I think it is better to translate this code to c. Contact me, having c will
give you speed and memory savings.
Le 13 nov. 2015 8:22 PM, "Jens Kallup" <jkal...@web.de> a écrit :
> Hello,
>
> I have problems to block web sites listet in mysql database.
> When i start the script below, it works, but squid3.4 give me log output;
>
> 2015/11/14 01:27:40 kid1| helperHandleRead: unexpected read from
> blockscript #Hlpr0, 3 bytes 'OK
>
> how can i fix that problem ?
>
> Thanks in advice
> Jens
>
> #!/usr/bin/php
> <?php
> $db = new mysqli("<server>", "<user>", "<password>", "<database>");
> if ($db->connect_error > 0) {
> die(fwrite(STDOUT,"ERR\n"));
> }
> while (!feof(STDIN))
> {
> $i = trim(fgets(STDIN));
> $s = explode(" ", $i);
> $dst = $s[0];
> $row = array();
> $query = "SELECT * FROM squid WHERE name = '$dst'";
> if ($res = $db->query($query)) {
> $row = $res->fetch_row();
> $rec = $res->num_rows;
> if (($row[2] == 1) || ($rec < 1))
> fwrite(STDOUT,"ERR\n"); else
> fwrite(STDOUT,"OK\n");
> $res->close();
> }
> }
> $db->close();
> ?>
>
>
> this is my squid.config
>
> auth_param basic program /usr/lib/squid3/basic_ncsa_auth /sap/squid/passwd
> auth_param basic children 4
> auth_param basic utf8 on
> auth_param basic realm Bitte geben Sie Ihren Benutzernamen und Passwort
> fuer die Internetberechtigung ein!
> auth_param basic credentialsttl 60 minutes
> auth_param basic casesensitive on
> external_acl_type blockscript %DST /usr/bin/php /sap/squid/block.php
> acl localnet src 192.168.178.7
> acl ncsa_users proxy_auth REQUIRED
> acl mysql_block external blockscript
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> # Deny requests to certain unsafe ports
> http_access deny !Safe_ports
> # Deny CONNECT to other than secure SSL ports
> http_access deny CONNECT !SSL_ports
> #
> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
> #
> http_access deny mysql_block
> http_access allow localhost ncsa_users
> http_access allow localnet ncsa_users
> # And finally deny all other access to this proxy
> http_access deny all
> http_port 3128
> cache_mgr jkal...@web.de
> cache_effective_user squid
> # We recommend you to use at least the following line.
> hierarchy_stoplist cgi-bin ?
> cache_dir ufs /sap/var/spool/squid 64 16 128
> cache_access_log /sap/squid/log/access.log
> cache_log /sap/squid/log/cache.log
> cache_store_log /sap/squid/log/store.log
> # Leave coredumps in the first cache dir
> coredump_dir /sap/var/spool/squid
> # Add any of your own refresh_pattern entries above these.
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
> refresh_pattern . 0 20% 4320
> logformat squid %tl.%03tu %6tr %>a %un %Ss/%03>Hs %<st %rm %ru %Sh/%<A %mt
>
> _______________________________________________
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
