ons 2003-06-25 klockan 13.38 skrev Mohsin Khan:
> Well ppl True, but there are certain
> limitations, if give squid a HUP signal or restart it,
> it will not only close all the download sessions, but
> there are certain java applications that run through
> browsers and well they maintain login sessions, and
> once squid is closed there session is closed as well
> and they have to download the API's again, and
> relogin.
A HUP does not close any sessions. A restart does.
A JAVA applet using HTTP should not notice the restart of the proxy,
unless if it is actively fetching something at the time the proxy is
restarted. Sessions is a business between the applet and the web server,
not actively involving the proxy.
If you have an applet using the proxy as a tunnel via the CONNECT method
to reach some server application then you indeed have this problem, but
only because you are using the HTTP proxy for things it is not intended
to be used for (for such purposes a SOCKS proxy should be used).
> Secondly in my enviroment i can not restrict the bandwidth,
> its just that users are educated to not to download like this,
> but if some one do than there must be so accountability.
Accontability you have. The session is logged when it finishes, and
running sessions is visible in the cachemgr interface.
Why can you not restrict bandwidth? If you already have the policy that
users must not download like this, why not make a rule which denies them
to do so? It is very easy to do in Squid without limiting the speed of
normal browsing.
What you do not have in Squid is the possibility to actively terminate
unwanted sessions. But if nothing else a temporary firewall rule (both
Linux and FreeBSD have integrated firewalls) can be used to block a
download once the session is identified and you can not reach the user
to ask them to stop what they are doing.
Adding a function natively to Squid to selectively terminate sessions is
possible, but requires a bit of coding as it is not a function which
exists today.
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org Please consult the Squid FAQ and other available documentation before asking Squid questions, and use the squid-users mailing-list when no answer can be found. Private support questions is only answered for a fee or as part of a commercial Squid support contract. If you need commercial Squid support or cost effective Squid and firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Wed Jun 25 2003 - 06:42:48 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:38 MST