T4480:webproxy: Add safe-ports and ssl-safe-ports for acel squid config -- Fix conflicts

author: Nicolas Fort <nicolasfort1988@gmail.com> 2022-07-19 14:54:05 +0000
committer: Nicolas Fort <nicolasfort1988@gmail.com> 2022-07-20 11:41:55 +0000
commit: 3c97f09dcd77636217215e1aa406f00bfc3e5631 (patch)
tree: f64bd6180528b3a9904c2c57cc0511ee31e35544 /data
parent: 0c10980c37d248c2ef454aa33b139ef7047e128a (diff)
download: vyos-1x-3c97f09dcd77636217215e1aa406f00bfc3e5631.tar.gz
vyos-1x-3c97f09dcd77636217215e1aa406f00bfc3e5631.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/data/templates/squid/squid.conf.j2 b/data/templates/squid/squid.conf.j2
index a0fdeb20e..5781c883f 100644
--- a/data/templates/squid/squid.conf.j2
+++ b/data/templates/squid/squid.conf.j2
@@ -2,6 +2,11 @@
 
 acl net src all
 acl SSL_ports port 443
+{% if ssl_safe_ports is vyos_defined %}
+{%     for port in ssl_safe_ports %}
+acl SSL_ports port {{ port }}
+{%     endfor %}
+{% endif %}
 acl Safe_ports port 80          # http
 acl Safe_ports port 21          # ftp
 acl Safe_ports port 443         # https
@@ -13,6 +18,11 @@ acl Safe_ports port 280         # http-mgmt
 acl Safe_ports port 488         # gss-http
 acl Safe_ports port 591         # filemaker
 acl Safe_ports port 777         # multiling http
+{% if safe_ports is vyos_defined %}
+{%     for port in safe_ports %}
+acl Safe_ports port {{ port }}
+{%     endfor %}
+{% endif %}
 acl CONNECT method CONNECT
 
 {% if authentication is vyos_defined %}
author	Nicolas Fort <nicolasfort1988@gmail.com>	2022-07-19 14:54:05 +0000
committer	Nicolas Fort <nicolasfort1988@gmail.com>	2022-07-20 11:41:55 +0000
commit	3c97f09dcd77636217215e1aa406f00bfc3e5631 (patch)
tree	f64bd6180528b3a9904c2c57cc0511ee31e35544 /data
parent	0c10980c37d248c2ef454aa33b139ef7047e128a (diff)
download	vyos-1x-3c97f09dcd77636217215e1aa406f00bfc3e5631.tar.gz vyos-1x-3c97f09dcd77636217215e1aa406f00bfc3e5631.zip