[squid-users] squid 5.1: external_acl_type: Get public remote address

Alex Rousskov rousskov at measurement-factory.com
Thu Sep 16 17:43:05 UTC 2021


On 9/16/21 1:30 PM, David Touzeau wrote:

> I'm turning to create a DNS resolution dev and I'm giving up looking
> retreive this information through Squid.

Please note that if you do your own DNS resolution, then Squid DNS
resolution results will probably mismatch your results in some cases.
There have been many complaints about associated problems from folks
that went this route...

I am not sure what you are trying to do with that a %<a-based external
ACL in Squid, so it is difficult to narrow down the solution search
scope, but Squid does support slow ACLs in certain directives used when
talking to origin servers or peers (after built-in DNS resolution and
destination selection) so perhaps there is a way to do what you want
without Squid modifications.

If there is not, it would not be difficult to add a post-resolution
directive that supports slow ACLs IMO, but, again, that requires more
knowledge of the use case -- there are several places where such a
directive can be added.


Cheers,

Alex.



> Le 16/09/2021 à 19:13, Amos Jeffries a écrit :
>> On 17/09/21 2:42 am, David Touzeau wrote:
>>> Thanks Amos for quick answer.
>>>
>>> Can you take away any hope of a workaround with Squid ?
>>>
>>> This makes me plan having to develop a function that has to perform
>>> DNS resolution inside the helper with the performance consequences
>>> that this will impose.
>>>
>>
>> I would be looking at a design where a helper classifies requests and
>> using that later on when the server is known to match up the IP vs the
>> classification. I'm struggling to think of a flow that works
>> efficiently though.
>>
>> Amos
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
> 
> 
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
> 



More information about the squid-users mailing list