On Thursday 26 May 2005 11:32 pm, Peter Kaagman wrote: Hi Peter, > The way it works now is that I have 2 types of filters in effect: > - The DMZ: all packages with a src ip from my DMZ go to the big 98/100 > bucket. > - The Internet: all packages with a dst ip in one of our 6 networks > gets placed in one of the 6 333/2000 buckets. > > But there is of course a src of packages I do not catch this way... and > these are the squid cache hits. Because I filter on destination the cache > hits get treated the same as cache misses. But cache hits are in effect > local traffic... they do not originate from the Internet. > > So here (finally) the question.. > Is there a way to identify cache hits from misses? Another approach would be to make use of the delay pools feature in squid. As you are using a transparent proxy, you could allocate more to squid through HTB on the internal interface for cached material and clamp squid incl. each user/group according to an ACL on the inet interface. This way you can more finely control the total amount of bandwidth, bandwidth per user/group etc. is able to suck through your inet interface. You can't easily discriminate groups using plain ol htb. e.g. in squid.conf something like delay_pools 2 # 2 delay pools delay_class 1 2 # pool 1 is a class 2 pool delay_class 2 2 # pool 2 is a class 2 pool delay_access 1 allow admins delay_access 1 deny all delay_access 2 allow our_networks delay_access 2 deny all delay_parameters 1 -1/-1 32000/24000 48000/15000 delay_parameters 2 -1/-1 24000/15000 24000/15000 See the squid.conf doc's for a description. Cheers, Lewis _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc