I wanted a referer acl for my rev-proxy. If anyone else wants it, here's
a patch against 2.4s3. It should apply to 2.5 without too much pain and
suffering.
-- Brian
diff -ur squid-2.4.STABLE3/src/acl.c squid-2.4.STABLE3.new/src/acl.c
--- squid-2.4.STABLE3/src/acl.c Tue Aug 21 01:55:47 2001
+++ squid-2.4.STABLE3.new/src/acl.c Thu Dec 20 23:39:53 2001
@@ -194,6 +194,10 @@
return ACL_METHOD;
if (!strcmp(s, "browser"))
return ACL_BROWSER;
+ if (!strcmp(s, "referer"))
+ return ACL_REFERER;
+ if (!strcmp(s, "referrer"))
+ return ACL_REFERER;
if (!strcmp(s, "proxy_auth"))
return ACL_PROXY_AUTH;
if (!strcmp(s, "proxy_auth_regex"))
@@ -258,6 +262,8 @@
return "method";
if (type == ACL_BROWSER)
return "browser";
+ if (type == ACL_REFERER)
+ return "referer";
if (type == ACL_PROXY_AUTH)
return "proxy_auth";
if (type == ACL_PROXY_AUTH_REGEX)
@@ -719,6 +725,7 @@
case ACL_URL_REGEX:
case ACL_URLPATH_REGEX:
case ACL_BROWSER:
+ case ACL_REFERER:
case ACL_SRC_DOM_REGEX:
case ACL_DST_DOM_REGEX:
aclParseRegexList(&A->data);
@@ -1485,6 +1492,12 @@
return 0;
return aclMatchRegex(ae->data, browser);
/* NOTREACHED */
+ case ACL_REFERER:
+ header = httpHeaderGetStr(&checklist->request->header,
HDR_REFERER);
+ if (NULL == header)
+ return 0;
+ return aclMatchRegex(ae->data, header);
+ /* NOTREACHED */
case ACL_PROXY_AUTH:
case ACL_PROXY_AUTH_REGEX:
if (NULL == r) {
@@ -1933,6 +1946,7 @@
case ACL_URL_REGEX:
case ACL_URLPATH_REGEX:
case ACL_BROWSER:
+ case ACL_REFERER:
case ACL_SRC_DOM_REGEX:
case ACL_DST_DOM_REGEX:
aclDestroyRegexList(a->data);
@@ -2257,6 +2271,7 @@
case ACL_URL_REGEX:
case ACL_URLPATH_REGEX:
case ACL_BROWSER:
+ case ACL_REFERER:
case ACL_SRC_DOM_REGEX:
case ACL_DST_DOM_REGEX:
return aclDumpRegexList(a->data);
diff -ur squid-2.4.STABLE3/src/cf.data.pre
squid-2.4.STABLE3.new/src/cf.data.pre--- squid-2.4.STABLE3/src/cf.data.pre
Wed Apr 4 03:01:12 2001
+++ squid-2.4.STABLE3.new/src/cf.data.pre Thu Dec 20 23:44:28 2001
@@ -1624,7 +1624,7 @@
when using "file", the file should contain one item per line
acltype is one of src dst srcdomain dstdomain url_pattern
- urlpath_pattern time port proto method browser user
+ urlpath_pattern time port proto method browser referer user
By default, regular expressions are CASE-SENSITIVE. To make
them case-insensitive, use the -i option.
@@ -1661,6 +1661,9 @@
acl aclname method GET POST ...
acl aclname browser [-i] regexp
# pattern match on User-Agent header
+ acl aclname referer [-i] regexp
+ # pattern match on Referer header
+ # Referer is highly unreliable, so use with care
acl aclname ident username ...
acl aclname ident_regex [-i] pattern ...
# string match on ident output.
diff -ur squid-2.4.STABLE3/src/enums.h squid-2.4.STABLE3.new/src/enums.h
--- squid-2.4.STABLE3/src/enums.h Thu Jan 11 19:51:47 2001
+++ squid-2.4.STABLE3.new/src/enums.h Thu Dec 20 23:31:30 2001
@@ -113,6 +113,7 @@
ACL_PROTO,
ACL_METHOD,
ACL_BROWSER,
+ ACL_REFERER,
ACL_PROXY_AUTH,
ACL_PROXY_AUTH_REGEX,
ACL_SRC_ASN,
Received on Thu Dec 20 2001 - 23:30:45 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:27 MST