On Tuesday 29 July 2003 17.48, Chris Wilcox wrote: > I've had a good search through google and found nothing. Are there > any limits or things that can't be done with this type of ACL? Eg > can the helper class query a DB, can it be written in any language? > Can it be a simple perl script?
Squid does not care. As long as the helper is capable of reading lines of input according to your external_acl_type specification and give OK/ERR responses back (optionally with extra information, see squid.conf notes) There is however limitations on where acl types requiring external lookups (external, dst, srcdomain, ident etc) can be used. Such acl types can only be used in "blocking" access directives. The "blocking" access directives currently are (Squid-2.5): http_access no_cache always_direct never_direct Use of acl types requiring any form of external lookup in other directives will not always work in other directives, but in many cases acceptable levels can be found (if a few false negatives is acceptable) by making sure the acl is first evaluated in http_access, allowing Squid to cache the result of the acl. -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
