Re: [squid-users] External C program

From: Bharath Raghavendran <rbharath25_at_gmail.com>
Date: Thu, 30 Apr 2009 10:00:36 +0530

2009/4/30 Julien Philibin <julien_at_philibin.fr>:
> Very interesting Bharath !!!
>
> What would be your advice to get my program working ?!
>
> Thanks

Unfortunately, I have no advice. I have made external ACLs using C++
and know how to handle this using the "cin" stream. With my knowledge
of C, the only thing I can think of is using file handling for stdin.
I am sure file handling should have ways to detect EOF (I need to
search net if you need more details :P )

127.0.0.1 or "localhost" is a connection to loopback interface which
is used to make connections to your own computer. If you have entered
the proxy address (assuming you are using squid as a proxy server) as
any of these two, your computer connects to squid using loopback
interface and hence your ip is shown up as 127.0.0.1.

You can avoid this by putting your actual IP in the proxy address.

-Bharath

2009/4/30 Julien Philibin <julien_at_philibin.fr>:
> And also, when I take a look at the source, I don't understand why
> sometimes I have 127.0.0.1 instead of my real IP showing up ... ?!
>
> Any clue ? I wasn't able to find anything about that on internet ...
>
> Thanks everybody
>
> On Wed, Apr 29, 2009 at 9:02 PM, Julien Philibin <julien_at_philibin.fr> wrote:
>> On Wed, Apr 29, 2009 at 1:22 AM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
>>> Julien Philibin wrote:
>>>>
>>>> Hi John,
>>>> thanks for your reply.
>>>>
>>>> I'll give a shot with your skeleton and see how things are going on ...
>>>>
>>>> On Tue, Apr 28, 2009 at 1:59 AM, John Doe <jdmls_at_yahoo.com> wrote:
>>>>>
>>>>> From: Julien Philibin <julien_at_philibin.fr>
>>>>>>
>>>>>> Hi, I've been trying to find a typical external ACL C program skeleton
>>>>>> for a while, but I wasn't able to find anything very interesting ...
>>>>>> What I would like to do, is to read to different strings and process
>>>>>> them in order to allow/disallow access to a website.
>>>>>> The thing is, after a while I get two processes that use around 10 Mb
>>>>>> of memory and 15% of my CPU ....
>>>>>> Also, if I restart squid, I'll get two more processes running and so
>>>>>> on, everytime I restart squid ...
>>>>>
>>>>> Personaly, I use fgets/fflush and I did not see any problem (memory leak,
>>>>> etc) so far...
>>>>> Something like:
>>>>>
>>>>> #define INPUTSIZE 4096
>>>
>>> FYI: I've just had to start bumping my own custom helpers to using 8196 or
>>> more for their buffers. Current Squid allow up to 8196 for URL length and
>>> many more for possible headers length so watch that on inputs.
>>>
>>>
>>>>> char input[INPUTSIZE];
>>>>> while (fgets(input, sizeof(input), stdin)) {
>>>>> if ((cp=strchr(input, '\n')) == NULL) {
>>>>> fprintf(stderr, "filter: input too big: %s\n", input);
>>>>> } else {
>>>>> *cp = '\0';
>>>>> }
>>>>> ...
>>>>> fflush(stderr);
>>>>> fflush(stdout);
>>>>> }
>>>>>
>>>>> Do you use any malloc or functions that malloc... and that would need a
>>>>> free?
>>>>
>>>> Yes I do, but I also free them (the memory usage doesn't change). I
>>>> also made a mistake, it is not 10Mb but 1 ...
>>>>
>>>>
>>>> THe only weird thing is that after a restart (of squid), it looks like
>>>> squid doesn't have any control anymore on the externals programs and
>>>> they (both of external programs) start to use a lot of CPU...
>>>>
>>>> Maybe it has something to do with stdin that was not flushed correctly
>>>> and creates an infinite loop or something ...
>>>
>>> Probably. Squid simply closes its connection to the pipes and abandons the
>>> old helper. Leaving the pipe close with a '\0' I believe.
>>> From the docs of scanf() I don't get a clear idea of the return value when
>>> empty string is received (is it 1/0/EOF?).
>>>
>>
>> I'll try to figure it out as soon as my helper is working properly :-)
>>
>>> Also scanf() you were using earlier has no concept of length and opens the
>>> possibility of buffer over-runs.
>>>
>>> Prefer fgets or snscanf() as input methods.
>>>
>>
>> Hi guys, so, I've been trying to implement the source code you gave to
>> me. I am running into an issue.
>>
>> my first string is supposed to be a source (lenght <= 16)
>> and the second one the URl of the website that the user is trying to access.
>>
>> When I use the fgets method: fgets(source, sizeof(source), stdin) it
>> doesn't work. if the Ip address is less than 15, the program simply
>> takes the beginning of the destination URL and everything goes wrong
>> ....
>>
>> So I was wondering what would you guys use ?
>>
>> sscanf(stdin, "%s", s);
>> or
>> scanf("%s", &source); //as I was doing before, and double check the
>> buffer's size
>> or
>> Something else?
>>
>> I have to admit, all this is confusing me a little bit :-)
>> There must be an easy/secure way to catch two strings from stdin ...
>>
>> Thanks for your time guys.
>>
>>> Amos
>>> --
>>> Please be using
>>> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
>>> Current Beta Squid 3.1.0.7
>>>
>>
>> Julien
>>
>
Received on Thu Apr 30 2009 - 04:30:46 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 30 2009 - 12:00:03 MDT