Sorry to derail off topic, though I appreciate the feedback. Trying to get this to work through a Cisco ASA. If not, I probably have an old 2900 series router somewhere.
Thank you again. On Mon, May 9, 2016 at 2:33 PM, Yuri Voinov <yvoi...@gmail.com> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > I mean this, for example: > > haribda(config)#policy-map Net_Limit > haribda(config-pmap)#class alternate > haribda(config-pmap-c)#? > Policy-map class configuration commands: > admit Admit the request for > bandwidth Bandwidth > compression Activate Compression > drop Drop all packets > exit Exit from class action configuration mode > fair-queue Enable Flow-based Fair Queuing in this Class > flow Flow subcommands > log Log IPv4 and ARP packets > measure Measure > netflow-sampler NetFlow action > no Negate or set default values of a command > police Police > priority Strict Scheduling Priority for this Class > queue-limit Queue Max Threshold for Tail Drop > random-detect Enable Random Early Detection as drop policy > service-policy Configure QoS Service Policy > set Set QoS values > shape Traffic Shaping > > haribda(config-pmap-c)#bandwidth ? > <1-2000000> Kilo Bits per second > percent % of total Bandwidth > remaining percent/ratio of the remaining bandwidth > > This is 2901, ISR G-2. > > 10.05.16 3:15, J Green пишет: > > Here, re 'upload and download sizes', I meant the later 'dumb traffic > limits'. > > > > We do have a Cisco firewall in place, and I have setup 'traffic > policing'. However, the results are inconsistent. Sometimes it seems to > work, other times it blocks everything, or it blocks nothing. > > > > Appreciate all the feedback, thank you all for your time. > > > > On Mon, May 9, 2016 at 12:27 PM, Yuri Voinov <yvoi...@gmail.com > <mailto:yvoi...@gmail.com> <yvoi...@gmail.com>> wrote: > > > > > > For such task enough put Cisco router with TCP traffic policies ..... > > > > And please - any protocol, any speed limits, any ACL's, any SLA ..... > > > > > > 10.05.16 1:15, Alex Rousskov пишет: > > > On 05/09/2016 12:53 PM, Yuri Voinov wrote: > > > > >> Just to clarify. For proxying anything (protocol or service), the > proxy > > >> server must be at the same time also act as the client of a protocol > or > > >> service - and as a server. > > > > > > > It all depends on the definition of "upload and download sizes" in the > > > OP question. If the intent is to understand and restrict individual > > > protocol messages, then you are right. If the intent is just to limit > > > the aggregate number of TCP bytes transferred, then protocol > > > understanding (in a "transparent" setup) is not required. > > > > > Needless to say, Squid is unlikely to be the best solution for the > > > latter "dumb traffic limits" problem, but if an "all-in-one executable" > > > is a critical requirement, one can make modern Squids to limit tunneled > > > TCP traffic that it does not understand. > > > > > Alex. > > > > > > >> J Green: > > >>>> Would like to limit maximum upload and download sizes for > > >>>> other TCP protocols: SMB, NFS, FTP, and RDP. > > > _______________________________________________ > > > squid-users mailing list > > > squid-users@lists.squid-cache.org > <mailto:squid-users@lists.squid-cache.org> > <squid-users@lists.squid-cache.org> > > > http://lists.squid-cache.org/listinfo/squid-users > > > > > > > > _______________________________________________ > > squid-users mailing list > > squid-users@lists.squid-cache.org > <mailto:squid-users@lists.squid-cache.org> > <squid-users@lists.squid-cache.org> > > http://lists.squid-cache.org/listinfo/squid-users > > > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > > iQEcBAEBCAAGBQJXMQIjAAoJENNXIZxhPexGC9YIAIXbLAOqQMTNmawXVrSpK2rP > zwW4RmwsmDOZzqFgldMlEJRkSH+H3UXiF6Zw994Ys3pYliB5o55qN3DYB2fGlu4H > Me3bq71PoZo+qes15l9ePpWq+0jK9B06fMGgWdBeSuVjRwC72hq0k2cPCpg9Hcd3 > KqytNCaM6kb7CFfxhm8g5w0lSHwQkoKM8XDbtVzrKjT0VbFcYRXR6SP5tzRwDW9D > ZHFQ8hX19RBof8JqWQo6UbhXZBZGtDjoOaGQ/EBMLjzl6guUdKt9Xi8pF+rkBgSk > S0Y2JZypIxAeMuj9STfRs54ZCId9NtZfA76o5M7PH0OrCfz1oXA+m0kzCQfEZtY= > =tSMD > -----END PGP SIGNATURE----- > >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
