From a674ea4cf8f175d9c006a122499457a27889fc23 Mon Sep 17 00:00:00 2001
From: Eugeni Dodonov <eugeni@mandriva.org>
Date: Tue, 4 May 2010 22:45:49 +0000
Subject: Fix squid config file generation (#58600)

---
 lib/network/squid.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'lib/network/squid.pm')

diff --git a/lib/network/squid.pm b/lib/network/squid.pm
index b92589f..427bce3 100644
--- a/lib/network/squid.pm
+++ b/lib/network/squid.pm
@@ -17,6 +17,7 @@ sub write_squid_conf {
     my ($squid_conf, $intf, $internal_domain_name) = @_;
 
     renamef($squid_conf_file, "$squid_conf_file.old");
+    my $prefix = network::network::netmask_to_vlsm($intf->{NETMASK});
     output($squid_conf_file, qq(
 http_port $squid_conf->{http_port}[0] transparent
 hierarchy_stoplist cgi-bin ?
@@ -31,9 +32,8 @@ refresh_pattern ^ftp:           1440    20%     10080
 refresh_pattern ^gopher:        1440    0%      1440
 refresh_pattern .               0       20%     4320
 half_closed_clients off
-acl all src 0.0.0.0/0.0.0.0
 acl manager proto cache_object
-acl localhost src 127.0.0.1/255.255.255.255
+acl localhost src 127.0.0.0/8
 acl to_localhost dst 127.0.0.0/8
 acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
 acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
@@ -55,7 +55,7 @@ http_access deny manager
 http_access deny !Safe_ports
 http_access deny CONNECT !SSL_ports
 http_access deny to_localhost
-acl mynetwork src $intf->{NETWORK}/$intf->{NETMASK}
+acl mynetwork src $intf->{NETWORK}/$prefix
 http_access allow mynetwork
 http_access allow localnet
 http_access allow localhost
-- 
cgit v1.2.1