--- /dev/null
+config tinyproxy
+
+#
+# Enable the proxy
+#
+option enable 0
+
+#
+# Name of the user the tinyproxy daemon should switch to after the port
+# has been bound.
+#
+option User nobody
+option Group nogroup
+
+#
+# Port to listen on.
+#
+option Port 8888
+
+#
+# If you have multiple interfaces this allows you to bind to only one. If
+# this is commented out, tinyproxy will bind to all interfaces present.
+#
+#option Listen 192.168.0.1
+
+#
+# The Bind directive allows you to bind the outgoing connections to a
+# particular IP address.
+#
+#option Bind 192.168.0.1
+
+#
+# Timeout: The number of seconds of inactivity a connection is allowed to
+# have before it closed by tinyproxy.
+#
+#option Timeout 600
+
+#
+# ErrorFile: Defines the HTML file to send when a given HTTP error
+# occurs. You will probably need to customize the location to your
+# particular install. The usual locations to check are:
+# /usr/local/share/tinyproxy
+# /usr/share/tinyproxy
+# /etc/tinyproxy
+#
+#option ErrorFile_404 "/usr/share/tinyproxy/404.html"
+#option ErrorFile_400 "/usr/share/tinyproxy/400.html"
+#option ErrorFile_503 "/usr/share/tinyproxy/503.html"
+#option ErrorFile_403 "/usr/share/tinyproxy/403.html"
+#option ErrorFile_408 "/usr/share/tinyproxy/408.html"
+
+#
+# DefaultErrorFile: The HTML file that gets sent if there is no
+# HTML file defined with an ErrorFile keyword for the HTTP error
+# that has occured.
+#
+option DefaultErrorFile "/usr/share/tinyproxy/default.html"
+
+#
+# StatFile: The HTML file that gets sent when a request is made
+# for the stathost. If this file doesn't exist a basic page is
+# hardcoded in tinyproxy.
+#
+option StatFile "/usr/share/tinyproxy/stats.html"
+
+#
+# Where to log the information. Either LogFile or Syslog should be set,
+# but not both.
+#
+option Logfile "/var/log/tinyproxy.log"
+#option Syslog On
+
+#
+# Set the logging level. Allowed settings are:
+# Critical (least verbose)
+# Error
+# Warning
+# Notice
+# Connect (to log connections without Info's noise)
+# Info (most verbose)
+# The LogLevel logs from the set level and above. For example, if the LogLevel
+# was set to Warning, than all log messages from Warning to Critical would be
+# output, but Notice and below would be suppressed.
+#
+option LogLevel Info
+
+#
+# Include the X-Tinyproxy header, which has the client's IP address when
+# connecting to the sites listed.
+#
+# list XTinyproxy mydomain.com
+
+#
+# This is the absolute highest number of threads which will be created. In
+# other words, only MaxClients number of clients can be connected at the
+# same time.
+#
+option MaxClients 100
+
+#
+# These settings set the upper and lower limit for the number of
+# spare servers which should be available. If the number of spare servers
+# falls below MinSpareServers then new ones will be created. If the number
+# of servers exceeds MaxSpareServers then the extras will be killed off.
+#
+option MinSpareServers 5
+option MaxSpareServers 20
+
+#
+# Number of servers to start initially.
+#
+option StartServers 10
+
+#
+# MaxRequestsPerChild is the number of connections a thread will handle
+# before it is killed. In practise this should be set to 0, which disables
+# thread reaping. If you do notice problems with memory leakage, then set
+# this to something like 10000
+#
+option MaxRequestsPerChild 0
+
+#
+# The following is the authorization controls. If there are any access
+# control keywords then the default action is to DENY. Otherwise, the
+# default action is ALLOW.
+#
+# Also the order of the controls are important. The incoming connections
+# are tested against the controls based on order.
+#
+list Allow 127.0.0.1
+#list Allow 192.168.0.0/16
+#list Allow 172.16.0.0/12
+#list Allow 10.0.0.0/8
+
+#
+# The "Via" header is required by the HTTP RFC, but using the real host name
+# is a security concern. If the following directive is enabled, the string
+# supplied will be used as the host name in the Via header; otherwise, the
+# server's host name will be used.
+#
+option ViaProxyName "tinyproxy"
+
+#
+# The location of the filter file.
+#
+#option Filter "/etc/tinyproxy/filter"
+
+#
+# Filter based on URLs rather than domains.
+#
+#option FilterURLs On
+
+#
+# Use POSIX Extended regular expressions rather than basic.
+#
+#option FilterExtended On
+
+#
+# Use case sensitive regular expressions.
+#
+#option FilterCaseSensitive On
+
+#
+# Change the default policy of the filtering system. If this directive is
+# commented out, or is set to "No" then the default policy is to allow
+# everything which is not specifically denied by the filter file.
+#
+# However, by setting this directive to "Yes" the default policy becomes to
+# deny everything which is _not_ specifically allowed by the filter file.
+#
+#option FilterDefaultDeny Yes
+
+#
+# If an Anonymous keyword is present, then anonymous proxying is enabled.
+# The headers listed are allowed through, while all others are denied. If
+# no Anonymous keyword is present, then all header are allowed through.
+# You must include quotes around the headers.
+#
+#list Anonymous "Host"
+#list Anonymous "Authorization"
+
+#
+# This is a list of ports allowed by tinyproxy when the CONNECT method
+# is used. To disable the CONNECT method altogether, set the value to 0.
+# If no ConnectPort line is found, all ports are allowed (which is not
+# very secure.)
+#
+# The following two ports are used by SSL.
+#
+list ConnectPort 443
+list ConnectPort 563
+
+#
+# Turns on upstream proxy support.
+#
+# The upstream rules allow you to selectively route upstream connections
+# based on the host/domain of the site being accessed.
+#
+# For example:
+# # connection to test domain goes through testproxy
+#
+#config upstream
+# option type proxy
+# option via testproxy:8008
+# option target ".test.domain.invalid"
+#
+#config upstream
+# option type proxy
+# option via testproxy:8008
+# option target ".our_testbed.example.com"
+#
+#config upstream
+# option type proxy
+# option via testproxy:8008
+# option target "192.168.128.0/255.255.254.0"
+#
+# # no upstream proxy for internal websites and unqualified hosts
+#
+#config upstream
+# option type reject
+# option target ".internal.example.com"
+#
+#config upstream
+# option type reject
+# option target "www.example.com"
+#
+#config upstream
+# option type reject
+# option target "10.0.0.0/8"
+#
+#config upstream
+# option type reject
+# option target "192.168.0.0/255.255.254.0"
+#
+#config upstream
+# option type reject
+# option target "."
+#
+# # default upstream is internet firewall
+#
+#config upstream
+# option type proxy
+# option via firewall.internal.example.com:80
+#
+# The LAST matching rule wins the route decision. As you can see, you
+# can use a host, or a domain:
+# name matches host exactly
+# .name matches any host in domain "name"
+# . matches any host with no domain (in 'empty' domain)
+# IP/bits matches network/mask
+# IP/mask matches network/mask
#!/bin/sh /etc/rc.common
-# Copyright (C) 2006 OpenWrt.org
+# Copyright (C) 2008 OpenWrt.org
START=50
-BIN=tinyproxy
-DEFAULT=/etc/default/$BIN
-RUN_D=/var/run
-PID_F=$RUN_D/$BIN.pid
+DAEMON=/usr/sbin/tinyproxy
+CFGFILE=/var/etc/tinyproxy.conf
start() {
- [ -f $DEFAULT ] && . $DEFAULT
- mkdir -p $RUN_D
- $BIN $OPTIONS
+ config_load tinyproxy
+ config_foreach start_proxy tinyproxy
}
stop() {
- [ -f $PID_F ] && kill $(cat $PID_F)
+ start-stop-daemon -q -x "$DAEMON" -K
+ rm -f $CFGFILE
+}
+
+start_proxy() {
+ config_get_bool enable "$1" enable
+ [ "$enable" -eq "1" ] || return 0
+
+ echo '### AUTOGENERATED CONFIGURATION' > $CFGFILE
+ echo '### DO NOT EDIT' >> $CFGFILE
+ echo '### SEE /etc/config/tinyproxy INSTEAD' >> $CFGFILE
+ echo '' >> $CFGFILE
+
+ proxy_atom "$1" User >> $CFGFILE
+ proxy_atom "$1" Group >> $CFGFILE
+ proxy_atom "$1" Port 8888 >> $CFGFILE
+ proxy_atom "$1" Listen >> $CFGFILE
+ proxy_atom "$1" Bind >> $CFGFILE
+ proxy_atom "$1" Timeout >> $CFGFILE
+
+ proxy_string "$1" ErrorFile_400 "ErrorFile 400" >> $CFGFILE
+ proxy_string "$1" ErrorFile_403 "ErrorFile 403" >> $CFGFILE
+ proxy_string "$1" ErrorFile_404 "ErrorFile 404" >> $CFGFILE
+ proxy_string "$1" ErrorFile_408 "ErrorFile 408" >> $CFGFILE
+ proxy_string "$1" ErrorFile_503 "ErrorFile 503" >> $CFGFILE
+
+ proxy_string "$1" DefaultErrorFile >> $CFGFILE
+ proxy_string "$1" StatFile >> $CFGFILE
+ proxy_string "$1" Logfile >> $CFGFILE
+
+ proxy_flag "$1" SysLog >> $CFGFILE
+
+ proxy_atom "$1" LogLevel >> $CFGFILE
+
+ proxy_list "$1" XTinyproxy >> $CFGFILE
+
+ proxy_atom "$1" MaxClients >> $CFGFILE
+ proxy_atom "$1" MinSpareServers >> $CFGFILE
+ proxy_atom "$1" MaxSpareServers >> $CFGFILE
+ proxy_atom "$1" StartServers >> $CFGFILE
+ proxy_atom "$1" MaxRequestsPerChild >> $CFGFILE
+ proxy_atom "$1" Allow >> $CFGFILE
+
+ proxy_string "$1" ViaProxyName >> $CFGFILE
+ proxy_string "$1" Filter >> $CFGFILE
+
+ proxy_flag "$1" FilterURLs >> $CFGFILE
+ proxy_flag "$1" FilterExtended >> $CFGFILE
+ proxy_flag "$1" FilterCaseSensitive >> $CFGFILE
+ proxy_flag "$1" FilterDefaultDeny Yes No >> $CFGFILE
+
+ proxy_list "$1" Anonymous '"' >> $CFGFILE
+ proxy_list "$1" ConnectPort >> $CFGFILE
+
+ config_foreach write_upstream upstream
+
+ start-stop-daemon -q -x "$DAEMON" -S -- -c "$CFGFILE"
+}
+
+write_upstream() {
+ local type
+ local via
+ local target
+
+ config_get "type" "$1" "type"
+ config_get via "$1" via
+ config_get target "$1" target
+ [ -n "$target" ] && target=' "'"$target"'"'
+
+ [ "$type" == "proxy" -a -n "$via" ] && \
+ echo "upstream $via$target" >> $CFGFILE
+
+ [ "$type" == "reject" -a -n "$target" ] && \
+ echo "no upstream$target" >> $CFGFILE
+}
+
+proxy_atom() {
+ local SECTION=$1
+ local OPTION=$2
+ local DEFAULT=$3
+
+ config_get _value "$SECTION" "$OPTION"
+ [ -z "$_value" ] && _value="$DEFAULT"
+ [ -n "$_value" ] && echo "$OPTION $_value"
+}
+
+proxy_string() {
+ local SECTION=$1
+ local OPTION=$2
+ local ALIAS=$3
+
+ config_get _value "$SECTION" "$OPTION"
+ [ -n "$_value" ] && echo "${ALIAS:-${OPTION}} "'"'"$_value"'"'
+}
+
+proxy_flag() {
+ local SECTION=$1
+ local OPTION=$2
+ local TRUE="${3:-On}"
+ local FALSE="${4:-Off}"
+
+ config_get_bool _value "$SECTION" "$OPTION"
+ [ "$_value" -eq "1" ] && _value="$TRUE" || _value="$FALSE"
+ echo "$OPTION $_value"
+}
+
+proxy_list() {
+ local SECTION=$1
+ local OPTION=$2
+ local ENCLOSE=$3
+
+ config_get _value "$SECTION" "$OPTION"
+ [ -n "$_value" ] && {
+ for entry in $_value; do
+ echo "$OPTION ${ENCLOSE}${entry}${ENCLOSE}"
+ done
+ }
}
projects / openwrt / svn-archive / archive.git / commitdiff