Re: [squid-users] ACL Syntax and Preference from Henrik Nordstrom on 2003-02-11 (squid-users)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 11 Feb 2003 21:59:25 +0100

You need to split the list in two, one for IP addresses and one for
domains/hostnames.

A simple grep can do the job..

grep '^[0-9.]*$' blocklist.txt > blocklist_ip.txt
grep -v '^[0-9.]*$' blocklist.txt > blocklist_domain.txt

then define two acls in squid

acl blocked_ip dst "/path/to/blocklist_ip.txt"
acl blocked_domain dstdomain "/path/to/blocklist_domain.txt"

And no Marc, SquidGuard is not faster for such lists than Squid when
used correctly, in fact using SquidGuard is a great deal slower except
for startup time (squid is missing the "db" functionality of SquidGuard
and have to parse the whole list on each startup/reconfigure). But
SquidGuard is considerably easier to configure.

Regards
Henrik

tis 2003-02-11 klockan 18.27 skrev Sturgis, Grant:
> Greetings All,
>
> Based on comments from Henrik and others, I am reconfiguring my ACLs. I
> have block lists downloaded from squidguard and others that are quite
> extensive, and I have all of them implemented as url_regex ACLs. Since a
> large portion of the lists are not URLs but domains and IP addresses, I am
> guessing that it would be smart to change the ACL type to dst or dstdomain
> when possible. So, my questions inviting confirmation or comment are:
>
> 1. dst and dstdomain ACLs are more advantageous than url_regex ACLs because
> of processing cycles necessary in regex
> 2. ACLs using the dst type are looking for IP addresses as elements
> 3. ACLs using the dstdomain type are looking for
> fully-qualified-domain-names as elements.
> 4. Is there a better way to implement a block list similar to the
> following:
>
> 207.231.72.88
> 209.123.16.9
> 205.241.44.90
> 14words.com
> site88.8m.com
> air-photo.com
>
>
> Thanks for your comments,
>
> Grant
> This electronic message transmission is a PRIVATE communication which
> contains information which may be confidential or privileged. The
> information is intended to be for the use of the individual or entity named
> above. If you are not the intended recipient, please be aware that any
> disclosure, copying, distribution or use of the contents of this information
> is prohibited. Please notify the sender of the delivery error by replying to
> this message, or notify us by telephone (877-633-2436, ext. 0), and then
> delete it from your system.

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden

Received on Tue Feb 11 2003 - 13:59:44 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:20 MST