This is better:
acl yournet src xxx.xxx.xxx.xxx
acl connlimit maxconn 2
http_access allow yournet !connlimit
http_access deny all
Cheers,
.::DAMK::.
On Tue, 13 Jan 2004 15:21:44 -0800 (PST), Paul <[EMAIL PROTECTED]> wrote:
I'd like to limit the total number of connections from anywhere,
and would
Thank you for your reply, but I don't think this is what I'm
looking for. What I want has nothing to do with our local net.
We want to limit the *grand total* number of connections to our
squid from *anywhere*, to give it some breathing room, to leave
some memory for other processes, to allow us t
: damk
Cc: [EMAIL PROTECTED]
Subject: Re: [squid-users] maxconn semantics
Thank you for your reply, but I don't think this is what I'm looking
for. What I want has nothing to do with our local net.
We want to limit the *grand total* number of connections to our squid
from *anywhere*, to gi
On Tue, 13 Jan 2004, Paul wrote:
> I'd like to limit the total number of connections from anywhere,
> and would like some clarification. For example, with the following:
>
> acl connlimit maxconn 2
> http_access deny all connlimit
> http_access allow !connlimit
maxconn is appplied per sou
Thank you very much for your reply, Henrik.
So a ulimit of 1000 ought to limit the total number
of connections to about 300+. Looks like under my
current 2.4 Linux kernel, maximum number of filedescriptors
possible is around 26K, but only 1024 allowed per process:
# sysctl fs.file-max
fs.file-max
On Wed, 14 Jan 2004, Paul wrote:
> Thank you very much for your reply, Henrik.
> So a ulimit of 1000 ought to limit the total number
> of connections to about 300+. Looks like under my
> current 2.4 Linux kernel, maximum number of filedescriptors
> possible is around 26K, but only 1024 allowed pe
In a message dated 1/14/04 5:33:19 AM Eastern Standard Time,
[EMAIL PROTECTED] writes:
> 1024 is the default limit of Linux and many other OS:es.
>
> It can be raised or lowered if you like.
>
> To raise the limit you must also recompile Squid with the limit raised.
>
Why is this? It se
On Wed, 14 Jan 2004 [EMAIL PROTECTED] wrote:
> Why is this? It seems ridiculous that at the stage of maturity that SQUID has
> achieved that it still cant read a sysctl variable to do this dynamically.
Because of wierd dependencies on the fd_set data type and a few other
things.
Regards
Henrik
