On 6/9/2013 8:28 PM, Squidblacklist wrote:
> On Sun, 09 Jun 2013 20:05:53 +0300
> Eliezer Croitoru <eliezer_at_ngtech.co.il> wrote:
>
>> On 6/9/2013 6:59 PM, Alex Rousskov wrote:
>>> On 06/09/2013 03:29 AM, Eliezer Croitoru wrote:
>>>
>>>> Would you prefer a filtering based on a reload or a persistent DB
>>>> like mongoDB or tokyo tyrant?
>>>
>>> I would prefer to improve Squid so that reconfiguration has no
>>> disrupting effects on traffic, eliminating the "reload is
>>> disruptive for Squid but not for my ICAP service" difference.
>>>
>>> There are many important differences between ACL lists, eCAP
>>> adapters, and ICAP services. Reconfiguration handling should not be
>>> one of them.
>>>
>>>
>>> Cheers,
>>>
>>> Alex.
>>>
>> So our aim is to improve squid reload!
>> perfect.
>> This is what I do want entirely.
>> The main issue is that static squid.conf cannot comply with the
>> demand to allow DB update on the fly.
>>
>> If it would be possible squid will move forward to a very very good
>> point in the development.
>> The above is a good point in every software.
>>
>> I will give you the given scenario:
>> Filtering solution(not sure 100% if it should be based on squid)
>> Human based filtering DB of pictures domains and pages
>> A very strict client that wants on the fly filtering(one client allow
>> first and block later the second is block first and allow later)
>> In this scenario we have rating of -128 and +128(int32)
>> the light filtering will be -51 which allow first and later disallow.
>> 0 should block first and then allow after human or computer inspection
>>
>> The above scenario is a real world scenario which my friend developed
>> and designed a proxy and other helpers to make our children world a
>> cleaner world.
>> I myself not really a fan of "kids shouldn't see" etc but I do
>> understand why people do want it and make big efforts to make it
>> happen.
>>
>> What do you think about the idea?
>>
>> Eliezer
>>
>>
>
> Im all in favor of improving the reload process for squid. however.
>
> If you have 100% cpu usage when using large acls with squid proxy there
> is a problem with your installation or you are using an ancient version
> of squid that needs to be rm'd.
>
> Cpu usage with large acls in squid3.x is nominal and not a problem at
> all.
>
>
>
> -
> Signed,
>
> Fix Nichols
>
> http://www.squidblacklist.org
>
So let me understand.
1 Million dstdoms and urls should not be a problem?
I can write a script the converts blacklists into squid.conf\acls files.
These lists wont be as complex and good as an updated one but can almost
say goodby to a base squidguard setup while leaving squid as a static(1
day updated) filtering solution.
Eliezer
Received on Sun Jun 09 2013 - 18:36:28 MDT
This archive was generated by hypermail 2.2.0 : Mon Jun 10 2013 - 12:00:11 MDT