Search squid archive

Detecting clients flooding squid with failed request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Probably a lot of forward proxy users here have encountered applications which, if they can’t get their web requests through the proxy (because of 407 Proxy Auth Required or whatever), just start aggressively, endlessly spamming requests.

A recent example would be AVG’s “cloud” features generating around 90 requests per second from one computer. Pretty annoying.

I was wondering if anyone here has any creative ideas for detecting when this is happening programmatically?

It’s obviously easy to spot as a human if you’re looking at the access log, but it would be awesome if we could somehow parse some squidclient manager output and/or the access logs and “raise the alarm” in some way.

Would love to hear anyone’s ideas about how the logic would work for something like this.

Cheers
Dan
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux