[squid-users] external_acl_type not working on Squid Cache: Version 3.5.5

Mon Aug 24 00:17:06 UTC 2015

I have been trying to test squid but it doesn't seems to be working. The
closest example I studied are:

http://etutorials.org/Server+Administration/Squid.+The+definitive+guide/Chapter+12.+Authentication+Helpers/12.5+External+ACLs/
http://www.stress-free.co.nz/transparent_squid_authentication_to_edirectory
but none of it works.

>From the simple test, I did on the following:

The print "ERR" supposed to have an out put at the cache.log, but I din't
see anything appearing
Neither I change the "ERR" nor "OK", there is no effect on the access.
I just want a simple test, if set to print "ERR" then stop user to proceed,
if "OK" then proceed.

The error message in cache.log
2015/07/28 11:45:56 kid1| helperHandleRead: unexpected reply on channel 0
from mysql_log #Hlpr17 ''

squid.conf is:

auth_param basic program /usr/lib64/squid/basic_ldap_auth -v 3 -b
"dc=xxx,dc=edu.xx" -D "cn=Manager,dc=xxx,dc=edu.xx"  -w passwd -f uid=%s
ldap.xxx.edu.xx:389

acl ldap-auth proxy_auth REQUIRED
auth_param basic children 5
auth_param basic realm Web Proxy Server
auth_param basic credentialsttl 1 minute

external_acl_type mysql_log %SRC %LOGIN %{Host} /home/squid/quota_helper.pl
acl ex_log external mysql_log
http_access allow ex_log
....
http_access allow ldap-auth
http_access allow localnet
http_access allow localhost
http_access deny all
quota_helper.pl is:

#!/usr/bin/perl -wl

$|=1;
while(<STDIN>){
print "ERR";
}
[root at localhost ~]# squid -v shows:

Squid Cache: Version 3.5.5
Service Name: squid
configure options:  '--build=x86_64-redhat-linux-gnu'
'--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr'
'--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin'
'--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include'
'--libdir=/usr/lib64' '--libexecdir=/usr/libexec'
'--sharedstatedir=/var/lib' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--exec_prefix=/usr'
'--libexecdir=/usr/lib64/squid' '--localstatedir=/var'
'--datadir=/usr/share/squid' '--sysconfdir=/etc/squid'
'--with-logdir=$(localstatedir)/log/squid'
'--with-pidfile=$(localstatedir)/run/squid.pid'
'--disable-dependency-tracking' '--enable-follow-x-forwarded-for'
'--enable-auth'
'--enable-auth-basic=DB,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB,getpwnam'
'--enable-auth-ntlm=smb_lm,fake' '--enable-auth-digest=file,LDAP'
'--enable-auth-negotiate=kerberos,wrapper'
'--enable-external-acl-helpers=wbinfo_group,kerberos_ldap_group'
'--enable-cache-digests' '--enable-cachemgr-hostname=localhost'
'--enable-delay-pools' '--enable-epoll' '--enable-icap-client'
'--enable-ident-lookups' '--enable-linux-netfilter'
'--enable-removal-policies=heap,lru' '--enable-snmp'
'--enable-storeio=aufs,diskd,ufs,rock' '--enable-wccpv2' '--enable-esi'
'--enable-ssl-crtd' '--enable-icmp' '--with-aio'
'--with-default-user=squid' '--with-filedescriptors=16384' '--with-dl'
'--with-openssl' '--with-pthreads' '--with-included-ltdl'
'--disable-arch-native' '--without-nettle'
'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu'
'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches
-m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ' 'CXXFLAGS=-O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong
--param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic
-fPIC'
'PKG_CONFIG_PATH=%{_PKG_CONFIG_PATH}:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
--enable-ltdl-convenience
[root at localhost ~]#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150824/06e14b0f/attachment-0001.html>