# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4 # $Id$ PortSystem 1.0 name squid3-devel version 3.2.0.4 set branch [join [lrange [split ${version} .] 0 1] .] categories net platforms darwin license GPL-2+ maintainers snc openmaintainer description advanced proxy caching server for http, https, ftp, gopher long_description Squid is a high-performance proxy caching server for \ web clients, supporting FTP, gopher, and HTTP data \ objects. Unlike traditional caching software, Squid \ handles all requests in a single, non-blocking, \ I/O-driven process. Squid keeps meta data and \ especially hot objects cached in RAM, caches DNS \ lookups, supports non-blocking DNS lookups, and \ implements negative caching of failed requests. homepage http://www.squid-cache.org/ master_sites http://mirrors.24-7-solutions.net/pub/squid/ \ http://mirror.aarnet.edu.au/pub/squid/squid/ \ http://www.mirrorservice.org/sites/ftp.squid-cache.org/pub/squid/ \ http://ftp.ring.gr.jp/archives/net/www/squid/ \ ftp://ftp.is.co.za/pub/squid/ \ ftp://ftp1.cl.squid-cache.org/pub/squid/ \ http://www.squid-cache.org/Versions/v3/${branch}/ \ ftp://ftp.squid-cache.org/pub/squid/ distname squid-${version} checksums rmd160 a982884dc513e29d39545e0c09e7ddf4d24a47f2 \ sha256 54bd5f06c676862f5156b2da0cfd4d8c9d6d358227d90884fc1b54de24caf38b use_bzip2 yes patchfiles patch-cf.data.pre.diff depends_lib port:openssl port:zlib conflicts squid squid3 #configure.args #--with-pthreads \ # --enable-shared \ # --mandir=${prefix}/share/man \ # --sysconfdir=${prefix}/etc/squid \ # --datadir=${prefix}/share/squid \ # --localstatedir=${prefix}/var/squid \ # --with-openssl=${prefix} \ # --enable-delay-pools \ # --enable-removal-policies \ # --enable-storeio=ufs,aufs,diskd \ # --enable-disk-io=AIO,Blocking,DiskDaemon,DiskThreads \ # --enable-icap-client \ # --with-default-user=squid \ # --disable-ipv6 #post-configure { # if {[variant_isset universal]} { # system "cd ${worksrcpath} && ed - ${worksrcpath}/include/autoconf.h < ${filespath}/include_autoconf.h.ed && touch include/stamp-h1" # } #} build.args DEFAULT_PID_FILE=${prefix}/var/run/squid/squid.pid use_parallel_build yes startupitem.create yes startupitem.name Squid set start_extra "" set stop_extra "" # this will insert firewall rules to force a specific user to use squid for their connections # this implementation will only impact rule numbers 100 and 101. # A user may be matched by name or identification number. # you will not want to force squid to use itself (infinite loop) if {[variant_isset ipfw_transparent] || [variant_isset https]} { append start_extra "ipfw add 99 allow tcp from me to any dst-port 80 uid squid out\n" append stop_extra "ipfw delete 99\n" } if {[variant_isset ipfw_transparent]} { append start_extra "ipfw add 100 fwd 127.0.0.1,3128 tcp from me to any dst-port 80 out\n" append stop_extra "ipfw delete 100\n" } if {[variant_isset https]} { append start_extra "ipfw add 101 fwd 127.0.0.1,3129 tcp from me to any dst-port 443 out\n" append stop_extra "ipfw delete 101\n" } startupitem.start \ "cd ${prefix}/var/squid" \ "if \[ ! -d \"${prefix}/var/squid/cache/00\" \]; then" \ "\tsu -fm root -c \"exec ${prefix}/sbin/squid -s -z\"" \ "fi" \ $start_extra \ "su -fm root -c \"exec ${prefix}/sbin/squid -s\"" startupitem.stop \ "cd ${prefix}/var/squid" \ $stop_extra \ "su -fm root -c \"exec ${prefix}/sbin/squid -k shutdown\"" pre-destroot { add_users squid group=squid realname=Squid\ Proxy home=${prefix}/var/squid } post-destroot { reinplace "s|/etc/squid|${prefix}/etc/squid|g" \ ${destroot}${prefix}/share/man/man8/squid.8 xinstall -o squid -g squid -m 755 -d \ ${destroot}${prefix}/var/run/squid ${destroot}${prefix}/var/squid \ ${destroot}${prefix}/var/squid/cache ${destroot}${prefix}/var/squid/logs reinplace "s|http_port 3128|http_port 127.0.0.1:3128 intercept|" \ ${destroot}${prefix}/etc/squid/squid.conf.default set config [open ${destroot}${prefix}/etc/squid/squid.conf.default a] if {[variant_isset https]} { puts $config "https_port 127.0.0.1:3129 intercept sslBump" puts $config "sslproxy_cafile ${prefix}/share/curl/curl-ca-bundle.crt" puts $config "# Bumped requests have relative URLs so Squid has to use" puts $config "# reverse proxy or accelerator code. By default, that" puts $config "# code denies direct forwarding. The need for this option" puts $config "# may disappear in the future." puts $config "always_direct allow all" puts $config "" puts $config "# if a site uses a self-signed certificate it will" puts $config "# produce errors" puts $config "#acl TrustedName dstdomain .domain.org" puts $config "#sslproxy_cert_error allow TrustedName" puts $config "#sslproxy_cert_error deny all" } puts $config "visible_hostname localhost" puts $config "shutdown_lifetime 1 second" close $config file delete -force ${destroot}${prefix}/etc/squid/squid.conf \ ${destroot}${prefix}/etc/squid/mime.conf \ ${destroot}${prefix}/etc/squid/cachemgr.conf } destroot.keepdirs ${destroot}${prefix}/var/run/squid \ ${destroot}${prefix}/var/squid/cache \ ${destroot}${prefix}/var/squid/logs post-activate { # Make sure initial conf files are present and setup correctly foreach f { squid.conf mime.conf cachemgr.conf } { if {![file exists ${prefix}/etc/squid/${f}]} { file copy ${prefix}/etc/squid/${f}.default \ ${prefix}/etc/squid/${f} } } } variant kqueue description "Enable kqueue() support (experimental)" { configure.args-append --enable-kqueue } variant ipfw_transparent description "Enable transparent proxy support using IPFW" { configure.args-append --enable-ipfw-transparent } variant https requires ipfw_transparent description "Enable https client requests" { configure.args-append --enable-ssl depends_run-append port:curl-ca-bundle } startupitem.netchange yes livecheck.type regex livecheck.url http://www.squid-cache.org/Versions/v3/${branch}/ livecheck.regex >squid-(${branch}\[.0-9\]+)<