Search squid archive

Flooding squid

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello!

I have some trouble with new kind of flood targeted at proxy server. One hosts creates thousands of new connections. Is there a way to protect against that at squid level? I would like to avoid doing it with netfilter, because it is hard to guess acceptable limit of connections (browsers tend to open many of them when viewing one page with many pictures, flash, java applets and so on).

It is snippet from access.log.


1144674534.008 99296 A.B.C.D TCP_MISS/000 0 GET http://A.B.223.254/ - NONE/- - 1144674534.008 99220 A.B.C.D TCP_MISS/000 0 GET http://A.B.195.224/ - NONE/- - 1144674534.008 99220 A.B.C.D TCP_MISS/000 0 GET http://A.B.209.226/ - NONE/- - 1144674535.013 99967 A.B.C.D TCP_MISS/000 0 GET http://A.B.200.227/ - NONE/- - 1144674535.013 99967 A.B.C.D TCP_MISS/000 0 GET http://A.B.160.207/ - NONE/- - 1144674535.013 99707 A.B.C.D TCP_MISS/000 0 GET http://A.B.235.173/ - NONE/- - 1144674535.022 99967 A.B.C.D TCP_MISS/000 0 GET http://A.B.73.181/ - NONE/- - 1144674535.022 99967 A.B.C.D TCP_MISS/000 0 GET http://A.B.152.222/ - NONE/- - 1144674535.022 99656 A.B.C.D TCP_MISS/000 0 GET http://A.B.92.168/ - NONE/- - 1144674535.022 99397 A.B.C.D TCP_MISS/000 0 GET http://A.B.58.170/ - NONE/- - 1144674535.022 99918 A.B.C.D TCP_MISS/000 0 GET http://A.B.73.28/ - NONE/- - 1144674535.022 99723 A.B.C.D TCP_MISS/000 0 GET http://A.B.120.39/ - NONE/- - 1144674535.022 99731 A.B.C.D TCP_MISS/000 0 GET http://A.B.148.142/ - NONE/- - 1144674535.022 99854 A.B.C.D TCP_MISS/000 0 GET http://A.B.72.163/ - NONE/- - 1144674535.022 99854 A.B.C.D TCP_MISS/000 0 GET http://A.B.225.239/ - NONE/- - 1144674536.005 99964 A.B.C.D TCP_MISS/000 0 GET http://A.B.90.156/ - NONE/- - 1144674536.005 99964 A.B.C.D TCP_MISS/000 0 GET http://A.B.17.97/ - NONE/- - 1144674536.005 99258 A.B.C.D TCP_MISS/000 0 GET http://A.B.91.184/ - NONE/- - 1144674536.005 99938 A.B.C.D TCP_MISS/000 0 GET http://A.B.170.209/ - NONE/- - 1144674536.005 99042 A.B.C.D TCP_MISS/000 0 GET http://A.B.221.13/ - NONE/- - 1144674536.005 99953 A.B.C.D TCP_MISS/000 0 GET http://A.B.147.106/ - NONE/- - 1144674536.005 99898 A.B.C.D TCP_MISS/000 0 GET http://A.B.161.111/ - NONE/- - 1144674536.005 99324 A.B.C.D TCP_MISS/000 0 GET http://A.B.119.65/ - NONE/- - 1144674536.005 99325 A.B.C.D TCP_MISS/000 0 GET http://A.B.115.220/ - NONE/- - 1144674536.005 99387 A.B.C.D TCP_MISS/000 0 GET http://A.B.164.102/ - NONE/- - 1144674536.005 99372 A.B.C.D TCP_MISS/000 0 GET http://A.B.201.135/ - NONE/- - 1144674536.005 99333 A.B.C.D TCP_MISS/000 0 GET http://A.B.52.233/ - NONE/- - 1144674536.005 99362 A.B.C.D TCP_MISS/000 0 GET http://A.B.91.93/ - NONE/- - 1144674536.005 99325 A.B.C.D TCP_MISS/000 0 GET http://A.B.122.22/ - NONE/- - 1144674536.005 99138 A.B.C.D TCP_MISS/000 0 GET http://A.B.10.218/ - NONE/- -

--
Michał Margula, alchemyx@xxxxxxxxxxxx, http://alchemyx.uznam.net.pl/
"W życiu piękne są tylko chwile" [Ryszard Riedel]

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux