[squid-users] URL list from a URL

Eliezer Croitoru eliezer at ngtech.co.il
Wed Mar 22 15:25:36 UTC 2017


Hey Alex,

I didn't meant by convert the StoreID helper to convert it into an external_acl helper....
It has both OK and ERR and a "checklist" which would be a match or not.

Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il



-----Original Message-----
From: Alex Rousskov [mailto:rousskov at measurement-factory.com] 
Sent: Wednesday, March 22, 2017 3:51 PM
To: squid-users at lists.squid-cache.org
Cc: Eliezer Croitoru <eliezer at ngtech.co.il>
Subject: Re: [squid-users] URL list from a URL

On 03/21/2017 06:17 PM, Eliezer Croitoru wrote:
> The current StoreID helper can be converted pretty fast into what he needs.

Jason needs to block access. How can a [converted] StoreID helper block
access without becoming an external_acl helper?

Alex.

> -----Original Message-----
> From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Alex Rousskov
> Sent: Tuesday, March 21, 2017 11:43 PM
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] URL list from a URL
> 
> On 03/21/2017 02:30 PM, Jason B. Nance wrote:
> 
>> I should have mentioned that I'm not caching, I'm only using Squid
>> for whitelisting in this case.  Would you still say this is the right
>> path? 
> 
> No. You probably have two better options:
> 
> 1. Use a file with list of mirror URLs as an ACL parameter. Write a
> script that updates that file and reconfigures Squid as needed. Please
> keep in mind that Squid reconfiguration is currently a relatively
> heavy/intrusive operation, even if there were not changes except for
> that single ACL.
> 
> 2. Write an external_acl helper that will consult the mirror list. This
> will make each HTTP transaction a little slower (because it needs to go
> to the helper) but eliminates reconfigurations. The helper itself or
> some other script will still need to update the mirror list as needed,
> of course.
> 
> 
> HTH,
> 
> Alex.
> 
> 
> 
> 
>>> Hello,
>>>
>>> I'm using Squid 3.5.20 and wonder if it is possible to define an ACL which retrieves the list of URLs from another URL (similar to pointing to a file).  In this specific use case it is to allow a Foreman server to sync Yum content from the CentOS mirrors.  I tell Foreman to use the following URL:
>>>
>>> http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates
>>>
>>> Which returns a list of URLs, such as:
>>>
>>> http://repo1.dal.innoscale.net/centos/7.3.1611/updates/x86_64/
>>> http://linux.mirrors.es.net/centos/7.3.1611/updates/x86_64/
>>> http://reflector.westga.edu/repos/CentOS/7.3.1611/updates/x86_64/
>>> http://mirror.jax.hugeserver.com/centos/7.3.1611/updates/x86_64/
>>> http://ftp.linux.ncsu.edu/pub/CentOS/7.3.1611/updates/x86_64/
>>> http://mirror.nexcess.net/CentOS/7.3.1611/updates/x86_64/
>>> http://mirror.web-ster.com/centos/7.3.1611/updates/x86_64/
>>> http://centos.host-engine.com/7.3.1611/updates/x86_64/
>>> http://mirror.raystedman.net/centos/7.3.1611/updates/x86_64/
>>> http://mirror.linux.duke.edu/pub/centos/7.3.1611/updates/x86_64/
>>>
>>> Foreman then starts a new HTTP connection (not a redirect) to attempt to connect to those in turn until it works.
>>>
>>> So I would like to configure Squid to allow the Foreman server access to any of those URLs (the list changes somewhat often).
>>>
>>> I started to go down the external_acl_type but am wondering if I'm missing something obvious.
> 
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
> 




More information about the squid-users mailing list