Hello Amos!
Thanks for your response. Bellow is my delay_pool rules. I use
2.7STABLE3 because i used 3.0 and every time I use squid -k reconfigure
it increases the memory usage by 396K . So i was recommended to try 2.7
and it's ok now.
I was thinking on have a generic solution because if other site uses the
same trick, i will be already safe.
Thanks a lot,
Leandro
delay_pools 2
delay_class 1 1
delay_class 2 1
############ pages goes unlimited (PAGINAS is an acl with
html,images,css,so on)
delay_access 1 allow PAGINAS
delay_access 1 deny all
delay_parameters 1 -1/-1
## macs_link0 and ips_link0 are acl to a list of macs and ips
delay_access 2 deny PAGINAS
delay_access 2 allow macs_link0
delay_access 2 allow ips_link0
delay_access 2 deny all
delay_parameters 2 37500/600000
Amos Jeffries escreveu:
> Leandro Oliveira da Silva wrote:
>> Hello all!
>>
>> One of my clients reported today that the internet access was slow
>> and i have delay_pool configured and qos in the linux server. I saw
>> the following in the access.log:
>> 1218206547.680 39373 <ip> TCP_MISS/206 13166 GET
>> http://rs319tg2.rapidshare.com/...part02.rar - DIRECT/80.231.128.120
>> application/octet-stream
>> 1218206547.983 39556 <ip> TCP_MISS/206 13166 GET
>> http://rs228tg.rapidshare.com/...part03.rar - DIRECT/80.231.41.29
>> application/octet-stream
>> 1218206547.994 39538 <ip> TCP_MISS/206 13166 GET
>> http://rs228tg.rapidshare.com/...part03.rar - DIRECT/80.231.41.29
>> application/octet-stream
>> 1218206548.158 102769 <ip> TCP_MISS/206 37742 GET
>> http://rs352cg.rapidshare.com/...part06.rar - DIRECT/82.129.36.153
>> application/octet-stream
>> 1218206548.468 1714862 <ip> TCP_MISS/206 442326 GET
>> http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80
>> application/octet-stream
>> 1218206549.352 33284 <ip> TCP_MISS/206 7622 GET
>> http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80
>> application/octet-stream
>> 1218206550.066 40740 <ip> TCP_MISS/206 10518 GET
>> http://rs21l34.rapidshare.com/...part04.rar - DIRECT/62.67.46.22
>> application/octet-stream
>> 1218206550.341 34143 <ip> TCP_MISS/206 7622 GET
>> http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80
>> application/octet-stream
>> 1218206550.870 43760 <ip> TCP_MISS/206 13166 GET
>> http://rs21l34.rapidshare.com/...part04.rar - DIRECT/62.67.46.22
>> application/octet-stream
>> 1218206550.943 43680 <ip> TCP_MISS/206 13166 GET
>> http://rs21l34.rapidshare.com/...part04.rar - DIRECT/62.67.46.22
>> application/octet-stream
>> 1218206553.720 42710 <ip> TCP_MISS/206 10268 GET
>> http://rs319tg2.rapidshare.com/...part02.rar - DIRECT/80.231.128.120
>> application/octet-stream
>> 1218206555.185 33138 <ip> TCP_MISS/206 7622 GET
>> http://rs319tg2.rapidshare.com/...part02.rar - DIRECT/80.231.128.120
>> application/octet-stream
>> 1218206555.507 43994 <ip> TCP_MISS/206 10268 GET
>> http://rs228tg.rapidshare.com/...part03.rar - DIRECT/80.231.41.29
>> application/octet-stream
>> 1218206556.906 44885 <ip> TCP_MISS/206 13166 GET
>> http://rs21l34.rapidshare.com/...part04.rar - DIRECT/62.67.46.22
>> application/octet-stream
>> 1218206558.719 48811 <ip> TCP_MISS/206 13166 GET
>> http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80
>> application/octet-stream
>> 1218206559.295 1450697 <ip> TCP_MISS/206 54166 GET
>> http://rs42l33.rapidshare.com/...part05.rar - DIRECT/212.162.63.43
>> application/octet-stream
>> 1218206559.538 52322 <ip> TCP_MISS/206 13166 GET
>> http://rs279gc2.rapidshare.com/...part01.rar - DIRECT/64.214.225.80
>> application/octet-stream
>> 1218206559.812 46839 <ip> TCP_MISS/206 13166 GET
>> http://rs319tg2.rapidshare.com/...part02.rar - DIRECT/80.231.128.120
>> application/octet-stream
>> 1218206560.214 47222 <ip> TCP_MISS/206 13166 GET
>> http://rs352cg.rapidshare.com/...part06.rar - DIRECT/82.129.36.153
>> application/octet-stream
>>
>> What i'm assuming is that rapidshare is breaking the file in small
>> chunks, so if i limit the download speed to 50k/s almost all this
>> "files" will arrive in 1 second and just after will download the next
>> chunk and so on, so the delay_pool is not effective in this case, am
>> i right?
>
> Maybe. delay pools can be configure in many ways.
>
> The pool class defines how many IPs are gathered into each pool /32,
> /24, /16, username, etc.
>
> Inside that each pool A/B pair can be considered to mean non-delayed
> initial amount / delayed speed. Or another way commonly used by dialup
> ISP the unliited bandwidth + capped overage speed.
>
> The access lines define what requests get pooled and what skipped.
>
>> What can i do so as to avoid that this kind of downloads affects all
>> others? (Block rapidshare is not a solution because i can't block
>> anytihng, just control the speed)
>
> You can set all traffic to delayed speed. Zero bytes cap with X
> bytes/second overage.
>
> Or you can use access + ACL on dstdomain .rapidshare.com into a unique
> pool that does the above only for rapidshare sites.
>
> Amos
Received on Fri Aug 08 2008 - 18:03:59 MDT
This archive was generated by hypermail 2.2.0 : Sat Aug 09 2008 - 12:00:02 MDT