[squid-users] Refresh ACL list only

Samuel Anderson sam at idsdoc.com
Tue Mar 17 18:34:16 UTC 2015 

Thanks, I'll look into using haproxy.

On Tue, Mar 17, 2015 at 12:31 PM, Brendan Kearney <bpk678 at gmail.com> wrote:

> On Wed, 2015-03-18 at 00:08 +0600, Yuri Voinov wrote:
> > Brendan reads my thoughts. :)
> >
> > You can, of course, use two or more squid instances and Cisco with
> > configured WCCP protocol before it. WCCP can plays with several cache
> > instances in load balancing role. Running squid at this moment sends
> > "here I am" messages to WCCP-enabled router, which will redirect
> > traffic on alive cache. The same time you can reconfigure second squid
> > instance a visa versa.
> >
> > 18.03.15 0:00, Brendan Kearney пишет:
> > > On Tue, 2015-03-17 at 11:59 -0600, Samuel Anderson wrote:
> > >> Unfortunately thats not really an option for me. I've already
> > >> built everything just using squid. It works great and does
> > >> everything I need it to do with the exception of refreshing the
> > >> ACL lists. I just need to find a way to refresh those single
> > >> lists without disrupting Internet traffic to the users. If anyone
> > >> knows how to do this I would greatly appreciate it.
> > >>
> > >> On Tue, Mar 17, 2015 at 11:39 AM, Yuri Voinov
> > >> <yvoinov at gmail.com> wrote:
> > > Did you hear about rewriters and filters? I.e., squidGuard, or
> > > Dansguardian? Or, of course
> > > https://www.urlfilterdb.com/products/ufdbguard.html ? It has
> > > separate server process which can be restart VERY quickly
> > > independently of squid.
> > >
> > > 17.03.15 23:35, Samuel Anderson пишет:
> > >> Hello all,
> > >
> > >> Does anyone know of a way to reload a single ACL list? I
> > > have a
> > >> very complicated and large config file that takes around 30
> > > seconds
> > >> to reload when I run the (squid3 -k reconfigure) command. I
> > > have
> > >> several ACL lists that need to be updated throughout the day
> > > and it
> > >> would be nice if I could only reload those ACL lists and not
> > > the
> > >> entire config. Its problematic because while its reloading,
> > > the
> > >> server is effectively down and disrupts Internet access for
> > > the
> > >> rest of the users. Below is a small sample of the lists that
> > > will
> > >> be updated. If I could add a TTL to the lists so squid would
> > > reload
> > >> them periodically without a full reconfigure would be ideal.
> > >
> > >
> > >
> > >> acl GLOBAL-WHITELIST dstdomain
> > >> "/etc/squid3/whitelists/GLOBAL-WHITELIST" acl
> > >> UNRESTRICTED-WHITELIST dstdomain
> > >> "/etc/squid3/whitelists/UNRESTRICTED-WHITELIST" acl
> > > DEV-WHITELIST
> > >> dstdomain "/etc/squid3/whitelists/DEV-WHITELIST" acl
> > >> SALES-WHITELIST dstdomain
> > > "/etc/squid3/whitelists/SALES-WHITELIST"
> > >
> > >
> > >> Thanks
> > >
> > >
> > >
> > >
> > >> _______________________________________________ squid-users
> > > mailing
> > >> list squid-users at lists.squid-cache.org
> > >> http://lists.squid-cache.org/listinfo/squid-users
> > >
> > >> _______________________________________________ squid-users
> > >> mailing list squid-users at lists.squid-cache.org
> > >> http://lists.squid-cache.org/listinfo/squid-users
> > >>
> > >>
> > >>
> > >>
> > >> -- Samuel Anderson  |  Information Technology Administrator  |
> > >> International Document Services
> > >>
> > >>
> > >> IDS  |  11629 South 700 East, Suite 200  |  Draper, UT
> > >> 84020-4607
> > >>
> > >>
> > >>
> > >> CONFIDENTIALITY NOTICE: This e-mail and any attachments are
> > >> confidential. If you are not an intended recipient, please
> > >> contact the sender to report the error and delete all copies of
> > >> this message from your system.  Any unauthorized review, use,
> > >> disclosure or distribution is prohibited.
> > >> _______________________________________________ squid-users
> > >> mailing list squid-users at lists.squid-cache.org
> > >> http://lists.squid-cache.org/listinfo/squid-users
> > >
> > > do you have the luxury of multiple squid instances behind a load
> > > balancer?  mark one offline at the LB, reconfigure, mark online at
> > > the LB.  Lather, rinse, repeat.
> > >
> > > _______________________________________________ squid-users mailing
> > > list squid-users at lists.squid-cache.org
> > > http://lists.squid-cache.org/listinfo/squid-users
> > >
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
> > http://lists.squid-cache.org/listinfo/squid-users
>
> i use haproxy to load balance 2 squid instances.  using this:
>
>
> http://serverfault.com/questions/249316/how-can-i-remove-balanced-node-from-haproxy-via-command-line
>
> you should be able to setup a process to mark you boxes offline, at
> will, thereby allowing you to reconfigure your instances.
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>



-- 
Samuel Anderson  |  Information Technology Administrator  |  International
Document Services

IDS  |  11629 South 700 East, Suite 200  |  Draper, UT 84020-4607

-- 
CONFIDENTIALITY NOTICE:
This e-mail and any attachments are confidential. If you are not an 
intended recipient, please contact the sender to report the error and 
delete all copies of this message from your system.  Any unauthorized 
review, use, disclosure or distribution is prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150317/3b10e245/attachment.html>

More information about the squid-users mailing list