MIME Filter Bypass for Advanced Proxy

This is a modification to the Advanced Proxy Mod for Smoothwall Express v3.0 to allow a "bypass" of the MIME filter. This modification has been tested with Smoothwall Express v3.0 with update 1 and the Advanced Proxy Mod, versions 2.1.5 & 2.1.6 by marco.s.

MIME Filter Bypass Screenshot

MIME Filter Bypass screenshot
(click to enlarge)

note: On 15 Dec 2007, s-t-p released Adzapper for Smoothwall Express 3.0. The Adzapper mod replaces the advproxy.cgi page and will break the MIME Filter Bypass mod. I have not yet completed a ChangeLog, but here is a copy of my advproxy.cgi page that will allow both Adzapper and MIME Filter Bypass to co-exist. Install Advanced Proxy, then Adzapper, and then copy the modified advproxy.cgi file mentioned previously to your smoothie using the instructions below.

Warning: This modification requires several edits of two different files on your system. This guide assumes you are comfortable editing files on your smoothie.

Aternatively, you can also download a copy of my advproxy.cgi file. You will still need to edit your base.pl file (see below), but you will not have to do any editing to the advproxy.cgi file yourself. You should be able to simply drop the file into your smoothie at /httpd/cgi-bin/ (assuming you have the same version information listed above), and then change the permissions so it accessible from the web gui.

• it is a good idea to backup your orginal advproxy.cgi file before replacing in case of any incompatibilities •
Backup advproxy.cgi: 
cp /httpd/cgi-bin/advproxy.cgi /httpd/cgi-bin/advproxy.cgi.bak
Copy the downloaded advproxy.cgi to your smoothwall at /httpd/cgi-bin/ using WinSCP or similar.
Set advproxy.cgi permissions: 
chmod 755 /http/cgi-bin/advproxy.cgi

Keep in mind that your row numbers may not match up exactly if you have edited your advproxy.cgi file previously or if you have different mods installed than I do (which is likely).

• as always, it is a good idea to backup your files before you begin editing, this can save you from a world of hurt if you make a mistake •
Backup base.pl: 
cp /usr/lib/smoothwall/langs/base.pl /usr/lib/smoothwall/langs/base.pl.bak
To Edit base.pl: 
joe /usr/lib/smoothwall/langs/base.pl
base.pl Changes: 
 ============================================
== Update /usr/lib/smoothwall/langs/base.pl ==
 ============================================

(Row 1073)
Find:
  'advproxy MIME block types' => ' Block these MIME types (one per line)',

Replace with:
  'advproxy MIME block types' => ' Block these MIME types (one per line)',
  'advproxy MIME bypass' => ' Allow these domains to bypass MIME filter (one per line)',
Backup advproxy.cgi: 
cp /httpd/cgi-bin/advproxy.cgi /httpd/cgi-bin/advproxy.cgi.bak
To Edit advproxy.cgi: 
joe /httpd/cgi-bin/advproxy.cgi
advproxy.cgi Changes: 
 ======================
== MIME Filter Bypass ==
 ======================

(Row 83)
Find:
  my $mimetypes = "${swroot}/proxy/advanced/mimetypes";

Replace with:
  my $mimetypes = "${swroot}/proxy/advanced/mimetypes";
  my $mimebypass = "${swroot}/proxy/advanced/mimebypass";

(Row 144)
Find:
  unless (-e $mimetypes) { system("touch $mimetypes"); }

Replace with:
  unless (-e $mimetypes) { system("touch $mimetypes"); }
  unless (-e $mimebypass) { system("touch $mimebypass"); }

(Row 226)
Find:
  $proxysettings{'ENABLE_MIME_FILTER'} = 'off';

Replace with:
  $proxysettings{'ENABLE_MIME_FILTER'} = 'off';
  $proxysettings{'ENABLE_MIME_BYPASS'} = 'off';

(Row 557)
Find:
  delete $proxysettings{'MIME_TYPES'};

Replace with:
  delete $proxysettings{'MIME_TYPES'};
  delete $proxysettings{'MIME_BYPASS'};

(Row 748)
Find:
  $checked{'ENABLE_MIME_FILTER'}{$proxysettings{'ENABLE_MIME_FILTER'}} = "checked='checked'";

Replace with:
  $checked{'ENABLE_MIME_FILTER'}{$proxysettings{'ENABLE_MIME_FILTER'}} = "checked='checked'";
  
  $checked{'ENABLE_MIME_BYPASS'}{'off'} = '';  
  $checked{'ENABLE_MIME_BYPASS'}{'on'} = '';   
  $checked{'ENABLE_MIME_BYPASS'}{$proxysettings{'ENABLE_MIME_BYPASS'}} = "checked='checked'";

(Row 1497)
Find:
  <td width='20%'><input type='checkbox' name='ENABLE_MIME_FILTER' $checked{'ENABLE_MIME_FILTER'}{'on'} /></td>

Replace with:
  <td width='20%'><input type='checkbox' name='ENABLE_MIME_FILTER' $checked{'ENABLE_MIME_FILTER'}{'on'} /></td>
	<td width='10%'> </td>
	<td width='25%' class='base'>$tr{'advproxy enabled'}</td>
	<td width='20%'><input type='checkbox' name='ENABLE_MIME_BYPASS' $checked{'ENABLE_MIME_BYPASS'}{'on'} /></td>

(Row 1503)
Find:
	<td  colspan='2' class='base'>$tr{'advproxy MIME block types'}: <img src='/ui/img/blob.gif' alt='*' /></td>
	<td> </td>
  <td> </td>

Replace with:
	<td  colspan='2' class='base'>$tr{'advproxy MIME block types'}: <img src='/ui/img/blob.gif' alt='*' /></td>
	<td> </td>
	<td  colspan='2' class='base'>$tr{'advproxy MIME bypass'}: <img src='/ui/img/blob.gif' alt='*' /></td>

(Row 1514)
Find:
  print <<END
  </textarea></td>
    <td> </td>
    <td> </td>
  </tr>
  </table>
  END
  ;

Replace with:
  print <<END
  </textarea></td>
    <td> </td>
  	<td colspan='2'><textarea name='MIME_BYPASS' cols='32' rows='6' wrap='off'>
  END
  ;

  print $proxysettings{'MIME_BYPASS'};

  print <<END
  </textarea></td>
  </tr>   
  </table>
  END
  ;

(Row 2442)
Find:
	if (-e "$mimetypes") {
		open(FILE,"$mimetypes");
		delete $proxysettings{'MIME_TYPES'};
		while (<FILE>) { $proxysettings{'MIME_TYPES'} .= $_ };
		close(FILE);
	}

Replace with:
	if (-e "$mimetypes") {
		open(FILE,"$mimetypes");
		delete $proxysettings{'MIME_TYPES'};
		while (<FILE>) { $proxysettings{'MIME_TYPES'} .= $_ };
		close(FILE);
	}
	if (-e "$mimebypass") {
		open(FILE,"$mimebypass");
		delete $proxysettings{'MIME_BYPASS'};
		while (<FILE>) { $proxysettings{'MIME_BYPASS'} .= $_ };
		close(FILE);
	}

(Row 2810)
Find:
	open(FILE, ">$mimetypes");
	flock(FILE, 2);
	print FILE $proxysettings{'MIME_TYPES'};
	close(FILE);

Replace with:
	open(FILE, ">$mimetypes");
	flock(FILE, 2);
	print FILE $proxysettings{'MIME_TYPES'};
	close(FILE);
	
	open(FILE, ">$mimebypass");
	flock(FILE, 2);
	print FILE $proxysettings{'MIME_BYPASS'};
	close(FILE);

(Row 3258)
Find:
	if ((!-z $mimetypes) && ($proxysettings{'ENABLE_MIME_FILTER'} eq 'on')) {
		print FILE "acl blocked_mimetypes rep_mime_type \"$mimetypes\"\n\n";
	}

Replace with:
	if ((!-z $mimetypes) && ($proxysettings{'ENABLE_MIME_FILTER'} eq 'on')) {
		print FILE "acl blocked_mimetypes rep_mime_type \"$mimetypes\"\n\n";
	
		if ((!-z $mimebypass) && ($proxysettings{'ENABLE_MIME_BYPASS'} eq 'on')) {
			print FILE "acl mime_bypass dstdomain \"$mimebypass\"\n\n";
		}
	}

(Row 3772)
Find:
	print FILE "http_reply_access deny  blocked_mimetypes\n";

Replace with:
  if ((!-z $mimebypass) && ($proxysettings{'ENABLE_MIME_BYPASS'} eq 'on')) {
  	print FILE "http_reply_access deny blocked_mimetypes !mime_bypass\n";
  }
  else {
  	print FILE "http_reply_access deny  blocked_mimetypes\n";
  }