Hi Hendrik, On 4/12/07, Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> wrote:
tor 2007-04-12 klockan 11:34 -0700 skrev selvi nandu: > 1. Is it possible to use LDAP group based authentication with delay > pools (meaning :- assigning LDAP group acls with delay pools already > configured)? If so, which delay class (1 or 2 or 3) can be used? Should work most of the time, provided the same acl is also evaluated in http_access. Applies to all classes. > 2. To limit bandwidth to the network and also to the individual users, > delay class 3 can be used, right? Yes, class 2 or 3 required depending on your network size. > Here can i use A class network or > only B class network should be used? And can i use the mixture of both > A class and B class networks? A class 3 delay pool assigns individual limits based on the last 16 bits of the IP address. Two users in different networks but having the same last 16 bits will share the same pool. A class 2 delay pool assigns individual pools based on the last 8 bits of the IP address.
Thanks for your help. I need few more clarifications. 1. In our setup, different users are accessing the net from different networks. For ex, the acl file for the setA users (setA.txt) contains the following. 100.10.1.2 # user1 100.10.2.5 # user2 100.11.2.3 # user3 100.11.1.5 # user4 We want to give 64 kbps for this group of users as a whole and 8 kpbs for the individual users. Is this possible and will our below given squid.conf entries solve our purpose? acl SETA src setA.txt delay_pools 1 delay_class 1 3 delay_parameters 1 -1/-1 8000/8000 1000/1000 delay_access 1 allow SETA delay_access deny all 2. If we go for LDAP, all the above said users (user1, user2, user3 , user4) will be identified by a LDAP group called SETA. In that situation can we achieve the same restriction as using 64 kbps for the entire group and 8 kbps for the individual users using the same delay parameters given above? Thanks Selvi
Regards Henrik
