'positive'} /> - $Lang::tr{'advproxy NTLM use positive access list'}:</td> - <td colspan='2'><input type='radio' name='NTLM_USER_ACL' value='negative' $checked{'NTLM_USER_ACL'}{'negative'} /> - $Lang::tr{'advproxy NTLM use negative access list'}:</td> -</tr> -<tr> - <td colspan='2'>$Lang::tr{'advproxy NTLM authorized users'}</td> - <td colspan='2'>$Lang::tr{'advproxy NTLM unauthorized users'}</td> -</tr> -<tr> - <td colspan='2'><textarea name='NTLM_ALLOW_USERS' cols='32' rows='6' wrap='off'> -END -; } - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_ALLOW_USERS'}; } - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END -</textarea></td> - <td colspan='2'><textarea name='NTLM_DENY_USERS' cols='32' rows='6' wrap='off'> -END -; } - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_DENY_USERS'}; } - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END -</textarea></td> -</tr> -</table> -END -; } - # =================================================================== # NTLM-AUTH settings # =================================================================== @@ -2163,7 +1941,6 @@ print <<END <td><input type='hidden' name='AUTH_CHILDREN' value='$proxysettings{'AUTH_CHILDREN'}'></td> <td><input type='hidden' name='AUTH_CACHE_TTL' value='$proxysettings{'AUTH_CACHE_TTL'}' size='5' /></td> <td><input type='hidden' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td> -<td><input type='hidden' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td> <td><input type='hidden' name='AUTH_ALWAYS_REQUIRED' value='$proxysettings{'AUTH_ALWAYS_REQUIRED'}'></td> <td><input type='hidden' name='AUTH_REALM' value='$proxysettings{'AUTH_REALM'}'></td> <td><input type='hidden' name='DST_NOAUTH' value='$proxysettings{'DST_NOAUTH'}'></td> @@ -2175,7 +1952,6 @@ print <<END <td><input type='hidden' name='AUTH_CHILDREN' value='$proxysettings{'AUTH_CHILDREN'}'></td> <td><input type='hidden' name='AUTH_CACHE_TTL' value='$proxysettings{'AUTH_CACHE_TTL'}' size='5' /></td> <td><input type='hidden' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td> -<td><input type='hidden' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td> <td><input type='hidden' name='AUTH_REALM' value='$proxysettings{'AUTH_REALM'}'></td> END ; } @@ -2211,19 +1987,6 @@ print <<END END ; }
-if (!($proxysettings{'AUTH_METHOD'} eq 'ntlm')) { -print <<END -<td><input type='hidden' name='NTLM_DOMAIN' value='$proxysettings{'NTLM_DOMAIN'}'></td> -<td><input type='hidden' name='NTLM_PDC' value='$proxysettings{'NTLM_PDC'}'></td> -<td><input type='hidden' name='NTLM_BDC' value='$proxysettings{'NTLM_BDC'}'></td> -<td><input type='hidden' name='NTLM_ENABLE_INT_AUTH' value='$proxysettings{'NTLM_ENABLE_INT_AUTH'}'></td> -<td><input type='hidden' name='NTLM_ENABLE_ACL' value='$proxysettings{'NTLM_ENABLE_ACL'}'></td> -<td><input type='hidden' name='NTLM_USER_ACL' value='$proxysettings{'NTLM_USER_ACL'}'></td> -<td><input type='hidden' name='NTLM_ALLOW_USERS' value='$proxysettings{'NTLM_ALLOW_USERS'}'></td> -<td><input type='hidden' name='NTLM_DENY_USERS' value='$proxysettings{'NTLM_DENY_USERS'}'></td> -END -; } - if (!($proxysettings{'AUTH_METHOD'} eq 'radius')) { print <<END <td><input type='hidden' name='RADIUS_SERVER' value='$proxysettings{'RADIUS_SERVER'}'></td> @@ -2513,18 +2276,6 @@ sub read_acls while (<FILE>) { $proxysettings{'MIME_TYPES'} .= $_ }; close(FILE); } - if (-e "$ntlmdir/msntauth.allowusers") { - open(FILE,"$ntlmdir/msntauth.allowusers"); - delete $proxysettings{'NTLM_ALLOW_USERS'}; - while (<FILE>) { $proxysettings{'NTLM_ALLOW_USERS'} .= $_ }; - close(FILE); - } - if (-e "$ntlmdir/msntauth.denyusers") { - open(FILE,"$ntlmdir/msntauth.denyusers"); - delete $proxysettings{'NTLM_DENY_USERS'}; - while (<FILE>) { $proxysettings{'NTLM_DENY_USERS'} .= $_ }; - close(FILE); - } if (-e "$raddir/radauth.allowusers") { open(FILE,"$raddir/radauth.allowusers"); delete $proxysettings{'RADIUS_ALLOW_USERS'}; @@ -2933,23 +2684,6 @@ sub write_acls if (!$proxysettings{'PORTS_SSL'}) { print FILE $def_ports_ssl; } else { print FILE $proxysettings{'PORTS_SSL'}; } close(FILE);
- open(FILE, ">$acl_dst_throttle"); - flock(FILE, 2); - if ($proxysettings{'THROTTLE_BINARY'} eq 'on') - { - @temp = split(/|/,$throttle_binary); - foreach (@temp) { print FILE "\.$_$\n"; } - } - if ($proxysettings{'THROTTLE_DSKIMG'} eq 'on') - { - @temp = split(/|/,$throttle_dskimg); - foreach (@temp) { print FILE "\.$_$\n"; } - } - if ($proxysettings{'THROTTLE_MMEDIA'} eq 'on') - { - @temp = split(/|/,$throttle_mmedia); - foreach (@temp) { print FILE "\.$_$\n"; } - } if (-s $throttled_urls) { open(URLFILE, $throttled_urls); @@ -2964,16 +2698,6 @@ sub write_acls print FILE $proxysettings{'MIME_TYPES'}; close(FILE);
- open(FILE, ">$ntlmdir/msntauth.allowusers"); - flock(FILE, 2); - print FILE $proxysettings{'NTLM_ALLOW_USERS'}; - close(FILE); - - open(FILE, ">$ntlmdir/msntauth.denyusers"); - flock(FILE, 2); - print FILE $proxysettings{'NTLM_DENY_USERS'}; - close(FILE); - open(FILE, ">$raddir/radauth.allowusers"); flock(FILE, 2); print FILE $proxysettings{'RADIUS_ALLOW_USERS'}; @@ -3332,6 +3056,11 @@ END } print FILE "\n";
+ # If we use authentication, users must always authenticate + unless ($proxysettings{"AUTH_METHOD"} eq "") { + print FILE "authenticate_ip_ttl 0\n\n"; + } + if ((!($proxysettings{'AUTH_METHOD'} eq 'none')) && (!($proxysettings{'AUTH_METHOD'} eq 'ident'))) { if ($proxysettings{'AUTH_METHOD'} eq 'ncsa') @@ -3340,7 +3069,6 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } }
if ($proxysettings{'AUTH_METHOD'} eq 'ldap') @@ -3385,40 +3113,6 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - } - - if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') - { - if ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') - { - print FILE "auth_param ntlm program $authdir/ntlm_smb_lm_auth $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_PDC'}"; - if ($proxysettings{'NTLM_BDC'} eq '') { print FILE "\n"; } else { print FILE " $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_BDC'}\n"; } - print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - } else { - print FILE "auth_param basic program $authdir/basic_msnt_auth\n"; - print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; - print FILE "auth_param basic realm $authrealm\n"; - print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - - open(MSNTCONF, ">$ntlmdir/msntauth.conf"); - flock(MSNTCONF,2); - print MSNTCONF "server $proxysettings{'NTLM_PDC'}"; - if ($proxysettings{'NTLM_BDC'} eq '') { print MSNTCONF " $proxysettings{'NTLM_PDC'}"; } else { print MSNTCONF " $proxysettings{'NTLM_BDC'}"; } - print MSNTCONF " $proxysettings{'NTLM_DOMAIN'}\n"; - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if ($proxysettings{'NTLM_USER_ACL'} eq 'positive') - { - print MSNTCONF "allowusers $ntlmdir/msntauth.allowusers\n"; - } else { - print MSNTCONF "denyusers $ntlmdir/msntauth.denyusers\n"; - } - } - close(MSNTCONF); - } }
if ($proxysettings{'AUTH_METHOD'} eq 'ntlm-auth') @@ -3433,6 +3127,7 @@ END print FILE "\n";
print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n\n"; + print FILE "auth_param ntlm credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n\n";
# BASIC authentication if ($proxysettings{'NTLM_AUTH_BASIC'} eq "on") { @@ -3444,9 +3139,9 @@ END print FILE " --require-membership-of=$ntlm_auth_group"; } print FILE "\n"; - print FILE "auth_param basic children 10\n"; - print FILE "auth_param basic realm IPFire Web Proxy Server\n"; - print FILE "auth_param basic credentialsttl 2 hours\n\n"; + print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; + print FILE "auth_param basic realm $authrealm\n"; + print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n\n"; } }
@@ -3458,22 +3153,10 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } }
print FILE "\n"; print FILE "acl for_inetusers proxy_auth REQUIRED\n"; - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')) - { - if ((!-z "$ntlmdir/msntauth.allowusers") && ($proxysettings{'NTLM_USER_ACL'} eq 'positive')) - { - print FILE "acl for_acl_users proxy_auth "$ntlmdir/msntauth.allowusers"\n"; - } - if ((!-z "$ntlmdir/msntauth.denyusers") && ($proxysettings{'NTLM_USER_ACL'} eq 'negative')) - { - print FILE "acl for_acl_users proxy_auth "$ntlmdir/msntauth.denyusers"\n"; - } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')) { if ((!-z "$raddir/radauth.allowusers") && ($proxysettings{'RADIUS_USER_ACL'} eq 'positive')) @@ -3526,8 +3209,6 @@ END
if (($delaypools) && (!-z $acl_dst_throttle)) { print FILE "acl for_throttled_urls url_regex -i "$acl_dst_throttle"\n\n"; }
- if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE "acl with_allowed_useragents browser $browser_regexp\n\n"; } - print FILE "acl within_timeframe time "; if ($proxysettings{'TIME_MON'} eq 'on') { print FILE "M"; } if ($proxysettings{'TIME_TUE'} eq 'on') { print FILE "T"; } @@ -3778,7 +3459,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE " to_ipaddr_without_auth\n"; } if (!-z $acl_dst_noauth_dom) @@ -3788,7 +3468,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE " to_domains_without_auth\n"; } if (!-z $acl_dst_noauth_url) @@ -3798,7 +3477,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE " to_hosts_without_auth\n"; } } @@ -3832,24 +3510,10 @@ END { if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FILE " for_inetusers"; } } - if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || ($proxysettings{'AUTH_METHOD'} eq 'radius')) + if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || ($proxysettings{'AUTH_METHOD'} eq 'radius')) { print FILE " for_inetusers"; } - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on')) - { - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/msntauth.allowusers")) - { - print FILE " for_acl_users"; - } - if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/msntauth.denyusers")) - { - print FILE " !for_acl_users"; - } - } else { print FILE " for_inetusers"; } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')) { if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') @@ -3877,24 +3541,10 @@ END { if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FILE " for_inetusers"; } } - if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || ($proxysettings{'AUTH_METHOD'} eq 'radius')) + if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || ($proxysettings{'AUTH_METHOD'} eq 'radius')) { print FILE " for_inetusers"; } - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on')) - { - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/msntauth.allowusers")) - { - print FILE " for_acl_users"; - } - if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/msntauth.denyusers")) - { - print FILE " !for_acl_users"; - } - } else { print FILE " for_inetusers"; } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')) { if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') @@ -3920,14 +3570,6 @@ END }
if ( - ( - ($proxysettings{'AUTH_METHOD'} eq 'ntlm') && - ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && - ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && - ($proxysettings{'NTLM_USER_ACL'} eq 'negative') && - (!-z "$ntlmdir/msntauth.denyusers") - ) - || ( ($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') && @@ -3956,20 +3598,11 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE " !on_ident_aware_hosts\n"; }
print FILE "http_access allow IPFire_networks"; if ( - ( - ($proxysettings{'AUTH_METHOD'} eq 'ntlm') && - ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && - ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && - ($proxysettings{'NTLM_USER_ACL'} eq 'positive') && - (!-z "$ntlmdir/msntauth.allowusers") - ) - || ( ($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') && @@ -3999,7 +3632,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE "\n";
print FILE "http_access deny all\n\n"; @@ -4095,7 +3727,10 @@ END if (($proxysettings{'ENABLE_FILTER'} eq 'on') || ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on') || ($proxysettings{'ENABLE_CLAMAV'} eq 'on')) { print FILE "url_rewrite_program /usr/sbin/redirect_wrapper\n"; - print FILE "url_rewrite_children $proxysettings{'CHILDREN'}\n\n"; + print FILE "url_rewrite_children ", &General::number_cpu_cores(); + print FILE " startup=", &General::number_cpu_cores(); + print FILE " idle=", &General::number_cpu_cores(); + print FILE " queue-size=", &General::number_cpu_cores() * 32, "\n\n"; }
# Include file with user defined settings. diff --git a/lfs/configroot b/lfs/configroot index c66dcdedb..3cdd780fc 100644 --- a/lfs/configroot +++ b/lfs/configroot @@ -98,7 +98,6 @@ $(TARGET) : cp $(DIR_SRC)/config/cfgroot/ssh-settings $(CONFIG_ROOT)/remote/settings cp $(DIR_SRC)/config/cfgroot/time-settings $(CONFIG_ROOT)/time/settings cp $(DIR_SRC)/config/cfgroot/logging-settings $(CONFIG_ROOT)/logging/settings - cp $(DIR_SRC)/config/cfgroot/useragents $(CONFIG_ROOT)/proxy/advanced cp $(DIR_SRC)/config/cfgroot/ethernet-vlans $(CONFIG_ROOT)/ethernet/vlans cp $(DIR_SRC)/langs/list $(CONFIG_ROOT)/langs/ cp $(DIR_SRC)/config/firewall/convert-xtaccess /usr/sbin/convert-xtaccess
hooks/post-receive -- IPFire 2.x development tree