[squid-dev] External ACL Feed, helper?
Alex Rousskov
rousskov at measurement-factory.com
Tue Jul 7 13:54:08 UTC 2020
On 7/7/20 1:08 AM, Eliezer Croitor wrote:
> I think that many proxy admins would like to have a script that will
> help them to update their ACLs from a feed.
>
> Ie they have a DB or a GIT repository that contains their ACLs data like
> IP addresses, domain names, sni patterns etc.
* External ACL updates without Squid reconfiguration is available today.
* Built-in ACL updates via Squid reconfiguration is available today.
* Built-in ACL updates without full Squid reconfiguration is planned,
but it is a relatively complex low-priority project with no ETA.
Sponsors welcome.
> Would it be possible to add such helper to the project sources?
If you are talking about a script that will automatically update an
external ACL helper configuration file based on DB/git/etc. interaction,
then I do not think it is a good idea to add such a script to the Squid
repository because such a script will have virtually no Squid-specific
code (and a lot of environment/business logic specifics that would be
impossible to properly support in a simple sample script).
If you are talking about built-in ACL updates without full Squid
reconfiguration (i.e. the last bullet above), then such a feature does
not need an external Squid helper. It needs Squid code enhancements.
Most likely, it will be triggered by a standard reconfiguration signal
(but will zero-in on changed ACL parameter files by comparing file
timestamps).
Thank you,
Alex.
More information about the squid-dev
mailing list