Re: Reading ACL configuration files every request

From: Andrew Beverley <andy_at_andybev.com>
Date: Sun, 06 Nov 2011 21:29:03 +0000

On Sun, 2011-11-06 at 14:17 +1300, Amos Jeffries wrote:
> On 6/11/2011 1:39 p.m., Andrew Beverley wrote:
> > Hi,
> >
> > I am using the ACL feature whereby the parameters can be read from a
> > file. For example:
> >
> > acl session_day time "/var/www/announce_days.txt"
> >
> > Understandably, the file only appears to be read when the configuration
> > file is parsed, rather than each time the ACL is checked. However, I
> > need it to be checked more often, as I have a system configuration
> > interface that writes a day of the week to the file, which subsequently
> > causes a splash page to be shown on a particular day. I would like
> > configuration to be done without having to reload the Squid
> > configuration file.
> >
> > Would any consideration be given to a patch to check the ACL file more
> > often? Could/should it be an extra configuration option to check the
> > file each request? I appreciate that this would come with a greater
> > overhead. Is there a better way to achieve this?
>
> A better way currently available would be to use an external_acl helper
> to read and response OK/FAIL. You probably want to pass something
> relatively static (%PROTO or %METHOD) as the ACL format to reduce the
> overheads. With time calculations vs "now" you can ignore the actual
> input format.

Good idea, thanks. I've now written a little perl helper to do this.

It would be nice to add this to the main squid source code. Shall I just
submit as a bzr diff as normal? Is there any documentation for the
external helpers that I should also add to?

On a similar subject, is there any mileage in making the FORMAT optional
for external_acl_type? There is obviously no need for it in this case,
although as you have shown it is easy to workaround with a fairly static
parameter.

Andy
Received on Sun Nov 06 2011 - 21:29:09 MST

This archive was generated by hypermail 2.2.0 : Mon Nov 07 2011 - 12:00:12 MST