On Tue, 18 May 2010 05:51:41 +0800, "Peng, Jeff" <pyh@xxxxxxxxxxxxx> wrote: > 2010/5/18 kranthi <kranthi117@xxxxxxxxx>: >> Hi all, >> I want squid to deny requests from certain IPs and forward the rest. >> The list of IPs will be saved in an external file (or a MySql >> database), which will be updated every minute. (and my squid server >> can't be restarted every minute) > > You can't do that unless hacking with Squid. > You may read the ip list from mysql into a text file using a script by > crontab, and deploy squid to work with that file. Once the file is > changed, you reconfigure Squid. Wrong. http://wiki.squid-cache.org/SquidFaq/SquidAcl#Does_Squid_support_the_use_of_a_database_such_as_mySQL_for_storing_the_ACL_list.3F IP-based authorization is done via an external_acl_type helper that takes %SRC as its format parameter. http://www.squid-cache.org/Doc/config/external_acl_type/ Amos
