[squid-dev] Block users dynamically

Alex Rousskov rousskov at measurement-factory.com
Tue May 29 20:56:24 UTC 2018


On 05/28/2018 12:10 PM, dean wrote:

> What I'm doing is
> writing to an external file that is used in the configuration, like
> Squish does. But it does not block the user,

The lack of Squid reaction is expected -- Squid does not monitor
configuration files for changes.


> When I change the file, should I reconfigure Squid? 

Yes, if you want Squid to know about configuration changes, you have to
reconfigure (or restart) Squid after making those changes.


> Is there another way to block
> users dynamically from the Squid code?

Yes, of course. Nearly all existing Squid blocking decisions are done
"dynamically" (for some definition of "dynamic"), and you can add more
code that blocks users. There are many examples in the code, including

    git grep -10E 'Config.accessList.(http|reply)'

FWIW, in most cases, adding an external ACL helper or adding a new ACL
type is better than hard-coding your blocking logic into Squid.


HTH,

Alex.


More information about the squid-dev mailing list