Hi, In my last mailshot I left out my school eMail address; I've had to send from home because the school's ISP has been off line (again) all day. I echo the comments about named and squid not running out of the box. named needs careful planning and for first-time users I would suggest starting with a handful of addresses on your 192.168 site and getting it all sorted before creating your full list! squid2(.23) is very good once set up as a proxy/firewall/filter but some of the reporting tools are a little weak. It certainly benefits from being on a machine with a good quantity of RAM and good processing capacity, our system finds it a bit of a bottleneck (256k ISDN bandwidth in use all breaktimes and often during the lessons, too!). The same box is our internal webserver, mailbox, dhcp server, etc., etc., so it isn't too surprising that it slows down at times! It never crashes, either - unlike some systems I have to use. It would be useful if squid could read some of its configuration from include files, then adding to the filters would be more straightforward. Perhaps it can and I haven't found out yet. -- Best wishes, Derek Harding ICT & Network Manager, Warlingham School hardingd@warlingham.surrey.sch.uk
In my last mailshot I left out my school eMail address; I've had to send from home because the school's ISP has been off line (again) all day.
We've had four disconnections this year (Feb 25, 28, May 9, May 19-23) owing to BT 0820 SIC ISDN faults, though for nearly all of all of them we were able to dial in on 0845 lines instead, our ISP RMifl was OK but the BT/Energis lines weren't. Would be interested to share experiences. We also find the RM filtering good, and feel that it's an impossible job trying to maintain our own lists, though I have a few (eg making money by surfing sites).
It would be useful if squid could read some of its configuration from include files, then adding to the filters would be more straightforward. Perhaps it can and I haven't found out yet.
It was a year before I worked out the following syntax (no indent): acl bad-sites dstdomain "/usr/local/etc/squid/bad-sites" acl webmail dstdomain "/usr/local/etc/squid/webmail-sites" acl bad-types urlpath_regex -i "/usr/local/etc/squid/bad-types" where bad-types currently contains: \.viv$ \.mp3$ \.avi$ \.mpg$ \.ace$ and the other files just lists of URLs one per line, like this extract: www.alladvantage.com surf4cash.homepage.com desktopdollars.com paid-to-surf.com -- Christopher Dawkins, Felsted School, Dunmow, Essex CM6 3JG 01371-820527 or 07798 636725 cchd@felsted.essex.sch.uk
----- Original Message ----- From: "Derek Harding" <derek@lagham.zetnet.co.uk> To: <suse-linux-uk-schools@suse.com> Sent: 26 May 2000 17:42 Subject: [suse-linux-uk-schools] Named and Squid2
Hi,
In my last mailshot I left out my school eMail address; I've had to send from home because the school's ISP has been off line (again) all day.
I echo the comments about named and squid not running out of the box. named needs careful planning and for first-time users I would suggest starting with a handful of addresses on your 192.168 site and getting it all sorted before creating your full list!
squid2(.23) is very good once set up as a proxy/firewall/filter but some of the reporting tools are a little weak. It certainly benefits from being on a machine with a good quantity of RAM and good processing capacity, our system finds it a bit of a bottleneck (256k ISDN bandwidth in use all breaktimes and often during the lessons, too!). The same box is our internal webserver, mailbox, dhcp server, etc., etc., so it isn't too surprising that it slows down at times! It never crashes, either - unlike some systems I have to use.
It would be useful if squid could read some of its configuration from include files, then adding to the filters would be more straightforward.
I'm not sure if this is waht you mean, but, you can use a "" syntax in the acl definition to specify a file from which squid will read the required inputs. e.g. acl allowedip src "/etc/squid/allowedip" or acl deniedsites url_regex "/etx/squid/deniedregex" here the files are looked up for the required access control. maybe you already know, but just in case!
Perhaps it can and I haven't found out yet.
--
participants (3)
-
Christopher Dawkins
-
Derek Harding
-
Richard Naylor