<div id="__MailbirdStyleContent" style="font-size: 10pt;font-family: arial;color: #000000">Hi<div><br></div><div>My main issue with squid guard is that when I try and block say www.facebook.com and the user goes to https://www.facebook.com, squidguard only sees the initial CONNECT as the target IP so doesn't match against the domain entry.</div><div><br></div><div>If squidguard did a reverse DNS lookup, I could keep using that more complex filtering solution. That is where the dstdomain acl is a better option but has the ram overhead.</div><div><br></div><div><span style="font-size: 10pt;line-height: 1.5">Time for some experimentation</span></div><div><span style="font-size: 10pt;line-height: 1.5"><br></span></div><div><span style="font-size: 10pt;line-height: 1.5">thanks again for the feedback</span></div><div><br></div><div><br></div><div><br><div><br></div><div class="mb_sig">Sent from <a href="http://www.getmailbird.com/?utm_source=Mailbird&utm_medium=email&utm_campaign=sent-from-mailbird" target="_blank">Mailbird</a></div>
</div><blockquote class="history_container" type="cite" style="border-left-style: solid;border-width: 1px;margin-top: 20px;margin-left: 0px;padding-left: 10px;min-width: 500px">
<p style="color: #AAAAAA; margin-top: 10px;">On 30/09/2016 7:21:53 PM, Yuri Voinov <yvoinov@gmail.com> wrote:</p>
<br>-----BEGIN PGP SIGNED MESSAGE-----
<br>Hash: SHA256
<br>
<br>Amos, I'm afraid that this is not a solution. Block lists have become so
<br>huge that only their compression and / or placement in an external
<br>database (as Marcus) can save the situation.
<br>
<br>
<br>30.09.2016 12:59, Amos Jeffries пишет:
<br>> On 30/09/2016 6:58 p.m., Darren wrote:
<br>>> Thank you Amos
<br>>>
<br>>> The resources I save not running multiple Squidguards will make more
<br>>> ram available as you say and having a simpler setup is never a bad
<br>>> thing either.
<br>>>
<br>>> Just to clarify, so when squid fires up, it caches the ACL file into
<br>>> ram in it's entirety and then does some optimizations? If that is
<br>>> the case I would need to budget the ram to allow for this.
<br>>
<br>> Not quite. Squid still reads the files line by line into a memory
<br>> structure for whatever type of ACL is being loaded. That is part of why
<br>> its so much slowe to load than the helpers (which generally do as you
<br>> describe).
<br>>
<br>> The optimizations are type dependent and fairly simplistic. Ignoring
<br>> duplicate entries, catenating regex into bigger " A|B " patterns (faster
<br>> to check against), etc.
<br>>
<br>> Amos
<br>>
<br>> _______________________________________________
<br>> squid-users mailing list
<br>> squid-users@lists.squid-cache.org
<br>> http://lists.squid-cache.org/listinfo/squid-users
<br>
<br>-----BEGIN PGP SIGNATURE-----
<br>Version: GnuPG v2
<br>
<br>iQEcBAEBCAAGBQJX7kq8AAoJENNXIZxhPexGH+cH/jmZsQlcZgXpwt62pHDtHp4t
<br>TWDnhr5KOfHv+GFeBUmJYuD2nn8wefb5KUUhea5fdpRAeDihFDQDPQDwAnaC/E5q
<br>FzE68zh+nF13xVwTW9/5mQhK75G17mOGJPGFPn1ZUC3lf/Q2JCOhWB+0MFilXXcQ
<br>/ptCeQII/E8oXaiBOvHPzasOp6eDnu/m51q0DnkfoUceEWap9W0rY/vKxwL32FI9
<br>fjqoZGGBPt3FDczjb8/9X6trqeGBwUl4PKSTE4JSdyU6z52evaCSsVbEgAmw+LjI
<br>ELCBPOuU7buFxNjCSNLVhDNQeZJFJxPV8Oh/OcDQZQDhdUYliEwRke5Sz+Rz37k=
<br>=hFD2
<br>-----END PGP SIGNATURE-----
<br>
<br>_______________________________________________<br>squid-users mailing list<br>squid-users@lists.squid-cache.org<br>http://lists.squid-cache.org/listinfo/squid-users<br>
</blockquote></div>