Re: [squid-users] HTTP and FTP control through Squid

From: Wennie V. Lagmay <[email protected]>
Date: Mon, 18 Apr 2005 15:53:58 +0300

Hi all,

This is my existing acl and http_access config:
acl all src 0.0.0.0/0.0.0.0
acl ipaddr src xxx.xxx.85.104/255.255.255.248
acl natmot src 192.168.10.0/255.255.255.0
acl natmot2 src 192.168.11.0/255.255.255.0
acl natmot3 src 192.168.12.0/255.255.255.0
acl natcuda src 192.169.10.0/255.255.255.0
acl snatboth src xxx.xxx.85.112/255.255.255.248

http_access allow ipaddr
http_access allow natmot
http_access allow natmot2
http_access allow natmot3
http_access allow natcuda
http_access allow snatboth
http_access allow localhost
http_access deny all

Now Im planning to implement delay_pools and this is how I do it:

acl all src 0.0.0.0/0.0.0.0
acl ipaddr src xxx.xxx.85.104/255.255.255.248
acl natmot src 192.168.10.0/255.255.255.0
acl natmot2 src 192.168.11.0/255.255.255.0
acl natmot3 src 192.168.12.0/255.255.255.0
acl natcuda src 192.169.10.0/255.255.255.0
acl snatboth src xxx.xxx.85.112/255.255.255.248

http_access allow ipaddr
http_access allow natmot
http_access allow natmot2
http_access allow natmot3
http_access allow natcuda
http_access allow snatboth
http_access allow localhost
http_access deny all

acl ipaddr url_regex -i xxx.xxx.85.104/255.255.255.248
acl natmot url_regex -i 192.168.10.0/255.255.255.0
acl natmot2 url_regex -i 192.168.11.0/255.255.255.0
acl natmot3 url_regex -i 192.168.12.0/255.255.255.0
acl natcuda url_regex -i 192.169.10.0/255.255.255.0
acl snatboth url_regex -i xxx.xxx.85.112/255.255.255.248
acl limits url_regex -i ftp .exe .mp3 .vgf .tar.gz .gz .rpm .zip .rar .avi
.mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav

delay_pools 2
    delay_class 1 2
        delay_parameter 1 -1/-1 -1/-1
            delay_access 1 allow ipaddr
            delay_access 1 allow natmot
            delay_access 1 allow natmot2
            delay_access 1 allow natmot3
            delay_access 1 allow natcuda
            delay_access 1 allow snatboth
            delay_access 1 allow localhost

    delay_class 2 2
            delay_parameter 2 96000/128000 8000/16000
            delay_access 2 allow limits

With the above delay_pools my objective is for the Squid to offers pages and
files already stored in the local cache no speed limit, however if the page
or files is not yet locally stored and the Squid need to fetch it to the net
limits applies to all IP addresses at 8000 bytes burstable to 16000.

Did I wrote it correctly, please correct me help me modify it.

Thank you very much,

Wennie

---- Original Message -----
From: "Elsen Marc" <elsen@imec.be>
To: "Wennie V. Lagmay" <wlagmay@yanbulink.net>; "squid-users @
squid-cache.org" <squid-users@squid-cache.org>
Sent: Monday, April 18, 2005 8:42 AM
Subject: RE: [squid-users] HTTP and FTP control through Squid

>
> Hi all,
>
> First, I would like to define our setup: We have 2 Linux
> Servers, the 1st
> Server sits on the center of the LAN which do firewalling and
> natting. This
> Linux server has 2 NIC (eth1 connects to the internet and
> eth0 connects to
> LAN) all port 80 request are redirected to port 8080 (to 2nd
> Server) via
> eth0 and the rest directly to the internet via eth1.
>
> As I mention when the request is port 80 the 1st Server
> redirected it to
> port 8080 which is the 2nd Server. This 2nd server is the
> Squid cache/proxy
> server, this 2nd server also have 2 NIC (eth1 connects to
> the internet and
> eth0 connects to LAN).
> AS you can see the connection of server1 and server 2 is via
> eth0 and both
> have there own connection to the internet.
>
> I have 3 local blocks (192.168.10.0/24, 192.168.11.0/24,
> 192.168.12.0/24),
> Im giving each IP address 128kbps downstream and 64kbps upstream.
>
> My questions:
> 1. Is there a way for Squid to limit the http and ftp bandwitdh
> specifically? This is how Im planning to do this, if the
> page or a file is
> already cached so the cache server can serve it to everyone with no
> bandwitdh limit, but if the page or file is not yet cache
> then the bandwidth
> limits applies. The http request should be 64kbps CAR but if
> the network is
> not heavy loaded they go up to 128 kbps. Fot the ftp it
> should be 10kbps to
> 30kbps. We would highly apprciate it If you can give us
> examples on doing
> this.
>

  http://www.squid-cache.org/Doc/FAQ/FAQ-19.html#ss19.8

  M.
Received on Mon Apr 18 2005 - 06:54:25 MDT

This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:04 MDT