Hi.
I use squid mostly for internet access authorization in corporate
network. I have a problem. Let's suppose some foobar company has
developed a proxy-unaware update mechanism using HTTP to update their
software. Or some internet company wrote a javascript that does execute
outside proxy context in a browser. Such things can produce a massive
amount of GET requests which squid answers with HTTP/407. Massive like
thousands per seconds from just one machine. In the same time, being
explicitly blocked with HTTP/403 answers, this madness stops. So, is
there a mechanism that I could use for, like, send 403 after exceeding
some rate to a client ? Or rate-block some acls ? Or something similar ?
Because right now I just block these machines using a packet filter,
because this entire thing just eats my CPUs.
Thanks.
Eugene.
Received on Wed Mar 13 2013 - 10:28:20 MDT
This archive was generated by hypermail 2.2.0 : Sat Mar 16 2013 - 12:00:05 MDT