Thank you. In regards to the external ACL helper, would I basically say something like:
external_acl_type foo %URL /path/to/my/helper And then have my helper compare the contents of %URL to the mirror list and spit out "OK" for pass or "ERR" for fail? Thanks, j ----- Original Message ----- From: "Alex Rousskov" <rouss...@measurement-factory.com> To: squid-users@lists.squid-cache.org Cc: "Jason Nance" <ja...@tresgeek.net> Sent: Tuesday, March 21, 2017 4:42:33 PM Subject: Re: [squid-users] URL list from a URL On 03/21/2017 02:30 PM, Jason B. Nance wrote: > I should have mentioned that I'm not caching, I'm only using Squid > for whitelisting in this case. Would you still say this is the right > path? No. You probably have two better options: 1. Use a file with list of mirror URLs as an ACL parameter. Write a script that updates that file and reconfigures Squid as needed. Please keep in mind that Squid reconfiguration is currently a relatively heavy/intrusive operation, even if there were not changes except for that single ACL. 2. Write an external_acl helper that will consult the mirror list. This will make each HTTP transaction a little slower (because it needs to go to the helper) but eliminates reconfigurations. The helper itself or some other script will still need to update the mirror list as needed, of course. HTH, Alex. >> Hello, >> >> I'm using Squid 3.5.20 and wonder if it is possible to define an ACL which >> retrieves the list of URLs from another URL (similar to pointing to a file). >> In this specific use case it is to allow a Foreman server to sync Yum >> content from the CentOS mirrors. I tell Foreman to use the following URL: >> >> http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates >> >> Which returns a list of URLs, such as: >> >> http://repo1.dal.innoscale.net/centos/7.3.1611/updates/x86_64/ >> http://linux.mirrors.es.net/centos/7.3.1611/updates/x86_64/ >> http://reflector.westga.edu/repos/CentOS/7.3.1611/updates/x86_64/ >> http://mirror.jax.hugeserver.com/centos/7.3.1611/updates/x86_64/ >> http://ftp.linux.ncsu.edu/pub/CentOS/7.3.1611/updates/x86_64/ >> http://mirror.nexcess.net/CentOS/7.3.1611/updates/x86_64/ >> http://mirror.web-ster.com/centos/7.3.1611/updates/x86_64/ >> http://centos.host-engine.com/7.3.1611/updates/x86_64/ >> http://mirror.raystedman.net/centos/7.3.1611/updates/x86_64/ >> http://mirror.linux.duke.edu/pub/centos/7.3.1611/updates/x86_64/ >> >> Foreman then starts a new HTTP connection (not a redirect) to attempt to >> connect to those in turn until it works. >> >> So I would like to configure Squid to allow the Foreman server access to any >> of those URLs (the list changes somewhat often). >> >> I started to go down the external_acl_type but am wondering if I'm missing >> something obvious. _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users