________________________________ From: Amos Jeffries <squ...@treenet.co.nz> > > acl foo ... > http_access deny foo > deny_info 302:http://example.com/ foo > > In Squid-3.2+ the deny_info URL portion can use logformat macros for > dynamic redirection - like the "rew" substitutions only changing > portions of the URL.
I was already using deny_info like this: deny_info http://squidserver/proxy-error/?a=%a&B=%B&e=%e&E=%E&H=%H&i=%i&M=%M&o=%o&R=%R&T=%T&U=%U&u=%u&w=%w&x=%x&acl=denied_domains denied_domains I was wondering how to do an immediate redirect without doing it from my custom php script. Now I see. I guess I'll have trouble redirecting https sites though... (TLS/SSL trust issues) I don't know if I can "cleanly" redirect from an HTTPS to an HTTP site (ie. so the user's browser doesn't show a "can't open page" message of some sort...). You mention that I can avoid using SG, ufdbGuard, or any other redirector/helper for access control. The problem I see when trying to use huge plain text blacklists within Squid directly is that it takes a LOT of time for the proxy cache to start up as it populates the ACLs. I can't afford to wait for Squid to do that before serving client requests. I'd rather "allow everything" until the ACLs are populated than have users wait for so long. Am I missing something? Is there a way to tell Squid to process the ACLs "in the background", but start handling requests immediately. If so, is it also possible to tell squid in which order to process the ACLs, ie. first process the allowed_domains ACL, and then the denied_domains ACLs? (is ordering in squid.conf enough?) I'm saying this because I've sometimes had the need to restart Squid during the worst time of the day (peak working hours). That usually happens when I have an issue with too many open file descriptors (working on it). Stopping it cleanly takes up to 2-3 minutes. If I had to wait several more minutes for Squid to start again because it re-populates huge blacklist ACLs then I think they'd hang me for it. Thanks, Vieri _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
