From 6b14bb272de13a1d4a4522b82c8cdec48088f3ed Mon Sep 17 00:00:00 2001 From: bevz Date: Fri, 6 Jan 2017 16:24:34 +0300 Subject: [PATCH] Squid auth plugins. Pre/post includes moved to right places. --- src/opnsense/service/templates/OPNsense/Proxy/+TARGETS | 1 + .../service/templates/OPNsense/Proxy/auth.conf | 3 +++ .../service/templates/OPNsense/Proxy/squid.acl.conf | 3 +++ .../service/templates/OPNsense/Proxy/squid.conf | 10 ++++------ 4 files changed, 11 insertions(+), 6 deletions(-) create mode 100644 src/opnsense/service/templates/OPNsense/Proxy/auth.conf diff --git a/src/opnsense/service/templates/OPNsense/Proxy/+TARGETS b/src/opnsense/service/templates/OPNsense/Proxy/+TARGETS index 850e93ab4..cfc6ce0c0 100644 --- a/src/opnsense/service/templates/OPNsense/Proxy/+TARGETS +++ b/src/opnsense/service/templates/OPNsense/Proxy/+TARGETS @@ -5,4 +5,5 @@ externalACLs.conf:/usr/local/etc/squid/externalACLs.conf nobumpsites.acl:/usr/local/etc/squid/nobumpsites.acl ca.pem.id:/usr/local/etc/squid/ca.pem.id pre-auth.conf:/usr/local/etc/squid/pre-auth/dummy.conf +auth.conf:/usr/local/etc/squid/auth/dummy.conf post-auth.conf:/usr/local/etc/squid/post-auth/dummy.conf diff --git a/src/opnsense/service/templates/OPNsense/Proxy/auth.conf b/src/opnsense/service/templates/OPNsense/Proxy/auth.conf new file mode 100644 index 000000000..d0ef53e5e --- /dev/null +++ b/src/opnsense/service/templates/OPNsense/Proxy/auth.conf @@ -0,0 +1,3 @@ +# AUTOGENERATED FILE. DO NOT EDIT. +# DO NOT REMOVE THIS FILE! +# This directory is for auth config files diff --git a/src/opnsense/service/templates/OPNsense/Proxy/squid.acl.conf b/src/opnsense/service/templates/OPNsense/Proxy/squid.acl.conf index ca5dff00c..ff270d2c1 100644 --- a/src/opnsense/service/templates/OPNsense/Proxy/squid.acl.conf +++ b/src/opnsense/service/templates/OPNsense/Proxy/squid.acl.conf @@ -116,6 +116,9 @@ adaptation_access request_mod deny to_localhost {% endif %} http_access deny to_localhost +# Auth plugins +include /usr/local/etc/squid/auth/*.conf + # # Access Permission configuration: # diff --git a/src/opnsense/service/templates/OPNsense/Proxy/squid.conf b/src/opnsense/service/templates/OPNsense/Proxy/squid.conf index c5700c3c6..ef458b127 100644 --- a/src/opnsense/service/templates/OPNsense/Proxy/squid.conf +++ b/src/opnsense/service/templates/OPNsense/Proxy/squid.conf @@ -253,21 +253,19 @@ icap_service request_mod reqmod_precache {{OPNsense.proxy.forward.icap.RequestUR icap_enable off {% endif %} -# Pre-auth plugins -include /usr/local/etc/squid/pre-auth/*.conf - # Authentication Settings {% if helpers.exists('OPNsense.proxy.forward.authentication.method') and OPNsense.proxy.forward.authentication.method != '' %} {% include ['OPNsense/Proxy/squid.user.alt_auth.conf', 'OPNsense/Proxy/squid.user.local_auth.conf'] %} {% endif %} -# Post-auth plugins -include /usr/local/etc/squid/post-auth/*.conf - +# Pre-auth plugins +include /usr/local/etc/squid/pre-auth/*.conf {% include "OPNsense/Proxy/squid.user.pre_auth.conf" ignore missing with context %} {% include "OPNsense/Proxy/squid.acl.conf" ignore missing with context %} +# Post-auth plugins +include /usr/local/etc/squid/post-auth/*.conf {% include "OPNsense/Proxy/squid.user.post_auth.conf" ignore missing with context %} {% if helpers.exists('OPNsense.proxy.general.cache.local') %}