Search squid archive

Re: Squid not sending input into external_acl_type helper script

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Eeehhhh, you were right.

It was a configuration directive. Even though putting 'http_access deny all' didn't fix the issue, I was able to make the loop run by commenting out the following configuration directives:

acl authenticated proxy_auth REQUIRED
http_access allow authenticated

Completely didn't realize they were preventing Squid from passing input into the script.

Thanks Alex!

Adrian
On Saturday, September 26, 2020, 10:17:53 AM CDT, Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> wrote:


On 9/25/20 4:28 PM, Ajb B wrote:

> So I have a external_acl_type helper script and it's not reading input
> from Squid.
>
> Here it is:
>
> redis-cli HSET 'test' data 'SCRIPT DID RUN' >/dev/null
>
> while read -s line; do
>   redis-cli HSET 'test' data 'LOOP STARTED ' >/dev/null
>   printf '%s\n' 'OK'
> done
>
> And here are my Squid configuration directives:
>
> external_acl_type ex_parent_proxy %LOGIN /etc/squid/squid-access-control.sh
> acl parent_proxy_1 external ex_parent_proxy
> http_access allow parent_proxy_1
>
> When I test it out, the 'SCRIPT DID RUN' value does get set in the
> database. However, 'LOOP STARTED' does not. Any idea why?


Perhaps access is granted (or denied) by an earlier http_access rule?

If no test transactions are currently denied, then, to test the above
theory, you can add an "http_access deny all" rule immediately
before/above your "http_access allow parent_proxy_1" rule and see
whether Squid starts denying any test transactions. If it does not, the
theory is probably correct.

Alex.

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux