/*
- * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
+ * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
#include "acl/FilledChecklist.h"
#include "client_side.h"
#include "comm/Connection.h"
+#include "http/Stream.h"
#include "HttpRequest.h"
#include "SquidConfig.h"
-ACLFlag ACLDestinationIP::SupportedFlags[] = {ACL_F_NO_LOOKUP, ACL_F_END};
-
char const *
ACLDestinationIP::typeString() const
{
return "dst";
}
+const Acl::Options &
+ACLDestinationIP::options()
+{
+ static const Acl::BooleanOption LookupBan;
+ static const Acl::Options MyOptions = { { "-n", &LookupBan } };
+ LookupBan.linkWith(&lookupBanned);
+ return MyOptions;
+}
+
int
ACLDestinationIP::match(ACLChecklist *cl)
{
// To resolve this we will force DIRECT and only to the original client destination.
// In which case, we also need this ACL to accurately match the destination
if (Config.onoff.client_dst_passthru && (checklist->request->flags.intercepted || checklist->request->flags.interceptTproxy)) {
- assert(checklist->conn() && checklist->conn()->clientConnection != NULL);
- return ACLIP::match(checklist->conn()->clientConnection->local);
+ const auto conn = checklist->conn();
+ return (conn && conn->clientConnection) ?
+ ACLIP::match(conn->clientConnection->local) : -1;
}
- if (flags.isSet(ACL_F_NO_LOOKUP)) {
+ if (lookupBanned) {
if (!checklist->request->url.hostIsNumeric()) {
debugs(28, 3, "No-lookup DNS ACL '" << AclMatchedName << "' for " << checklist->request->url.host());
return 0;
if (ia) {
/* Entry in cache found */
- for (int k = 0; k < (int) ia->count; ++k) {
- if (ACLIP::match(ia->in_addrs[k]))
+ for (const auto ip: ia->goodAndBad()) {
+ if (ACLIP::match(ip))
return 1;
}
projects / thirdparty / squid.git / blobdiff