Simon Bryan wrote:
> could I do something like
> acl US src 'our ip address range'
> http_access deny !US
Yes.
> If so would this slow down Squid much?
No. src type ACLs with a few IP address ranges are very fast.
> Is Squid likely to slow noticeably from a large number of ACL's?
It very much depends on how you use them, and which types of ACLs.
> If so what would that large number be?
It depends. Anywhere in the range 2 to several thousand depending on acl
types and contents, and how you use them.
Squid uses short-circuit logic so in many cases it is possible to speed
up ACL processing by adding a few more ACL rules to bypass more complex
checks on common types of requests.
> BTW I have sorted out the time restrictions I was trying to do with
> CRON (they worked) but the acl time rules are much smoother,
> once you work out the sequence and the rules about ANDing and
> ORing!
Yes, isn't it. Any ideas on a good way to explain of how this AND/OR
works? There are many questions on how Squid ACLs work when combined,
and I have not found any good way to explain it other than that it is
simple AND/OR logic (the logic is simple, the effects are complex).
--- Henrik Nordstrom Spare time Squid hackerReceived on Wed Mar 17 1999 - 17:40:51 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:19 MST