Francois Goudal wrote:
Hi,
I'm trying to make a setup with several squid proxies :
All my clients are making their requests to the main proxy, I will call
it proxy_1 here.
Then I have 2 other proxies : proxy_2 and proxy_3 that are never queried
directly by the clients, they are supposed to be used as cache_peer by
proxy_1.
I want proxy_1 to forward the requests to either proxy_2 or proxy_3
depending on a specific condition based on the source IP address.
So I want to use an external acl helper script to determine if the
client matches the condition or not.
I have written a dummy test helper script in /root/test.sh :
#!/bin/sh
while read line; do
echo $line >> /tmp/log_helper
echo OK
done
And my squid.conf is basically:
external_acl_type testacl %SRC /root/test.sh
acl test1 dstdom_regex google
acl test2 external testacl
cache_peer proxy_2 parent 3128 0 proxy-only
cache_peer proxy_3 parent 3128 0 proxy-only
cache_peer_access proxy_2 allow test1
cache_peer_access proxy_3 allow test2
never_direct allow all
When I start squid with this setup, I can see in the process tree that
it starts 10 instances of test.sh
If I make a http://www.google.com query to this proxy, then the acl
test1 is matched and the query is directed to proxy_2 and it succeeds.
But if I make a http://www.yahoo.com query to this proxy, then it
shouldn't match the test1 acl, and then try the test2 acl, which would
mean providing the client's IP address to the helper script, which would
reply OK, and then the query should be directed to proxy_3.
But as a matter of fact, this query fails with a 503 Service Unavailable.
I don't understand why squid is not writing anything to the helper
script, to try to match the test2 acl.
I would appreciate some help to figure this out, I'm out of ideas :-/
Best regards.
a) You may need to echo a newline explicitly:
echo "OK\n"
b) Does the helper have write permissions to create or append to the log
file when its run as the squid user?
c) what does cache.log say about the time of the test request?
Hint: When this is going consider the concurrency, ttl, and
negative_ttl options for extra performance.
Amos
--
Please use Squid 2.7.STABLE4 or 3.0.STABLE9
