Hi, Adrian though being a newbie I know about that though not perfect :D. I basically have 2.5 Ghz computer with 512 MB ram. With those number of users hunting squid, how many DSTDOMAIN ACL are considered safe. I know I can check the process load by adding few ACL at a time. But I can't complain management each week to replace the CUP or memory. So I am here for the help. You guys must have hell lot of experience to tell me that in rough figures. Regards Rishav Upadhaya Future System Administrator Current Support Officer On 12/5/07, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > Adrian Chadd wrote: > > ACLs are evaluated short-circuit. If you have this: > > > > acl clientA src 1.2.3.0/24 > > acl clientB src 1.2.4.0/24 > > acl youtube (expensive regexp) > > acl microsoft (expensive regexp) > > > > http_access deny clientA youtube > > http_access deny clientB microsoft > > > > the http_access lines are evaluated in order from top to bottom, and stop being > > evaluated across each http_access line if one of the ACLs fails. > > > > So the expensive youtube regexp ACL will only be processed by requests from clientA. > > Requests from clientB won't ever hit the youtube ACL lookup. > > > > If you know how to craft ACLs then you can avoid almost all of the penalties. > > > > Adrian > > Adrian! stop encouraging the regexp-addicts. :-) > > We're trying to wean them off the unnecessary use of slow ACL remember? ;) > > Amos >
