Skip to content

O
OpnSense
Commit cf48dbb9 authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

web proxy: disable caching more carefully; /var MFS caching is ok 

PR: https://forum.opnsense.org/index.php?topic=4227.0
parent d3e27cfa
Hide whitespace changes
Inline Side-by-side
Showing with 23 additions and 13 deletions
src/opnsense/mvc/app/controllers/OPNsense/Proxy/forms/main.xml
View file @ cf48dbb9
...@@ -117,16 +117,13 @@ ...@@ -117,16 +117,13 @@
<id>proxy.general.cache.local.cache_mem</id> <id>proxy.general.cache.local.cache_mem</id>
<label>Memory Cache size in Megabytes</label> <label>Memory Cache size in Megabytes</label>
<type>text</type> <type>text</type>
<help><![CDATA[Enter the cache memory size to use.]]></help> <help><![CDATA[Enter the cache memory size to use or zero to disable completely.]]></help>
<advanced>true</advanced>
</field> </field>
<field> <field>
<id>proxy.general.cache.local.enabled</id> <id>proxy.general.cache.local.enabled</id>
<label>Enable local cache (requires service restart)</label> <label>Enable local cache (requires service restart)</label>
<type>checkbox</type> <type>checkbox</type>
<help><![CDATA[Enable or disable the local cache.<br/> <help><![CDATA[Enable or disable the local cache. Only UFS directory cache type is supported. Do not enable on embedded systems with SD or CF cards without the /var MFS option as this will wear down your drive.]]></help>
Currently only ufs directory cache type is supported.<br/>
<b class="text-danger">Do not enable on embedded systems with SD or CF cards as this may break your drive.</b>]]></help>
</field> </field>
<field> <field>
<id>proxy.general.cache.local.size</id> <id>proxy.general.cache.local.size</id>
...@@ -135,6 +132,13 @@ ...@@ -135,6 +132,13 @@
<help><![CDATA[Enter the storage size for the local cache (default is 100).]]></help> <help><![CDATA[Enter the storage size for the local cache (default is 100).]]></help>
<advanced>true</advanced> <advanced>true</advanced>
</field> </field>
<field>
<id>proxy.general.cache.local.directory</id>
<label>Cache directory location</label>
<type>text</type>
<help><![CDATA[Enter the directory location for thee local cache (default is /var/squid/cache).]]></help>
<advanced>true</advanced>
</field>
<field> <field>
<id>proxy.general.cache.local.l1</id> <id>proxy.general.cache.local.l1</id>
<label>Number of first-level subdirectories</label> <label>Number of first-level subdirectories</label>
......
src/opnsense/mvc/app/models/OPNsense/Proxy/Proxy.xml
View file @ cf48dbb9
...@@ -100,7 +100,7 @@ ...@@ -100,7 +100,7 @@
</directory> </directory>
<cache_mem type="IntegerField"> <cache_mem type="IntegerField">
<default>256</default> <default>256</default>
<MinimumValue>1</MinimumValue> <MinimumValue>0</MinimumValue>
<ValidationMessage>Specify a positive memory cache size. (number of MB's)</ValidationMessage> <ValidationMessage>Specify a positive memory cache size. (number of MB's)</ValidationMessage>
<Required>Y</Required> <Required>Y</Required>
</cache_mem> </cache_mem>
......
src/opnsense/service/templates/OPNsense/Proxy/squid.conf
View file @ cf48dbb9
# #
# Automatic generated configuration for Squid. # Automatic generated configuration for Squid.
# Do not edit this file manually. # Do not edit this file manually.
#
{# wrap http_port ssl bump configuration for reuse #} {# wrap http_port ssl bump configuration for reuse #}
{% macro sslbump_httpsconfig(network, tags='') -%} {% macro sslbump_httpsconfig(network, tags='') -%}
...@@ -264,18 +265,23 @@ icap_enable off ...@@ -264,18 +265,23 @@ icap_enable off
{% include "OPNsense/Proxy/squid.user.post_auth.conf" ignore missing with context %} {% include "OPNsense/Proxy/squid.user.post_auth.conf" ignore missing with context %}
{% if helpers.exists('OPNsense.proxy.general.cache.local') and OPNsense.proxy.general.cache.local.enabled == '1' %} # Caching settings
{% if helpers.exists('OPNsense.proxy.general.cache.local') %}
{% if OPNsense.proxy.general.cache.local.cache_mem|default('256')|int == 0 and OPNsense.proxy.general.cache.local.enabled == '0' %}
cache deny all
cache_mem 0
{% else %}
cache_mem {{ OPNsense.proxy.general.cache.local.cache_mem|default('256') }} MB cache_mem {{ OPNsense.proxy.general.cache.local.cache_mem|default('256') }} MB
{% if OPNsense.proxy.general.cache.local.maximum_object_size|default('') != '' %} {% if OPNsense.proxy.general.cache.local.maximum_object_size|default('') != '' %}
maximum_object_size {{OPNsense.proxy.general.cache.local.maximum_object_size}} MB maximum_object_size {{OPNsense.proxy.general.cache.local.maximum_object_size}} MB
{% if OPNsense.proxy.general.cache.local.maximum_object_size|int > 4 %} {% if OPNsense.proxy.general.cache.local.maximum_object_size|int > 4 %}
cache_replacement_policy heap LFUDA cache_replacement_policy heap LFUDA
{% endif %}
{% endif %} {% endif %}
{% endif %} {% if OPNsense.proxy.general.cache.local.enabled == '1' %}
cache_dir ufs {{OPNsense.proxy.general.cache.local.directory}} {{OPNsense.proxy.general.cache.local.size}} {{OPNsense.proxy.general.cache.local.l1}} {{OPNsense.proxy.general.cache.local.l2}} cache_dir ufs {{OPNsense.proxy.general.cache.local.directory}} {{OPNsense.proxy.general.cache.local.size}} {{OPNsense.proxy.general.cache.local.l1}} {{OPNsense.proxy.general.cache.local.l2}}
{% else %} {% endif %}
cache deny all {% endif %}
cache_mem 0
{% endif %} {% endif %}
# Leave coredumps in the first cache dir # Leave coredumps in the first cache dir
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023