Search squid archive

ACL ordering in squid.conf

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Hi all

I was wondering if there needs to be any consideration that needs to be taken when it comes to ordering ACLs. My first block is a group of ACLs determining access to various sites. The block after that (further down the file) are the ACLs for
the delay pools.

Is there a chance the some users won't even get to the delay pools ACLs, thus
not being throttled?


acl academic01 time MTWHFAS 08:00-20:00
acl ok-sites url_regex (chess\.com|feedproxy\.google\.com|actubenin\.com|dictionnaire.tv5.org|eliteinternationalcareers\.com|opensuse\.org|users\.aust-abuja\.org|reddit\.com|hmusick)
http_access allow ok-sites
acl media-sites url_regex -i (bollywood|espn|game|movie|movies|music|musik|premiership|premierleague|radio|\.tv|\/tv|tube|torrent|video)
acl torrents url_regex -i (torrent|mininova)
http_access deny torrents
acl warez-sites url_regex -i (warez|share|sharing)
acl unblocker-sites url_regex -i (bypass|hide|unblock|proxie|proxy)
http_access allow ausnahme warez-sites
http_access allow ausnahme media-sites
http_access allow ausnahme unblocker-sites

http_access deny academic01 warez-sites
http_access deny academic01 media-sites
http_access deny academic01 unblocker-sites



acl lan-servers dst 192.168.0.0/24 acl lan-unknown dst 192.168.1.0/24 acl lan-known2 dst 192.168.2.0/24 acl lan-known3 dst 192.168.3.0/24 acl lan-ams dst 192.168.4.0/24 acl lan-mdl dst 192.168.5.0/24 acl lan-students dst 191.168.6.0/24 acl bad-downloads url_regex -i \.(mp(3|4|g|eg?)|exe|vqf|rpm|zip|avi|qt|ra?m|iso|raw|wav|wmv)$
acl pdf-downloads url_regex -i \.pdf$
acl url-words url_regex -i (ictp\.it|\://ftp\.)
acl ftp-downloads proto FTP

delay_pools 6
delay_initial_bucket_level 95

delay_class 1 1
delay_parameters 1 -1/-1
delay_access 1 allow lan-servers
delay_access 1 deny all

delay_class 2 1
delay_parameters 2 14000/14000
delay_access 2 allow lan-unknown bad-downloads
delay_access 2 allow lan-unknown ftp-downloads
delay_access 2 allow lan-unknown
delay_access 2 deny all
.
.
.
.

Best regards

Dayo

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux