On 25.09.2012 10:06, Alex Rousskov wrote:
Hello,
I would like to add support for explicit OR ACLs:
# ACL name will match if and only if any of its acl* ACLs match.
# The first matching acl (left-to-right) stops evaluation.
acl name or acl1 acl2 ...
As you know, existing Squid ACL rules are meant to be functionally
complete: they can express any combination of logical conditions
expressed by individual ACLs. However, specifying the right
combination
may require a very long and confusing configuration file.
I recently came across a real-world case where 20 reasonable
http_access
access rules had to be converted into more than 100 rules just to add
a
single "or the user does not need authentication" condition into the
"middle" of an existing rule set. The solution was so "big" and
required
such a rewrite of the existing rules that the admin thought that it
would be impossible to support his needs using Squid ACLs!
Can you let me have a look at this config before and after?
I'm having difficulty figuring out / understanding how a single boolean
test condition can inflate the stanza by more than 50% when the NAND
operation is available.
Amos
