Re: acl performance

From: Anthony Rumble <anthony@dont-contact.us>
Date: Tue, 2 Jul 1996 09:59:59 +1000 (EST)

> >Have been using b17 and so far is working fine. However, would like to
> >know is there any theoretical or empirical result for having 2000 acl or
> >is the performance preditable for such a big list?
> >
> >PS:
> >Presently, I'm 3 sparc 20 and using neighboring configuration. There
> >is only 7 acl.
>
> The current implementation may be too simple for so many. They are stored
> in a simple linear linked-list, so there may be too much time spent
> traversing the list. It will depend on how busy your cache is.
>
> Also it may break the config file parsing. Each ACL name must
> (currently) be written on one line, which should not be longer than
> 1024 characters.

One thing ive been thinking about...

The most common use of an access list of that size would be to ban
unacceptable sites.. A very NICE feature would be a special
config file that would contain partial URL's.. ie/

http://www.blah.com/sexytoys/
http://www.sex.com/

etc etc..

When squid boots.. it creates a quick hash index of the domains..
then when a request comes in, hash lookup for the domain..
if theres a match.. then follow down a linked list for the actual
URL left match.

This would reduce the traversing of the list down drastically,
and be usefull for thoes who wish to provide screened access.

Eg/ If an ISP wants to setup a link to a School, they can maintain
a list of banned sites (pref in a seperate conf file)

-- 
Anthony Rumble - aka SmilieZ
Mobile 015-955-042 Pager 016-634-997
Geek code v3.1: GAT d-- s++:+++ a-- C++++ UL++++$ P+++++$ L+++++$
E--- W+++$ N++ o K++ w--- O---- M-- V-- PS+ PE++ Y+ PGP++ t+++ 5++
X++++ R tv+ b++ DI+++++ D++ G+ e h--- r++ y+
Home Page/PGP key http://www.infotainment.com.au/smiliez/
Received on Mon Jul 01 1996 - 17:01:05 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:33 MST