Proxy work in progress, add ftp_port, ftp proxy support

src/opnsense/mvc/app/controllers/OPNsense/Proxy/Api/SettingsController.php

@@ -71,6 +71,7 @@ class SettingsController extends ApiControllerBase
             }
 
             $mdlProxy->forward->interfaces->setSelectOptions($selopt);
+            $mdlProxy->forward->ftpInterfaces->setSelectOptions($selopt);
             $result['proxy'] = $mdlProxy->getNodes();
         }
 

src/opnsense/mvc/app/models/OPNsense/Proxy/Proxy.xml

@@ -135,6 +135,20 @@
                 <ValidationMessage>"Proxy port needs to be an integer value between 1 and 65535"</ValidationMessage>
                 <Required>Y</Required>
             </port>
+            <ftpInterfaces type="CSVListField">
+                <Required>N</Required>
+            </ftpInterfaces>
+            <ftpPort type="IntegerField">
+                <default>2121</default>
+                <MinimumValue>1</MinimumValue>
+                <MaximumValue>65535</MaximumValue>
+                <ValidationMessage>"FTP Proxy port needs to be an integer value between 1 and 65535"</ValidationMessage>
+                <Required>Y</Required>
+            </ftpPort>
+            <ftpTransparentMode type="BooleanField">
+                <default>0</default>
+                <Required>Y</Required>
+            </ftpTransparentMode>
             <addACLforInterfaceSubnets type="BooleanField">
                 <default>1</default>
                 <Required>Y</Required>

src/opnsense/mvc/app/views/OPNsense/Proxy/index.volt

@@ -338,6 +338,25 @@ maxheight: define max height of select box, default=170px to hold 5 items
                 'advanced':'true'
                 ]}
             ],
+            [ 'proxy-forward-ftp','FTP Proxy Settings',
+                {['id': 'proxy.forward.ftpInterfaces',
+                'label':'FTP proxy interfaces',
+                'type':'select_multiple',
+                'style':'tokenize',
+                'help':'Select interface(s) the ftp proxy will bind to.',
+                'hint':'Type or select interface (Leave blank to disable ftp proxy).'
+                ],
+                ['id': 'proxy.forward.ftpPort',
+                'label':'FTP proxy port',
+                'type':'text',
+                'help':'The port the proxy service will listen to.'
+                ],
+                ['id': 'proxy.forward.ftpTransparentMode',
+                'label':'Enable Transparent mode',
+                'type':'checkbox',
+                'help':'Enable transparent ftp proxy mode to forward all requests for destination port 21 to the proxy server without any additional configuration.'
+                ]}
+            ],
             [ 'proxy-forward-acl','Access Control List',
                 {['id': 'proxy.forward.acl.allowedSubnets',
                 'label':'Allowed Subnets',

src/opnsense/service/templates/OPNsense/Proxy/squid.conf

@@ -21,6 +21,25 @@ http_port {{intf_item.subnet}}:{{  OPNsense.proxy.forward.port }}
 {%   endfor %}
 {% endif %}
 
+# Setup ftp proxy
+{% if helpers.exists('OPNsense.proxy.forward.ftpInterfaces') %}
+{%   for interface in OPNsense.proxy.forward.ftpInterfaces.split(",") %}
+{%      for intf_key,intf_item in interfaces.iteritems() %}
+{%          if intf_key == interface and intf_item.ipaddr != 'dhcp' %}
+ftp_port {{intf_item.ipaddr}}:{{  OPNsense.proxy.forward.ftpPort }} {%if OPNsense.proxy.forward.ftpTransparentMode == '1' %}tproxy{% endif %}
+{%          endif %}
+{%      endfor %}
+{# virtual ip's #}
+{%      if helpers.exists('virtualip') %}
+{%          for intf_key,intf_item in virtualip.iteritems() %}
+{%              if intf_item.interface == interface and intf_item.mode == 'ipalias' %}
+ftp_port {{intf_item.subnet}}:{{  OPNsense.proxy.forward.ftpPort }}
+{%              endif %}
+{%          endfor %}
+{%      endif %}
+{%   endfor %}
+{% endif %}
+
 # Rules allowing access from your local networks.
 # Generated list of (internal) IP networks from where browsing
 # should be allowed. (Allow interface subnets).