On 9/07/2012 9:32 p.m., ml ml wrote:
Hello List,
i am using a perl script for ACL like this:
external_acl_type ldap_surfer negative_ttl=60 ttl=60 children=200
%DST %SRC /etc/squid/ldap_default_allow.pl
acl ldap_users external ldap_surfer
http_access allow ldap_users
However, after a squid upgrade from squid-3.1.0.14 to squid-3.1.19 i
am getting DENIED request. When i turn on ACL Debug i seee this:
ACL::ChecklistMatches: result for 'ldap_users' is -1
-1 means waiting for a reply from the helper. There should be a followup
check with 0/1 result when Squid actually receives the helper reply.
My /etc/squid/ldap_default_allow.pl perl script might not be the best
( i am doing some ldap and mysql stuff in there), so i modified it to
a very simple script:
#!/usr/bin/perl
use strict;
$|=1;
while(defined(my $INPUT = <STDIN>)) {
print "OK\n";
next;
}
I have about 300 Clients and the traffic is quite high. I have the
feeling that squid or the script is not very efficent.
Can i use concurrency=X here with this perl script? Am i using the
syntax right? Or am i doing anything wrong?
That is correct for a non-concurrent always-OK helper.
concurrency would be better if you can add it. But for figuring out what
is wrong what you have seems fine, although I've not seen that variable
defined in while() parameter syntax before so can't say myself if there
is anything right or wrong about it.
I recommend adding a -d flag to your helper that produces debugging
messages about what it is doing on stderr.
Amos
