Hello all, I run a squid caching server to provide service to public network of about 50 Cyber caf� systems. My cache is on an AMD Athlon 2.0Ghz, with 512MB of RAM running on a Red hat 9.0 box. I have squid configured as a transparent proxy, to avoid users changing proxy settings.
I have a problem with some users who come into the caf� and run email extractors, which hog all the available bandwidth. I have tried using delay pools to restrict maximum bandwidth per user, but this is not very desirable, as the overall browsing experience becomes slow, since no single client can utilize all the bandwidth for a short period. I have also recently tried using the maxcon statement to limit number of connections, but certain websites make a single browser initiate up to 10 connections and hence with only 3 windows they may reach the limit of 20 connections I set, hence it also affect legitimate browsing customers. I was wondering if there was a way I could combine ACLs to match certain search string criteria, as the extractors usually send very long queries to various common search engines. I cannot block access to these search engines, as they are used by normal users, and disabling NAT for http will not help as most of these applications use the internet access settings inherited from the browser. Is what I'm asking possible? I would be grateful if someone could point me in the right direction and possible some help on how to populate those ACLs would also be appreciated. Thanks. Adeoye Oke (Lead Consultant) IT-Haus Limited #14, Estaport Avenue Sholuyi Gabgada Lagos state Nigeria. Tel: 234-1-793-0962 Mobile: 234-803-333-7330 Web: http://www.ithauslimited.com
