tor 2006-08-31 klockan 15:06 +0200 skrev Thomas Nilsen:
> The shadowserver.org and bleedingsnort.com lists could easily be
> integrated as dstdomain acl, but the malware.com.br is a regex_url list
> and I don't want to take the performance hit using a regex_url acl. So
> the idea was to try and use a redirector like asqredir for the regex_url
> files.
regex performance is about the same I am afraid.. the problem is not
where they are implemented but the fact that regex patterns is not well
structured so the whole list must be searched all the time...
> I also want to use the dnsbl_redir to check dns blacklists (which
> potentially could replace the dstdomain acl as well if that is of any
> performance benefit).
I would recommend implementing that using an external ACL instead of of
a redirector. Much better performance.
> Problem is to use the two redirectors at the same time.
Not really a problem. Look in the archives (search for Open2). But I
wouldn't recommend it in this case as an external acl is much better
design.
> I expect the dnsbl_redir has a lower overhead as a helper
> application than asqredir would if changed into a external acl helper,
> or does that not matter? Have anyone tried this?
external acls have a very noticeable performance benefit compared to
redirectors at large thanks to the lookup cache available in the
external acl construct.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Fri Sep 01 2006 - 12:00:02 MDT