Thanks Tom, so
REDIRECT loc 8080 tcp www - !192.168.100.2 s:PROXY:10/sec:15 would work as well. and what should be an ideal number of connection allowed per pc, is 10/sec ok or too less. Thanks! ------------------------------------------------------------ Swapnil Jain On 12-Feb-2010, at 8:37 PM, Tom Eastep wrote: > Swapnil Jain wrote: >> Hi, >> >> i am using squid as a transparent proxy. i have added this 3 lines to my >> rules file >> >> >> ACCEPT $FW net tcp www >> ACCEPT loc $FW tcp 8080 >> REDIRECT loc 8080 tcp www - !192.168.100.2 >> >> >> i want to limit the number of connection that are made from every pc on the >> network to the proxy server. if i change the 2nd rule to >> >> ACCEPT loc $FW tcp 8080 - - >> s:PROXY:10/sec:15 >> >> >> this will limit the connection for the complete network. > > No -- that limits per PC. And you may as well change the REDIRECT rule > to a REDIRECT- rule since you are already accepting connections to port > 8080 from the loc zone. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ > SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, > Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW > http://p.sf.net/sfu/solaris-dev2dev_______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
