In the book 'Squid: The Definitive Guide' of Duane Wessels, in the Appendix C / C.4, he wrote:
"Delay pools, however, are implemented in the application layer. Because Squid doesn't actually send and receive TCP packets (the kernel does)". If that's true, it's mean that the kernel receives request (TCP packet) from client, then depack these packet and give it to Squid. So, I wonder how the way Squid can set access control list on the IP address of source or destination WHILE it can't PROCESS IP packets. Can Henrik tell me the detail that: 1. Does Squid process the IP packets (include TCP or UDP packets) or this's kernel's jobs? 2. If processing the IP packets is the kernel's job, how can squid does it's ACL based on IP address, port? 3. If squid can process IP packets, why you and Squid's developers take squid does bandwidth control at Transport layer in replace with Application layer? 4. If processing the IP packets is the kernel's job, how do squid tell kernel to limit bandwidth? (Duane Wassels has no detail information about it!!!) Regard, Viet Hai
