Re: [squid-users] external_acl_type not working

From: Henrik Nordstrom <[email protected]>
Date: 10 Mar 2003 15:09:19 +0100

m�n 2003-03-10 klockan 14.39 skrev TiloLutz@gmx.de:
> Hi
>
> > On Saturday 08 March 2003 17.42, TiloLutz@gmx.de wrote:
> > > Is it possible external_acl_type isn't working in Squid 2.5?
> > it is defenitely working.
> Does squid cache the acls in any way?

Yes, as specified by the ttl option to external_acl_type.

> > I am missing a "$|=1;" in that script..but that is another question.
> What does this line do?

Disables STDIO buffering in perl to make sure the response from the perl
script is sent to Squid and not waiting in the STDIO buffer of Perl for
more output from your script before sending the data to Squid..

Needed in any helpers to Squid or another program using pipes to talk to
helper processes, as almost all languages default to block buffering if
the output is not sent directly to a terminal, not actually writing the
output until a whole block have been filled.

> Now I use a very basic script. It justs pass the Clientaddress to a file:
> #! /usr/bin/perl
> while ( 1 == 1 )
> {
> $input = <STDIN> ;
> open (FILE, ">> /output");
> print FILE $input ;
> close FILE;
> print "OK\n";
> }
>
> The first time I try to access a website my IP is send to my script.
> But if I close the browser and try another Site my IP won't be sent to my
> script again.

Correct, and it should not until the ttl have expired. Squid already
knows from your first OK response that the IP address is OK.

> Is there any way to change this?

set a suitable ttl for the acl type. There is both a positive TTL (OK
responses) and a negative TTL (ERR responses).

> Background:
> In out school we have several computerrooms. If a room is allowed to use
> the proxy, it's subnetnmask is safed in a file.
> 192.168.3.0/24
> 192.168.6.0/24
> ....
>
> With Squid 2.4 I used an ordinary acl linked with the file and made a
> "suqid -k reconfigure" each time the file has changed.

Which is still possible with Squid-2.5. Or you can use an external acl
helper with a suitable ttl.

> Unfortunatly we use a filtersoftware, smartfilter, which causes squid
> to crash if I'll run squid -k reconfigure.

Then fix SmartFilter.

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden
Received on Mon Mar 10 2003 - 07:09:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:59 MST