diff options
Diffstat (limited to 'data/templates/squid/squidGuard.conf.tmpl')
| -rw-r--r-- | data/templates/squid/squidGuard.conf.tmpl | 124 |
1 files changed, 0 insertions, 124 deletions
diff --git a/data/templates/squid/squidGuard.conf.tmpl b/data/templates/squid/squidGuard.conf.tmpl deleted file mode 100644 index 5e877f01f..000000000 --- a/data/templates/squid/squidGuard.conf.tmpl +++ /dev/null @@ -1,124 +0,0 @@ -### generated by service_webproxy.py ### - -{% macro sg_rule(category, log, db_dir) %} -{% set expressions = db_dir + '/' + category + '/expressions' %} -dest {{ category }}-default { - domainlist {{ category }}/domains - urllist {{ category }}/urls -{% if expressions | is_file %} - expressionlist {{ category }}/expressions -{% endif %} -{% if log is vyos_defined %} - log blacklist.log -{% endif %} -} -{% endmacro %} - -{% if url_filtering is vyos_defined and url_filtering.disable is not vyos_defined %} -{% if url_filtering.squidguard is vyos_defined %} -{% set sg_config = url_filtering.squidguard %} -{% set acl = namespace(value='local-ok-default') %} -{% set acl.value = acl.value + ' !in-addr' if sg_config.allow_ipaddr_url is not defined else acl.value %} -dbhome {{ squidguard_db_dir }} -logdir /var/log/squid - -rewrite safesearch { - s@(.*\.google\..*/(custom|search|images|groups|news)?.*q=.*)@\1\&safe=active@i - s@(.*\..*/yandsearch?.*text=.*)@\1\&fyandex=1@i - s@(.*\.yahoo\..*/search.*p=.*)@\1\&vm=r@i - s@(.*\.live\..*/.*q=.*)@\1\&adlt=strict@i - s@(.*\.msn\..*/.*q=.*)@\1\&adlt=strict@i - s@(.*\.bing\..*/search.*q=.*)@\1\&adlt=strict@i - log rewrite.log -} - -{% if sg_config.local_ok is vyos_defined %} -{% set acl.value = acl.value + ' local-ok-default' %} -dest local-ok-default { - domainlist local-ok-default/domains -} -{% endif %} -{% if sg_config.local_ok_url is vyos_defined %} -{% set acl.value = acl.value + ' local-ok-url-default' %} -dest local-ok-url-default { - urllist local-ok-url-default/urls -} -{% endif %} -{% if sg_config.local_block is vyos_defined %} -{% set acl.value = acl.value + ' !local-block-default' %} -dest local-block-default { - domainlist local-block-default/domains -} -{% endif %} -{% if sg_config.local_block_url is vyos_defined %} -{% set acl.value = acl.value + ' !local-block-url-default' %} -dest local-block-url-default { - urllist local-block-url-default/urls -} -{% endif %} -{% if sg_config.local_block_keyword is vyos_defined %} -{% set acl.value = acl.value + ' !local-block-keyword-default' %} -dest local-block-keyword-default { - expressionlist local-block-keyword-default/expressions -} -{% endif %} - -{% if sg_config.block_category is vyos_defined %} -{% for category in sg_config.block_category %} -{{ sg_rule(category, sg_config.log, squidguard_db_dir) }} -{% set acl.value = acl.value + ' !' + category + '-default' %} -{% endfor %} -{% endif %} -{% if sg_config.allow_category is vyos_defined %} -{% for category in sg_config.allow_category %} -{{ sg_rule(category, False, squidguard_db_dir) }} -{% set acl.value = acl.value + ' ' + category + '-default' %} -{% endfor %} -{% endif %} -{% if sg_config.source_group is vyos_defined %} -{% for sgroup, sg_config in sg_config.source_group.items() %} -{% if sg_config.address is vyos_defined %} -src {{ sgroup }} { -{% for address in sg_config.address %} - ip {{ address }} -{% endfor %} -} - -{% endif %} -{% endfor %} -{% endif %} -{% if sg_config.rule is vyos_defined %} -{% for rule, rule_config in sg_config.rule.items() %} -{% for b_category in rule_config.block_category%} -dest {{ b_category }} { - domainlist {{ b_category }}/domains - urllist {{ b_category }}/urls -} -{% endfor %} - -{% endfor %} -{% endif %} -acl { -{% if sg_config.rule is vyos_defined %} -{% for rule, rule_config in sg_config.rule.items() %} - {{ rule_config.source_group }} { -{% for b_category in rule_config.block_category%} - pass local-ok-1 !in-addr !{{ b_category }} all -{% endfor %} - } -{% endfor %} -{% endif %} - - default { -{% if sg_config.enable_safe_search is vyos_defined %} - rewrite safesearch -{% endif %} - pass {{ acl.value }} {{ 'none' if sg_config.default_action is vyos_defined('block') else 'allow' }} - redirect 302:http://{{ sg_config.redirect_url }} -{% if sg_config.log is vyos_defined %} - log blacklist.log -{% endif %} - } -} -{% endif %} -{% endif %} |