On 4/20/05, Henrik Nordstrom <hno@squid-cache.org> wrote:
> > The rest are url_regex which involve urls or ports (for the CONNECT)
> > later defined in the http_access rules. So essentially we have a
> > population of users and we want to restrict what they can access
> > depending on what group they're in. Group membership is determined by
> > ldap lookups.
>
> Why url_regex?
>
> For CONNECT there is exacly zero reasons to use url_regex.
>
> In terms of CPU usage url_regex is several orders of magnitude heavier
> than the other acl types.
I'll take a look at it. I think it was to keep the format simpler
because the majority of the acls are url_regexes. But I don't think
this is the problem.
>
> > Never any problems with CPU usage, these are like dual p3 1.3 Ghz, so
> > it's more than enough muscle.
>
> Squid only runs on one CPU. What means that 50% CPU usage reported on your
> system is 100% CPU usage by Squid..
It's essentially 1% of 1 CPU usage.
I haven't looked at how the ACLs are evaluated and if re-ordering them
would help. Is this a worthwhile idea?
Thien
Received on Wed Apr 20 2005 - 11:21:10 MDT
This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:04 MDT