[squid-users] URL filtering technical

ngtech1ltd at gmail.com ngtech1ltd at gmail.com
Thu Dec 22 02:57:58 UTC 2022 

Hey,
 
Depends on your needs but from my experience the most simple solution would be external_acl helper.
I have used all 3 options and unless you really have foundation in ICAP and you do have a specific logic that can be done only via ICAP you should stick with external_acl.
 
If you do ask me about the ideal content filter solution?
It should be some deep inspection in the content level and not just the URL or domain etc.
However again, unless you do have the resources and the basic idea of how you do want to do this deep inspection and mangling of the payload you should stick with external_acl, don’t use url_rewrite unless you do have a specific tool that only supports that.
 
Eliezer 
 
----
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email:  <mailto:ngtech1ltd at gmail.com> ngtech1ltd at gmail.com
Web:  <https://ngtech.co.il/> https://ngtech.co.il/
My-Tube:  <https://tube.ngtech.co.il/> https://tube.ngtech.co.il/
 
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Lucas Vicente Pereira
Sent: Friday, 16 December 2022 23:06
To: squid-users at lists.squid-cache.org
Subject: [squid-users] URL filtering technical
 
Good Evening, Community
 
When thinking about URL filtering (http and or https), Which one is the best technique you recommend for integration with Squid 5.7?
 
Environment information:
 ~2500 users
3 x Internet links 1 Gbps each
Average HTTP requests per minute since start: 65956.1
Iptables REDIRECT for squid for transparent mode
 
1 - External_acl (e.g.:
 
external_acl_type webfilter ipv4 ttl=300 children-startup=40 children-max=256 %>ha{SSLproxy} %ACL %ssl::>sni %>ha{REFERER} %URI %SRC %SRCPORT %DST %PORT %>eui % <h{Content-Type} %>ha{Content-Type} %<h{Content-Length} %>ha{Content-Length} %MYPORT %MYADDR %un %METHOD %>ha{USER-AGENT} /sbin/ webfilter
acl acl_webfilter_access external webfilter
acl acl_webfilter_reply external webfilter
 
2 - I-CAP Servers
 
3 - url_rewrite_program (eg:
url_rewrite_program /sbin/webfilter - url_rewrite_children 16 m 4 startup=8 idle=2 concurrency= -l /var/squid/logs 4
 
Thanks a lot.
 
Sincerely,
Lucas Pereira
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20221222/7254b79e/attachment-0001.htm>

More information about the squid-users mailing list