On sön, 2008-07-13 at 01:04 -0500, Jian Wang wrote: > Yes, you are right. Actually, we did considered external_acl at the > begining. But we were worring about the performance since we were > aiming at a network with thousands of clients. Using an external acl performs a lot better than an url rewriter.. url rewriters are called on each and every request to Squid, while external acl helpers is only called once for each unique combination seen per the external_acl_type combination.. (i.e. cookie if using cookies). > Actually, we are doing an Intercepting Proxy. Now I believe abandon > redirectors and turn to ACL is a good idea. In addition, suppose we > can talk to administrator of the NAT/PAT gateway, what kind of > information I should ask for to make my ACL work as expected? There is none to ask for. It's by design in NAT/PAT gateways.. Regards Henrik
