From 9ae2a03955e480f0bd29d77b13ab93d4bb79b0ba Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Fri, 4 Jun 2021 14:06:37 +0200
Subject: [PATCH] proxy: simplification de la boucle

---
 minifirewall      | 4 ----
 minifirewall.conf | 8 ++++----
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/minifirewall b/minifirewall
index 67b2c52..349833f 100755
--- a/minifirewall
+++ b/minifirewall
@@ -415,10 +415,6 @@ start() {
     # Proxy (Squid)
     if is_proxy_enabled; then
         ${IPT} -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner proxy -j ACCEPT
-        if [ -n "${INTLAN}" ]; then
-            ${IPT} -t nat -A OUTPUT -p tcp --dport 80 -d "${INTLAN}" -j ACCEPT
-        fi
-        ${IPT} -t nat -A OUTPUT -p tcp --dport 80 -d "127.0.0.0/8" -j ACCEPT
         for dstip in ${PROXYBYPASS}; do
             ${IPT} -t nat -A OUTPUT -p tcp --dport 80 -d "${dstip}" -j ACCEPT
         done
diff --git a/minifirewall.conf b/minifirewall.conf
index b73910f..6a1f180 100644
--- a/minifirewall.conf
+++ b/minifirewall.conf
@@ -79,10 +79,10 @@ NTPOK='0.0.0.0/0'
 
 # Proxy (Squid)
 PROXY='off'
-# (destinations that bypass the proxy. ${INTLAN} and '127.0.0.0/8' are always added to the list)
-PROXYBYPASS=''
-# (proxy port, default if missing: '8888')
-PROXYPORT=''
+# (proxy port)
+PROXYPORT='8888'
+# (destinations that bypass the proxy)
+PROXYBYPASS="${INTLAN} 127.0.0.0/8"
 
 # Backup servers
 # (add IP:PORT for each one, example: '192.168.10.1:1234 192.168.10.2:5678')