I never use the *.archive.ubuntu.com hosts. The US ones are routinely slower than mirrors. I usually pick either a local university from the mirror list or a high-bandwidth site like mirrors.xx.kernel.org and use that instead. Taking that approach limits the number of IP address for which you'd need to write a rule. For instance, mirrors.us.kernel.org resolves to just two IPs, 149.20.20.135 and 149.20.4.71.
For security.ubuntu.com, I get these IPv4 addresses:
Code:
$ host security.ubuntu.com
security.ubuntu.com has address 91.189.92.201
security.ubuntu.com has address 91.189.92.202
security.ubuntu.com has address 91.189.91.13
security.ubuntu.com has address 91.189.91.14
security.ubuntu.com has address 91.189.91.15
security.ubuntu.com has address 91.189.92.181
security.ubuntu.com has address 91.189.92.184
security.ubuntu.com has address 91.189.92.190
Rather than writing separate rules for each host, I'd just route 91.189.91.0/24 and 91.189.92.0/24 around the Squid proxy using the method I described above.
Bookmarks