Search squid archive
squid and unauthorized clients rate-blocking
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: squid and unauthorized clients rate-blocking
- From: "Eugene M. Zheganin" <emz@xxxxxxxxxxxxx>
- Date: Wed, 13 Mar 2013 16:27:55 +0600
- User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
Hi.
I use squid mostly for internet access authorization in corporate
network. I have a problem. Let's suppose some foobar company has
developed a proxy-unaware update mechanism using HTTP to update their
software. Or some internet company wrote a javascript that does execute
outside proxy context in a browser. Such things can produce a massive
amount of GET requests which squid answers with HTTP/407. Massive like
thousands per seconds from just one machine. In the same time, being
explicitly blocked with HTTP/403 answers, this madness stops. So, is
there a mechanism that I could use for, like, send 403 after exceeding
some rate to a client ? Or rate-block some acls ? Or something similar ?
Because right now I just block these machines using a packet filter,
because this entire thing just eats my CPUs.
Thanks.
Eugene.
[Index of Archives]
[Linux Audio Users]
[Samba]
[Big List of Linux Books]
[Linux USB]
[Yosemite News]
