[squid-users] Maxconn Parameter behaviour with NAT
Murat Balkan
murat.balkan at ericsson.com
Fri Jan 15 15:11:04 UTC 2016
Hi,
Thanks for the response.
What I want to achieve is to prevent 2 users enter with the same username simultaneously.
<--> User 1 enters the proxy, browses some pages.
<--> User 2 tries to enter, and he receives a reject.
<--> User1 stops browsing pages.
<--> User2 tries to enter, but because the TTL is not expired for the first user, he is rejected again.
<--> After the TTL, User2 is able to connect.
This scenario is working with the -s strict parameter that is applied to maxconn. But I want to achieve the same with the usernames, not the IP addresses as the user distinguisher.
You mentioned maxuser parameter. Can you give an example of its' usage?
Thanks a lot,
Murat
-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Matus UHLAR - fantomas
Sent: Friday, January 15, 2016 3:13 AM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Maxconn Parameter behaviour with NAT
On 14.01.16 16:58, Murat Balkan wrote:
>I want to limit the users with the Maxconn parameters. But the users
>are NATed behind a public IP address. Is squid just looking at the IP
>address or can it also use the username to figure out if it should
>apply the maxconn?
maxconn uses clients' addresses as described. That means, when more users are NATted behind one IP, squid can't differ between them.
you can use maxuser for their usernames as they are autenticated to squid.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics are made up on the spot.
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list