RE: [squid-users] empty acl from Amos Jeffries on 2011-10-25 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 26 Oct 2011 10:28:13 +1300

On Tue, 25 Oct 2011 21:11:50 +0100, zongo saiba wrote:
> Amos,
>
> Thanks for your reply.
> I have deleted the ad_block.txt and downloaded it again
> I have chown the file to squid user and chmod 777 that file to make
> sure that there is no permissions issue. I have done the same thing
> for temp_ad_ in /temp directory.
> Still, I get the same error message as below which I do not get on
> Linux for some reasons.
> I believe the error occurs when the script asked squid to reconfigure
> "squid -k reconfigure" as you rightfully mentioned below.
> All the access are correct. So that would leave me with the other
> option you talked about in your reply which is "file is empty" when
> script runs "squid -k reconfigure". There I have to admit I am lost.
> Did I over look something or may be the syntax of the acl below is
> not
> working in FreeBSD ?
>
> Kind Regards,
>
> a "warning: empty ACL: acl ads
>> dstdom_regex "/usr/local/etc/squid/ad.block.txt everytime I run the
>> script that enables the refresh of the ad.block.txt file
>
> #!/bin/bash
> ## get new ad server list
> /usr/local/bin/wget -O /tmp/temp_ad_file \
>
>
> http://pgl.yoyo.org/adservers/serverlist.php?hostformat=squid-dstdom-regex;showintro=0
>

Ew! the contents of that file are badly de-optimized.

The whole lot seem to be dstdom_regex is only useful if the right-hand
side of the domain needs some regex pattern match applied (eg
(^|\.)example\.(com|net|org|co\.[a-z]+?)$ ) and none of the entries
seem to meet that criteria.

I'd suggest pulling from the clean version of the list and scripting a
loop to add '.' in front of each line. Which is the dstdomain form of
wildcard, instead of converting to a wildcard regex syntax.

wget -O /tmp/temp_ad_file
http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml

   cat /tmp/temp_ad_file | while read domain; do
     echo ".${domain}" >>/tmp/ad_block.txt
   done

mv /tmp/ad_block.txt /usr/local/etc/squid/ad_block.txt

With that done the result can be loaded into a *dstdomain* ACL type for
more efficient matching.

Amos
Received on Tue Oct 25 2011 - 21:28:17 MDT

This archive was generated by hypermail 2.2.0 : Wed Oct 26 2011 - 12:00:02 MDT