<sect1>Changes to existing tags<label id="modifiedtags">
<p>
<descrip>
+ <tag>acl random</tag>
+ <p>New type <em>random</em>. Pseudo-randomly match requests based on a configured probability.
+
<tag>deny_info</tag>
<p>Support URL format tags. For dynamically generated URL in denial redirect.
#include "acl/PeerName.h"
#include "acl/ProtocolData.h"
#include "acl/Protocol.h"
+#include "acl/Random.h"
#include "acl/Referer.h"
#include "acl/RegexData.h"
#include "acl/ReplyHeaderStrategy.h"
ACLStrategised<const char *> ACLPeerName::RegistryEntry_(new ACLStringData, ACLPeerNameStrategy::Instance(), "peername");
ACL::Prototype ACLProtocol::RegistryProtoype(&ACLProtocol::RegistryEntry_, "proto");
ACLStrategised<protocol_t> ACLProtocol::RegistryEntry_(new ACLProtocolData, ACLProtocolStrategy::Instance(), "proto");
+ACL::Prototype ACLRandom::RegistryProtoype(&ACLRandom::RegistryEntry_, "random");
+ACLRandom ACLRandom::RegistryEntry_("random");
ACL::Prototype ACLReferer::RegistryProtoype(&ACLReferer::RegistryEntry_, "referer_regex");
ACLStrategised<char const *> ACLReferer::RegistryEntry_(new ACLRegexData, ACLRequestHeaderStrategy<HDR_REFERER>::Instance(), "referer_regex");
ACL::Prototype ACLReplyMIMEType::RegistryProtoype(&ACLReplyMIMEType::RegistryEntry_, "rep_mime_type");
ProtocolData.cc \
ProtocolData.h \
Protocol.h \
+ Random.cc \
+ Random.h \
Referer.cc \
Referer.h \
ReplyHeaderStrategy.h \
--- /dev/null
+/*
+ * DEBUG: section 28 Access Control
+ * AUTHOR: Amos Jeffries
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#include "squid.h"
+
+#include "acl/FilledChecklist.h"
+#include "acl/Random.h"
+#include "wordlist.h"
+
+ACL *
+ACLRandom::clone() const
+{
+ return new ACLRandom(*this);
+}
+
+ACLRandom::ACLRandom (char const *theClass) : data (NULL), class_ (theClass)
+{
+ memset(pattern, 0 , sizeof(pattern));
+}
+
+ACLRandom::ACLRandom (ACLRandom const & old) : data (old.data), class_ (old.class_)
+{
+ /* we don't have copy constructors for the data yet */
+ assert (!old.data);
+ memcpy(pattern, old.pattern, sizeof(pattern));
+}
+
+ACLRandom::~ACLRandom()
+{ }
+
+char const *
+ACLRandom::typeString() const
+{
+ return class_;
+}
+
+bool
+ACLRandom::empty () const
+{
+ return data == 0.0;
+}
+
+/*******************/
+/* aclParseRandomList */
+/*******************/
+void
+ACLRandom::parse()
+{
+ char *t = NULL;
+ char bufa[256], bufb[256];
+
+ t = strtokFile();
+ debugs(28, 5, "aclParseRandomData: " << t);
+
+ // seed random generator ...
+ srand(time(NULL));
+
+ if (sscanf(t, "%[0-9]:%[0-9]", bufa, bufb) == 2) {
+ int a = xatoi(bufa);
+ int b = xatoi(bufb);
+ if (a == 0 || b == 0) {
+ debugs(28, 0, "aclParseRandomData: Bad Pattern: '" << t << "'");
+ self_destruct();
+ } else
+ data = a / (double)(a+b);
+ } else if (sscanf(t, "%[0-9]/%[0-9]", bufa, bufb) == 2) {
+ int a = xatoi(bufa);
+ int b = xatoi(bufb);
+ if (a == 0 || b == 0) {
+ debugs(28, 0, "aclParseRandomData: Bad Pattern: '" << t << "'");
+ self_destruct();
+ } else
+ data = (double) a / (double) b;
+ } else if (sscanf(t, "0.%[0-9]", bufa) == 1) {
+ data = atof(t);
+ } else {
+ debugs(28, 0, "aclParseRandomData: Bad Pattern: '" << t << "'");
+ self_destruct();
+ }
+
+ // save the exact input pattern. so we can display it later.
+ memcpy(pattern, t, min(sizeof(pattern)-1,strlen(t)));
+}
+
+int
+ACLRandom::match(ACLChecklist *cl)
+{
+ // make up the random value
+ double random = ((double)rand() / (double)RAND_MAX);
+
+ debugs(28, 3, "ACL Random: " << name << " " << pattern << " test: " << data << " > " << random << " = " << ((data > random)?"MATCH":"NO MATCH") );
+ return (data > random)?1:0;
+}
+
+wordlist *
+ACLRandom::dump() const
+{
+ wordlist *w = NULL;
+ wordlistAdd(&w, pattern);
+ return w;
+}
--- /dev/null
+/*
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#ifndef SQUID_ACL_RANDOM_H
+#define SQUID_ACL_RANDOM_H
+
+#include "acl/Acl.h"
+#include "acl/Checklist.h"
+
+/// \ingroup ACLAPI
+class ACLRandom : public ACL
+{
+
+public:
+ MEMPROXY_CLASS(ACLRandom);
+
+ ACLRandom(char const *);
+ ACLRandom(ACLRandom const &);
+ ~ACLRandom();
+ ACLRandom&operator=(ACLRandom const &);
+
+ virtual ACL *clone()const;
+ virtual char const *typeString() const;
+ virtual void parse();
+ virtual int match(ACLChecklist *checklist);
+ virtual wordlist *dump() const;
+ virtual bool empty () const;
+
+protected:
+ static Prototype RegistryProtoype;
+ static ACLRandom RegistryEntry_;
+ double data; // value to be exceeded before this ACL will match
+ char pattern[256]; // pattern from config file. Used to generate 'data'
+ char const *class_;
+};
+
+MEMPROXY_CLASS_INLINE(ACLRandom);
+
+#endif /* SQUID_ACL_RANDOM_H */
# clients may appear to come from multiple addresses if they are
# going through proxy farms, so a limit of 1 may cause user problems.
+ acl aclname random probability
+ # Pseudo-randomly match requests. Based on the probability given.
+ # Probability may be written as a decimal (0.333), fraction (1/3)
+ # or ratio of matches:non-matches (3:5).
+
acl aclname req_mime_type [-i] mime-type ...
# regex match against the mime type of the request generated
# by the client. Can be used to detect file upload or some