[squid-users] Refresh ACL list only
Brendan Kearney
bpk678 at gmail.com
Tue Mar 17 18:31:41 UTC 2015
On Wed, 2015-03-18 at 00:08 +0600, Yuri Voinov wrote:
> Brendan reads my thoughts. :)
>
> You can, of course, use two or more squid instances and Cisco with
> configured WCCP protocol before it. WCCP can plays with several cache
> instances in load balancing role. Running squid at this moment sends
> "here I am" messages to WCCP-enabled router, which will redirect
> traffic on alive cache. The same time you can reconfigure second squid
> instance a visa versa.
>
> 18.03.15 0:00, Brendan Kearney пишет:
> > On Tue, 2015-03-17 at 11:59 -0600, Samuel Anderson wrote:
> >> Unfortunately thats not really an option for me. I've already
> >> built everything just using squid. It works great and does
> >> everything I need it to do with the exception of refreshing the
> >> ACL lists. I just need to find a way to refresh those single
> >> lists without disrupting Internet traffic to the users. If anyone
> >> knows how to do this I would greatly appreciate it.
> >>
> >> On Tue, Mar 17, 2015 at 11:39 AM, Yuri Voinov
> >> <yvoinov at gmail.com> wrote:
> > Did you hear about rewriters and filters? I.e., squidGuard, or
> > Dansguardian? Or, of course
> > https://www.urlfilterdb.com/products/ufdbguard.html ? It has
> > separate server process which can be restart VERY quickly
> > independently of squid.
> >
> > 17.03.15 23:35, Samuel Anderson пишет:
> >> Hello all,
> >
> >> Does anyone know of a way to reload a single ACL list? I
> > have a
> >> very complicated and large config file that takes around 30
> > seconds
> >> to reload when I run the (squid3 -k reconfigure) command. I
> > have
> >> several ACL lists that need to be updated throughout the day
> > and it
> >> would be nice if I could only reload those ACL lists and not
> > the
> >> entire config. Its problematic because while its reloading,
> > the
> >> server is effectively down and disrupts Internet access for
> > the
> >> rest of the users. Below is a small sample of the lists that
> > will
> >> be updated. If I could add a TTL to the lists so squid would
> > reload
> >> them periodically without a full reconfigure would be ideal.
> >
> >
> >
> >> acl GLOBAL-WHITELIST dstdomain
> >> "/etc/squid3/whitelists/GLOBAL-WHITELIST" acl
> >> UNRESTRICTED-WHITELIST dstdomain
> >> "/etc/squid3/whitelists/UNRESTRICTED-WHITELIST" acl
> > DEV-WHITELIST
> >> dstdomain "/etc/squid3/whitelists/DEV-WHITELIST" acl
> >> SALES-WHITELIST dstdomain
> > "/etc/squid3/whitelists/SALES-WHITELIST"
> >
> >
> >> Thanks
> >
> >
> >
> >
> >> _______________________________________________ squid-users
> > mailing
> >> list squid-users at lists.squid-cache.org
> >> http://lists.squid-cache.org/listinfo/squid-users
> >
> >> _______________________________________________ squid-users
> >> mailing list squid-users at lists.squid-cache.org
> >> http://lists.squid-cache.org/listinfo/squid-users
> >>
> >>
> >>
> >>
> >> -- Samuel Anderson | Information Technology Administrator |
> >> International Document Services
> >>
> >>
> >> IDS | 11629 South 700 East, Suite 200 | Draper, UT
> >> 84020-4607
> >>
> >>
> >>
> >> CONFIDENTIALITY NOTICE: This e-mail and any attachments are
> >> confidential. If you are not an intended recipient, please
> >> contact the sender to report the error and delete all copies of
> >> this message from your system. Any unauthorized review, use,
> >> disclosure or distribution is prohibited.
> >> _______________________________________________ squid-users
> >> mailing list squid-users at lists.squid-cache.org
> >> http://lists.squid-cache.org/listinfo/squid-users
> >
> > do you have the luxury of multiple squid instances behind a load
> > balancer? mark one offline at the LB, reconfigure, mark online at
> > the LB. Lather, rinse, repeat.
> >
> > _______________________________________________ squid-users mailing
> > list squid-users at lists.squid-cache.org
> > http://lists.squid-cache.org/listinfo/squid-users
> >
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
i use haproxy to load balance 2 squid instances. using this:
http://serverfault.com/questions/249316/how-can-i-remove-balanced-node-from-haproxy-via-command-line
you should be able to setup a process to mark you boxes offline, at
will, thereby allowing you to reconfigure your instances.
More information about the squid-users
mailing list