On 3/02/2013 7:02 p.m., Matthew Goff wrote:
Ah...But is it floating on the web to be found by Google? ;) I searched off and on a little for a way to easily tie Squid to MySQL and I found lots of people asking but very little practical examples beyond user authentication using the supplied demo script. I'm curious how much caching would really be necessary in the helper program though given that Squid already caches external ACL lookup results on its own. I haven't seen any slowdown using this on my own LAN, but that's a fairly small traffic sample. My end goal was something using as few external library dependencies as possible in a compiled language, so I can say I achieved that at least. I really was just tired of the whole process of: ssh, su, edit, reload, test -- each time I needed to block a new domain one of my kids stumbled on ;) The SQL tie-in is also nice because it can be managed by so many different tools so you can create portal pages or small GUI tools to allow less technical users to update their lists without worrying about what file on disk to edit and what commands to run afterwards. Every solution will have pros and cons, just have to pick the best one for your own use case :)
You can also trivially alter the Basic authentication DB helper bundled with Squid to do custom SQL queries. In fact this is the common solution for external ACL helpers accessing a database.
The problem with external ACL helpers (and why we don't bundle many with Squid) is that in just about all instances they are custom-written to connect with some network-specific database or backend using some unique sequence of format parameters, or processing to interpret the traffic state.
Amos
