Thanks very much for your help! the dstdomain change solved my CPU usage prob. >>> Chris Robertson <crobertson@xxxxxxx> 3/28/2007 2:48:28 PM >>> Chris Rosset wrote: > Hi Henrik, > > >I remember your last email pointed me towards looking at the ACL's, >> sounds like the url_regex are most intensive since they pattern match >> on the whole url? > >> For more info on what i have >> We have a few ACL's most are not more then a few hundred lines > >> but the one big one we have is 8200 lines, mostly spam, spyware, porn >> sites. > > acl never-allow-url dstdom_regex -i > "/usr/local/squid/etc/FilterLists/never-allow-url" > deny_info ERR_BW_CONTENT_SUPPRESSED never-allow-url > > and the entries in this acl are all like > \.100percentcash.com$ > >acl never-allow-domain dstdomain >"/usr/local/squid/etc/FilterLists/never-allow-domain" >deny-info ERR_BW_CONTENT_SUPPRESSED never-allow-domain >With a file content of... >.100percentcash.com >(etc.) >... and obviously a matching http_access deny rule would perform the >same task, with much lower CPU utilization. >> I tried installing squidguard, but had problems installing so far, >> maybe i could try squirm, jesred or just recompile with >> --enable-gnuregex >> Or any other reccomendation? >> >> Thanks very much >> -Chris >> >Chris
