lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 00:24:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

add link to proxy page and extend the nat template

Browse Source
This commit is contained in:
Fabian Franz 2016-04-08 17:04:33 +02:00
parent 4351b2a93e
commit 4aa0ce0f9a
2 changed files with 34 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/opnsense/mvc/app/controllers/OPNsense/Proxy/forms/main.xml
View File

@ -200,15 +200,15 @@
<help><![CDATA[The port the proxy service will listen to.]]></help>
</field>
<field>
<id>proxy.forward.transparentMode</id>
<label>Enable Transparent HTTP proxy</label>
<type>checkbox</type>
<help><![CDATA[
Enable transparent proxy mode. You will need a firewall rule to forward traffic from the firewall to the proxy server.
You may leave the proxy interfaces empty, but remember to set a valid ACL in that case.
<br/>
<a href="/firewall_nat_edit.php?template=transparant_proxy"> add a new firewall rule </a>
]]></help>
<id>proxy.forward.transparentMode</id>
<label>Enable Transparent HTTP proxy</label>
<type>checkbox</type>
<help><![CDATA[
Enable transparent proxy mode. You will need a firewall rule to forward traffic from the firewall to the proxy server.
You may leave the proxy interfaces empty, but remember to set a valid ACL in that case.
<br/>
<a href="/firewall_nat_edit.php?template=transparant_proxy"> Add a new firewall rule </a>
]]></help>
</field>
<field>
<id>proxy.forward.sslbump</id>
@ -220,7 +220,8 @@
Be aware of the security implications before enabling this option.
<br/><br/>
Transparent HTTP proxy needs to be enabled and you need nat rules to reflect your traffic
for this feature to work.
for this feature to work.<br/>
<a href="/firewall_nat_edit.php?template=transparant_proxy&https=1"> Add a new firewall rule </a>
]]></help>
</field>
<field>

34
src/www/firewall_nat_edit.php
View File

@ -150,19 +150,31 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig['interface'] = "lan";
$pconfig['src'] = "lan";
$pconfig['dst'] = "any";
$pconfig['dstbeginport'] = 80 ;
$pconfig['dstendport'] = 80 ;
$pconfig['target'] = '127.0.0.1';
// try to read the proxy configuration to determine the current port
// this has some disadvantages in case of dependencies, but there isn't
// a much better solution available at the moment.
if (isset($config['OPNsense']['proxy']['forward']['port'])) {
$pconfig['local-port'] = $config['OPNsense']['proxy']['forward']['port'];
} else {
$pconfig['local-port'] = 3128;
if (isset($_GET['https'])){
$pconfig['dstbeginport'] = 443;
$pconfig['dstendport'] = 443;
if (isset($config['OPNsense']['proxy']['forward']['sslbumpport'])) {
$pconfig['local-port'] = $config['OPNsense']['proxy']['forward']['sslbumpport'];
} else {
$pconfig['local-port'] = 3129;
}
}
else {
$pconfig['dstbeginport'] = 80;
$pconfig['dstendport'] = 80;
// try to read the proxy configuration to determine the current port
// this has some disadvantages in case of dependencies, but there isn't
// a much better solution available at the moment.
if (isset($config['OPNsense']['proxy']['forward']['port'])) {
$pconfig['local-port'] = $config['OPNsense']['proxy']['forward']['port'];
} else {
$pconfig['local-port'] = 3128;
}
}
$pconfig['target'] = '127.0.0.1';
$pconfig['natreflection'] = 'enable';
$pconfig['descr'] = "redirect traffic to proxy";
$pconfig['descr'] = gettext("redirect traffic to proxy");
} else {
$pconfig['src'] = "any";
}