Hey folks So I support a bunch of Squid deployments and every so often I’ll get a call about a poor performance, or very large access logs files etc.
Oftentimes as soon as I crack open the access log I see there’s a handful of machines (sometimes just one) practically DoSing the proxy with failed requests (failing because the client app won’t comply with proxy authentication). Here’s a recent example of one of these bugs from Google Chrome: https://code.google.com/p/chromium/issues/detail?id=373181 So I just wanted to see if anyone had any advice or suggestions for dealing with this kind of thing. I’m guessing iptables would be the logical place to try and prevent it, but I wouldn’t know where to start with rate limiting in iptables… Anyone care to share?
