<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>On Linux you can use iptables to do qos and make sure that a
single connection does not consume all bandwidth.</p>
<p>Marcus</p>
<p><br>
</p>
<div class="moz-cite-prefix">On 30/07/2019 10:22, Service MV wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+d==oEeORkzpGb5x+uDG4Ca5zK3WhAfwmM6ms+G4E1SDr8Mww@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Just to explain clearly, my goal is that no user of
my LAN can download more than 15 megabits/s, because some
downloads consume me 100 magabits/s leaving the rest of the
users offline. <br>
Since squid calculates in bytes, it would be: 1966080 bytes the
limit that I want to establish for any user of my LAN<br>
Thank you very much for your help.<br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">El mar., 30 de jul. de 2019 a
la(s) 09:57, Service MV (<a href="mailto:service.mv@gmail.com"
moz-do-not-send="true">service.mv@gmail.com</a>) escribió:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>Thanks for patience.</div>
<div><br>
</div>
<div>I modify the line:</div>
<div># All net
setting
Individual client setting<br>
</div>
<div># first 15MB of file
download full speed, then
continue at 10MB/s first 10MB of file download
full speed, then
continue at 7MB/s
</div>
<div>delay_parameters 1 1310720/1966080
917504/1310720</div>
<div><br>
</div>
<div>In this way I can make the Delay Pool work.<br>
But I'm still not sure if I'm using my symmetrical 100Mb/s
bandwidth correctly.<br>
<br>
Any comments on that?</div>
<div> <br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">El lun., 29 de jul. de
2019 a la(s) 16:58, Service MV (<a
href="mailto:service.mv@gmail.com" target="_blank"
moz-do-not-send="true">service.mv@gmail.com</a>)
escribió:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>Hello everyone!<br>
I have a 100/100 Mbit/s internet link and I am trying
unsuccessfully to limit downloads to a maximum of
15Mb/s of any IP on my network. Some downloads consume
the entire link.<br>
I copy my settings to help me see where I'm going
wrong. Thank you very much!<br>
Gabriel</div>
<div><br>
</div>
<div>PS.: squid -v '--enable-delay-pools'</div>
<div><br>
</div>
<div>#</div>
# Recommended minimum configuration:<br>
#<br>
<br>
# Example rule allowing access from your local networks.<br>
# Adapt to list your (internal) IP networks from where
browsing<br>
# should be allowed<br>
#acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122
"this" network (LAN)<br>
acl localnet src <a href="http://10.10.8.0/22"
target="_blank" moz-do-not-send="true">10.10.8.0/22</a>
# (My LAN)<br>
#acl largefiledown src <a href="http://10.10.8.0/22"
target="_blank" moz-do-not-send="true">10.10.8.0/22</a>
# Limitar bajada y subida a 10Mbps<br>
#acl localnet src <a href="http://10.0.0.0/8"
target="_blank" moz-do-not-send="true">10.0.0.0/8</a>
# RFC 1918 local private network (LAN)<br>
#acl localnet src <a href="http://100.64.0.0/10"
target="_blank" moz-do-not-send="true">100.64.0.0/10</a>
# RFC 6598 shared address space (CGN)<br>
#acl localnet src <a href="http://169.254.0.0/16"
target="_blank" moz-do-not-send="true">169.254.0.0/16</a>
# RFC 3927 link-local (directly plugged) machines<br>
#acl localnet src <a href="http://172.16.0.0/12"
target="_blank" moz-do-not-send="true">172.16.0.0/12</a>
# RFC 1918 local private network (LAN)<br>
#acl localnet src <a href="http://192.168.0.0/16"
target="_blank" moz-do-not-send="true">192.168.0.0/16</a>
# RFC 1918 local private network (LAN)<br>
#acl localnet src fc00::/7 # RFC 4193 local
private network range<br>
#acl localnet src fe80::/10 # RFC 4291 link-local
(directly plugged) machines<br>
<br>
acl SSL_ports port 443<br>
acl Safe_ports port 80 # http<br>
acl Safe_ports port 21 # ftp<br>
acl Safe_ports port 443 # https<br>
acl Safe_ports port 70 # gopher<br>
acl Safe_ports port 210 # wais<br>
acl Safe_ports port 1025-65535 # unregistered ports<br>
acl Safe_ports port 280 # http-mgmt<br>
acl Safe_ports port 488 # gss-http<br>
acl Safe_ports port 591 # filemaker<br>
acl Safe_ports port 777 # multiling http<br>
acl CONNECT method CONNECT<br>
<br>
acl LS_whitedomains dstdomain
"/etc/squid/acl/whitedomains.txt"<br>
acl LS_blackdomains dstdomain
"/etc/squid/acl/blackdomains.txt"<br>
acl LS_malicius dstdomain "/etc/squid/acl/malicius.txt"<br>
acl LS_ads-tracking dstdomain
"/etc/squid/acl/ads-tracking.txt"<br>
<br>
#<br>
# Recommended minimum Access Permission configuration:<br>
#<br>
# Deny requests to certain unsafe ports<br>
http_access deny !Safe_ports<br>
<br>
# Deny CONNECT to other than secure SSL ports<br>
http_access deny CONNECT !SSL_ports<br>
<br>
# Only allow cachemgr access from localhost<br>
http_access allow localhost manager<br>
http_access deny manager<br>
<br>
# We strongly recommend the following be uncommented to
protect innocent<br>
# web applications running on the proxy server who think
the only<br>
# one who can access services on "localhost" is a local
user<br>
#http_access deny to_localhost<br>
<br>
#<br>
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR
CLIENTS<br>
#<br>
<br>
delay_pools 1<br>
delay_class 1 2<br>
delay_parameters 1 103809024/103809024 15728640/15728640
# (98/98 megabytes in bytes and 15/15 megabytes in
bytes)<br>
delay_access 1 allow localnet<br>
<br>
http_access deny LS_blackdomains<br>
http_access allow LS_whitedomains<br>
http_access deny LS_malicius<br>
http_access deny LS_ads-tracking<br>
<br>
<br>
# Example rule allowing access from your local networks.<br>
# Adapt localnet in the ACL section to list your
(internal) IP networks<br>
# from where browsing should be allowed<br>
<br>
<br>
http_access allow localnet<br>
http_access allow localhost<br>
<br>
# And finally deny all other access to this proxy<br>
http_access deny all<br>
<br>
# Squid normally listens to port 3128<br>
http_port 3128<br>
<br>
# Uncomment and adjust the following to add a disk cache
directory.<br>
#cache_dir ufs /var/spool/squid 100 16 256<br>
<br>
# Leave coredumps in the first cache dir<br>
coredump_dir /var/spool/squid<br>
<br>
#<br>
# Add any of your own refresh_pattern entries above
these.<br>
#<br>
refresh_pattern ^ftp: 1440 20% 10080<br>
refresh_pattern ^gopher: 1440 0% 1440<br>
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0<br>
refresh_pattern . 0 20% 4320<br>
<br>
# Other settings<br>
quick_abort_min 0 KB <br>
quick_abort_max 0 KB <br>
read_timeout 5 minutes <br>
request_timeout 3 minutes <br>
shutdown_lifetime 0 seconds <br>
ipcache_size 2048 <br>
fqdncache_size 4096 <br>
forwarded_for off<br>
visible_hostname s-px02<br>
httpd_suppress_version_string on <br>
</div>
</blockquote>
</div>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
squid-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>
<a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a>
</pre>
</blockquote>
</body>
</html>