lokesh.khanna@xxxxxxxxxxxxxxxxx wrote:
Hi I am running squid 2-5-10 on red hat 2.4.21-4.ELsmp with 1 Gb memory. Before compiling squid I set ulimt value to 32000. I also set ulimit -HSn 32000 command in my squid startup script. I noticed if anybody launch dos attack on my network from internal network, squid stop responding to other internal users also.
What does cache.log say?
What is the solution for this.
I think the best solution for these attacks will be at layer network.
One user should not be able to use whole resources. Is there any way to control this? I read squid document for maxconn parameter. I set maxconn to 2 for testing purpose and I made more than 2 connections ( checked through netstat -tn ) from my browsers but squid was still replying me. What could be the reason of this?
Are you sure that acl is correct? acl example maxconn 2 http_access deny example it should be work. Thanks Emilio C.
