Re: [squid-users] external_acl_type not working

Your script still has a few bugs..

1. It never terminates when Squid tells it to.. the while loop should
read

    while ( defined ($input = <STDIN>)) {
    }

2. The compare of IP addresses uses numeric comparisation which is not
what you want. Instead of == use eq

3. The reading of your roomaccess file reads lines, not IP addresses..
add a chomp @list; after reading the file and the contents of @list will
look better.

4. Not sure if reading and changing arrays like this is safe from a
signal handler. You should probably be monitoring the file change date
from the main loop instead.

Regards
Henrik

ons 2003-03-12 klockan 11.06 skrev TiloLutz@gmx.de:
> Hi
>
> > > > > Is it possible external_acl_type isn't working in Squid 2.5?
> > > > it is defenitely working.
> > > Does squid cache the acls in any way?
> > Yes, as specified by the ttl option to external_acl_type.
>
> Know I have another strange problem.
> My skript seems to work. It reads a subnet-declaration
> from a file and permit every client access which is in any
> defined subnet.
> But very often access is not permitted although the client
> should have access. Access is denied or granted randomly.
> I don't know where to search the probelm. Is it my perl-skrip
> or a configuration-problem in squid?
>
> #! /usr/bin/perl
> $|=1;
> $workdir = "/usr/local/nms";
> $SIG{ALRM} = \&catch_zap ;
> @list;
> sub catch_zap;
> catch_zap;
> alarm 10;
> while ( 1 == 1 )
> {
> $input = <STDIN> ;
> @temp = split( /\./, $input);
> $input = $temp[0].'.'.$temp[1].'.'.$temp[2].'.0' ;
> $found = 0;
> foreach $ip ( @list )
> {
> if ( "$ip" == "$input" )
> {
> $found = 1;
> }
> }
> if ( $found == 1 )
> {
> print "OK\n";
> }
> else
> {
> print "ERR\n";
> }
> $found = 0;
> }
>
> sub catch_zap
> {
> alarm 10;
> #foreach $ip ( @list )
> open (FILE, "< $workdir/roomaccess");
> @list = <FILE>;
> close FILE;
> }
>
>
> Here are my lines from squid.conf:
> external_acl_type room_external ttl=5 concurrency=10 %SRC
> /usr/local/nms/nmsdeamon2
> acl room external room_external
> http_access allow room
>
>
> Can anybody help me?
>
> Tilo

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden