[squid-users] Newbie ACL/always_direct and CGI/PHP questions.

From: SeaGROL <pookie62997a@dont-contact.us>
Date: Fri, 2 Sep 2005 12:09:38 +0000 (UTC)

I fully admit to being a newbie (2 days uptime) Squid Proxy admin with
a half-way working Squid 2.5P6/Mandrake 10.1 installation. I'm trying
to make a 48Kbit/second [kilobit.. not kilobyte] max. throughput
shared multi-use [phones, internet, and a VPN] connection at least
partially usable on a isolated/remote network of 50+ machines. If
I'm lucky I think I can get 90Kbit/sec-like performance with a
properly configured Squid server. Test box is a PIII-550/448MB ram/30
gig HD.

Network Configuration: Bunch of Clients -> Squid Proxy Server
(Mine) -> Link to outside world -> Squid Proxy Server/Firewall
(Not_Mine) -> Internet. I have no control of the "Not_Mine"
Proxy, and I'd rather they not even notice that I have a proxy set up
(cache_peer xxx.xxx.xxx.xxx parent 80 7 no-query is my friend).

After reading through the www.squid-cache.org FAQ and
everything else that I managed to download, I've still got two stupid
newbie ACL configuration problems with my proxy.

- My ACL that allows people to login to mail.yahoo.com isn't working,
but the example one for Hotmail does. Does always_direct only allow
one ACL per line?
    acl hotmail dstdomain .hotmail.com
    acl yahoo dstdomain .yahoo.com
    always_direct hotmail yahoo

- My ACL for regex php handling doesn't work, but the example one for
cgi-bin does (slashdot and google work fine, but groklaw doesn't) and
I have no clue why.

      hierarchy_stoplist cgi-bin ?
      acl QUERY urlpath_regex cgi-bin \?
      no_cache deny QUERY
      
     hierarchy_stoplist php ?
     acl QUERY1 urlpath_regex php \?
     no_cache deny QUERY1

I've managed to get webpages that have previously taken 10 minutes to
download (Slashdot with full images) to download in less than 3
minutes, So I'd like to make the proxy work as well as it can. Any
suggestions?

- SeaGROL
Received on Fri Sep 02 2005 - 19:50:58 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:03 MDT