Re: [squid-users] Restricting Users

"Ronald James" wrote:
> I want to limit my bandwidth to my certain users to not use all the
> bandwidth I have available.

delay_pools - see the FAQ link below

> How many class pools will I need firstly and do I have to setup a class
> for each ip address or can I do an ip range?

Depends upon how you want to carve up your users. If you will only have
regular and VIP, then 2 delay_pools, probably of type "class 2"

> If I have some people who I want to be able to surf faster than others ?

Create a VIP pool - see my own configs below. What I call "notdelayed2" are
my "VIP" users.

To answer your question in general terms: three things got me started with
bandwidth restriction (called delay_pools in squid):
1. The very good FAQ entry for it:
http://www.squid-cache.org/Doc/FAQ/FAQ-19.html#ss19.8
2. The also good section of your squid.conf file that explains stuff (also
included in above FAQ).
3. Specific queries of the archive in google:
http://groups.google.com/groups?as_q=delay_pools&as_ugroup=mailing.unix.squi
d-users
   (just querying delay_pools is probably too broad, you'll want to refine
your criteria).

After I had done all of the above and mostly had delay_pools working, I then
posted some more specific/researched questions that I had not yet resolved
and folks (especially the wonderful Henrik) answered my questions.

Now as to your specific questions, you will find lots of examples in the
archives (I use groups.google to search them). My own configuration may not
be perfect but it seems to work ok so I will include it below but as, I
said, if you use the archives you will find many, many other folks posting
their acl's etc. Since I only need per user and network throttling, I use
class 2 pools. I have 4 catagories of users so I have 4 delay_pools:
"delayed" are normal M-F 8-5 type users, they are restricted the most.
"notdelayed1" is to give extra fast access to docs from our own public
webserver, "notdelayed2" is the pool for "VIP"'s, and "notdelayed3" is for
everyone who surfs after hours.

hth,

Adam

my delay_pool configs:
acl delayed time MTWHF 8:01-17:30

acl notdelayed3 time SA 8:01-17:30
acl notdelayed3 time SMTWHFA 17:31-23:59
acl notdelayed3 time SMTWHFA 0:00-8:00

acl notdelayed2 src 192.168.2.1 # the boss
acl notdelayed2 src 192.168.2.12 192.168.2.140 # unix
admins
acl notdelayed2 src 192.168.23.196 192.168.23.1 # other
admins1
acl notdelayed2 src 192.168.39.1 192.168.39.2 192.168.39.91 # other
VIP's

acl notdelayed1 urlpath_regex -i \.pdf$ \.doc$
acl mydomain dstdomain www.mydomain.com

http_access allow localnets delayed
http_access allow mydomain notdelayed1
http_access allow localnets notdelayed2
http_access allow localnets notdelayed3
http_access deny all

delay_pools 4
delay_class 1 2
delay_class 2 2
delay_class 3 2
delay_class 4 2
delay_access 1 allow mydomain notdelayed1
delay_access 1 deny all
delay_access 2 allow notdelayed2
delay_access 2 deny all
delay_access 3 allow notdelayed3
delay_access 3 deny all
delay_access 4 allow delayed
delay_access 4 deny all
delay_parameters 1 206000/206000 28000/51200
delay_parameters 2 206000/206000 30000/51200
delay_parameters 3 206000/206000 32000/51200
delay_parameters 4 206000/206000 16000/51200
Received on Tue May 20 2003 - 11:13:00 MDT