And also, when I take a look at the source, I don't understand why
sometimes I have 127.0.0.1 instead of my real IP showing up ... ?!
Any clue ? I wasn't able to find anything about that on internet ...
Thanks everybody
On Wed, Apr 29, 2009 at 9:02 PM, Julien Philibin <julien@xxxxxxxxxxx> wrote:
> On Wed, Apr 29, 2009 at 1:22 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
>> Julien Philibin wrote:
>>>
>>> Hi John,
>>> thanks for your reply.
>>>
>>> I'll give a shot with your skeleton and see how things are going on ...
>>>
>>> On Tue, Apr 28, 2009 at 1:59 AM, John Doe <jdmls@xxxxxxxxx> wrote:
>>>>
>>>> From: Julien Philibin <julien@xxxxxxxxxxx>
>>>>>
>>>>> Hi, I've been trying to find a typical external ACL C program skeleton
>>>>> for a while, but I wasn't able to find anything very interesting ...
>>>>> What I would like to do, is to read to different strings and process
>>>>> them in order to allow/disallow access to a website.
>>>>> The thing is, after a while I get two processes that use around 10 Mb
>>>>> of memory and 15% of my CPU ....
>>>>> Also, if I restart squid, I'll get two more processes running and so
>>>>> on, everytime I restart squid ...
>>>>
>>>> Personaly, I use fgets/fflush and I did not see any problem (memory leak,
>>>> etc) so far...
>>>> Something like:
>>>>
>>>> #define INPUTSIZE 4096
>>
>> FYI: I've just had to start bumping my own custom helpers to using 8196 or
>> more for their buffers. Current Squid allow up to 8196 for URL length and
>> many more for possible headers length so watch that on inputs.
>>
>>
>>>> char input[INPUTSIZE];
>>>> while (fgets(input, sizeof(input), stdin)) {
>>>> if ((cp=strchr(input, '\n')) == NULL) {
>>>> fprintf(stderr, "filter: input too big: %s\n", input);
>>>> } else {
>>>> *cp = '\0';
>>>> }
>>>> ...
>>>> fflush(stderr);
>>>> fflush(stdout);
>>>> }
>>>>
>>>> Do you use any malloc or functions that malloc... and that would need a
>>>> free?
>>>
>>> Yes I do, but I also free them (the memory usage doesn't change). I
>>> also made a mistake, it is not 10Mb but 1 ...
>>>
>>>
>>> THe only weird thing is that after a restart (of squid), it looks like
>>> squid doesn't have any control anymore on the externals programs and
>>> they (both of external programs) start to use a lot of CPU...
>>>
>>> Maybe it has something to do with stdin that was not flushed correctly
>>> and creates an infinite loop or something ...
>>
>> Probably. Squid simply closes its connection to the pipes and abandons the
>> old helper. Leaving the pipe close with a '\0' I believe.
>> From the docs of scanf() I don't get a clear idea of the return value when
>> empty string is received (is it 1/0/EOF?).
>>
>
> I'll try to figure it out as soon as my helper is working properly :-)
>
>> Also scanf() you were using earlier has no concept of length and opens the
>> possibility of buffer over-runs.
>>
>> Prefer fgets or snscanf() as input methods.
>>
>
> Hi guys, so, I've been trying to implement the source code you gave to
> me. I am running into an issue.
>
> my first string is supposed to be a source (lenght <= 16)
> and the second one the URl of the website that the user is trying to access.
>
> When I use the fgets method: fgets(source, sizeof(source), stdin) it
> doesn't work. if the Ip address is less than 15, the program simply
> takes the beginning of the destination URL and everything goes wrong
> ....
>
> So I was wondering what would you guys use ?
>
> sscanf(stdin, "%s", s);
> or
> scanf("%s", &source); //as I was doing before, and double check the
> buffer's size
> or
> Something else?
>
> I have to admit, all this is confusing me a little bit :-)
> There must be an easy/secure way to catch two strings from stdin ...
>
> Thanks for your time guys.
>
>> Amos
>> --
>> Please be using
>> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
>> Current Beta Squid 3.1.0.7
>>
>
> Julien
>
