Hello all,
I run a squid caching server to provide service to public network of about
50 Cyber café systems. My cache is on an AMD Athlon 2.0Ghz, with 512MB of
RAM running on a Red hat 9.0 box.
I have squid configured as a transparent proxy, to avoid users changing
proxy settings.
I have a problem with some users who come into the café and run email
extractors, which hog all the available bandwidth. I have tried using delay
pools to restrict maximum bandwidth per user, but this is not very
desirable, as the overall browsing experience becomes slow, since no single
client can utilize all the bandwidth for a short period.
I have also recently tried using the maxcon statement to limit number of
connections, but certain websites make a single browser initiate up to 10
connections and hence with only 3 windows they may reach the limit of 20
connections I set, hence it also affect legitimate browsing customers.
I was wondering if there was a way I could combine ACLs to match certain
search string criteria, as the extractors usually send very long queries to
various common search engines. I cannot block access to these search
engines, as they are used by normal users, and disabling NAT for http will
not help as most of these applications use the internet access settings
inherited from the browser.
Is what I'm asking possible? I would be grateful if someone could point me
in the right direction and possible some help on how to populate those ACLs
would also be appreciated.
Thanks.
Adeoye Oke (Lead Consultant)
IT-Haus Limited
#14, Estaport Avenue
Sholuyi Gabgada
Lagos state
Nigeria.
Tel: 234-1-793-0962
Mobile: 234-803-333-7330
Web: http://www.ithauslimited.com
Received on Wed Oct 06 2004 - 05:09:16 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:01 MST