<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA256 <br>
<br>
No-no, not policing. This is too blunt instrument.<br>
<br>
Try to dig in direction of policy-map, bandwidth, service policy,
QoS and control-plane.<br>
<br>
Unfortunately, this is offtopic here. This is a completely different
proprietary tool. This is not the time nor the place to discuss
these issues.<br>
<br>
<span style="white-space: pre;">> We do have a Cisco firewall in
place, and I have setup 'traffic policing'. However, the results
are inconsistent. Sometimes it seems to work, other times it
blocks everything, or it blocks nothing.<br>
><br>
> Appreciate all the feedback, thank you all for your time.<br>
><br>
> On Mon, May 9, 2016 at 12:27 PM, Yuri Voinov
<<a class="moz-txt-link-abbreviated" href="mailto:yvoinov@gmail.com">yvoinov@gmail.com</a> <a class="moz-txt-link-rfc2396E" href="mailto:yvoinov@gmail.com"><mailto:yvoinov@gmail.com></a>> wrote:<br>
><br>
><br>
> For such task enough put Cisco router with TCP traffic
policies .....<br>
><br>
> And please - any protocol, any speed limits, any ACL's, any
SLA .....<br>
><br>
><br>
> 10.05.16 1:15, Alex Rousskov пишет:<br>
> > On 05/09/2016 12:53 PM, Yuri Voinov wrote:<br>
><br>
> >> Just to clarify. For proxying anything (protocol or
service), the proxy<br>
> >> server must be at the same time also act as the
client of a protocol or<br>
> >> service - and as a server.<br>
><br>
><br>
> > It all depends on the definition of "upload and download
sizes" in the<br>
> > OP question. If the intent is to understand and restrict
individual<br>
> > protocol messages, then you are right. If the intent is
just to limit<br>
> > the aggregate number of TCP bytes transferred, then
protocol<br>
> > understanding (in a "transparent" setup) is not
required.<br>
><br>
> > Needless to say, Squid is unlikely to be the best
solution for the<br>
> > latter "dumb traffic limits" problem, but if an
"all-in-one executable"<br>
> > is a critical requirement, one can make modern Squids to
limit tunneled<br>
> > TCP traffic that it does not understand.<br>
><br>
> > Alex.<br>
><br>
><br>
> >> J Green:<br>
> >>>> Would like to limit maximum upload and
download sizes for<br>
> >>>> other TCP protocols: SMB, NFS, FTP,
and RDP.<br>
> > _______________________________________________<br>
> > squid-users mailing list<br>
> > <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>
<a class="moz-txt-link-rfc2396E" href="mailto:squid-users@lists.squid-cache.org"><mailto:squid-users@lists.squid-cache.org></a><br>
> > <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a><br>
><br>
><br>
><br>
> _______________________________________________<br>
> squid-users mailing list<br>
> <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>
<a class="moz-txt-link-rfc2396E" href="mailto:squid-users@lists.squid-cache.org"><mailto:squid-users@lists.squid-cache.org></a><br>
> <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a><br>
><br>
></span><br>
<br>
-----BEGIN PGP SIGNATURE----- <br>
Version: GnuPG v2 <br>
<br>
iQEcBAEBCAAGBQJXMQDkAAoJENNXIZxhPexGuh0H/A5EqyONyPmmfC+Ql2rATcJ2 <br>
tmXtx847qNlL0v5Hjy8ZPUpNyh7oN/UQwD71I7+5AXwpN0eSVwQnn/a5IqTVLOz3 <br>
ki1ks2G1O/vHT+Kb9+BtCm48MMqpRF/+ODvVc54zj74sJbwh7HtEkaCBHYVW8NZg <br>
ztmz0QXRFW5WUa3ASqehpWJApemEBM7Nev5OTTR4mqTPrYSfXrXFk8vy9B01wzMy <br>
lLd+PenxmzByIVy3PRHZ/di9qUL5QM4d6cXBC1JiJgjDnzErAan76fgjjQBkR6zr <br>
KTCA+/zKi5+XHfI4nqvHG1LbQelTcfT45PFil0YAaAbUkKkRpVhywdY8PSWnrPc= <br>
=Wla5 <br>
-----END PGP SIGNATURE----- <br>
<br>
</body>
</html>