On Wed, 8 Nov 2000, [iso-8859-1] Gabriel Ernesto Gaitán L. wrote:
>
>
> Hi, I have Squid/2.3.STABLE1
>
> Can I restrict a client to only open maximum 3 http requests at time?
Yes, use the maxconn ACL type in conjunction with http_access deny.
For example:
acl losers src 1.2.3.0/24
acl 5CONN maxconn 5
http_access deny 5CONN losers
Given the above configuration, when a client whose source IP address
is in the 1.2.3.0/24 subnet tries to establish 6 or more connections
at once, Squid returns an error page. Unless you use the deny_info
feature, the error message will just say ``access denied.''
Note, the maxconn ACL type is kind of tricky because it uses less-than
comparison. The ACL is a match when the number of established
connections is greater than the value you specify. Because of that,
you don't want to use the maxconn ACL with http_access allow.
Also note that you could use maxconn in conjunction with a user type
(ident, proxy_auth), rather than an IP address type.
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Wed Nov 08 2000 - 15:10:09 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:17 MST