> Hi,
>
> the current 'ident_lookup' tag only allows to set it either to on or off.
> Would it make sense to have that on for certain hosts and off for others
> (like siblings)? Or is there hardly anything to be gained speedwise from
> that?
Try squid-2.2pre2 :-)
And yes, there is heaps to be gained. Not only speed but possibly security
by restricting ident lookups to known trusted unix hosts only.
tag 'ident_lookup_access':
A list of ACL elements which, if matched, cause an ident
(RFC 931) lookup to be performed for this request. For
example, you might choose to always perform ident lookups
for your main multi-user Unix boxes, but not for your Macs
and PCs. By default, ident lookups are not performed for
any requests.
To enable ident lookups for specific client addresses, you
can follow this example:
acl ident_aware_hosts src 198.168.1.0/255.255.255.0
ident_lookup_access allow ident_aware_hosts
ident_lookup_access deny all
ident_lookup_access deny all
David.
Received on Thu Feb 04 1999 - 03:37:47 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:22 MST