Hi list, I have run into a slight problem with a squid setup on a Trustix 2.0 box here and haven't been able to find a clue yet what might be causing it.
In order to deny the internal clients access to a given number of sites we have added some acls to the squid.conf. acl url-deny dstdomain "/etc/squid/url-deny" acl ip-deny dst "/etc/squid/ip-deny" ... http_access deny url-deny http_access deny ip-deny http_access allow all The corresponding files look like this (details changed, obviously): ip-deny (1 entry): 1.1.1.1 url-deny (5-10 entries): url1.com .url2.org url3.it Currently accessing the internet using lynx with the proxy configured running on the same machine (so no networking problems here involved atm). As long as URL blocking is active it takes roughly 5-10 secs before the site even starts loading (no activity in access.log too, with tail -f running), no matter which site I try to connect to. Once I am on the site, everything run smoothly, hardly any delays at all. As soon as url blocking is deactivated and squid restarted everything works like a charm. No 5-10 secs delays at all. I understand that some ACLs (according to the FAQ) can cause delays due to reverse DNS lookups and similar things. Does anything like that apply to dst and dstdomain as well? And if so, is there any way around it? Torsten
