[squid-users] Client bypassing delay pool restrictions

Hello all,

I am running Squid Cache: Version 2.6.STABLE21 on CentOS 5.5 and have
been using delay pools to limit clients' bandwidth usage. Here is the
delay pool section and related ACL of the squid.conf file. I have
included the entire squid.conf at the end of the message:

acl all src 0.0.0.0/0.0.0.0
delay_pools 1
delay_class 1 1
#1Mbps
delay_parameters 1 131072/131072
delay_access 1 allow all

I have used the above delay pool configuration countless times
previously and I did not have any issue but for some reason there is a
client that is able to bypass the delay pool bandwidth restriction and
transfter at rates of 5Mbps+.

Any help would greatly be appreciated.

Thanks in advance!

Ron M.

==========
squid.conf
==========
http_port 8080
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mem 1 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 1 MB
maximum_object_size_in_memory 50 KB
cache_replacement_policy heap LFUDA
cache_dir aufs /var/spool/squid 5 16 256
access_log /var/log/squid/access.log squid
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 2
auth_param basic realm Password Protected Area
auth_param basic credentialsttl 24 hours
auth_param basic casesensitive on
pid_filename /var/run/squid.pid
hosts_file /etc/hosts
refresh_pattern . 0 20% 4320
quick_abort_min 0 KB
quick_abort_max 0 KB
half_closed_clients off
persistent_request_timeout 0 seconds
acl ip0 myip 123.123.123.123
acl ip1 myip 124.124.124.124
acl pwauth proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl Safe_ports port 80 443
acl CONNECT method CONNECT
acl blocked_urls dstdomain "/etc/squid/blocked_urls"
acl blocked_regex url_regex "/etc/squid/blocked_regex"
http_access deny blocked_urls
http_access deny blocked_regex
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !Safe_ports
http_access allow pwauth
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
tcp_outgoing_address 123.123.123.123 ip0
tcp_outgoing_address 124.124.124.124 ip1
logfile_rotate 10
memory_pools off
forwarded_for off
log_icp_queries off
client_db off
buffered_logs on
coredump_dir /var/spool/squid
delay_pools 1
delay_class 1 1
#1Mbps
delay_parameters 1 131072/131072
delay_access 1 allow all
Received on Mon Nov 15 2010 - 07:05:09 MST