mirror of
https://github.com/lucaspalomodevelop/core.git
synced 2026-03-13 16:14:40 +00:00
Proxy: Add Parent Proxy feature (#3078)
This commit is contained in:
Michael
Ad Schellevis
parent
fd224b360a
commit
b09fbae014
@ -205,6 +205,42 @@
|
||||
<help><![CDATA[Enter the allowed per host bandwidth in kilobits per second (leave empty to disable).]]></help>
|
||||
</field>
|
||||
</subtab>
|
||||
<subtab id="proxy-general-parentproxy" description="Parent Proxy Settings">
|
||||
<field>
|
||||
<id>proxy.general.parentproxy.enabled</id>
|
||||
<label>Enable Parent Proxy</label>
|
||||
<type>checkbox</type>
|
||||
<help>Enable parent proxy feature</help>
|
||||
</field>
|
||||
<field>
|
||||
<id>proxy.general.parentproxy.host</id>
|
||||
<label>Host</label>
|
||||
<type>text</type>
|
||||
<help>Parent proxy IP address or hostname.</help>
|
||||
</field>
|
||||
<field>
|
||||
<id>proxy.general.parentproxy.port</id>
|
||||
<label>Port</label>
|
||||
<type>text</type>
|
||||
<help>Parent proxy port.</help>
|
||||
</field>
|
||||
<field>
|
||||
<id>proxy.general.parentproxy.localdomains</id>
|
||||
<label>Local Domains</label>
|
||||
<type>select_multiple</type>
|
||||
<style>tokenize</style>
|
||||
<allownew>true</allownew>
|
||||
<help>List of domains not to be sent via parent proxy.</help>
|
||||
</field>
|
||||
<field>
|
||||
<id>proxy.general.parentproxy.localips</id>
|
||||
<label>Local IPs</label>
|
||||
<type>select_multiple</type>
|
||||
<style>tokenize</style>
|
||||
<allownew>true</allownew>
|
||||
<help>List of IP addresses not to be sent via parent proxy.</help>
|
||||
</field>
|
||||
</subtab>
|
||||
</tab>
|
||||
<tab id="proxy-forward" description="Forward Proxy">
|
||||
<subtab id="proxy-forward-general" description="General Forward Settings">
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
<model>
|
||||
<mount>//OPNsense/proxy</mount>
|
||||
<version>1.0.1</version>
|
||||
<version>1.0.2</version>
|
||||
<description>
|
||||
(squid) proxy settings
|
||||
</description>
|
||||
@ -182,6 +182,42 @@
|
||||
</Constraints>
|
||||
</perHostTrotteling>
|
||||
</traffic>
|
||||
<parentproxy>
|
||||
<enabled type="BooleanField">
|
||||
<default>0</default>
|
||||
<Required>Y</Required>
|
||||
</enabled>
|
||||
<host type="HostnameField">
|
||||
<Required>N</Required>
|
||||
<Constraints>
|
||||
<check001>
|
||||
<ValidationMessage>A host must be set.</ValidationMessage>
|
||||
<type>DependConstraint</type>
|
||||
<addFields>
|
||||
<field1>enabled</field1>
|
||||
</addFields>
|
||||
</check001>
|
||||
</Constraints>
|
||||
</host>
|
||||
<port type="PortField">
|
||||
<Required>N</Required>
|
||||
<Constraints>
|
||||
<check001>
|
||||
<ValidationMessage>A port must be set.</ValidationMessage>
|
||||
<type>DependConstraint</type>
|
||||
<addFields>
|
||||
<field1>enabled</field1>
|
||||
</addFields>
|
||||
</check001>
|
||||
</Constraints>
|
||||
</port>
|
||||
<localdomains type="CSVListField">
|
||||
<Required>N</Required>
|
||||
</localdomains>
|
||||
<localips type="CSVListField">
|
||||
<Required>N</Required>
|
||||
</localips>
|
||||
</parentproxy>
|
||||
</general>
|
||||
<forward>
|
||||
<interfaces type="InterfaceField">
|
||||
|
||||
@ -4,6 +4,7 @@ cache.active:/var/squid/cache/active
|
||||
externalACLs.conf:/usr/local/etc/squid/externalACLs.conf
|
||||
newsyslog.conf:/etc/newsyslog.conf.d/squid
|
||||
nobumpsites.acl:/usr/local/etc/squid/nobumpsites.acl
|
||||
parentproxy.conf:/usr/local/etc/squid/pre-auth/parentproxy.conf
|
||||
post-auth.conf:/usr/local/etc/squid/post-auth/dummy.conf
|
||||
pre-auth.conf:/usr/local/etc/squid/pre-auth/dummy.conf
|
||||
rc.conf.d:/etc/rc.conf.d/squid/squid
|
||||
|
||||
@ -0,0 +1,23 @@
|
||||
{% if helpers.exists('OPNsense.proxy.general.parentproxy.enabled') and OPNsense.proxy.general.parentproxy.enabled == '1' %}
|
||||
cache_peer {{ OPNsense.proxy.general.parentproxy.host }} parent {{ OPNsense.proxy.general.parentproxy.port }} 0 no-query default
|
||||
{% if helpers.exists('OPNsense.proxy.general.parentproxy.localdomains') and OPNsense.proxy.general.parentproxy.localdomains != '' %}
|
||||
acl ExcludePPDomains dstdomain {{ OPNsense.proxy.general.parentproxy.localdomains.replace(',', ' ') }}
|
||||
{% endif %}
|
||||
{% if helpers.exists('OPNsense.proxy.general.parentproxy.localips') and OPNsense.proxy.general.parentproxy.localips != '' %}
|
||||
acl ExcludePPIPs dst {{ OPNsense.proxy.general.parentproxy.localips.replace(',', ' ') }}
|
||||
{% endif %}
|
||||
{% if helpers.exists('OPNsense.proxy.general.parentproxy.localdomains') and OPNsense.proxy.general.parentproxy.localdomains != '' %}
|
||||
cache_peer_access {{ OPNsense.proxy.general.parentproxy.host }} deny ExcludePPDomains
|
||||
{% endif %}
|
||||
{% if helpers.exists('OPNsense.proxy.general.parentproxy.localips') and OPNsense.proxy.general.parentproxy.localips != '' %}
|
||||
cache_peer_access {{ OPNsense.proxy.general.parentproxy.host }} deny ExcludePPIPs
|
||||
{% endif %}
|
||||
cache_peer_access {{ OPNsense.proxy.general.parentproxy.host }} allow all
|
||||
{% if helpers.exists('OPNsense.proxy.general.parentproxy.localdomains') and OPNsense.proxy.general.parentproxy.localdomains != '' %}
|
||||
never_direct deny ExcludePPDomains
|
||||
{% endif %}
|
||||
{% if helpers.exists('OPNsense.proxy.general.parentproxy.localips') and OPNsense.proxy.general.parentproxy.localips != '' %}
|
||||
never_direct deny ExcludePPIPs
|
||||
{% endif %}
|
||||
never_direct allow all
|
||||
{% endif %}
|
||||
Loading…
x
Reference in New Issue
Block a user