Re: [squid-users] setting up a blacklist

From: Adam Aube <[email protected]>
Date: Fri, 19 Sep 2003 23:01:40 -0400

>> Can you post your squid.conf (without comments or blank lines)?

> acl homenet src 192.168.212.0/24
> http_access allow homenet
> http_access allow localhost
> http_access deny all
> acl porn dstdom_regex "/usr/share/squid/blacklists/porn/urls"
> acl porn dstdom_regex "/usr/share/squid/blacklists/porn/domains"
> acl porn "/usr/share/squid/blacklists/porn/expressions"
> deny_info ERR_NO_PORNO porn
> http_access deny porn

A few problems here:

1) The first porn acl should be url_regex, not dstdom_regex (guessing from the
file name) - dstdom_regex won't match anything after the hostname
2) The 3rd porn acl is missing the acl type (suggest url_regex or
urlpath_regex)
3) Since you're referencing files, you might have to make those 3 porn acls
porn1, porn2, and porn3. (You definitely will if they're not the same acl
type)
4) The "http_access deny porn" is after you've already allowed your local
network, so it won't have any effect

I don't see anything that would give the symptoms you report (excessive CPU
utilization on startup and shutdown). Having too many patterns in the files
can cause high CPU utilization, but I would expect that to be fairly
constant. Maybe someone else has more insight.

Adam
Received on Fri Sep 19 2003 - 21:01:55 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:58 MST