Re: [squid-users] external_acl_type helper problems

From: Amos Jeffries <>
Date: Mon, 09 Jul 2012 23:19:43 +1200

On 9/07/2012 9:32 p.m., ml ml wrote:
> Hello List,
> i am using a perl script for ACL like this:
> external_acl_type ldap_surfer negative_ttl=60 ttl=60 children=200
> %DST %SRC /etc/squid/
> acl ldap_users external ldap_surfer
> http_access allow ldap_users
> However, after a squid upgrade from squid- to squid-3.1.19 i
> am getting DENIED request. When i turn on ACL Debug i seee this:
> ACL::ChecklistMatches: result for 'ldap_users' is -1

-1 means waiting for a reply from the helper. There should be a followup
check with 0/1 result when Squid actually receives the helper reply.

> My /etc/squid/ perl script might not be the best
> ( i am doing some ldap and mysql stuff in there), so i modified it to
> a very simple script:
> #!/usr/bin/perl
> use strict;
> $|=1;
> while(defined(my $INPUT = <STDIN>)) {
> print "OK\n";
> next;
> }
> I have about 300 Clients and the traffic is quite high. I have the
> feeling that squid or the script is not very efficent.
> Can i use concurrency=X here with this perl script? Am i using the
> syntax right? Or am i doing anything wrong?

That is correct for a non-concurrent always-OK helper.

concurrency would be better if you can add it. But for figuring out what
is wrong what you have seems fine, although I've not seen that variable
defined in while() parameter syntax before so can't say myself if there
is anything right or wrong about it.

I recommend adding a -d flag to your helper that produces debugging
messages about what it is doing on stderr.

Received on Mon Jul 09 2012 - 11:19:53 MDT

This archive was generated by hypermail 2.2.0 : Mon Jul 09 2012 - 12:00:01 MDT