<div dir="ltr"><div>Re logging, does this eventually get logged by Squid, somewhere?<br><br></div>For this implementation, I was going to use pfSense. Turns out that Sarg is no longer included in the package list for pfSense (current version).<br><br> <br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, May 10, 2016 at 2:43 PM, J Green <span dir="ltr"><<a href="mailto:corpengineer@gmail.com" target="_blank">corpengineer@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Very interesting, thank you both.<br></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Tue, May 10, 2016 at 2:23 PM, Yuri Voinov <span dir="ltr"><<a href="mailto:yvoinov@gmail.com" target="_blank">yvoinov@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span>
<br>
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA256 <br>
<br>
<br>
<br></span>
11.05.16 2:57, Eliezer Croitoru пишет:<span><br>
<span style="white-space:pre-wrap">><br>
> Hey,<br>
><br>
> <br>
><br>
> You can always use a TOS from squid to mark connections
and\or users and to somehow create some policy case on that.</span><br>
<br></span>
Sure, Eliezer. I've forgot about TOS. Good point.<br>
<span style="white-space:pre-wrap"><span>><br>
> I have used more then once the Linux "tc" to "jail" a user
which was abusing his unbound bandwidth policy.<br>
><br>
> I do not like the idea but I have asked couple networking
experts about the most used approach compared to the most
efficient and it's seems pretty reasonable from the business
aspect of networking to slow(not hog) a user.<br>
> Specifically there are places which defines the Internet as a
WEB only ie port 80 and 443 and for HTTP only traffic.<br>
><br>
> For these purposes squid is great while there are other
approaches to the subject.<br>
><br>
> <br>
><br>
> Eliezer<br>
><br>
> <br>
><br>
> ----<br>
><br></span>
> Eliezer Croitoru <a href="http://ngtech.co.il/lmgtfy/" target="_blank"><http://ngtech.co.il/lmgtfy/></a><span><br>
> Linux System Administrator<br>
> Mobile: +972-5-28704261<br>
> Email: <a href="mailto:eliezer@ngtech.co.il" target="_blank">eliezer@ngtech.co.il</a><br>
><br>
> <br>
><br></span>
> *From:*squid-users
[<a href="mailto:squid-users-bounces@lists.squid-cache.org" target="_blank">mailto:squid-users-bounces@lists.squid-cache.org</a>] *On Behalf Of
*J Green<br>
> *Sent:* Tuesday, May 10, 2016 8:42 PM<br>
> *To:* Yuri Voinov<br>
> *Cc:* <a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a><br>
> *Subject:* Re: [squid-users] Can Traffic Management Settings
be configured for other TCP protocols?<span><br>
><br>
> <br>
><br>
> That is fair, re intended use. But yes, management want to
know if users are attempting to circumvent policy. Re analyzing
logs, I did not see this logged anywhere. Is there perhaps a
debug mode which I need to enable?<br>
><br>
> Thank you.<br>
><br>
> <br>
><br></span><span>
> On Tue, May 10, 2016 at 10:29 AM, Yuri Voinov
<<a href="mailto:yvoinov@gmail.com" target="_blank">yvoinov@gmail.com</a> <a href="mailto:yvoinov@gmail.com" target="_blank"><mailto:yvoinov@gmail.com></a>> wrote:<br>
><br>
><br>
> First, upload is PUT method usage. Most common HTTP/HTTPS is
GET/HEAD methods.<br>
><br>
> Second, logging of all things is not my goal.<br>
><br>
> For me, it is sufficient that the restrictions imposed by me
in accordance with the policy. The amount of downloads for my
count analyzers logs, if management is interesting to read the
reports independently.<br>
><br>
> 10.05.16 23:25, J Green пишет:<br>
> > So back to the intended use cases for HTTP, HTTPS, &
FTP , how can you log violations of maximum download/upload size?
I see an error message generated on the client system, but not
w/in Squid. Thank you.<br>
><br></span><span>
> > On Mon, May 9, 2016 at 10:12 AM, Yuri Voinov
<<a href="mailto:yvoinov@gmail.com" target="_blank">yvoinov@gmail.com</a> <a href="mailto:yvoinov@gmail.com" target="_blank"><mailto:yvoinov@gmail.com></a>
<a href="mailto:yvoinov@gmail.com" target="_blank"><mailto:yvoinov@gmail.com></a>
<a href="mailto:yvoinov@gmail.com" target="_blank"><mailto:yvoinov@gmail.com></a>> wrote:<br>
><br>
><br>
> > Squid is not a proxy server every imaginable the
TCP-usage protocol.<br>
><br>
> > AFAIK HTTP/HTTPS/FTP. That's all, folks.<br>
><br>
><br>
> > 09.05.16 23:07, J Green пишет:<br>
> > > Hello all:<br>
><br>
><br>
><br>
> > > Can Traffic Management Settings be configured
for TCP<br>
> > protocols other than HTTP?<br>
><br>
><br>
><br>
> > > Would like to limit maximum upload and
download sizes for<br>
> > other TCP protocols: SMB, NFS, FTP, and RDP.<br>
><br>
><br>
><br>
> > > Is this possible? If so, how?<br>
><br>
><br>
><br>
> > > Thank you.<br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
> > >
_______________________________________________<br>
><br>
> > > squid-users mailing list<br>
><br></span>
> > > <a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank"><mailto:squid-users@lists.squid-cache.org></a>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank"><mailto:squid-users@lists.squid-cache.org></a>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank"><mailto:squid-users@lists.squid-cache.org></a><span><br>
><br>
> > >
<a href="http://lists.squid-cache.org/listinfo/squid-users" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
><br>
><br>
><br>
> > _______________________________________________<br>
> > squid-users mailing list<br></span>
> > <a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank"><mailto:squid-users@lists.squid-cache.org></a>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank"><mailto:squid-users@lists.squid-cache.org></a>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank"><mailto:squid-users@lists.squid-cache.org></a><br>
> > <a href="http://lists.squid-cache.org/listinfo/squid-users" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
><br>
><br>
><br>
><br>
> <br>
></span><span><br>
<br>
-----BEGIN PGP SIGNATURE-----
<br>
Version: GnuPG v2
<br>
<br></span>
iQEcBAEBCAAGBQJXMlFEAAoJENNXIZxhPexGO6AH/RsDrJKihobs93E9OLhT7uuB
<br>
6KjX5eSfcNzYmTX1QsTn4SDf2l3HaItZ5jPuSFGSBMTuGo0RaHc0Y+YIcRO8CuOG
<br>
PQDBPXff2Vg16o06Ty78XLUAfWUr1q4uu6G5Vp8F2cLWSjk7thuFu9XoYe5Q2z1V
<br>
yN99aV/Kol+Om//eSPOf3hre3ONYRFn2lR+GJET9QNfogiRakpFOzeeGp3fXQgzA
<br>
S6n2MfhyhYRO3lDtjGcrWDoR5Tz8OdKlReuwHqtkuQi/OA95O9CpfwnEnORGLVN6
<br>
G4H0pG7MrXBbl5zRhspkr9BNvtunkFsSnUlcUhBtKj1RhsC7H9g7lvkE8QKphIU=
<br>
=kDA0
<br>
-----END PGP SIGNATURE-----
<br>
<br>
</div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>