On Tue, 21 Sep 2004, Anindha Parthy wrote:
> Sequence of Events:
> 1. Squid Receives HTTP request
> 2. Squid retrieves HTML page
> 3. Squid Passes HTML page to classifier
> 4. Squid sends HTML page to client if page is allowed otherwise a
> Access Denied error message
Problem with this approach is that Squid does not work in this manner. It
immediately sends the HTTP reply to the client as it is received. It does
not wait for the entire reply to be available before starting to forward
to the client.
I would recommend you to look into using ICAP for your filtering needs.
The ICAP framework is a future safe approach in how to plug in filtering
and other advanced content manipulations to an http proxy such as Squid.
There is not yet official ICAP support for Squid but there is two
different implementations for Squid-2.5 available from the developer web
site <http://devel.squid-cache.org/>.
On the same web site you can also find an earlier filter implementation
using dynamically loaded modules, perhaps quite similar to what you are
looking into doing. This is however quite limited by the internals of
Squid, unlike the ICAP approach mentioned above.
Note: Squid is GPL and as a result you are only allowed to use GPL modules
with Squid. If your filter implementation is not GPL then dynamic linking
is not an option.
Regards
Henrik
Received on Fri Sep 24 2004 - 17:12:28 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Sep 30 2004 - 12:00:04 MDT