Re: ACL extensions

From: Arjan de Vet <>
Date: Tue, 17 Sep 1996 22:02:36 +0200

In article <> you write:

>I have a large list of sites that we wish to reject access to. Currently
>the process for setting up ACL is not condusive to a large list. Your
>reference to reading separate ACL files probably will address this.

I need something similar, but then on the inside: who is allowed to access
the cache.

>Secondly, and more importantly, since your ACL process is linear, a large
>list is cause for excessive delays. Some type of hash table or database
>lookup would probably resolve this issue.

Would the following idea work: when the lookup of an address/host in an
ACL is successful, move that node to the first position of the list
(shouldn't be to difficult with pointers). The list will automatically get
sorted by LRU-order (last recently used) and because most accesses from/to
a site come in bursts this should give some serious improvements. Just an
idea, couldn't find the time to try it myself :-(.

I've also have been playing with AVL trees recently, a special kind of
binary trees which keep themselves perfectly balanced, leading to
extremely fast lookups. If I find time I'll try to add these AVL trees to
the ACL handling of Squid and see if it works...

Received on Tue Sep 17 1996 - 13:47:06 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:02 MST