kfliong wrote: > Adam Aube wrote: >>kfliong wrote: >>> I tried to use delay_pools to control the speed of some users but >>> somehow it doesn't work. Particularly delay_access 5. Those users in >>> delay_access 5 need to be running at only 1k/s but somehow this speed >>> limit is not imposed. Please help.
>>> Here is my squid.conf for delay_pool : >>> #delay_acess 5 for very slow speed >>> delay_access 5 allow slow_sites >>> delay_access 5 allow slow_user2 >>> delay_access 5 deny all >>> acl slow_sites dstdomain .friendster.com uw.netroasia.com >>> .rottentomatoes.com >>> acl slow_user2 srcdomain jackye marcus >>Which ACL is having the problem - slow_sites or slow_user2? >>In slow_user2, you are using the srcdomain ACL, but the parameters you >>give it don't seem to be correct domain names (compare to the dstdomain >>ACL). >>Also, srcdomain requires a reverse lookup on the client's IP address. Is >>the reverse DNS setup correctly for your client IP addresses? >>What if you try using a src ACL (IP address) instead of srcdomain? > Both the slow_sites and slow_user2 doesn't work. Odd - slow_sites looks correct and should work. Can you give a specific example of something that should work but isn't? > If I use http_access to block slow_user2 it will work. So, I am sure that > the srcdomain works. > But when trying to limit the speed using delay_pools it doesn't seems to > work. According to the delay pools FAQ, "delay pool ACL processing is done using 'fast lookups', which means (among other things) it won't wait for a DNS lookup if it would need one." http://www.squid-cache.org/Doc/FAQ/FAQ-19.html#ss19.8 srcdomain requires a reverse DNS lookup of the client IP address, which is why it isn't working in delay_access - Squid won't wait for the DNS lookup to complete. A workaround for this would be to use the slow_user2 acl somewhere in your http_access section. http_access will wait for the DNS lookup, and it will make the information available to delay_access. Adam
