Search squid archive

Re: Squid allow only 2 max connections per IP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



eXtremer wrote:
Here is my config:

#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 444
acl Safe_ports port 80		# http
#acl Safe_ports port 21		# ftp
acl Safe_ports port 443 563	# https, snews
#acl Safe_ports port 70		# gopher
#acl Safe_ports port 210		# wais
#acl Safe_ports port 1025-65535	# unregistered ports
#acl Safe_ports port 280		# http-mgmt
#acl Safe_ports port 488		# gss-http
#acl Safe_ports port 591		# filemaker
#acl Safe_ports port 777		# multiling http
acl CONNECT method CONNECT

#-------------Conectiuni maxime per IP-------------
acl maxcon maxconn 2

#--------------Reteaua 145------------------
acl 145a src "/etc/squid/allow/145a.allow" acl 145b src "/etc/squid/allow/145b.allow"

acl 145c src 192.168.41.200/32
#-----------------------Restrictions-----------------------

#---Restrictie ptr conectiuni maxime----
http_access deny maxcon all

The "all" here should be the first acl referenced on the line or it will prevent your deny_info message from being shown.

e.g. "http_access deny all maxcon"

deny_info ERR_MAXCON maxcon

#---Restrictie ptr toti in afara de sala 145---
http_access deny all !145a !145b !145c !localhost

#Recommended minimum configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports
------------------------------------------------------------------

This is a part of my squid.conf
I don't know but maxcon is not working in my case.
If it's like this : http_access deny maxcon all <= then not even one
connection is allowed.

Hmmm... Have you tested this with a single connection downloader (such as squid-client) or by using a browser to download a non-referencing object (such as an image file)? This looks like the proper usage of the maxconn acl. You might try upping the debugging (see the debug_options on squid.conf), and watch what your cache.log reports).

If it's like this: http_access allow all !maxcon <= then all connection are
allowed.

This would not be such a good idea given the way your http_access lines are set up, as it would prevent any of the Safe_port and SSL_port checks later in the list.

Somebody tell me how to configure in such a way that maxconn feature will
wrk in my case,
waiting for a reply, 10x in advance.

P.S.: client_db is ON.

Chris

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux