[squid-users] How to limit user traffic quota? (GoGo net)
squid3 at treenet.co.nz
Fri Dec 4 16:08:10 UTC 2015
On 5/12/2015 4:57 a.m., GoGo net wrote:
> Limit rate is another direction to limit traffic, I will think about
> Currently, I prefer to use the script to monitor access.log, and I
> find a problem today:
> From [squid wiki](http://wiki.squid-cache.org/Features/LogFormat):
>> bytes The size is the amount of data delivered to the client. Mind
>> that this does not constitute the net object size, as headers are
>> also counted.
> It seems that **bytes** only includes response size (including http
> header). What I really want is counting both http-request and
> http-response. Is there any way to enable http-request **bytes**
> being logged in access.log?
You need to use the %st code in a custom log format.
PS. there is another problem you may not have noticed yet. The log
entries are only recorded at the *end* of each transaction. Which means
that all transactions started before the user hits their limit will be
allowed to continue consuming bandwidth until they exit naturally. At
which time the counted quota-spent value continues to go up past the
limit you set. CONNECT tunnels have indefinite lifetimes, some have been
seen lasting for weeks.
This is one of the reasons I recommend QoS controls external to Squid.
The OS can measure as each packet happens and terminate the over-quota
transactions at the TCP level.
More information about the squid-users