|
ru.unix.bsd
- RU.UNIX.BSD ------------------------------------------------------------------
From : Slawa Olhovchenkov 2:5030/500 18 Jan 2006 17:53:26
To : Dmitry Kolvakh
Subject : геморройная задача
--------------------------------------------------------------------------------
18 Jan 06, Dmitry Kolvakh writes to Dmitriy Kirhlarov:
>>> Все хуже. В любой момент времени часть компов должна работать через
>>> один канал, а часть - через другой. А потом приходит тетенька, и
>>> жмаком на вебморде некоторые компы переподключает.
DK>> С точки зрения системы.
DK>> запускается некий скрипт который перегенерирует файлы с IP-адресами,
DK>> на сквиде у тебя настроены политики для этих файлов
DK> Вот таким вот образом?
DK> tcp_outgoing_address 1.1.1.1 good_users_acl
DK> tcp_outgoing_address 2.2.2.2 !good_users_acl
DK> Ух ты, а я не знал, что оно так может! Эта штука ИМХО посильнее, чем
DK> "Фауст" Гёте^H^H^H^H^H^H^H^H^H чем fwd в ipfw.
DK>> и, после
DK>> перегенерации, нужно всего лишь передернуть сквида.
Hет.
# acl aclname external class_name [arguments...]
# # external ACL lookup via a helper class defined by the
# # external_acl_type directive.
#
# TAG: external_acl_type
# This option defines external acl classes using a helper program
# to look up the status
#
# external_acl_type name [options] FORMAT.. /path/to/helper [helper
arguments..]
#
# Options:
#
# ttl=n TTL in seconds for cached results (defaults to 3600
# for 1 hour)
# negative_ttl=n
# TTL for cached negative lookups (default same
# as ttl)
# children=n Number of acl helper processes spawn to service
# external acl lookups of this type.
# concurrency=n concurrency level per process. Use 0 for old style
# helpers who can only process a single request at a
# time.
# cache=n result cache size, 0 is unbounded (default)
# grace=n Percentage remaining of TTL where a refresh of a
# cached entry should be initiated without needing to
# wait for a new reply. (default 0 for no grace period)
#
# FORMAT specifications
#
# %LOGIN Authenticated user login name
# %IDENT Ident user name
# %SRC Client IP
# %SRCPORT Client source port
# %DST Requested host
# %PROTO Requested protocol
# %PORT Requested port
# %PATH Requested URL path
# %METHOD Request method
# %MYADDR Squid interface address
# %MYPORT Squid http_port number
# %USER_CERT_xx SSL User certificate attribute xx
# %USER_CA_xx SSL User certificate CA attribute xx
# %{Header} HTTP request header
# %{Hdr:member} HTTP request header list member
# %{Hdr:;member}
# HTTP request header list member using ; as
# list separator. ; can be any non-alphanumeric
# character.
#
# In addition, any string specified in the referencing acl will
# also be included in the helper request line, after the specified
# formats (see the "acl external" directive)
#
# The helper receives lines per the above format specification,
# and returns lines starting with OK or ERR indicating the validity
# of the request and optionally followed by additional keywords with
# more details.
#
# General result syntax:
#
# OK/ERR keyword=value ...
#
# Defined keywords:
#
# user= The users name (login)
# password= The users password (for login= cache_peer option)
# message= Message describing the reason. Available as %o
# in error pages
# tag= Apply a tag to a request (for both ERR and OK results)
# Only sets a tag, does not alter existing tags.
# log= String to be logged in access.log. Available as
# %ea in logformat specifications
#
# Keyword values need to be enclosed in quotes if they may
# contain whitespace, or the whitespace escaped using \. Any
# quotes or \ characters within the keyword value must be \
# escaped.
#
#Default:
# none
... Ошибка пpи загpузке? Hе обpащайте внимания.
--- GoldED+/BSD 1.1.5
* Origin: (2:5030/500)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
|
