eXtremer wrote:
Here is my config:
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 444
acl Safe_ports port 80 # http
#acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
#acl Safe_ports port 70 # gopher
#acl Safe_ports port 210 # wais
#acl Safe_ports port 1025-65535 # unregistered ports
#acl Safe_ports port 280 # http-mgmt
#acl Safe_ports port 488 # gss-http
#acl Safe_ports port 591 # filemaker
#acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#-------------Conectiuni maxime per IP-------------
acl maxcon maxconn 2
#--------------Reteaua 145------------------
acl 145a src "/etc/squid/allow/145a.allow"
acl 145b src "/etc/squid/allow/145b.allow"
acl 145c src 192.168.41.200/32
#-----------------------Restrictions-----------------------
#---Restrictie ptr conectiuni maxime----
http_access deny maxcon all
The "all" here should be the first acl referenced on the line or it will
prevent your deny_info message from being shown.
e.g. "http_access deny all maxcon"
deny_info ERR_MAXCON maxcon
#---Restrictie ptr toti in afara de sala 145---
http_access deny all !145a !145b !145c !localhost
#Recommended minimum configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports
------------------------------------------------------------------
This is a part of my squid.conf
I don't know but maxcon is not working in my case.
If it's like this : http_access deny maxcon all <= then not even one
connection is allowed.
Hmmm... Have you tested this with a single connection downloader (such
as squid-client) or by using a browser to download a non-referencing
object (such as an image file)? This looks like the proper usage of the
maxconn acl. You might try upping the debugging (see the debug_options
on squid.conf), and watch what your cache.log reports).
If it's like this: http_access allow all !maxcon <= then all connection are
allowed.
This would not be such a good idea given the way your http_access lines
are set up, as it would prevent any of the Safe_port and SSL_port checks
later in the list.
Somebody tell me how to configure in such a way that maxconn feature will
wrk in my case,
waiting for a reply, 10x in advance.
P.S.: client_db is ON.
Chris