<p dir="ltr">I think it is better to translate this code to c. Contact me, having c will give you speed and memory savings.</p>
<div class="gmail_quote">Le 13 nov. 2015 8:22 PM, "Jens Kallup" <<a href="mailto:jkallup@web.de">jkallup@web.de</a>> a écrit :<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
<br>
I have problems to block web sites listet in mysql database.<br>
When i start the script below, it works, but squid3.4 give me log output;<br>
<br>
2015/11/14 01:27:40 kid1| helperHandleRead: unexpected read from blockscript #Hlpr0, 3 bytes 'OK<br>
<br>
how can i fix that problem ?<br>
<br>
Thanks in advice<br>
Jens<br>
<br>
#!/usr/bin/php<br>
<?php<br>
$db = new mysqli("<server>", "<user>", "<password>", "<database>");<br>
if ($db->connect_error > 0) {<br>
die(fwrite(STDOUT,"ERR\n"));<br>
}<br>
while (!feof(STDIN))<br>
{<br>
$i = trim(fgets(STDIN));<br>
$s = explode(" ", $i);<br>
$dst = $s[0];<br>
$row = array();<br>
$query = "SELECT * FROM squid WHERE name = '$dst'";<br>
if ($res = $db->query($query)) {<br>
$row = $res->fetch_row();<br>
$rec = $res->num_rows;<br>
if (($row[2] == 1) || ($rec < 1))<br>
fwrite(STDOUT,"ERR\n"); else<br>
fwrite(STDOUT,"OK\n");<br>
$res->close();<br>
}<br>
}<br>
$db->close();<br>
?><br>
<br>
<br>
this is my squid.config<br>
<br>
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /sap/squid/passwd<br>
auth_param basic children 4<br>
auth_param basic utf8 on<br>
auth_param basic realm Bitte geben Sie Ihren Benutzernamen und Passwort fuer die Internetberechtigung ein!<br>
auth_param basic credentialsttl 60 minutes<br>
auth_param basic casesensitive on<br>
external_acl_type blockscript %DST /usr/bin/php /sap/squid/block.php<br>
acl localnet src 192.168.178.7<br>
acl ncsa_users proxy_auth REQUIRED<br>
acl mysql_block external blockscript<br>
acl SSL_ports port 443<br>
acl Safe_ports port 80 # http<br>
acl Safe_ports port 21 # ftp<br>
acl Safe_ports port 443 # https<br>
acl Safe_ports port 70 # gopher<br>
acl Safe_ports port 210 # wais<br>
acl Safe_ports port 1025-65535 # unregistered ports<br>
acl Safe_ports port 280 # http-mgmt<br>
acl Safe_ports port 488 # gss-http<br>
acl Safe_ports port 591 # filemaker<br>
acl Safe_ports port 777 # multiling http<br>
acl CONNECT method CONNECT<br>
# Deny requests to certain unsafe ports<br>
http_access deny !Safe_ports<br>
# Deny CONNECT to other than secure SSL ports<br>
http_access deny CONNECT !SSL_ports<br>
#<br>
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS<br>
#<br>
http_access deny mysql_block<br>
http_access allow localhost ncsa_users<br>
http_access allow localnet ncsa_users<br>
# And finally deny all other access to this proxy<br>
http_access deny all<br>
http_port 3128<br>
cache_mgr <a href="mailto:jkallup@web.de" target="_blank">jkallup@web.de</a><br>
cache_effective_user squid<br>
# We recommend you to use at least the following line.<br>
hierarchy_stoplist cgi-bin ?<br>
cache_dir ufs /sap/var/spool/squid 64 16 128<br>
cache_access_log /sap/squid/log/access.log<br>
cache_log /sap/squid/log/cache.log<br>
cache_store_log /sap/squid/log/store.log<br>
# Leave coredumps in the first cache dir<br>
coredump_dir /sap/var/spool/squid<br>
# Add any of your own refresh_pattern entries above these.<br>
refresh_pattern ^ftp: 1440 20% 10080<br>
refresh_pattern ^gopher: 1440 0% 1440<br>
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0<br>
refresh_pattern . 0 20% 4320<br>
logformat squid %tl.%03tu %6tr %>a %un %Ss/%03>Hs %<st %rm %ru %Sh/%<A %mt<br>
<br>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
</blockquote></div>