From patchwork Thu Apr 18 09:54:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alexander Koch X-Patchwork-Id: 2203 Return-Path: Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 65FFA85BD82 for ; Thu, 18 Apr 2019 00:54:36 +0100 (BST) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 44kzcC2zjmz5MW5c; Thu, 18 Apr 2019 00:54:35 +0100 (BST) Received: from nx110.node01.secure-mailgate.com (nx110.node01.secure-mailgate.com [89.22.108.110]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPS id 44kzc7347hz5MW5H for ; Thu, 18 Apr 2019 00:54:31 +0100 (BST) Received: from dehamd003.servertools24.de ([31.47.254.18]) by node01.secure-mailgate.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1hGuNj-0003O0-Ik for development@lists.ipfire.org; Thu, 18 Apr 2019 01:54:24 +0200 Received: from balthasar.starkstromlahn.spdns.org (dslb-002-205-035-218.002.205.pools.vodafone-ip.de [2.205.35.218]) by dehamd003.servertools24.de (Postfix) with ESMTPSA id 3916481A55 for ; Thu, 18 Apr 2019 01:54:19 +0200 (CEST) From: Alexander Koch To: development@lists.ipfire.org Subject: [PATCH 1/2] squid / WPAD: Add GUI for exception-files for generation of proxy.pac Date: Thu, 18 Apr 2019 01:54:17 +0200 Message-Id: <1555545258-20523-1-git-send-email-ipfire@starkstromkonsument.de> X-Mailer: git-send-email 2.7.4 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: 31.47.254.18 X-SecureMailgate-Domain: dehamd003.servertools24.de X-SecureMailgate-Username: 31.47.254.18 X-SecureMailgate-Outgoing-Class: ham X-SecureMailgate-Outgoing-Evidence: SB/global_tokens (0.00819862722884) X-Recommended-Action: accept X-Filter-ID: EX5BVjFpneJeBchSMxfU5ocvGW3TJeIh6mlIZanH8r5602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO234slfrnEdiMqZNFIl3KV30wqEzzsz0qey7Lab92ZzcVTGbEWWnE2yTxqfzAQugcayV NC3VuLzc9Dux2XxZegRIeZjZv1oz6oWKgngYgisMFP/fMVP0svmpWqdKA4I3Nzei2jS295YZuTF+ Fa0pfd7JlwazEuJ5FLeAveAcO7l0w+pJdu/U5y6mAHsHsNznwP0sNOmRi6cQXeybw4h5I237Nx2K MWdgPAi++APAaUY2H/cuh5evaj1lUzaVjWgVraO5TPqzGal/PlyCuaPMa+bGc8PaqZZ/FzEG53Yo 1Az82WYSex+Yt07uCbJsusiJ1enFl6U7B/q9vr26RhU4BBUKCWSUTFNQr/0+3Wrn3z4mZAHYStty JwNs842uSNa4g6nbUYC9vZnf4fImcGFWryFPdc1K732g9EPi7xo8Wp9kTj0vnzQjAfNrZP7n1LeG eKK/C81gOoBU6ImGA/jDxKHQHolQlVdf0A32Xtl5FAWD8PcNYjhf2jycpxDLnRQvahqZR3KVQgqF /fPYYAfEfsh8vxtiRg33QXGSIphMiXWCgq5X+Jq0epfitR+cEiSQKwISgBQnql9AUyEpXSjnkFBC eDH9N3eB9BCr6zOddR5JuNDWqJ6KrFwecMAdOl3qpbZNvhN3LQlcXUm7c+4sJSRnh3aBD/tcmet3 Zo4q+SSEqmbxg8STUgC4l+e4A8RtcYolsVTQEvU0nWWkZ/ia0cc4m+PW+Teqz9VZ8lKEiaXKJMZC eeF6a53/QFkjC2qyFVFfEoXm0/FPF8PR0w363lkp7CRvD0zVmMXBFJIO/P2EzM60voqUUzJmvILA kkfgIBTmPslPtdlVYjsJfUxq2BWGZPpEB5bBEGtcMe6NsBDXJ1BIeoH3OtGQlPz7rcJpxnT/6SRH ce0kbuowBkJn2HmzOVXCPWfYkC8dRIZCBp73c41iJg52m+VTJo4VLpieMaCzFPhUe2owRQVmBcsi ls6Wyfkf/bOJ2E0tsW8g1CuUMS+4ayUpOtEhdxekWDmK9g== X-Report-Abuse-To: spam@node01.secure-mailgate.com Authentication-Results: mail01.ipfire.org; dkim=none; dmarc=none; spf=pass (mail01.ipfire.org: domain of ipfire@starkstromkonsument.de designates 89.22.108.110 as permitted sender) smtp.mailfrom=ipfire@starkstromkonsument.de X-Rspamd-Queue-Id: 44kzc7347hz5MW5H X-Spamd-Result: default: False [0.21 / 11.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_XOIP(0.00)[]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:89.22.108.0/24]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[development@lists.ipfire.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[3]; DMARC_NA(0.00)[starkstromkonsument.de]; MX_GOOD(-0.01)[mail.starkstromkonsument.de]; RCVD_IN_DNSWL_NONE(0.00)[110.108.22.89.list.dnswl.org : 127.0.5.0]; MID_CONTAINS_FROM(1.00)[]; IP_SCORE(-0.48)[asn: 45031(-2.34), country: DE(-0.09)]; RECEIVED_SPAMHAUS_PBL(0.00)[218.35.205.2.zen.spamhaus.org : 127.0.0.11]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:45031, ipnet:89.22.96.0/19, country:DE]; RCVD_TLS_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" This patch adds the missing Web-GUI for the WPAD-Exceptions to proxy.cgi Note: The translations are only done for "en" and "de" yet! Signed-off-by: Alexander Koch --- html/cgi-bin/proxy.cgi | 110 +++++++++++++++++++++++++++++++++++++++++++++++-- langs/de/cgi-bin/de.pl | 7 ++++ langs/en/cgi-bin/en.pl | 7 ++++ langs/es/cgi-bin/es.pl | 7 ++++ langs/fr/cgi-bin/fr.pl | 7 ++++ langs/it/cgi-bin/it.pl | 7 ++++ langs/nl/cgi-bin/nl.pl | 7 ++++ langs/pl/cgi-bin/pl.pl | 7 ++++ langs/ru/cgi-bin/ru.pl | 7 ++++ langs/tr/cgi-bin/tr.pl | 7 ++++ 10 files changed, 169 insertions(+), 4 deletions(-) diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 369a5cb..46908d2 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -559,6 +559,8 @@ ERROR: delete $proxysettings{'SRC_UNRESTRICTED_MAC'}; delete $proxysettings{'DST_NOCACHE'}; delete $proxysettings{'DST_NOAUTH'}; + delete $proxysettings{'DST_NOPROXY_IP'}; + delete $proxysettings{'DST_NOPROXY_URL'}; delete $proxysettings{'PORTS_SAFE'}; delete $proxysettings{'PORTS_SSL'}; delete $proxysettings{'MIME_TYPES'}; @@ -1318,6 +1320,58 @@ END ; } +# =================================================================== +# WPAD settings +# =================================================================== + +print < + + $Lang::tr{'advproxy wpad title'} + + + + + + $Lang::tr{'advproxy wpad label dst_noproxy_ip'}: + $Lang::tr{'advproxy wpad label dst_noproxy_url'}: + + + + + + + + $Lang::tr{'advproxy wpad example dst_noproxy_ip'} + $Lang::tr{'advproxy wpad example dst_noproxy_url'} + + +   + + + $Lang::tr{'advproxy wpad view pac'}: http://$ENV{SERVER_ADDR}:81/wpad.dat + + + +
+ +END +; + # ------------------------------------------------------------------- print <) { $proxysettings{'DST_NOAUTH'} .= $_ }; close(FILE); } + if (-e "$acl_dst_noproxy_ip") { + open(FILE,"$acl_dst_noproxy_ip"); + delete $proxysettings{'DST_NOPROXY_IP'}; + while () { $proxysettings{'DST_NOPROXY_IP'} .= $_ }; + close(FILE); + } + if (-e "$acl_dst_noproxy_url") { + open(FILE,"$acl_dst_noproxy_url"); + delete $proxysettings{'DST_NOPROXY_URL'}; + while () { $proxysettings{'DST_NOPROXY_URL'} .= $_ }; + close(FILE); + } if (-e "$acl_ports_safe") { open(FILE,"$acl_ports_safe"); delete $proxysettings{'PORTS_SAFE'}; @@ -2446,6 +2512,31 @@ sub check_acls } } + @temp = split(/\n/,$proxysettings{'DST_NOPROXY_IP'}); + undef $proxysettings{'DST_NOPROXY_IP'}; + foreach (@temp) + { + s/^\s+//g; s/\s+$//g; + if ($_) + { + unless (&General::validipormask($_)) { $errormessage = $Lang::tr{'advproxy errmsg wpad invalid ip or mask'}; } + $proxysettings{'DST_NOPROXY_IP'} .= $_."\n"; + } + } + + @temp = split(/\n/,$proxysettings{'DST_NOPROXY_URL'}); + undef $proxysettings{'DST_NOPROXY_URL'}; + foreach (@temp) + { + s/^\s+//g; + unless (/^#/) { s/\s+//g; } + if ($_) + { + if (/^\./) { $_ = '*'.$_; } + $proxysettings{'DST_NOPROXY_URL'} .= $_."\n"; + } + } + if (($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && ($proxysettings{'NTLM_USER_ACL'} eq 'positive')) { @temp = split(/\n/,$proxysettings{'NTLM_ALLOW_USERS'}); @@ -2584,6 +2675,16 @@ sub write_acls print FILE $proxysettings{'DST_NOAUTH'}; close(FILE); + open(FILE, ">$acl_dst_noproxy_ip"); + flock(FILE, 2); + print FILE $proxysettings{'DST_NOPROXY_IP'}; + close(FILE); + + open(FILE, ">$acl_dst_noproxy_url"); + flock(FILE, 2); + print FILE $proxysettings{'DST_NOPROXY_URL'}; + close(FILE); + open(FILE, ">$acl_dst_noauth_net"); close(FILE); open(FILE, ">$acl_dst_noauth_dom"); @@ -2769,7 +2870,7 @@ END # Additional exceptions for URLs # The file has to be created by the user and should contain one entry per line # Line-Format: - # e.g. *ipfire.org* + # e.g. *.ipfire.org* if (-s "$acl_dst_noproxy_url") { undef @templist; @@ -2786,8 +2887,8 @@ END # Additional exceptions for Subnets # The file has to be created by the user and should contain one entry per line - # Line-Format: "", "" - # e.g. "192.168.0.0", "255.255.255.0" + # Line-Format: / + # e.g. 192.168.0.0/255.255.255.0 if (-s "$acl_dst_noproxy_ip") { undef @templist; @@ -2798,7 +2899,8 @@ END foreach (@templist) { - print FILE " (isInNet(host, $_)) ||\n"; + @temp = split(/\//); + print FILE " (isInNet(host, \"$temp[0]\", \"$temp[1]\")) ||\n"; } } diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index d63ebe6..764ea60 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -396,6 +396,13 @@ 'advproxy visible hostname' => 'Sichtbarer Hostname', 'advproxy web browser' => 'Web-Browser', 'advproxy wednesday' => 'Mi', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Ausgenommene URL\'s (eine pro Zeile)', +'advproxy wpad label dst_noproxy_ip' => 'Ausgenommene IP-Subnetze (eins pro Zeile)', +'advproxy wpad example dst_noproxy_url' => 'z.B. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'z.B. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Ungültige IP oder Subnetz für ausgenommenes IP-Subnetz', +'advproxy wpad view pac' => 'PAC-Datei aufrufen', 'again' => 'Wiederholung:', 'age second' => 'Sekunde', 'age seconds' => 'Sekunden', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index a709604..c66914d 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -397,6 +397,13 @@ 'advproxy visible hostname' => 'Visible hostname', 'advproxy web browser' => 'Web browser', 'advproxy wednesday' => 'Wed', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'Again:', 'age second' => 'second', 'age seconds' => 'seconds', diff --git a/langs/es/cgi-bin/es.pl b/langs/es/cgi-bin/es.pl index 23bc207..f960461 100644 --- a/langs/es/cgi-bin/es.pl +++ b/langs/es/cgi-bin/es.pl @@ -316,6 +316,13 @@ 'advproxy visible hostname' => 'Nombre de host visible', 'advproxy web browser' => 'Navegador Web', 'advproxy wednesday' => 'Mie', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'De nuevo:', 'aktiv' => 'Activo', 'album' => 'Album', diff --git a/langs/fr/cgi-bin/fr.pl b/langs/fr/cgi-bin/fr.pl index b4ecf32..f5d3e51 100644 --- a/langs/fr/cgi-bin/fr.pl +++ b/langs/fr/cgi-bin/fr.pl @@ -394,6 +394,13 @@ 'advproxy visible hostname' => 'Nom d\'hôte visible ', 'advproxy web browser' => 'Navigateur web', 'advproxy wednesday' => 'Mer', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'De nouveau :', 'age second' => 'seconde', 'age seconds' => 'secondes', diff --git a/langs/it/cgi-bin/it.pl b/langs/it/cgi-bin/it.pl index 6c9137c..2b819ff 100644 --- a/langs/it/cgi-bin/it.pl +++ b/langs/it/cgi-bin/it.pl @@ -331,6 +331,13 @@ 'advproxy visible hostname' => 'Hostname Visible', 'advproxy web browser' => 'Web browser', 'advproxy wednesday' => 'Mer', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'Again:', 'age second' => 'Secondi', 'age seconds' => 'Secondi', diff --git a/langs/nl/cgi-bin/nl.pl b/langs/nl/cgi-bin/nl.pl index 5fa89b1..a2b4633 100644 --- a/langs/nl/cgi-bin/nl.pl +++ b/langs/nl/cgi-bin/nl.pl @@ -330,6 +330,13 @@ 'advproxy visible hostname' => 'Zichtbare hostnaam', 'advproxy web browser' => 'Webbrowser', 'advproxy wednesday' => 'Woe', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'Nogmaals:', 'age second' => 'seconde', 'age seconds' => 'seconden', diff --git a/langs/pl/cgi-bin/pl.pl b/langs/pl/cgi-bin/pl.pl index 521381a..ab2ef42 100644 --- a/langs/pl/cgi-bin/pl.pl +++ b/langs/pl/cgi-bin/pl.pl @@ -318,6 +318,13 @@ 'advproxy visible hostname' => 'Widoczna nazwa hosta', 'advproxy web browser' => 'Przeglądarka WWW', 'advproxy wednesday' => 'Śr', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'Ponownie:', 'aktiv' => 'Aktywny', 'album' => 'Album', diff --git a/langs/ru/cgi-bin/ru.pl b/langs/ru/cgi-bin/ru.pl index 9ac46d4..1963468 100644 --- a/langs/ru/cgi-bin/ru.pl +++ b/langs/ru/cgi-bin/ru.pl @@ -316,6 +316,13 @@ 'advproxy visible hostname' => 'Видимое имя хоста', 'advproxy web browser' => 'Веб Браузер: ', 'advproxy wednesday' => 'Ср', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'Ещё раз:', 'aktiv' => 'Активен', 'album' => 'Альбом', diff --git a/langs/tr/cgi-bin/tr.pl b/langs/tr/cgi-bin/tr.pl index 1917b82..d23616d 100644 --- a/langs/tr/cgi-bin/tr.pl +++ b/langs/tr/cgi-bin/tr.pl @@ -394,6 +394,13 @@ 'advproxy visible hostname' => 'Ana bilgisayar adını göster', 'advproxy web browser' => 'İnternet tarayıcısı', 'advproxy wednesday' => 'Çar', +'advproxy wpad title' => 'Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)', +'advproxy wpad label dst_noproxy_url' => 'Excluded URL\'s (one per line)', +'advproxy wpad label dst_noproxy_ip' => 'Excluded IP-Subnets (one per line)', +'advproxy wpad example dst_noproxy_url' => 'e.g. *.ipfire.org*', +'advproxy wpad example dst_noproxy_ip' => 'e.g. 192.168.2.0/255.255.255.0', +'advproxy errmsg wpad invalid ip or mask' => 'WPAD: Invalid IP or subnet for excluded IP-subnet', +'advproxy wpad view pac' => 'Open PAC-File', 'again' => 'Tekrar:', 'age second' => 'saniye', 'age seconds' => 'saniye',