[squid-users] Questions on "http_access deny" and TCP_DENIED

Fri, 25 Jul 2003 06:21:34 -0700 

I have a couple of questions regarding Squid (2.5S3 + patches) and 
TCP_DENIED on my Linux (RedHat v7.3) system.  

This is a prohibition I have in my config file:

  acl imrworldwide dstdomain .imrworldwide.com
  http_access deny imrworldwide

Below are excerpts from my log file, showing the prohibition in use.  Now 
my questions:

1. Why does it take so long to do the denial? I would think that the 
denial would be nearly instantaneous given that no network I/O needs to be 
done.  The client requested a destination, that destination is disallowed, 
the denial is issued to the client; end of story.  The 18ms I can 
understand, but times up to 930ms leave me scratching my head.

2. How does Squid know the size of the object being denied?  Again, the 
client has requested a prohibited domain.  I wouldn't think that Squid 
would even care if the domain was valid or not, let alone know the size 
of the object requested.

Would someone please educate me on how Squid is doing denials?

Thanks.

-------------

1057497998.865     18 192.168.0.4 TCP_DENIED/403 1389 GET 
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498000.262    112 192.168.0.4 TCP_DENIED/403 1407 GET 
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
1057498042.562    212 192.168.0.4 TCP_DENIED/403 1389 GET 
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498044.711    200 192.168.0.4 TCP_DENIED/403 1407 GET 
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
1057498079.593    452 192.168.0.4 TCP_DENIED/403 1389 GET 
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498081.667    386 192.168.0.4 TCP_DENIED/403 1407 GET 
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
1057498219.140    930 192.168.0.4 TCP_DENIED/403 1389 GET 
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498220.339    197 192.168.0.4 TCP_DENIED/403 1407 GET 
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
1057498310.943    670 192.168.0.4 TCP_DENIED/403 1389 GET 
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498312.743    491 192.168.0.4 TCP_DENIED/403 1407 GET 
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html

Reply via email to