On 30.04.2012 02:25, Jose-Marcio Martins da Cruz wrote:
squid squid wrote:
Hi,
I have a server running Squid 2.7 stable 15 and facing client
spamming. The problem happen when a client press and hold on to the F5
button on the PC and this will generate few hundred of requests to the
my squid proxy.
Please advise how can I prevent or drop the client traffic when the
above happen.
F5 = refresh ?
Maybe you should begin understanding what's happening and the kind of
requests being done.
What actual Squid version you are using? Squid 2.7 series is only up to
point-release "2.7.STABLE9". There is not nor likely to ever be a
"2.7.STABLE15".
This sounds more like a DoS attack or an infinite retry loop than a
client sending spam emails through your proxy, or even using a browser
refresh button.
* Have you tried it yourself? Which browser permits a DoS attack to be
performed by one user with a simple button press?
* Why was the user needing refresh in the first place? (are you
violating HTTP by force-caching things that should not be cached?)
* What is your log actually displaying?
* are you certain its one user and not many? what is your knowledge
based on (same TCP connection is not sufficient).
All these questions need to be known before we can give real help.
Amos
