[squid-users] Unable to limit bandwidth (squid 4.7.2 )
Service MV
service.mv at gmail.com
Tue Jul 30 13:22:18 UTC 2019
Just to explain clearly, my goal is that no user of my LAN can download
more than 15 megabits/s, because some downloads consume me 100 magabits/s
leaving the rest of the users offline.
Since squid calculates in bytes, it would be: 1966080 bytes the limit that
I want to establish for any user of my LAN
Thank you very much for your help.
El mar., 30 de jul. de 2019 a la(s) 09:57, Service MV (service.mv at gmail.com)
escribió:
> Thanks for patience.
>
> I modify the line:
> # All net setting
> Individual client
> setting
> # first 15MB of file download full speed,
> then continue at 10MB/s first 10MB of file download full speed,
> then continue at 7MB/s
> delay_parameters 1 1310720/1966080
> 917504/1310720
>
> In this way I can make the Delay Pool work.
> But I'm still not sure if I'm using my symmetrical 100Mb/s bandwidth
> correctly.
>
> Any comments on that?
>
>
> El lun., 29 de jul. de 2019 a la(s) 16:58, Service MV (
> service.mv at gmail.com) escribió:
>
>> Hello everyone!
>> I have a 100/100 Mbit/s internet link and I am trying unsuccessfully to
>> limit downloads to a maximum of 15Mb/s of any IP on my network. Some
>> downloads consume the entire link.
>> I copy my settings to help me see where I'm going wrong. Thank you very
>> much!
>> Gabriel
>>
>> PS.: squid -v '--enable-delay-pools'
>>
>> #
>> # Recommended minimum configuration:
>> #
>>
>> # Example rule allowing access from your local networks.
>> # Adapt to list your (internal) IP networks from where browsing
>> # should be allowed
>> #acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
>> acl localnet src 10.10.8.0/22 # (My LAN)
>> #acl largefiledown src 10.10.8.0/22 # Limitar bajada y subida a 10Mbps
>> #acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
>> #acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
>> #acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly
>> plugged) machines
>> #acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
>> #acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
>> #acl localnet src fc00::/7 # RFC 4193 local private network range
>> #acl localnet src fe80::/10 # RFC 4291 link-local (directly
>> plugged) machines
>>
>> acl SSL_ports port 443
>> acl Safe_ports port 80 # http
>> acl Safe_ports port 21 # ftp
>> acl Safe_ports port 443 # https
>> acl Safe_ports port 70 # gopher
>> acl Safe_ports port 210 # wais
>> acl Safe_ports port 1025-65535 # unregistered ports
>> acl Safe_ports port 280 # http-mgmt
>> acl Safe_ports port 488 # gss-http
>> acl Safe_ports port 591 # filemaker
>> acl Safe_ports port 777 # multiling http
>> acl CONNECT method CONNECT
>>
>> acl LS_whitedomains dstdomain "/etc/squid/acl/whitedomains.txt"
>> acl LS_blackdomains dstdomain "/etc/squid/acl/blackdomains.txt"
>> acl LS_malicius dstdomain "/etc/squid/acl/malicius.txt"
>> acl LS_ads-tracking dstdomain "/etc/squid/acl/ads-tracking.txt"
>>
>> #
>> # Recommended minimum Access Permission configuration:
>> #
>> # Deny requests to certain unsafe ports
>> http_access deny !Safe_ports
>>
>> # Deny CONNECT to other than secure SSL ports
>> http_access deny CONNECT !SSL_ports
>>
>> # Only allow cachemgr access from localhost
>> http_access allow localhost manager
>> http_access deny manager
>>
>> # We strongly recommend the following be uncommented to protect innocent
>> # web applications running on the proxy server who think the only
>> # one who can access services on "localhost" is a local user
>> #http_access deny to_localhost
>>
>> #
>> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
>> #
>>
>> delay_pools 1
>> delay_class 1 2
>> delay_parameters 1 103809024/103809024 15728640/15728640 # (98/98
>> megabytes in bytes and 15/15 megabytes in bytes)
>> delay_access 1 allow localnet
>>
>> http_access deny LS_blackdomains
>> http_access allow LS_whitedomains
>> http_access deny LS_malicius
>> http_access deny LS_ads-tracking
>>
>>
>> # Example rule allowing access from your local networks.
>> # Adapt localnet in the ACL section to list your (internal) IP networks
>> # from where browsing should be allowed
>>
>>
>> http_access allow localnet
>> http_access allow localhost
>>
>> # And finally deny all other access to this proxy
>> http_access deny all
>>
>> # Squid normally listens to port 3128
>> http_port 3128
>>
>> # Uncomment and adjust the following to add a disk cache directory.
>> #cache_dir ufs /var/spool/squid 100 16 256
>>
>> # Leave coredumps in the first cache dir
>> coredump_dir /var/spool/squid
>>
>> #
>> # Add any of your own refresh_pattern entries above these.
>> #
>> refresh_pattern ^ftp: 1440 20% 10080
>> refresh_pattern ^gopher: 1440 0% 1440
>> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
>> refresh_pattern . 0 20% 4320
>>
>> # Other settings
>> quick_abort_min 0 KB
>> quick_abort_max 0 KB
>> read_timeout 5 minutes
>> request_timeout 3 minutes
>> shutdown_lifetime 0 seconds
>> ipcache_size 2048
>> fqdncache_size 4096
>> forwarded_for off
>> visible_hostname s-px02
>> httpd_suppress_version_string on
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20190730/ddf88efa/attachment-0001.html>
More information about the squid-users
mailing list