On 3/04/2012 3:22 p.m., Eliezer Croitoru wrote:
> On 03/04/2012 05:57, Amos Jeffries wrote:
>> On 03.04.2012 13:56, Eliezer Croitoru wrote:
> <SNIP>
>>>
>>> #!/bin/bash
>>> i=0
>>> while read line; do
>>>
>>> if [ $i == 1 ]
>>> then
>>> echo 'OK'
>>> i=0
>>> else
>>> echo 'ERR'
>>> i=1
>>> fi
>>> done
>>>
>>> and on squid.conf tried:
>>>
>>> external_acl_type rrselector %URI /somedir/script.sh ttl=0
>>> negative_ttl=0 grace=0 children-startup=1 children-max=1
>>
>> directive options go before the % format codes. The above says that
>> helper command line is:
>> "/somedir/script.sh ttl=0 negative_ttl=0 grace=0 children-startup=1
>> children-max=1"
>>
>>
>>>
>>> acl rrs external rrselector
>>>
>>> tcp_outgoing_address 10.0.0.1 rrs
>>> tcp_outgoing_address 10.0.0.2 !rrs
>>>
>>>
>>> but i seems to get this output every time i do a request.
>>
>> tcp_outgoing_address is a "fast" group ACL check. It can use previously
>> cached results or schedule lookups, but cannot wait for them to
>> complete.
>>
>> If you get that config right your *=0 settings will prevent the
>> triggered lookups from caching any results, and the new lookup can't be
>> waited for so there is never any match possible.
>
> just a sec.
> i copied the code damn wrong from squid.conf (early hours of the morning)
> it is as you say:
> external_acl_type rrselector ttl=0 negative_ttl=0 grace=0
> children-startup=1 children-max=1 %URI /somedir/script.sh
>
>
> but what can be done?
> means if it's a fast and so.. i will might need to do some early use
> of the acl with some caching?
> what mean is like run any use of this specific acl rrs on let say
>
> http_access allow rrs dummy_acl_that_will_be_never_matched
Yes exactly so.
NP: the second all hack can be used here: "!all" is
"dummy_acl_that_will_be_never_matched"
>
>
> Thanks,
> Eliezer
>
>>
>>>
>>> 2012/04/03 04:48:33.356 kid1| external_acl.cc(778) aclMatchExternal:
>>> acl="rrs1"
>>> 2012/04/03 04:48:33.356 kid1| external_acl.cc(807) aclMatchExternal:
>>> No helper entry available
>>> 2012/04/03 04:48:33.356 kid1| aclMatchExternal:
>>> rrs1("192.168.10.100") = lookup needed
>>> 2012/04/03 04:48:33.356 kid1| aclMatchExternal: "192.168.10.100":
>>> entry=@0, age=0
>>> 2012/04/03 04:48:33.356 kid1| aclMatchExternal: "192.168.10.100":
>>> queueing a call.
>>> 2012/04/03 04:48:33.356 kid1| aclMatchExternal: "192.168.10.100":
>>> return -1.
>>> 2012/04/03 04:48:33.356 kid1| external_acl.cc(778) aclMatchExternal:
>>> acl="rrs1"
>>> 2012/04/03 04:48:33.356 kid1| external_acl.cc(807) aclMatchExternal:
>>> No helper entry available
>>> 2012/04/03 04:48:33.356 kid1| aclMatchExternal:
>>> rrs1("192.168.10.100") = lookup needed
>>> 2012/04/03 04:48:33.356 kid1| aclMatchExternal: "192.168.10.100":
>>> entry=@0, age=0
>>> 2012/04/03 04:48:33.356 kid1| aclMatchExternal: "192.168.10.100":
>>> queueing a call.
>>> 2012/04/03 04:48:33.357 kid1| aclMatchExternal: "192.168.10.100":
>>> return -1.
>>>
>>>
>>> i am trying to understand what i did wrong.
>>> i have used only one children to avoid any problem of two different
>>> RR counts.
>>
>>
>> The "" quoted part is the lookup being passed to the helper. So either
>> you actually used %SRC or %DST etc in your external_acl_type format or
>> those lines are not related toe the tcp_outgoing_address lookups.
>>
>>
>> Amos
>
>
Received on Tue Apr 03 2012 - 06:04:22 MDT
This archive was generated by hypermail 2.2.0 : Tue Apr 03 2012 - 12:00:04 MDT