Chris Rosset wrote:
> Hi Henrik,
>
> I remember your last email pointed me towards looking at the ACL's,
> sounds like the url_regex are most intensive since they pattern match
> on the whole url?
>
> For more info on what i have
> We have a few ACL's most are not more then a few hundred lines
>
> but the one big one we have is 8200 lines, mostly spam, spyware, porn
> sites.
>
> acl never-allow-url dstdom_regex -i
> "/usr/local/squid/etc/FilterLists/never-allow-url"
> deny_info ERR_BW_CONTENT_SUPPRESSED never-allow-url
>
> and the entries in this acl are all like
> \.100percentcash.com$
>
acl never-allow-domain dstdomain
"/usr/local/squid/etc/FilterLists/never-allow-domain"
deny-info ERR_BW_CONTENT_SUPPRESSED never-allow-domain
With a file content of...
.100percentcash.com
(etc.)
... and obviously a matching http_access deny rule would perform the
same task, with much lower CPU utilization.
> I tried installing squidguard, but had problems installing so far,
> maybe i could try squirm, jesred or just recompile with
> --enable-gnuregex
> Or any other reccomendation?
>
> Thanks very much
> -Chris
>
Chris
Received on Wed Mar 28 2007 - 15:48:34 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Mar 31 2007 - 13:00:02 MDT