Re: [squid-users] strange requests

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 29 Apr 2004 12:07:56 +0200 (CEST)

On Thu, 29 Apr 2004, krv wrote:

> I am planning to block the port 80 for these clients in our multilayer
> switch instead of transparently redirecting them to cache and force them
> to configure the proxy manually.
>
> Any other solutions for this problem?

Automatic firewalling on the proxy when a client is found to use very many
connections. This can be done by a combination of maxconn acl and
external_acl_type.

Needs a moderate amount of scripting to make the external_acl_type helper
wich firewalls the client, but not much.

acl very_many_connections maxconn 50
external_acl_type firewall_client %SRC /path/to/helper
acl firewall_client external firewall_client

http_access deny very_many_connections firewall_client

You can also have a small program monitoring access.log and automatically
firewalling clients causing very many TCP_MISS/000 entries.. this is
probably simpler and more reliable, but requires a little more scripting
(but still only a moderate amount). Perl using the File::Tail module is
recommended for the job.

I am happy to write one for you for a reasonable deposition to my paypal
account if you do not feel prepared to write such scripts yourself.

Regards
Henrik
Received on Thu Apr 29 2004 - 04:08:04 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:03 MDT