Loading ...Squid Proxy Server Limit the number of simultaneous Web connections from a client with maxconn ACL
So how do you limit the number of simultaneous web connections from a client browser system using the open source Squid proxy server?
You need to use squid ACCESS CONTROLS feature called maxconn. It puts a limit on the maximum number of connections from a single client IP address. It is an ACL that will be true if the user has more than maxconn connections open. It is used in http_access to allow/deny the request just like all the other acl types.
Step # 1: Edit squid conf file
Open /etc/squid/squid.conf file:
# vi /etc/squid/squid.conf
Step # 2: Setup maxconn ACL
Locate your ACL section and append config directive as follows:
acl ACCOUNTSDEPT 192.168.5.0/24
acl limitusercon maxconn 3
http_access deny ACCOUNTSDEPT limitusercon
Where,
- acl ACCOUNTSDEPT 192.168.3.0/24 : Our accounts department IP range
- acl limitusercon maxconn 3 : Set 3 simultaneous web access from the same client IP
- http_access deny ACCOUNTSDEPT limitusercon : Apply ACL
Save and close the file.
Restart squid
Restart the squid server, enter:
# /etc/init.d/squid restart
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
You may also be interested in other helpful articles:
- Install Squid Proxy Server on CentOS / Redhat enterprise Linux 5
- Benchmarking squid and other caching proxy servers
- Linux Iptables Limit the number of incoming tcp connection / syn-flood attacks
- nixCraft FAQ roundup
- Howto: Squid proxy authentication using ncsa_auth helper
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
we are seeking a System engineer for permanent position, who has working experience with Squid. if any one from Miami, FL area interested in that position please let me know on my number 954-839-8629 or you can send me your saqib_staffcc@hotmail.com
thank you,
Saqib Rahat
Technical Recruiter
Saqib,
You can post job UNIX/Linux specific jobs here
sir,
actually i have tried what you have mentioned here .similar thing has also given in oraeilyy squid definite guide .
but the problem is no of connection are getting limited please help me out and tell me the reson for it .
thanking you .
hi dear try this and reply
acl limited_user src 192.168.1.0/24
acl maxconn_user maxconn 4
acl download urlpath_regex (extensions to be locked)
http_access deny limited_user maxconn_user download
http_access allow !limited_user