Re: [squid-users] ACL Syntax and Preference

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 12 Feb 2003 19:06:09 +0100

ons 2003-02-12 klockan 17.17 skrev Josh Kuperman:

> Is it slower? Why is it slower? Is it always slower or does it depend
> on circumstances. Intuitively, I would think a database lookup would
> be quicker than sequential llist processing. As squidguard allows for
> prebuilding the databases I would think it would be quicker still.

The only sequential list processing is if you use regex lists. These are
sequential in both Squid and SquidGuard and is one of the reasons why
one should not use regex based access checks unless one have to..

src/dst/dstdomain acl types is using splay trees in Squid which
automatically optimizes repetive lookups of the same values and many
other nice properties for access control lists (in addition to being
tree based and not a sequential list).

Why SquidGuard is a great deal slower is mainly from the overhead of
communication between Squid and SquidGuard, not in how the two programs
performs the actual access controls.

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden
Received on Wed Feb 12 2003 - 11:06:26 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:21 MST