2012/5/2 E.S. Rosenberg <esr_at_g.jct.ac.il>:
> Hi,
> I just thought I'd share the script I have for the squid side, maybe
> someone finds it useful.
> I wrote in PHP because I wanted to use prepared statements and am most
> familiar with PDO.
>
> Now my logs have usernames but squid does not allow me to make
> proxy_auth acls since I have no auth mechanism configured (this
> particular squid instance is a museum piece - 2.6, soon to be
> replaced), if this issue also exists in squid 3.1 then how would I
> control users based on a username returned through an external ACL?
>
> Thanks,
> Eli
I stuck the script on my server, that makes an easier read then from
inside a mail:
http://kotk.nl/verifyIP.phps
Hope that helps,
Eli
>
> The code:
> #!/usr/bin/php
> <?php
> /*****
> * Developed for the Jerusalem College of Technology Computer Center
> by E.S. Rosenberg aka Keeper of the Keys
> * 2012/5772
> * Released on: 2/May/2012 - 10 Iyar 5772
> * License: GNU GPLv2
> ****
> * Short: external ACL helper for squid that allows associating
> usernames in a database with IPs.
> ****
> * Description:
> * This script is running in a never ending loop and reads an IP
> address from stdin.
> * It then queries a database about the username currently associated
> with that IP.
> * If a name is associated it returns "OK user=username".
> * Else it returns "ERR"
> ****
> * Depends:
> * - PHP5.x with PDO (tested & working on 5.1 but highly recommended to use 5.3+
> *****/
>
> $db['server'] = '';
> $db['db'] = '';
> $db['user'] = '';
> $db['passwd'] = '';
>
> try {
> $pdo_con = new
> PDO("mysql:host=".$db['server'].";dbname=".$db['db'], $db['user'],
> $db['passwd'], array(PDO::ATTR_PERSISTENT => true));
> }
> catch (PDOException $e) {
> echo "Error!: " . $e->getMessage() "\n";
> die();
> }
>
> //Prepare the Stored Procedure, so that it executes faster.
> //Our stored procedure is basically a select `username` where `ip` = ?
> $query = $pdo_con->prepare('call `db_name_here`.`procedure_name_here` ( ? )');
> $query->bindParam(1, $ip, PDO::PARAM_STR, 40);
>
> //Loop to answer squid.
> while(1) {
> $line = trim(fgets(STDIN));
> $ip = $line;
>
> $res = $query->execute();
>
> handle_PDO_error($query);
>
> if($res) {
> $res = $query->fetch(PDO::FETCH_ASSOC);
> }
> //Even though the result set should be just one row php seems to have
> a problem with prepared stored procedures...
> closeCursor($query);
>
> if(isset($res['user']) && $res['user'] != '') {
> echo $line[0] ." OK user=". $res['user'] ."\n";
> } else {
> echo "ERR\n";
> }
> }
>
> function handle_PDO_error($pdoObject) {
> if($pdoObject->errorCode() != '00000') {
> fwrite(STDERR, "Sorry, Database error: ". $pdoObject->errorCode() ."\n");
> fwrite(STDERR, var_dump($pdoObject->errorInfo()));
> }
> }
>
> /**
> * From: http://il.php.net/manual/en/pdostatement.closecursor.php
> * @param PDOStatement $oStm
> */
> function closeCursor($oStm) {
> do $oStm->fetchAll();
> while ($oStm->nextRowSet());
> }
> ?>
>
>
> 2012/4/10 akadimi <amine.kadimi_at_gmail.com>:
>> Hi Amos,
>>
>> Could you give me more details on your new session helper as soon as it
>> becomes available.
>>
>> Regards,
>>
>> --
>> View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/external-acl-code-examples-tp4424505p4546016.html
>> Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Wed May 02 2012 - 11:54:00 MDT
This archive was generated by hypermail 2.2.0 : Thu May 03 2012 - 12:00:02 MDT