This is a discussion on [squid-users] SQUID 2.5 STABLE3 Performance w/ URL blocking on Trustix 2.0 - squid ; Hi list, I have run into a slight problem with a squid setup on a Trustix 2.0 box = here and haven't been able to find a clue yet what might be causing it. In order to deny the internal ...
I have run into a slight problem with a squid setup on a Trustix 2.0 box =
here and haven't
been able to find a clue yet what might be causing it.
In order to deny the internal clients access to a given number of sites =
we have added=20
some acls to the squid.conf.
acl url-deny dstdomain "/etc/squid/url-deny"
acl ip-deny dst "/etc/squid/ip-deny"
http_access deny url-deny
http_access deny ip-deny
http_access allow all=20
The corresponding files look like this (details changed, obviously):
ip-deny (1 entry):
url-deny (5-10 entries):
Currently accessing the internet using lynx with the proxy configured =
running on the same
machine (so no networking problems here involved atm). As long as URL =
blocking is active
it takes roughly 5-10 secs before the site even starts loading (no =
activity in access.log too,
with tail -f running), no matter which site I try to connect to. Once I =
am on the site, everything=20
run smoothly, hardly any delays at all.
As soon as url blocking is deactivated and squid restarted everything =
works like a charm.
No 5-10 secs delays at all.
I understand that some ACLs (according to the FAQ) can cause delays due =
DNS lookups and similar things. Does anything like that apply to dst and =
dstdomain as well?
And if so, is there any way around it?