Proxy.xml 12 KB
Newer Older
Jos Schellevis's avatar
Jos Schellevis committed
1 2 3 4 5 6 7
<model>
    <mount>//OPNsense/proxy</mount>
    <description>
        (squid) proxy settings
    </description>
    <items>
        <general>
8 9 10 11
            <enabled type="BooleanField">
                <default>0</default>
                <Required>Y</Required>
            </enabled>
12 13 14
            <icpPort type="IntegerField">
                <MinimumValue>1</MinimumValue>
                <MaximumValue>65535</MaximumValue>
15
                <ValidationMessage>ICP port needs to be an integer value between 1 and 65535</ValidationMessage>
16 17
                <Required>N</Required>
            </icpPort>
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
            <logging>
                <enable>
                    <accessLog type="BooleanField">
                        <default>1</default>
                        <Required>Y</Required>
                    </accessLog>
                    <storeLog type="BooleanField">
                        <default>1</default>
                        <Required>Y</Required>
                    </storeLog>
                </enable>
            </logging>
            <alternateDNSservers type="CSVListField">
                <Required>N</Required>
            </alternateDNSservers>
            <dnsV4First type="BooleanField">
                <default>0</default>
                <Required>Y</Required>
            </dnsV4First>
37
            <forwardedForHandling type="OptionField">
38 39 40 41 42 43 44 45
                <default>on</default>
                <Required>N</Required>
                <OptionValues>
                    <on>Append client's IP (on)</on>
                    <off>Set forward header to unknown (off)</off>
                    <transparent>Do not alter forward header (transparent)</transparent>
                    <truncate>Replace all with client's IP (truncate)</truncate>
                </OptionValues>
46
            </forwardedForHandling>
47
            <uriWhitespaceHandling type="OptionField">
48 49 50 51 52 53 54 55 56
                <default>strip</default>
                <Required>N</Required>
                <OptionValues>
                    <strip>Strip whitespaces</strip>
                    <deny>Deny request</deny>
                    <allow>Allow whitespaces</allow>
                    <encode>Encode whitespaces (RFC1738)</encode>
                    <chop>Chop URI at first whitespace</chop>
                </OptionValues>
57 58 59 60 61 62 63 64 65
            </uriWhitespaceHandling>
            <useViaHeader type="BooleanField">
                <default>1</default>
                <Required>N</Required>
            </useViaHeader>
            <suppressVersion type="BooleanField">
                <default>0</default>
                <Required>N</Required>
            </suppressVersion>
66 67 68 69 70 71 72 73 74 75 76 77 78
            <cache>
                <local>
                    <enabled type="BooleanField">
                        <default>0</default>
                        <Required>Y</Required>
                    </enabled>
                    <directory type="TextField">
                        <default>/var/squid/cache</default>
                        <Required>Y</Required>
                    </directory>
                    <size type="IntegerField">
                        <default>100</default>
                        <MinimumValue>1</MinimumValue>
79
                        <ValidationMessage>Specify a positive cache size. (number of MB's)</ValidationMessage>
80 81 82 83 84
                        <Required>Y</Required>
                    </size>
                    <l1 type="IntegerField">
                        <default>16</default>
                        <MinimumValue>1</MinimumValue>
85
                        <ValidationMessage>Specify a positive number of first-level subdirectories.</ValidationMessage>
86 87 88 89 90
                        <Required>Y</Required>
                    </l1>
                    <l2 type="IntegerField">
                        <default>256</default>
                        <MinimumValue>1</MinimumValue>
91
                        <ValidationMessage>Specify a positive number of second-level subdirectories.</ValidationMessage>
92 93 94 95 96 97 98 99 100 101 102 103
                        <Required>Y</Required>
                    </l2>
                </local>
            </cache>
            <traffic>
                <enabled type="BooleanField">
                    <default>0</default>
                    <Required>Y</Required>
                </enabled>
                <maxDownloadSize type="IntegerField">
                    <default>2048</default>
                    <MinimumValue>1</MinimumValue>
104
                    <ValidationMessage>Specify the maximum download size. (number of KB's)</ValidationMessage>
105 106 107 108 109
                    <Required>N</Required>
                </maxDownloadSize>
                <maxUploadSize type="IntegerField">
                    <default>1024</default>
                    <MinimumValue>1</MinimumValue>
110
                    <ValidationMessage>Specify the maximum upload size. (number of KB's)</ValidationMessage>
111 112 113 114 115
                    <Required>N</Required>
                </maxUploadSize>
                <OverallBandwidthTrotteling type="IntegerField">
                    <default>1024</default>
                    <MinimumValue>1</MinimumValue>
116
                    <ValidationMessage>Specify the overall bandwidth for downloads in kilobits per second.</ValidationMessage>
117 118 119 120 121
                    <Required>N</Required>
                </OverallBandwidthTrotteling>
                <perHostTrotteling type="IntegerField">
                    <default>256</default>
                    <MinimumValue>1</MinimumValue>
122
                    <ValidationMessage>Specify the per host bandwidth for downloads in kilobits per second.</ValidationMessage>
123 124 125
                    <Required>N</Required>
                </perHostTrotteling>
            </traffic>
Jos Schellevis's avatar
Jos Schellevis committed
126 127
        </general>
        <forward>
128
            <interfaces type="InterfaceField">
Jos Schellevis's avatar
Jos Schellevis committed
129
                <Required>N</Required>
130
                <multiple>Y</multiple>
131
                <default>lan</default>
132 133 134 135
                <filters>
                    <enable>/^(?!0).*$/</enable>
                    <ipaddr>/^((?!dhcp).)*$/</ipaddr>
                </filters>
Jos Schellevis's avatar
Jos Schellevis committed
136 137 138 139 140
            </interfaces>
            <port type="IntegerField">
                <default>3128</default>
                <MinimumValue>1</MinimumValue>
                <MaximumValue>65535</MaximumValue>
141
                <ValidationMessage>Proxy port needs to be an integer value between 1 and 65535</ValidationMessage>
Jos Schellevis's avatar
Jos Schellevis committed
142 143
                <Required>Y</Required>
            </port>
144
            <ftpInterfaces type="InterfaceField">
145
                <Required>N</Required>
146 147 148 149 150
                <multiple>Y</multiple>
                <filters>
                    <enable>/^(?!0).*$/</enable>
                    <ipaddr>/^((?!dhcp).)*$/</ipaddr>
                </filters>
151 152 153 154 155
            </ftpInterfaces>
            <ftpPort type="IntegerField">
                <default>2121</default>
                <MinimumValue>1</MinimumValue>
                <MaximumValue>65535</MaximumValue>
156
                <ValidationMessage>FTP Proxy port needs to be an integer value between 1 and 65535</ValidationMessage>
157 158 159 160 161 162
                <Required>Y</Required>
            </ftpPort>
            <ftpTransparentMode type="BooleanField">
                <default>0</default>
                <Required>Y</Required>
            </ftpTransparentMode>
Jos Schellevis's avatar
Jos Schellevis committed
163 164 165 166
            <addACLforInterfaceSubnets type="BooleanField">
                <default>1</default>
                <Required>Y</Required>
            </addACLforInterfaceSubnets>
167
            <transparentMode type="BooleanField">
Jos Schellevis's avatar
Jos Schellevis committed
168 169
                <default>0</default>
                <Required>Y</Required>
170
            </transparentMode>
171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186
            <acl>
                <allowedSubnets type="CSVListField">
                    <Required>N</Required>
                </allowedSubnets>
                <unrestricted type="CSVListField">
                    <Required>N</Required>
                </unrestricted>
                <bannedHosts type="CSVListField">
                    <Required>N</Required>
                </bannedHosts>
                <whiteList type="CSVListField">
                    <Required>N</Required>
                </whiteList>
                <blackList type="CSVListField">
                    <Required>N</Required>
                </blackList>
187 188 189 190 191 192 193 194 195 196 197 198 199 200
                <browser type="CSVListField">
                    <Required>N</Required>
                </browser>
                <mimeType type="CSVListField">
                    <Required>N</Required>
                </mimeType>
                <safePorts type="CSVListField">
                    <default>80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http</default>
                    <Required>N</Required>
                </safePorts>
                <sslPorts type="CSVListField">
                    <default>443:https</default>
                    <Required>N</Required>
                </sslPorts>
201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222
                <remoteACLs>
                    <blacklists>
                        <blacklist type="ArrayField">
                            <enabled type="BooleanField">
                                <default>0</default>
                                <Required>Y</Required>
                            </enabled>
                            <filename type="TextField">
                                <Required>Y</Required>
                                <Mask>/^[a-zA-Z0-9]{1,245}\.?[a-zA-z0-9]{1,10}$/</Mask>
                                <ValidationMessage>The filename may only contain letters,digits and one dot (not required).</ValidationMessage>
                            </filename>
                            <url type="UrlField">
                                <Required>Y</Required>
                                <ValidationMessage>This does not look like a valid url.</ValidationMessage>
                            </url>
                            <description type="TextField">
                                <Required>Y</Required>
                                <Mask>/^(.){1,255}$/</Mask>
                            </description>
                        </blacklist>
                    </blacklists>
223 224 225 226 227 228 229 230 231 232 233 234 235 236
                    <UpdateCron type="ModelRelationField">
                        <Model>
                            <queues>
                                <source>OPNsense.Cron.Cron</source>
                                <items>jobs.job</items>
                                <display>description</display>
                                <filters>
                                    <origin>/Proxy/</origin>
                                </filters>
                            </queues>
                        </Model>
                        <ValidationMessage>Related cron not found</ValidationMessage>
                        <Required>N</Required>
                    </UpdateCron>
237
                </remoteACLs>
238
            </acl>
239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254
            <authentication>
                <method type="OptionField">
                    <default>none</default>
                    <Required>N</Required>
                    <OptionValues>
                        <none>No Authentication</none>
                        <local>Local User Authentication</local>
                    </OptionValues>
                </method>
                <realm type="TextField">
                    <default>OPNsense proxy authentication</default>
                    <Required>N</Required>
                </realm>
                <credentialsttl type="IntegerField">
                    <default>2</default>
                    <MinimumValue>1</MinimumValue>
255
                    <ValidationMessage>Credentials TTL needs to be an integer value above 0</ValidationMessage>
256 257 258 259 260
                    <Required>N</Required>
                </credentialsttl>
                <children type="IntegerField">
                    <default>5</default>
                    <MinimumValue>1</MinimumValue>
261
                    <ValidationMessage>Number of children needs to be an integer value above 0</ValidationMessage>
262 263 264
                    <Required>N</Required>
                </children>
            </authentication>
Jos Schellevis's avatar
Jos Schellevis committed
265 266 267
        </forward>
    </items>
</model>