Re: [squid-users] code red is making horrible on our network

From: Duane Wessels <wessels@dont-contact.us>
Date: Thu, 9 Aug 2001 17:37:21 -0600 (MDT)

On Thu, 9 Aug 2001, Luiz Lima wrote:

> > So, you have lots of machines from outside continually
> > hitting your squid server. Correct?
>
> You really don't get it, right? They are not users from the outside. In my
> case, they are my dial-up customers. When their Code Red tries to get to
> other server's port 80, my transparent proxy setup catches the requests and
> bring Squid to its knees.
>
> I can't block IPs because they are dinamic assigned dial-up accounts. I
> can't just explain it to my customers because I only know which ones are
> infected AFTER my Squid server is already down.
>
> I really need a way to tell Squid to NOT proccess the requests before it
> take resourses away from valid ones.

I assume you're blocking code red requests by URL matching, right?

Can you explain with more detail how Squid is brought to its knees?

do you run out of file descriptors, TCP ports, network mbufs?
Received on Thu Aug 09 2001 - 17:37:22 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:31 MST