On Tue, Feb 01, 2000 at 01:33:28PM +1100, Marc-Adrian Napoli wrote:
> How many domains do you have listed there? We have quite a few.. but they're
> all on the 203.17.36.0 block. Do you think that leaving just the acl to deny
> the 203.17.36. will suffice or i should add in all our domains?
I'm using the syntax to load them from an external text file:
acl lava_domains dstdomain "/usr/local/etc/squid/lavadomains"
along with the following (relevant portions excerpted)...
acl lava_dests dst x.y.z.0/255.255.252.0
acl lava_dests dst x.w.v.0/255.255.248.0
...
no_cache deny lava_dests
no_cache deny lava_domains
always_direct allow lava_dests
always_direct allow lava_domains
lavadomains is nearly 800 lines, so I'm sure I'm taking a big
performance hit on that. However, if I don't use the domain ACL, I'm
concerned about the possibility of sporadically getting pages for a
customer web site put into the cache. In that case, Murphy's Law says
that customer will then update their site and flip out when they don't
see it reflected in their browser immediately, due to the cache serving
the stale pages.
-- Clifton
-- Clifton Royston -- LavaNet Systems Architect -- cliftonr@lava.net "An absolute monarch would be absolutely wise and good. But no man is strong enough to have no interest. Therefore the best king would be Pure Chance. It is Pure Chance that rules the Universe; therefore, and only therefore, life is good." - ACReceived on Mon Jan 31 2000 - 19:58:16 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:47 MST