Re: Re: delay_pool vs rapidshare

[Leandro Oliveira da Silva <leandro@xxxxxxxxxxxxxxxxxxxx>]

Hello Amos!

Thanks for your response. Bellow is my delay_pool rules. I use 
2.7STABLE3 because i used 3.0 and every time I use squid -k reconfigure 
it increases the memory usage by 396K . So i was recommended to try 2.7 
and it's ok now.
I was thinking on have a generic solution because if other site uses the 
same trick, i will be already safe.

Thanks a lot,
Leandro

delay_pools 2

delay_class 1 1
delay_class 2 1

############ pages goes unlimited (PAGINAS is an acl with 
html,images,css,so on)
delay_access 1 allow PAGINAS
delay_access 1 deny all
delay_parameters 1 -1/-1

## macs_link0 and ips_link0 are acl to a list of macs and ips
delay_access 2 deny PAGINAS
delay_access 2 allow macs_link0
delay_access 2 allow ips_link0
delay_access 2 deny all
delay_parameters 2 37500/600000


Amos Jeffries escreveu:
> Leandro Oliveira da Silva wrote:
> > Hello all!
> >
> > One of my clients reported today that the internet access was slow 
> > and i have delay_pool configured and qos in the linux server. I saw 
> > the following in the access.log:
> > 1218206547.680  39373 <ip> TCP_MISS/206 13166 GET 
> > http://rs319tg2.rapidshare.com/...part02.rar - DIRECT/80.231.128.120 
> > application/octet-stream
> > 1218206547.983  39556 <ip> TCP_MISS/206 13166 GET 
> > http://rs228tg.rapidshare.com/...part03.rar - DIRECT/80.231.41.29 
> > application/octet-stream
> > 1218206547.994  39538 <ip> TCP_MISS/206 13166 GET 
> > http://rs228tg.rapidshare.com/...part03.rar - DIRECT/80.231.41.29 
> > application/octet-stream
> > 1218206548.158 102769 <ip> TCP_MISS/206 37742 GET 
> > http://rs352cg.rapidshare.com/...part06.rar - DIRECT/82.129.36.153 
> > application/octet-stream
> > 1218206548.468 1714862 <ip> TCP_MISS/206 442326 GET 
> > http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80 
> > application/octet-stream
> > 1218206549.352  33284 <ip> TCP_MISS/206 7622 GET 
> > http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80 
> > application/octet-stream
> > 1218206550.066  40740 <ip> TCP_MISS/206 10518 GET 
> > http://rs21l34.rapidshare.com/...part04.rar - DIRECT/62.67.46.22 
> > application/octet-stream
> > 1218206550.341  34143 <ip> TCP_MISS/206 7622 GET 
> > http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80 
> > application/octet-stream
> > 1218206550.870  43760 <ip> TCP_MISS/206 13166 GET 
> > http://rs21l34.rapidshare.com/...part04.rar - DIRECT/62.67.46.22 
> > application/octet-stream
> > 1218206550.943  43680 <ip> TCP_MISS/206 13166 GET 
> > http://rs21l34.rapidshare.com/...part04.rar - DIRECT/62.67.46.22 
> > application/octet-stream
> > 1218206553.720  42710 <ip> TCP_MISS/206 10268 GET 
> > http://rs319tg2.rapidshare.com/...part02.rar - DIRECT/80.231.128.120 
> > application/octet-stream
> > 1218206555.185  33138 <ip> TCP_MISS/206 7622 GET 
> > http://rs319tg2.rapidshare.com/...part02.rar - DIRECT/80.231.128.120 
> > application/octet-stream
> > 1218206555.507  43994 <ip> TCP_MISS/206 10268 GET 
> > http://rs228tg.rapidshare.com/...part03.rar - DIRECT/80.231.41.29 
> > application/octet-stream
> > 1218206556.906  44885 <ip> TCP_MISS/206 13166 GET 
> > http://rs21l34.rapidshare.com/...part04.rar - DIRECT/62.67.46.22 
> > application/octet-stream
> > 1218206558.719  48811 <ip> TCP_MISS/206 13166 GET 
> > http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80 
> > application/octet-stream
> > 1218206559.295 1450697 <ip> TCP_MISS/206 54166 GET 
> > http://rs42l33.rapidshare.com/...part05.rar - DIRECT/212.162.63.43 
> > application/octet-stream
> > 1218206559.538  52322 <ip> TCP_MISS/206 13166 GET 
> > http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80 
> > application/octet-stream
> > 1218206559.812  46839 <ip> TCP_MISS/206 13166 GET 
> > http://rs319tg2.rapidshare.com/...part02.rar - DIRECT/80.231.128.120 
> > application/octet-stream
> > 1218206560.214  47222 <ip> TCP_MISS/206 13166 GET 
> > http://rs352cg.rapidshare.com/...part06.rar - DIRECT/82.129.36.153 
> > application/octet-stream
> >
> > What i'm assuming is that rapidshare is breaking the file in small 
> > chunks, so if i limit the download speed to 50k/s almost all this 
> > "files" will arrive in 1 second and just after will download the next 
> > chunk and so on, so the delay_pool is not effective in this case, am 
> > i right?
>
> Maybe. delay pools can be configure in many ways.
>
> The pool class defines how many IPs are gathered into each pool /32, 
> /24, /16, username, etc.
>
> Inside that each pool A/B pair can be considered to mean non-delayed 
> initial amount / delayed speed. Or another way commonly used by dialup 
> ISP the unliited bandwidth + capped overage speed.
>
> The access lines define what requests get pooled and what skipped.
>
> > What can i do so as to avoid that this kind of downloads affects all 
> > others? (Block rapidshare is not a solution because i can't block 
> > anytihng, just control the speed)
>
> You can set all traffic to delayed speed. Zero bytes cap with X 
> bytes/second overage.
>
> Or you can use access + ACL on dstdomain .rapidshare.com into a unique 
> pool that does the above only for rapidshare sites.
>
> Amos