Re: [squid-users] limiting connections

From: H <hm_at_hm.net.br>
Date: Thu, 05 Apr 2012 11:32:52 -0300

Carlos Manuel Trepeu Pupo wrote:
>> > what is your purpose? solve bandwidth problems? Connection rate?
>> > Congestion? I believe that limiting to *one* download is not your real
>> > intention, because the browser could still open hundreds of regular
>> > pages and your download limit is nuked and was for nothing ...
>> >
>> > what is your operating system?
>> >
> I pretend solve bandwidth problems. For the persons who uses download
> manager or accelerators, just limit them to 1 connection. Otherwise I
> tried to solve with delay_pool, the packet that I delivery to the
> client was just like I configured, but with accelerators the upload
> saturate the channel.
>

since you did not say what OS youŕe running I can give you only some
direction, any or most Unix firewall can solve this easy, if you use
Linux you may like pf with FBSD you should go with ipfw, the latter
probably is easier to understand but for both you will find zillions of
examples on the net, look for short setups

first you "divide" your bandwidth between your users

if you use TPROXy you can devide/limit the bandwidth on the outside
interface in order to limit only access to the link but if squid has the
object in cache it might go out as fast as it can

you still can manage the bandwidth pool with delay parameters if you wish

I guess you meant downlaod accelerator, not manager, you can then limit
the connection rate within the bandwidth for each user and each
protocol, for DL-accelerator you should pay attention to udp packages as
well, you did not say how much user and bandwdith you have but limit the
tcp connection to 25 and udp to 40 to begin with, then test it until
coming to something what suites your wish

you still could check which DLaccel your people are using and then limit
or block only this P2P ports which used to be very effective

-- 
H
+55 11 4249.2222

Received on Thu Apr 05 2012 - 14:33:07 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 05 2012 - 12:00:02 MDT