From 08bcaf16ba9bc43aaf216a509d90c32cf408d008 Mon Sep 17 00:00:00 2001
From: Jos Schellevis <jos.schellevis@deciso.com>
Date: Fri, 24 Apr 2015 17:01:57 +0200
Subject: [PATCH] Proxy work in progress, tweak for unrestricted ips

---
 src/opnsense/service/templates/OPNsense/Proxy/squid.conf | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/opnsense/service/templates/OPNsense/Proxy/squid.conf b/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
index 763048f1b..bfdacb576 100644
--- a/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
+++ b/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
@@ -173,15 +173,15 @@ http_access deny blockuseragents
 {% if helpers.exists('OPNsense.proxy.forward.acl.mimeType') %}
 
 # ACL list (Deny) blockmimetypes
-http_reply_access deny blockmimetypes
-http_access deny blockmimetypes_requests
+http_reply_access deny blockmimetypes {% if helpers.exists('OPNsense.proxy.forward.acl.unrestricted') %}!unrestricted{% endif %}
+http_access deny blockmimetypes_requests {% if helpers.exists('OPNsense.proxy.forward.acl.unrestricted') %}!unrestricted{% endif %}
 {% endif %}
 
 # Deny requests to certain unsafe ports
-http_access deny !Safe_ports
+http_access deny !Safe_ports {% if helpers.exists('OPNsense.proxy.forward.acl.unrestricted') %}!unrestricted{% endif %}
 
 # Deny CONNECT to other than secure SSL ports
-http_access deny CONNECT !SSL_ports
+http_access deny CONNECT !SSL_ports {% if helpers.exists('OPNsense.proxy.forward.acl.unrestricted') %}!unrestricted{% endif %}
 
 {% if helpers.exists('OPNsense.proxy.forward.acl.bannedHosts') %}
 http_access deny bannedHosts