Re: [squid-users] Problem of limitation of a connection number

From: Colin Campbell <[email protected]>
Date: Wed, 11 Jul 2001 07:47:01 +1000 (EST)

Hi,

On Tue, 10 Jul 2001, Bangard Aleksandr wrote:

> Hello!
>
> I try limit number of connection. In squid.conf i write:
> acl baf src 192.168.62.126/255.255.255.255
>
> acl lmt maxconn 3
> http_access deny lmt baf

Have a look at this and see if there's anything useful. Note the
requirement for "client_db". From the FAQ:

> 10.22 Can I limit the number of connections from a client?
>
> Yes, use the maxconn ACL type in conjunction with http_access deny. For
> example:
>
> acl losers src 1.2.3.0/24
> acl 5CONN maxconn 5
> http_access deny 5CONN losers
>
> Given the above configuration, when a client whose source IP address is in
> the 1.2.3.0/24 subnet tries to establish 6 or more connections at once,
> Squid returns an error page. Unless you use the deny_info feature, the
> error message will just say ``access denied.''
>
> The maxconn ACL requires the client_db feature. If you've disabled
> client_db (for example with client_db off) then maxconn ALCs will not
> work.
>
> Note, the maxconn ACL type is kind of tricky because it uses less-than
> comparison. The ACL is a match when the number of established connections
> is greater than the value you specify. Because of that, you don't want to
> use the maxconn ACL with http_access allow.
>
> Also note that you could use maxconn in conjunction with a user type
> (ident, proxy_auth), rather than an IP address type.

Colin
Received on Tue Jul 10 2001 - 15:47:08 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:05 MST