Hi all,
[Please CC me in replies, I am currently not subscribed to this list.]
First a short introduction of the project I am currently working on: I
am the main developer of Gibraltar, a Debian GNU/Linux based firewall
bootable from a live CD-ROM. There is a commercial version with easy to
use web interface, but also a free version (including commercial
in-house uses) available for download.
For the next major release I would like to add HTTP content scanning
support, including anti-virus scanning. Although there are many
special-purpose proxies for that (e.g. privoxy), I decided that squid is
definitely the better solution for a firewall. It's fast and lightweight
enough in terms of memory usage and has many great features for
authenticating users (e.g. NTLM). Unfortunately, in 2.5 there seems to
be no support for content filtering.
Therefore, I am currently trying to forward-port the filter patches from
http://sites.inka.de/sites/bigred/devel/squid-filter.html and will put
that work up on my server as soon as the porting is finished. It hasn't
been updated since about a year and he last post I could locate is
http://www1.cn.squid-cache.org/mail-archive/squid-dev/200203/0137.html .
Olaf, are you already working on a port ? I could not find a notice on
the webpage.
If necessary, I would also be willing to act as a maintainer for the
filtering code and update it for new squid releases (if Olaf is no
longer interested or does currently not have time for it - thanks for
the good work until now!) or integrate it upstream if that is desired.
Now, after a lengthy intro, my real problem :)
Although I have adapted everything to the new cbdata interface and have
it building and loading correctly, I get a runtime assertion when at
least one of the filter modules is loaded and it gets active (i.e.
starting squid with a filter plugin and sitting there idle is ok, but
the first requests will cause the assertion).
==> /var/log/squid/cache.log <==
2004/01/28 20:05:46| assertion failed: cbdata.c:185: "c->y == c"
It of course recovers by restarting. Before failing, a few requests are
actually served and I have not yet tracked down what exactly triggers
the assertion. However, I am quite sure that I have messed up badly when
porting the code for the cbdata usage. I just tried to read other code
that uses the CBDATA macros and mimic that usage. Attached is the
module.c file with the commented out, old calls and my ported calls to
the new interface. If any squid wizard/hacker/guru could give me a hint
on how to use it correctly or where I have messed up, I would really
appreciate it. If I have done something incredibly stupid, please
forgive me as I just had my first 3 hours with squid source code.
Slapping with a clue bat is ok :)
The modified lines around 79ff, 87, 206 and 532.
with best regards,
Rene
This archive was generated by hypermail pre-2.1.9 : Sat Jan 31 2004 - 12:00:10 MST