In the book 'Squid: The Definitive Guide' of Duane Wessels, in the Appendix
C / C.4, he wrote:

"Delay pools, however, are implemented in the application layer. Because
Squid doesn't actually send and receive TCP packets (the kernel does)".

If that's true, it's mean that the kernel receives request (TCP packet) from
client, then depack these packet and give it to Squid.

So, I wonder how the way Squid can set access control list on the IP address
of source or destination WHILE it can't PROCESS IP packets.

Can Henrik tell me the detail that:
1. Does Squid process the IP packets (include TCP or UDP packets) or this's
kernel's jobs?

2. If processing the IP packets is the kernel's job, how can squid does it's
ACL based on IP address, port?

3. If squid can process IP packets, why you and Squid's developers take
squid does bandwidth control at Transport layer in replace with Application
layer?

4. If processing the IP packets is the kernel's job, how do squid tell
kernel to limit bandwidth? (Duane Wassels has no detail information about
it!!!)


Regard,
Viet Hai