Re: [squid-users] external acl and squids

From: Lasse Laursen <[email protected]>
Date: Tue, 8 Feb 2005 21:10:00 +0100

Hi Henrik,

Thanks for your response. So the squid server simply caches the response
from the external program internally based on the variables sent to the
program? So next time it will check the user it simple does a lookup in its
own cache based on the 3 values and returns a cached response?

Regards

--
Lasse Laursen � VP, Hosting Technology
NetGroup Processing Aps
Phone: +45 3370 1526 � Fax: +45 3313 0066
----- Original Message ----- 
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: "Lasse Laursen" <laursen@netgroup.dk>
Cc: <squid-users@squid-cache.org>
Sent: Tuesday, February 08, 2005 9:07 PM
Subject: Re: [squid-users] external acl and squids
> On Tue, 8 Feb 2005, Lasse Laursen wrote:
>
>> external_acl_type my_app negative_ttl=120 ttl=120 children=75 %SRC 
>> %{User-Agent} %{Cookie} /path/to/my_app.pl
>>
>> The check is rather database intensive so once we have allowed/denied a 
>> user access we would like to limit the number of further requests on our 
>> acl programs for the amount of time specified in the TTL paramerer for 
>> this particular user (prevent him from hammering our databases with 
>> reloads, etc.) - eg. the user gets an OK and this user is allowed access 
>> through the proxy for 120 seconds without any further calls to our acl 
>> program - similar scenario for the users that gets an ERR message.
>>
>> So I was wondering - exactly how does Squid (3.0-PRE3 in our case) 
>> identify a user? Is it {IP, agent} or exactly how is the unique user 
>> identified again by the proxy server?
>
> User is irrelevant to the above acl.
>
> Your external_acl type looks into "%SRC %{User-Agent} %{Cookie}" (plus any 
> additional keywords eventually specified in the acl referring to this 
> type). Each unique combination of these is sent to your helper and the 
> result is cached for the specified TTL.
Received on Tue Feb 08 2005 - 13:10:33 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:01 MST