Re: [squid-users] Deny IPs

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 18 May 2010 01:46:09 +0000

On Tue, 18 May 2010 05:51:41 +0800, "Peng, Jeff" <pyh_at_l.nsbeta.info>
wrote:
> 2010/5/18 kranthi <kranthi117_at_gmail.com>:
>> Hi all,
>> I want squid to deny requests from certain IPs and forward the rest.
>> The list of IPs will be saved in an external file (or a MySql
>> database), which will be updated every minute. (and my squid server
>> can't be restarted every minute)
>
> You can't do that unless hacking with Squid.
> You may read the ip list from mysql into a text file using a script by
> crontab, and deploy squid to work with that file. Once the file is
> changed, you reconfigure Squid.

Wrong.
http://wiki.squid-cache.org/SquidFaq/SquidAcl#Does_Squid_support_the_use_of_a_database_such_as_mySQL_for_storing_the_ACL_list.3F

IP-based authorization is done via an external_acl_type helper that takes
%SRC as its format parameter.
http://www.squid-cache.org/Doc/config/external_acl_type/

Amos
Received on Tue May 18 2010 - 01:46:24 MDT

This archive was generated by hypermail 2.2.0 : Tue May 18 2010 - 12:00:05 MDT