-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Heh, qos need to be configured with squid.conf to be something different
from 0x0 :)
18.05.16 2:40, J Green пишет:
> That could work, I would just need to know at some point, if this event was
> triggered.
>
> Been playing with %st , %>qos , &
That could work, I would just need to know at some point, if this event was
triggered.
Been playing with %st , %>qos , & % wrote:
> On 17/05/2016 6:37 a.m., J Green wrote:
> > Re logging, does this eventually get logged by Squid, somewhere?
> >
>
> I assume by "this" you mean the TOS values?
>
>
On 17/05/2016 6:37 a.m., J Green wrote:
> Re logging, does this eventually get logged by Squid, somewhere?
>
I assume by "this" you mean the TOS values?
There are the %>qos and %http://lists.squid-cache.org/listinfo/squid-users
On 2016-05-17 07:49, J Green wrote:
Sorry, I was looking for logging of traffic management events, where
maximum download/upload size has been violated. Thank you.
The Squid native format logs size of things delivered to the client, not
the upload/request size.
You will need to define a
On 05/16/2016 01:49 PM, J Green wrote:
> Sorry, I was looking for logging of traffic management events, where
> maximum download/upload size has been violated.
When it comes to logging, I recommend that you think in terms of
transactions rather than traffic management events because Squid logs
Sorry, I was looking for logging of traffic management events, where
maximum download/upload size has been violated. Thank you.
On Mon, May 16, 2016 at 12:39 PM, Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 05/16/2016 12:37 PM, J Green wrote:
> > Re logging, does this
On 05/16/2016 12:37 PM, J Green wrote:
> Re logging, does this eventually get logged by Squid, somewhere?
All transactions accessing Squid must be logged in access.log. If a
transaction is not logged, it is a Squid bug.
Please note that Squid logs transactions when they complete, not when
they
o.il/lmgtfy/>
>> > Linux System Administrator
>> > Mobile: +972-5-28704261
>> > Email: elie...@ngtech.co.il
>> >
>> >
>> >
>> > *From:*squid-users [mailto:squid-users-boun...@lists.squid-cache.org
>> <squid-users-boun...@lists
-users [mailto:squid-users-boun...@lists.squid-cache.org
> <squid-users-boun...@lists.squid-cache.org>] *On Behalf Of *J Green
> > *Sent:* Tuesday, May 10, 2016 8:42 PM
> > *To:* Yuri Voinov
> > *Cc:* squid-users@lists.squid-cache.org
> > *Subject:* Re: [squid-users]
lf Of *J Green
> *Sent:* Tuesday, May 10, 2016 8:42 PM
> *To:* Yuri Voinov
> *Cc:* squid-users@lists.squid-cache.org
> *Subject:* Re: [squid-users] Can Traffic Management Settings be
configured for other TCP protocols?
>
>
>
> That is fair, re intended use. But yes, management
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
11.05.16 2:11, J Green пишет:
> Fair criticisms, yes. But an interesting problem, no? And I think I am
> close to getting something
somewhat functional, using various pieces of hardware and software. Is
it a slick solution? Not at all.
Fair criticisms, yes. But an interesting problem, no? And I think I am
close to getting something somewhat functional, using various pieces of
hardware and software. Is it a slick solution? Not at all. But it just
might work more or less. Small could be 10MB. Large is larger.
On Tue, May
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I think change is posing the problem. "Big" and "small", it seems to me,
is too vague a criterion. Plus direct solution assumes continious
control of each connection at all and accounting at all. What, in my
opinion, a bit crazy.
11.05.16 1:59, J
>From what I understand, it is traffic policing, as opposed to traffic
shaping.
The goal is to block transfer of large files over various TCP protocols,
while allowing small files.
Thank you all, for your input.
On Tue, May 10, 2016 at 12:55 PM, Yuri Voinov wrote:
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
And, incidentally, smoke manuals - Cisco either enables traffic shaping
or limit the speed on ports, protocols, networks, clients and so on. :)
As you wish. :)
Its possibilities are limited only version of the software platform, and
your ability
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
You can not pull the owl on the globe. )
By the way, I'm not sure what he was trying to achieve this :)
11.05.16 1:45, Adam W. Dace пишет:
> Back in the day, I used "traffic shaping" on the Cisco router to achieve that
> sort of thing.
It
Back in the day, I used "traffic shaping" on the Cisco router to achieve
that sort of thing. It actually changes the traffic to fit your Internet
link, versus limiting per-connection speed.
Still, this is off-topic. Anyways, consult your CIOS documentation and
good luck! :)
Regards,
Adam
On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
SARG or SquidAnalyzer, in general, has reports with denied and donwloads
logging.
This information (excluding the access restrictions) are usually not
found in the logs immediately, it takes some processing.
10.05.16 23:41, J Green пишет:
> That
That is fair, re intended use. But yes, management want to know if users
are attempting to circumvent policy. Re analyzing logs, I did not see this
logged anywhere. Is there perhaps a debug mode which I need to enable?
Thank you.
On Tue, May 10, 2016 at 10:29 AM, Yuri Voinov
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Furthermore, the proxy server itself is not a billing system. Accounting
as task can be solved by the third software analyzing access logs.
10.05.16 23:25, J Green пишет:
> So back to the intended use cases for HTTP, HTTPS, & FTP , how can you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
First, upload is PUT method usage. Most common HTTP/HTTPS is GET/HEAD
methods.
Second, logging of all things is not my goal.
For me, it is sufficient that the restrictions imposed by me in
accordance with the policy. The amount of downloads for
So back to the intended use cases for HTTP, HTTPS, & FTP , how can you log
violations of maximum download/upload size? I see an error message
generated on the client system, but not w/in Squid. Thank you.
On Mon, May 9, 2016 at 10:12 AM, Yuri Voinov wrote:
>
> -BEGIN
At the host level? Was hoping for something at the network level.
On Mon, May 9, 2016 at 10:06 PM, Amos Jeffries wrote:
> On 2016-05-10 06:05, J Green wrote:
>
>> Appreciate the response. Thought it might work if I added those ports
>> to the safe list.
>>
>
> The
On 2016-05-10 06:05, J Green wrote:
Appreciate the response. Thought it might work if I added those ports
to the safe list.
The Safe_ports list is the ports it is considered safe to send traffic
to from an HTTP proxy. The ports not on that list are for protocols that
can have crafted
Sorry to derail off topic, though I appreciate the feedback. Trying to get
this to work through a Cisco ASA. If not, I probably have an old 2900
series router somewhere.
Thank you again.
On Mon, May 9, 2016 at 2:33 PM, Yuri Voinov wrote:
>
> -BEGIN PGP SIGNED
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I mean this, for example:
haribda(config)#policy-map Net_Limit
haribda(config-pmap)#class alternate
haribda(config-pmap-c)#?
Policy-map class configuration commands:
admitAdmit the request for
bandwidthBandwidth
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm afraid Cisco firewall is not enough here.
You need something more advanced. Like integrated service router,
i.e.2901 or 2911, or something similar. With iOS 15.5 and complete
hardware support.
10.05.16 3:15, J Green пишет:
> Here, re 'upload
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
No-no, not policing. This is too blunt instrument.
Try to dig in direction of policy-map, bandwidth, service policy, QoS
and control-plane.
Unfortunately, this is offtopic here. This is a completely different
proprietary tool. This is not the
Here, re 'upload and download sizes', I meant the later 'dumb traffic
limits'.
We do have a Cisco firewall in place, and I have setup 'traffic policing'.
However, the results are inconsistent. Sometimes it seems to work, other
times it blocks everything, or it blocks nothing.
Appreciate all the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
For such task enough put Cisco router with TCP traffic policies .
And please - any protocol, any speed limits, any ACL's, any SLA .
10.05.16 1:15, Alex Rousskov пишет:
> On 05/09/2016 12:53 PM, Yuri Voinov wrote:
>
>> Just to clarify.
On 05/09/2016 12:53 PM, Yuri Voinov wrote:
> Just to clarify. For proxying anything (protocol or service), the proxy
> server must be at the same time also act as the client of a protocol or
> service - and as a server.
It all depends on the definition of "upload and download sizes" in the
OP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
You are welcome.
Just to clarify. For proxying anything (protocol or service), the proxy
server must be at the same time also act as the client of a protocol or
service - and as a server. It is known for at least several hundreds of
protocols. It
Thank you. Yes, I am having a difficult time trying to find a solution for
this.
On Mon, May 9, 2016 at 11:18 AM, Yuri Voinov wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> As I know, even this solution can not:
>
>
>
Appreciate the response. Thought it might work if I added those ports to
the safe list.
If not Squid, any idea how to accomplish this?
Thank you.
On Mon, May 9, 2016 at 10:12 AM, Yuri Voinov wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Squid is not a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
https://i1.someimage.com/DTMWEmc.png
09.05.16 23:07, J Green пишет:
> Hello all:
>
> Can Traffic Management Settings be configured for TCP protocols other
than HTTP?
>
> Would like to limit maximum upload and download sizes for other TCP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Squid is not a proxy server every imaginable the TCP-usage protocol.
AFAIK HTTP/HTTPS/FTP. That's all, folks.
09.05.16 23:07, J Green пишет:
> Hello all:
>
> Can Traffic Management Settings be configured for TCP protocols other
than HTTP?
>
>
Hello all:
Can Traffic Management Settings be configured for TCP protocols other than
HTTP?
Would like to limit maximum upload and download sizes for other TCP
protocols: SMB, NFS, FTP, and RDP.
Is this possible? If so, how?
Thank you.
___
37 matches
Mail list logo