URL: https://www.opennet.ru/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID12
Нить номер: 5041
[ Назад ]
Исходное сообщение
"Config squid to allow only 2 max connections per IP"
Отправлено eXtremer , 06-Авг-07 15:21 
Hi all.

#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 444
acl Safe_ports port 80 # http
#acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
#acl Safe_ports port 70 # gopher
#acl Safe_ports port 210 # wais
#acl Safe_ports port 1025-65535 # unregistered ports
#acl Safe_ports port 280 # http-mgmt
#acl Safe_ports port 488 # gss-http
#acl Safe_ports port 591 # filemaker
#acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

#-------------Conectiuni maxime per IP-------------
acl maxcon maxconn 2                                      <= maxcon

#--------------Reteaua 145------------------
acl 145a src "/etc/squid/allow/145a.allow"  
acl 145b src "/etc/squid/allow/145b.allow"

acl 145c src 192.168.41.200/32

#-----------------------Restrictions-----------------------

#---Restrictie ptr conectiuni maxime----
http_access deny maxcon all                               <= maxcon  
deny_info ERR_MAXCON maxcon

#---Restrictie ptr toti in afara de sala 145---
http_access deny all !145a !145b !145c !localhost

#Recommended minimum configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports
------------------------------------------------------------------

This is a part of my squid.conf
I don't know but maxcon is not working in my case.
If it's like this : http_access deny maxcon all <= then not even one connection is allowed.
If it's like this: http_access allow all !maxcon <= then all connection are allowed.

Somebody tell me how to configure in such a way that maxconn feature will wrk in my case,
waiting for a reply, 10x in advance.

P.S.: client_db is ON.

Содержание
Сообщения в этом обсуждении
"Config squid to allow only 2 max connections per IP"
Отправлено Paul , 07-Авг-07 00:57 
what are the exact symptoms upon which you discovered that maxconn doesn't work?

take a look at this thread, this looks like your issue.
http://www.squid-cache.org/mail-archive/squid-users/200208/0...

--
http://www.ppokrovsky.org

"Config squid to allow only 2 max connections per IP"
Отправлено eXtremer , 08-Авг-07 14:37 
>what are the exact symptoms upon which you discovered that maxconn doesn't
>work?
>
>take a look at this thread, this looks like your issue.
>http://www.squid-cache.org/mail-archive/squid-users/200208/0...
>
>--
>http://www.ppokrovsky.org

noop, this is not my issue.

"Config squid to allow only 2 max connections per IP"
Отправлено ipmanyak , 07-Авг-07 08:34 

>[оверквотинг удален]
>If it's like this : http_access deny maxcon all <= then not
>even one connection is allowed.
>If it's like this: http_access allow all !maxcon <= then all connection
>are allowed.
>
>Somebody tell me how to configure in such a way that maxconn
>feature will wrk in my case,
>waiting for a reply, 10x in advance.
>
>P.S.: client_db is ON.

If you want permit access for all users from your local networks then:
http_access deny 145a maxcon
http_access deny 145b maxcon
http_access deny 145c maxcon
http_access allow 145a
http_access allow 145b
http_access allow 145c
http_access deny all

"Config squid to allow only 2 max connections per IP"
Отправлено eXtremer , 08-Авг-07 14:41 
>If you want permit access for all users from your local networks
>then:
>http_access deny 145a maxcon
>http_access deny 145b maxcon
>http_access deny 145c maxcon
>http_access allow 145a
>http_access allow 145b
>http_access allow 145c
>http_access deny all

10x ipmanyak, problem solved ;)