Show
Ignore:
Timestamp:
06/08/09 11:19:03 (3 years ago)
Author:
Neutron Soutmun <neo.neutron@…>
Children:
2f0141c49bb55157f24738404aa77367a6a45fed
Parents:
96808c5450804cf9cc6a590500ccce6131c2b937
git-committer:
Neutron Soutmun <neo.neutron@…> (06/08/09 11:19:03)
Message:

Fix bashisms and enable http login

  • Fix bashisms of firewall.sh script.
  • Enable http login which only https enabled before.
  • Do not redirect the local web traffic to the proxy.
Files:
1 modified

Legend:

Unmodified
Added
Removed

  • tools/firewall.sh.in

    r9679928 r03dc5e3  
    536536  # SQUID Cache-Proxy 
    537537  ## 
    538   if [ "$PROXY" = "yes" -o "$PROXY" = "transparent" ]; then 
    539     if [ "$PROXY_HOST" = "localhost" -o "$PROXY_HOST" = "127.0.0.1" ]; then 
     538  if [ "$PROXY" = "yes" ] || [ "$PROXY" = "transparent" ]; then 
     539    if [ "$PROXY_HOST" = "localhost" ] || [ "$PROXY_HOST" = "127.0.0.1" ]; then 
    540540      $IPTABLES -A $CHAIN_INPUT_AUTH -p tcp --dport $PROXY_PORT -j ACCEPT 
    541541    fi 
    542542 
    543543    if [ "$PROXY" = "transparent" ]; then 
    544       if [ "$PROXY_HOST" = "localhost" -o "$PROXY_HOST" = "127.0.0.1" ]; then 
     544      if [ "$PROXY_HOST" = "localhost" ] || [ "$PROXY_HOST" = "127.0.0.1" ]; then 
    545545        $IPTABLES -t nat -A $CHAIN_NAT_PREROUTING -p tcp --dport http \ 
     546          -d ! $VSERVER_IP \ 
    546547          -m connmark --mark 2/2 -j REDIRECT --to-ports $PROXY_PORT 
    547548      else 
    548549        $IPTABLES -t nat -A $CHAIN_NAT_PRETROUTING -p tcp --dport http \ 
     550          -d ! $VSERVER_IP \ 
    549551          -m connmark --mark 2/2 \ 
    550552          -j DNAT --to-destination $PROXY_HOST:$PROXY_PORT