Thanks for your advice, I'll think about that.
Serg
Amos Jeffries пишет:
> Serj A. Androsov wrote:
>> Good time of the day, Amos
>>
>> I know about time acl's and it's format.
>> Really it's problem to avoid rewriting/reconfiguring of the squid.conf
>> and perform really dynamic time management.
>>
>> I think I can write an external acl perl script, which receive %src and
>> check it legits (time regions) in mysql database (stored procedure) or
>> file, but I really don't know how it's may degrade perfomance of squid,
>> as you know we have ~3k users and it must be for about 30s-1m TTL for
>> that ACL.
>
> Squid does have configurable TTL for caching of external acl results.
> Even without that I have not found any noticeable delays on a moderately
> slow server with external acls. I do two complicated auth ACL scripts
> _every_ request that involve remote MySQL lookup and remote ICMP or
> rDNS. Squid response time is still within 0.1 seconds.
>
> Amos
>
>>
>> --
>> Serj
>>
>> Amos Jeffries пишет:
>>>> Hello there,
>>>>
>>>> Is there ways to perform a dynamic time management for several src's
>>>> net?
>>>>
>>>> The problem is:
>>>> A couple of subnets (stored in MySQL database)
>>>> A couple of internet access time acl's (alse stored in MySQL database).
>>>> Also there are links between src's and time templates.
>>>>
>>>> I need ways for scripting or some other dynamic organization of acl
>>>> like
>>>> this:
>>>>
>>>> acl time1 <timedef>
>>>> acl time2 <timdef2>
>>>>
>>>> acl src1 <srcdef>
>>>> acl src2 <srcdef2>
>>>>
>>>> http_access allow src1 time1
>>>> http_access allow src2 time2
>>>>
>>>> Be glad to any advice.
>>>>
>>> http://www.squid-cache.org/Versions/v2/2.6/cfgman/acl.html
>>>
>>> Look for 'time'
>>>
>>> Amos
>>>
>>
>
>
Received on Thu Feb 21 2008 - 07:20:32 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST