Re: [squid-users] process load

From: Amos Jeffries <squid3@dont-contact.us>
Date: Wed, 05 Dec 2007 21:46:30 +1300

Adrian Chadd wrote:
> ACLs are evaluated short-circuit. If you have this:
>
> acl clientA src 1.2.3.0/24
> acl clientB src 1.2.4.0/24
> acl youtube (expensive regexp)
> acl microsoft (expensive regexp)
>
> http_access deny clientA youtube
> http_access deny clientB microsoft
>
> the http_access lines are evaluated in order from top to bottom, and stop being
> evaluated across each http_access line if one of the ACLs fails.
>
> So the expensive youtube regexp ACL will only be processed by requests from clientA.
> Requests from clientB won't ever hit the youtube ACL lookup.
>
> If you know how to craft ACLs then you can avoid almost all of the penalties.
>
> Adrian

Adrian! stop encouraging the regexp-addicts. :-)

We're trying to wean them off the unnecessary use of slow ACL remember? ;)

Amos
Received on Wed Dec 05 2007 - 01:46:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Jan 01 2008 - 12:00:01 MST