Hi There is no error in Cache.log. I don't get any file descriptor message in cache.log My configuration was acl losers src 192.168.1.0/24 acl 2CONN maxconn 5 http_access deny 2CONN losers My laptop ip address was 192.168.1.2 Thanks- Lokesh -----Original Message----- From: Emilio Casbas [mailto:ecasbas@xxxxxxx] Sent: Wednesday, August 10, 2005 10:06 AM To: Lokesh Khanna Cc: squid-users@xxxxxxxxxxxxxxx Subject: Re: dos attack - How to handle lokesh.khanna@xxxxxxxxxxxxxxxxx wrote: >Hi > >I am running squid 2-5-10 on red hat 2.4.21-4.ELsmp with 1 Gb memory. >Before compiling squid I set ulimt value to 32000. I also set ulimit >-HSn 32000 command in my squid startup script. >I noticed if anybody launch dos attack on my network from internal >network, squid stop responding to other internal users also. > What does cache.log say? > What is the >solution for this. > I think the best solution for these attacks will be at layer network. > One user should not be able to use whole resources. >Is there any way to control this? >I read squid document for maxconn parameter. I set maxconn to 2 for >testing purpose and I made more than 2 connections ( checked through >netstat -tn ) from my browsers but squid was still replying me. What >could be the reason of this? > > Are you sure that acl is correct? acl example maxconn 2 http_access deny example it should be work. Thanks Emilio C. Disclaimer **************************************************************************************************************************** The information contained in this e-mail, any attached files, and response threads are confidential and may be legally privileged. It is intended solely for the use of individual(s) or entity to which it is addressed and others authorised to receive it. If you are not the intended recipient, kindly notify the sender by return mail and delete this message and any attachment(s) immediately. Save as expressly permitted by the author, any disclosure, copying, distribution or taking action in reliance on the contents of the information contained in this e-mail is strictly prohibited and may be unlawful. Unless otherwise clearly stated, and related to the official business of Accelon Nigeria Limited, opinions, conclusions, and views expressed in this message are solely personal to the author. Accelon Nigeria Limited accepts no liability whatsoever for any loss, be it direct, indirect or consequential, arising from information made available in this e-mail and actions resulting there from. For more information about Accelon Nigeria Limited, please see our website at http://www.accelonafrica.com ******************************************************************************************************************************