> > I am posting this on both dansguardian and squid
> > lists so that it can help
> > anyone with the x-forwarded-for patch.
> >
> > Download squid-2.5.STABLE9.tar.gz and
> > follow_xff-2.5.STABLE5.patch on /tmp
> > Extract the squid tar file with: tar xvfz
> > squid-2.5.STABLE9.tar.gz
> > copy follow_xff-2.5.STABLE5.patch to
> > /tmp/squid-2.5.STABLE9
> > cd to /tmp/squid-2.5.STABLE9 and execute: patch
> -p0
> > <
> > follow_xff-2.5.STABLE5.patch
> >
> > you should get the following errors:
> >
> > FedoraCore2[/tmp/squid-2.5.STABLE9]patch -p0 <
> > follow_xff-2.5.STABLE5.patch
> > patching file acconfig.h
> > patching file bootstrap.sh
> > Hunk #1 succeeded at 66 (offset 7 lines).
> > patching file configure.in
> > Hunk #1 succeeded at 1128 (offset 28 lines).
> > patching file src/acl.c
> > Hunk #1 succeeded at 2147 (offset 107 lines).
> > patching file src/cf.data.pre
> > Hunk #1 succeeded at 2144 (offset 29 lines).
> > patching file src/client_side.c
> > Hunk #2 succeeded at 185 (offset 2 lines).
> > Hunk #4 succeeded at 3308 (offset 58 lines).
> > patching file src/delay_pools.c
> > patching file src/structs.h
> > Hunk #1 FAILED at 594.
> > Hunk #2 succeeded at 634 (offset 14 lines).
> > Hunk #3 succeeded at 1621 (offset 2 lines).
> > Hunk #4 succeeded at 1684 (offset 14 lines).
> > Hunk #5 FAILED at 1697.
> > 2 out of 5 hunks FAILED -- saving rejects to file
> > src/structs.h.rej
> >
> > This means that two hunks (parts) of the patch
> > failed to patch src/structs.h
> > at around lines 594 and 1697. Now look at the
> > src/structs.h.rej which
> > should look like this:
> >
> > ***************
> > *** 594,599 ****
> > int pipeline_prefetch;
> > int request_entities;
> > int detect_broken_server_pconns;
> > } onoff;
> > acl *aclList;
> > struct {
> > --- 594,604 ----
> > int pipeline_prefetch;
> > int request_entities;
> > int detect_broken_server_pconns;
> > + #if FOLLOW_X_FORWARDED_FOR
> > + int acl_uses_indirect_client;
> > + int delay_pool_uses_indirect_client;
> > + int log_uses_indirect_client;
> > + #endif /* FOLLOW_X_FORWARDED_FOR */
> > } onoff;
> > acl *aclList;
> > struct {
> > ***************
> > *** 1681,1686 ****
> > char *peer_login; /* Configured peer
> > login:password */
> > time_t lastmod; /* Used on
> refreshes
> > */
> > const char *vary_headers; /* Used when
> varying
> > entities are detected.
> > Chan
> > ges how the store key is calculated */
> > };
> >
> > struct _cachemgr_passwd {
> > --- 1697,1707 ----
> > char *peer_login; /* Configured peer
> > login:password */
> > time_t lastmod; /* Used on
> refreshes
> > */
> > const char *vary_headers; /* Used when
> varying
> > entities are detected.
> > Chan
> > ges how the store key is calculated */
> > + #if FOLLOW_X_FORWARDED_FOR
> > + /* XXX a list of IP addresses would be a
> > better data structure
> > + * than this String */
> > + String x_forwarded_for_iterator;
> > + #endif /* FOLLOW_X_FORWARDED_FOR */
> > };
> >
> > struct _cachemgr_passwd {
> >
> > As you can see the patch has found some 'issues'
> on
> > line 594 where it was
> > expecting something that it did not find. No
> > problem, just open
> > src/structs.h with 'vi' and go to line 594 and
> > locate the line:
> >
> > int detect_broken_server_pconns;
> >
> > which should be somewhere around there.
> > now insert the following as described by the .rej
> > file (remove the + which
> > means ADD)
> >
> > #if FOLLOW_X_FORWARDED_FOR
> > int acl_uses_indirect_client;
> > int delay_pool_uses_indirect_client;
> > int log_uses_indirect_client;
> > #endif /* FOLLOW_X_FORWARDED_FOR */
> >
> > so around line 594 you should now have:
> >
> > int detect_broken_server_pconns;
> > #if FOLLOW_X_FORWARDED_FOR
> > int acl_uses_indirect_client;
> > int delay_pool_uses_indirect_client;
> > int log_uses_indirect_client;
> > #endif /* FOLLOW_X_FORWARDED_FOR */
> > int balance_on_multiple_ip;
> > int relaxed_header_parser;
> > int accel_uses_host_header;
> > int accel_no_pmtu_disc;
> > } onoff;
> > acl *aclList;
> >
> > OK, let's now go to line 1697 (more or less since
> we
> > have just added a few
> > lines around 594)
> > locate the line:
> >
> > const char *vary_headers; /* Used when varying
> > entities are detected. Chan
> > ges how the store key is calculated */
> >
> > which should be somewhere around there.
> > now insert the following as described by the .rej
> > file (remove the + which
> > means ADD)
> >
> > #if FOLLOW_X_FORWARDED_FOR
> > /* XXX a list of IP addresses would be a
> better
> > data structure
> > * than this String */
> > String x_forwarded_for_iterator;
> > #endif /* FOLLOW_X_FORWARDED_FOR */
> >
> > so around line 1697 you should now have:
> >
> > char *peer_login; /* Configured peer
> > login:password */
> > time_t lastmod; /* Used on
> refreshes
> > */
> > const char *vary_headers; /* Used when
> varying
> > entities are detected.
> > Changes how the store key is calculated */
> > #if FOLLOW_X_FORWARDED_FOR
> > /* XXX a list of IP addresses would be a
> better
> > data structure
> > * than this String */
> > String x_forwarded_for_iterator;
> > #endif /* FOLLOW_X_FORWARDED_FOR */
> > BODY_HANDLER *body_reader;
> > void *body_reader_data;
> > };
> >
> > Alright, you are done fixing the broken patch!
> now
> > go back to
> > /tmp/squid-2.5.STABLE9 and execute
> > 'bootstrap.sh'. Do not worry about any warnings
> or
> > errors you may get.
> > then run 'configure --help' and you should be able
> > to see you new option
> > --enable-follow-x-forwarded-for
> >
> > Just configure with your favourite options and run
> > make.
> >
The same fix is not working for squid-2.5.Stable11. I
think I need to change some more in structs.h.
Pls help me what to be changed in structs.h?
Sarav
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
