Re: [PATCH] [2.5] external_acl_type cannot deal with client's source port

[Henrik Nordstrom]

Thanks for the patch but I am sorry to say this is a duplicated effort.

Please see

  http://devel.squid-cache.org/projects.html#external_acl_fuzzy
and
  http://devel.squid-cache.org/external_acl/

This work includes

  - %SRCPORT and a few other similar external_acl_format tags needed for 
this kind of operations.

  - An ident based external acl helper

  - A special cache mode for caching the ident reply and reuse it for all
requests from the same client IP (optional, indended for use in Windows 
and other single-user environments).

The new external_acl_type format tags has already been merged into
Squid-3.  The special cache mode has not yet been merged as it needs to be
generalized a little more to fulfill the final goal of this feature.

Regards
Henrik

On Thu, 22 Jul 2004, Vincent Deffontaines wrote:

 Greetings!
 
 In the scope of the NuFW (http://www.nufw.org) project, I am working on
 building Single Sign On modules for open source projects.
 
 Right now, only an Apache module exists, but the Squid module is on the
 way, and will be available very soon, thanks to the external acl features.
 
 There is though a small problem in this design : for proper SSO, the Nufw
 auth module needs to know about the source port of the client which
 performed the request. Right now external_acl_type does not allow for this
 information to be passed.
 
 This is what this (minimal) patch is about : add usability of %SRCPORT to
 the FORMAT string of the external_acl_type directive.
 
 Attached are also patches for cf.data.pre and squid.conf.default, so that
 things in the package are all up to date. If you accept this patch, you'll
 probably want to update
 http://devel.squid-cache.org/external_acl/config.html as well.
 
 This patch is against 2.5.5.
 
 I will post another patch, for 3.0-PRE3, in the next few days.
 And I will announce to this list the availability of the Nufw external acl
 program, with the hope some people here will be interested in testing Nufw
 and its SSO capabilities.
 
 Please Cc: any reply to me, as I am not a list subscriber.
 Your comments, flames or questions will be welcome.
 
 
 Regards,
 
 
 Vincent
 
 

Re: Redirection based on http header

[Henrik Nordstrom]

On Wed, 21 Jul 2004, Ram Kumar Gandhapuneni wrote:

 I am a novice squid developer. I am trying to make modifications to
 the code in the client_side to do the redirection based on http header of
 the requests.

Please describe a little more in detail what it is you want to do (the 
purpose, not all technical details). It may be possible there is simpler
approaches to solve your problem.

 I saw a thread with suggestions to start at redirectStart. It would be
 great if anybody can give me more elaborate description of how to do
 this..

Not sure I follow.. but with some more details on what it is you want to 
do and why maybe the picture will be clearer?

Regards
Henrik