Re: [squid-users] Delay pools problem from Chris Robertson on 2009-09-09 (squid-users)

From: Chris Robertson <crobertson_at_gci.net>
Date: Wed, 09 Sep 2009 09:33:32 -0800

Augusto Casagrande wrote:
> Hi everyone.
> I'm having delay pools issues.
> I've had declared 3 delay pools , and i'had made 3 different groups in
> 3 text files, each file contains the name of the user corresponding to
> the navegation speed
> I'had declared INFO as the highest privilege group, GRAL as standard
> navegation group , and REST as restricted navegation group.
> My problem , is that apparently my rule is not work, as all the users
> ara allowed in the delay_pool 1, and nobody are allowed in the other 2
> delay_pools.
> I guess the problem is in the delay_access section...?
>
> My squid.conf section :
>
> delay_pools 3
>
> delay_class 1 3
> delay_class 2 3
> delay_class 3 3
>
> delay_access 1 allow info !gral !rest
>

While explicit as it is, this line would be better expressed (and
simpler for Squid to parse) as...

delay_access 1 allow info

...assuming "info", "gral" and "rest" don't have any overlap. If there
is overlap, the original is fine.

> delay_access 1 deny gral rest
>

This line says deny access to delay pool 1 for the intersection of gral
AND rest.
Since there are no further delay_access rules for pool 1, there is an
implicit "delay_access 1 allow all" after. What you should have is...

delay_access 1 deny all

> delay_access 2 allow gral !rest
>

delay_access 2 allow gral

> delay_access 2 deny rest
>

delay_access 2 deny all

> delay_access 3 allow rest
> delay_access 3 deny all
>
> delay_parameters 1 -1/-1 -1/1024000 15000/512000
> delay_parameters 2 -1/-1 30000/1024000 7000/512000
> delay_parameters 3 -1/-1 30000/1024000 3000/512000
>
> acl info proxy_auth_regex -i "/etc/squid/info.txt" REQUIRED
> acl gral proxy_auth_regex -i "/etc/squid/gral.txt" REQUIRED
> acl rest proxy_auth_regex -i "/etc/squid/rest.txt" REQUIRED
>

I have to imagine that the delay_parameters and ACLs are defined above
the delay_access lines that reference them, as Squid reads the config
file in a linear fashion.

> Thanks in advice !
>

Chris
Received on Wed Sep 09 2009 - 17:33:40 MDT

This archive was generated by hypermail 2.2.0 : Thu Sep 10 2009 - 12:00:02 MDT