sön 2006-06-25 klockan 18:47 +0300 skrev E.S. Rosenberg:
> 2. a 279 line whitelist, type: regex -i
>
> 3. a 5755 line blacklist, type: regex -i
Are you sure these two should be regex:es? regex lists should only be
used as a very last resort if none of the structured acls fits..
> 1. The blacklists is mainly a long list of hosts/websites (and various
> IPs), removing them from the DNS (or changing their address to an
> internal redirect) would make them unreachable (effectivly blocked)
> while also reducing the size of the blacklist by roughly 80%.
dstdomain and dst tupe acls...
> 2. based on descriptions of how acls in squid worked (it goes through it
> and first hit 'falls out') I thought that maybe adding high-traffic
> sites to the top of the whitelist would reduce general load.
cutting down on the number of regexes and better use of the available
acl types is likely to buy you a lot more,
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:02 MDT