Em 25/3/2011 21:19, Amos Jeffries escreveu: > On 26/03/11 10:39, Márcio Luciano Donada wrote: >> I am using version: squid-2.7.9 FreeBSD. I am using Authentication with >> delay pools, as follows: >> >> auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -R -D >> "cn=suporte,dc=xxx,dc=com,dc=br" -w "f34fadsfsdf" -b >> "ou=Usuarios,dc=xxx,dc=com,dc=br" -f "uid=%s" -h 192.168.1.1 -d v3 >> auth_param basic children 5 >> auth_param basic realm Digite sua senha >> >> acl ldap-auth proxy_auth REQUIRED >> http_access allow ldap-auth >> http_access allow localhost >> http_access deny all >> acl 128kbps proxy_auth "/usr/local/etc/squid/user.txt" >> acl 256kbps proxy_auth "/usr/local/etc/squid/profs.txt" >> acl admin proxy_auth "/usr/local/etc/squid/admin.txt" >> >> delay_pools 3 >> delay_class 1 2 >> delay_access 1 allow 128kbps >> delay_access 1 deny all >> delay_class 2 2 >> delay_access 2 allow 256kbps >> delay_access 2 deny all >> delay_class 3 2 >> delay_access 3 allow admin >> delay_access 3 deny all >> >> delay_parameters 1 128000/512000 128000/512000 >> delay_parameters 2 512000/1024000 512000/1024000 >> delay_parameters 3 -1/-1 -1/-1 >> >> >> But initially it works fine, after 5 min, no longer access anything else >> is simply too slow and nothing works. I wanted to make a control of >> 128kbps and 256kbps to stay slow and not having to close the browser and >> restart the operation when > > Couple of problems there: > > Delay pools are measured in *Bytes*. Those numbers are 8x too big for > Kbps. Did you mean KBps? (upper/lower case matters a *lot* in bps units). > > The first A/B parameter limits the entire network segment bandwidth. > The second one limits the individual IP. > Those limits above allow a single user to max out the connection and > block all other users from getting a single byte through. > > Also, the pool #3 is doing relatively expensive traffic accounting in > order to do nothing. You can remove it entirely. > > > You want something like... > > # pool 1: no network-wide cap, individuals at 128KBps > delay_parameters 1 -1/-1 131072/131072 > > # pool 2: no network-wide cap, individuals at 256KBps > delay_parameters 2 -1/-1 262144/262144 > > > or, if you did means Kbps instead of KBps ... > > # pool 1: no network-wide cap, individuals at 128Kbps > delay_parameters 1 -1/-1 16384/16384 > > # pool 2: no network-wide cap, individuals at 256Kbps > delay_parameters 2 -1/-1 32768/32768 > > > Amos Thanks, worked perfectly -- Márcio Luciano Donada Aurora Alimentos - T.I. Matriz Coop. Central Oeste Catarinense
