Hi all,
[Please CC me in replies, I am currently not subscribed to this list.]
First a short introduction of the project I am currently working on: I
am the main developer of Gibraltar, a Debian GNU/Linux based firewall
bootable from a live CD-ROM. There is a commercial version with easy to
use web interface, but also a free version (including commercial
in-house uses) available for download.
For the next major release I would like to add HTTP content scanning
support, including anti-virus scanning. Although there are many
special-purpose proxies for that (e.g. privoxy), I decided that squid is
definitely the better solution for a firewall. It's fast and lightweight
enough in terms of memory usage and has many great features for
authenticating users (e.g. NTLM). Unfortunately, in 2.5 there seems to
be no support for content filtering.
Therefore, I am currently trying to forward-port the filter patches from
http://sites.inka.de/sites/bigred/devel/squid-filter.html and will put
that work up on my server as soon as the porting is finished. It hasn't
been updated since about a year and he last post I could locate is
http://www1.cn.squid-cache.org/mail-archive/squid-dev/200203/0137.html .
Olaf, are you already working on a port ? I could not find a notice on
the webpage.
If necessary, I would also be willing to act as a maintainer for the
filtering code and update it for new squid releases (if Olaf is no
longer interested or does currently not have time for it - thanks for
the good work until now!) or integrate it upstream if that is desired.
Now, after a lengthy intro, my real problem :)
Although I have adapted everything to the new cbdata interface and have
it building and loading correctly, I get a runtime assertion when at
least one of the filter modules is loaded and it gets active (i.e.
starting squid with a filter plugin and sitting there idle is ok, but
the first requests will cause the assertion).
==> /var/log/squid/cache.log <==
2004/01/28 20:05:46| assertion failed: cbdata.c:185: "c->y == c"
It of course recovers by restarting. Before failing, a few requests are
actually served and I have not yet tracked down what exactly triggers
the assertion. However, I am quite sure that I have messed up badly when
porting the code for the cbdata usage. I just tried to read other code
that uses the CBDATA macros and mimic that usage. Attached is the
module.c file with the commented out, old calls and my ported calls to
the new interface. If any squid wizard/hacker/guru could give me a hint
on how to use it correctly or where I have messed up, I would really
appreciate it. If I have done something incredibly stupid, please
forgive me as I just had my first 3 hours with squid source code.
Slapping with a clue bat is ok :)
The modified lines around 79ff, 87, 206 and 532.
with best regards,
Rene
/*
* DEBUG: section 92 Module loader and hooks
* AUTHOR: Olaf Titz
* MODIFIED BY: Rene Mayrhofer (ported to squid 2.5X, 2004-01)
*
* SQUID Internet Object Cache http://squid.nlanr.net/Squid/
* --
*
* Squid is the result of efforts by numerous individuals from the
* Internet community. Development is led by Duane Wessels of the
* National Laboratory for Applied Network Research and funded by the
* National Science Foundation. Squid is Copyrighted (C) 1998 by
* Duane Wessels and the University of California San Diego. Please
* see the COPYRIGHT file for full details. Squid incorporates
* software developed and/or copyrighted by other sources. Please see
* the CREDITS file for full details.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*
*/
#include "squid.h"
#include "module.h"
/* -- Module loader, definitions -- */
/* This defines a common API between the Sun libdl and HP libdld.
We use shl_t for library handles and
void xdlsym(void **result, shl_t handle, const char *name);
instead of dlsym().
The rest follows the Sun API.
*/
#ifdef HAVE_LIBDL
#include
/* Solaris/Linux/etc. */
typedef void *shl_t;
#define xdlsym(r, h, s) (r)=dlsym((h), (s))
#else
#ifdef HAVE_LIBDLD
#include
/* HPUX */
#define RTLD_NOWBIND_IMMEDIATE
#define RTLD_LAZY