> Eg/ If an ISP wants to setup a link to a School, they can maintain
> a list of banned sites (pref in a seperate conf file)
We are exactly such an ISP, and I guess this would be a useful
feature.
At the moment, our blocklist management software (CensorMan)
stores filters separately (using NetInfo) and then exports
them to a Squid configuration file.
eg.
victoria[10:22:11]~$ nidump -r /filters/schnet/www.playboy.com/http .
name = http;
CHILDREN = {
name = /;
by = "Joe user";
comment = "Filter for Playboy";
generic = "";
on = "1996.01.19T05:48-0000";
port = 80;
until = "1996.01.14T05:48-0000";
etc...
becomes
acl bpr_http proto HTTP
# (more filters)
# Filter for Playboy
# /filters/schnet/www.playboy.com/http/\/
acl bd_www.playboy.com domain www.playboy.com
http_access deny bd_www.playboy.com bpr_http
in squid.conf.
A question re. ACL lists -- if it searches the list sequentially, and if
a match is found (ie. let all requests NOT coming from 200.100.50.0
in) then will those sites see improved performance? If the ACL entry
is at the head of the linked list, you'd assume so, but I haven't
had a look at the code yet.
Point being, sites that don't have any filtering done can hopefully
not have to have each request checked against the entire ACL list.
-- Luke
Received on Mon Jul 01 1996 - 17:27:37 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:33 MST