On Thursday 26 June 2003 07.16, Aqil wrote: > Now I want to limit my users to make just a certain > number of connections, say 1 connection. So I put in > my squid.conf these lines :
Connections you can limit, but not the number of windows. There is no real connection between the number of windows and the number of connections. You have to allow for at least 4 connections per user plus some. Most browsers opens up to 4 connections while downloading a single page to speed up the download of images and other embedded objects. If you do not allow this then pages will often only download partially, and navigation may fail. Some browsers maintain these 4 connections globally for all windows. Some opens up to 4 connections per active window currently downloadign a page. When using this feature you also have to use "half_closed_clients off". And because there may be slight delays in the communication between the browser and proxy you need to allow for some slack in the number of connections i.e. if your policy is to allow 4 connections, then you need to allow about 6 connections to not falsely deny requests due to expected networking delays. The maxconn acl is suitable for blocking "abuse" type use of the proxy such as download managers opening 100 parallell connections for the same object in order to steal as much bandwidth as possible and other similar things. It is also useful to block people running rouge proxy servers in your network giving access to unauthorized people. Only to a very limited aspect can you limit the number of browser windows by the number of connections made via the maxconn acl. If you really want to limit the number of windows then this has to be done by software running on the client computer, enforcing a policy that there may only be a single browser window running on the computer. Regards Henrik -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
