squid+p2p+donload limit

singh.ashish · ‎09-25-2006

hi Expertise,

m using squid proxy server,but users by- pass my proxy server through HTTP tunnel or any other by-pass proxy softwre. Is there any way to prevent this thing???

My second problem is can we block p2p software at cisco router??

My third problem.. can we restrict bandwidth on protocol basis or can we limit downloading at cisco router??

if u hve any suggetion regarding these 3 problem plz help me out

thanks

Ashish Singh

Anand Narayana · ‎09-25-2006

Hi Asish,

Answer 1 : configure IPTABLES(firewall)in Linux Squid to prevent users accessing HTTP

Answer 2: YES u can block using Access-list

Answer 3: using QoS YES u can restrict the bandwidth, also using delay pools in Squid based on the IP address or subnet you can restrict the Speed of the internet.

hope this helps.

rate this post if cleared.

singh.ashish · ‎09-25-2006

thanks 4 reply,

regarding 1 ans: my squid working on port 8080 can i block rest of the port in ip table.

regarding 2 ans: i did the same ,i blocked p2p but i think its not sufficent to block p2p site and p2p port coz its using random port. As all p2p having well define port but after blocking well define port its start communicate on some other free port.

regarding 3 ans:can u provide me any documnet. basically i want to reserve 50% of 2 mbps link for http /https and rest for other protocol. I also want to limit downloading speed also at router end.

As u mentioned earlier "using delay pools in Squid based on the IP address"....can u plz explain in datails.

Thanks alot

Ashish