[squid-users] (about external_acl_type problem ) two people can't login and access internet together

johnzeng johnzeng2013 at yahoo.com
Wed Mar 18 04:54:43 UTC 2015


Hello All

Whether ttl=50 (value) is too low , Maybe i will update ttl value to
ttl=3600 cache=1048576 .

i have a question still , Whether cached results for external_acl is
reponse from helper program ?

for example :

if FORMAT is %SRC , and helper progrm return "OK\n" ,

and external_acl_type tell squid to cache suitable %SRC ( for example :
client is 192.168.0.21 ,and will cache 192.168.0.21 into Cache valued )

if helper progrm return "ERR\n" ,

won't cache any value or cache src ip into cached negative valued ...


Whether My understanding is correct ?

	  external_acl_type name [options] FORMAT.. /path/to/helper [helper arguments..]

	Options:

	  ttl=n		TTL in seconds for cached results (defaults to 3600
	  		for 1 hour)

	  negative_ttl=n
	  		TTL for cached negative lookups (default same
	  		as ttl)



	  cache=n	Limit the result cache size, default is 262144.
			The expanded FORMAT value is used as the cache key, so
			if the details in FORMAT are highly variable a larger
			cache may be needed to produce reduction in helper load.




http://www.squid-cache.org/Versions/v3/3.5/cfgman/external_acl_type.html


Hello All:

i test splash portal via external_acl_type ...

Although the first people succeed to login and can access internet , but
when second people succeed to login and can access internet ,

and the firest people have to login again . when the firest people
succeed to login and can access internet ,

second people have to login again .


my meaning is : There's only one person who can access internet at same
time



I guess [channel-ID] is error at my config , but i can't confirm.


if concurrency=10

how to identify or find correct [channel-ID] ,

and

Whether return value format is correct for squid ?

for example

fwrite(STDOUT, $stream_id." ERR\n");



If possible , please give me some advisement .



http://wiki.squid-cache.org/Features/AddonHelpers#Access_Control_.28ACL.29
http://wiki.squid-cache.org/EliezerCroitoru/SessionHelper

--------Squid.conf ---------------

external_acl_type session ipv4 concurrency=10 ttl=50 %SRC
/accerater/webgui/public/wifiportal/logincheck.php
acl session_login external session
acl splash_page url_regex -i ^http://192.168.0.198/wifiportal/index.html

deny_info http://192.168.0.198/wifiportal/index.html session_login

http_access allow splash_page
http_access deny !session_login

--------------Helper program config ( php )-----------------

while (!feof(STDIN))
{
$stream_line = trim(fgets(STDIN));
$stream_array = split("[ ]+", $stream_line);
$stream_ip = trim($stream_array[1]);
$stream_id = trim($stream_array[0]);

.........

fwrite(STDOUT, $stream_id." ERR\n");

................

fwrite(STDOUT, $stream_id." OK\n");






More information about the squid-users mailing list