Hello all... I would really appreciate some help. So I have written an external acl helper in C++ that talks to a REST API that I developed. Here is a github link (don't worry, it is pretty short, and the only parts you need to look at are lines 46, 52, 58 and 60):
https://github.com/e2guardian-angel/squid-acl-category-helper/blob/main/category_host.cpp I have it all configured in my squid.conf: external_acl_type host_category_helper %ACL %DST /usr/local/bin/squidhelpers/host_category_helper acl searchengines external host_category_helper ... ssl_bump bump searchengines ssl_bump none all and as far as I can tell, it is working: search engines are being matched (for the most part) and decrypted, as expected, and nothing else is being decrypted. However, I am seeing a million of the following lines: 2021/05/08 02:04:57| helperHandleRead: unexpected read from host_category_helper #Hlpr6, 4 bytes 'ERR I notice it only seems to be happening for the ERR (no match), I don't see it for the OK (match). I googled this issue and see a lot of threads here about making sure there is only one line of output per line of input. I am definitely seeing this when I just run the helper manually: $ docker exec -it squid /usr/local/bin/squidhelpers/host_category_helper searchengines google.com OK searchengines facebook.com ERR searchengines imdb.com ERR So it seems that it should be working as expected. I don't see any other newlines. I saw also some snippet about concurrency being an issue, this could be the case, since I did see this one-off in the squid output: 2021/05/08 02:04:59| helperHandleRead: unexpected read from host_category_helper #Hlpr6, 8 bytes 'ERR ERR ' But this doesn't make sense to me since only one helper appears to be running: 2021/05/08 01:52:04| helperOpenServers: Starting 1/5 'host_category_helper' processes Is there anything glaring here that could be the issue? Is it indeed a concurrency problem? I would have assumed that each helper (there are 5 of them) would have their own stdin/stdout and be writing to/from it rather than everyone at once. It also seems a little suspicious that I am only seeing this for ERR, not OK... you are supposed to print ERR when there is not a match, correct? Any help would be greatly appreciated... I am getting so close to having this fully functional. -Justin
_______________________________________________ squid-users mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-users
