Hey Alex, I didn't meant by convert the StoreID helper to convert it into an external_acl helper.... It has both OK and ERR and a "checklist" which would be a match or not. Eliezer ---- Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: eliezer@xxxxxxxxxxxx -----Original Message----- From: Alex Rousskov [mailto:rousskov@xxxxxxxxxxxxxxxxxxxxxxx] Sent: Wednesday, March 22, 2017 3:51 PM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Cc: Eliezer Croitoru <eliezer@xxxxxxxxxxxx> Subject: Re: URL list from a URL On 03/21/2017 06:17 PM, Eliezer Croitoru wrote: > The current StoreID helper can be converted pretty fast into what he needs. Jason needs to block access. How can a [converted] StoreID helper block access without becoming an external_acl helper? Alex. > -----Original Message----- > From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Alex Rousskov > Sent: Tuesday, March 21, 2017 11:43 PM > To: squid-users@xxxxxxxxxxxxxxxxxxxxx > Subject: Re: URL list from a URL > > On 03/21/2017 02:30 PM, Jason B. Nance wrote: > >> I should have mentioned that I'm not caching, I'm only using Squid >> for whitelisting in this case. Would you still say this is the right >> path? > > No. You probably have two better options: > > 1. Use a file with list of mirror URLs as an ACL parameter. Write a > script that updates that file and reconfigures Squid as needed. Please > keep in mind that Squid reconfiguration is currently a relatively > heavy/intrusive operation, even if there were not changes except for > that single ACL. > > 2. Write an external_acl helper that will consult the mirror list. This > will make each HTTP transaction a little slower (because it needs to go > to the helper) but eliminates reconfigurations. The helper itself or > some other script will still need to update the mirror list as needed, > of course. > > > HTH, > > Alex. > > > > >>> Hello, >>> >>> I'm using Squid 3.5.20 and wonder if it is possible to define an ACL which retrieves the list of URLs from another URL (similar to pointing to a file). In this specific use case it is to allow a Foreman server to sync Yum content from the CentOS mirrors. I tell Foreman to use the following URL: >>> >>> http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates >>> >>> Which returns a list of URLs, such as: >>> >>> http://repo1.dal.innoscale.net/centos/7.3.1611/updates/x86_64/ >>> http://linux.mirrors.es.net/centos/7.3.1611/updates/x86_64/ >>> http://reflector.westga.edu/repos/CentOS/7.3.1611/updates/x86_64/ >>> http://mirror.jax.hugeserver.com/centos/7.3.1611/updates/x86_64/ >>> http://ftp.linux.ncsu.edu/pub/CentOS/7.3.1611/updates/x86_64/ >>> http://mirror.nexcess.net/CentOS/7.3.1611/updates/x86_64/ >>> http://mirror.web-ster.com/centos/7.3.1611/updates/x86_64/ >>> http://centos.host-engine.com/7.3.1611/updates/x86_64/ >>> http://mirror.raystedman.net/centos/7.3.1611/updates/x86_64/ >>> http://mirror.linux.duke.edu/pub/centos/7.3.1611/updates/x86_64/ >>> >>> Foreman then starts a new HTTP connection (not a redirect) to attempt to connect to those in turn until it works. >>> >>> So I would like to configure Squid to allow the Foreman server access to any of those URLs (the list changes somewhat often). >>> >>> I started to go down the external_acl_type but am wondering if I'm missing something obvious. > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users > _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
