Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: IPCOP and limiting download throughput.

IPCOP and limiting download throughput. 8 years 8 months ago #25324

  • lawin
  • lawin's Avatar
  • Offline
  • New Member
  • Posts: 15
  • Karma: 0
I am new here and I've been searching for some answers on the IPCop capability to limit users download speed. I've never used IPCop or any firewall filtering program before. I am a newly hired Network Admin in a medium size seminary school. We use IPCop 1.4.18 as firewall/gateway and is directly connected to the DSL. We have unsecured WAP all over the campus for students who has laptops. We don't use proxy to connect to the internet and our network is configured as workgroup, not as a domain. I want to limit the download speed of anyone who passes the firewall/gateway. At the Download throttlling, I tried to set the Limit per host on Green to 128kb/s but I can still see some downloads of 500K/s- 1.5Mb/s. I have to use Banish to stop the download. Maybe I am not doing it right. Can anyone tell me how to set it correctly?

TIA
The administrator has disabled public write access.

Re: IPCOP and limiting download throughput. 8 years 8 months ago #25328

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
Have you got any QoS addons installed because the stock IPCOP installation does not allow control at the host level (at least from the GUI) It does it by prioritising protocols. Can you let know what addons you have installed?
The administrator has disabled public write access.

Re: IPCOP and limiting download throughput. 8 years 8 months ago #25332

  • lawin
  • lawin's Avatar
  • Offline
  • New Member
  • Posts: 15
  • Karma: 0
DaLight, thanks for your reply. As I said, I am new on IPCop and I really don't know what addons are installed with it. How do you find which addons are installed?

TIA
The administrator has disabled public write access.

Re: IPCOP and limiting download throughput. 8 years 8 months ago #25337

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
From your initial post it would appear that you have the "Advanced Proxy" addon installed. Just to confirm your list of addons, go to the "Services" menu and post a list of all the menu items. This will give me more of an idea.
The administrator has disabled public write access.

Re: IPCOP and limiting download throughput. 8 years 8 months ago #25348

  • lawin
  • lawin's Avatar
  • Offline
  • New Member
  • Posts: 15
  • Karma: 0
Here's what's under the Services Menu;

Advance Proxy
Update Accelerator 1.0.0
URL Filter 1.9.1
DHCP Server
Dynamic DNS
Edit Hosts
Time Server
Traffic Shaping
Intrusion Detection
The administrator has disabled public write access.

Re: IPCOP and limiting download throughput. 8 years 8 months ago #25354

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
Right! That confirms what I thought. You have the "Advanced Proxy" addon installed, which is where you saw the "Limit per host on Green" setting. This setting and the others on the "Advanced Proxy" page are only applicable if your clients are being forced to use the proxy. The easiest way to control web traffic (at least on port 80) would be to check the "Enabled on Green" and "Transparent on Green" options.

This will have the effect of redirecting all port 80 traffic that tries to traverse your firewall. Thus you will be able to apply your speed limiting settings. It will not however trap any traffic on other ports. The advantage of this is that you will not need to make any changes to the client machines, hence the name "transparent proxying".

If you do want to control all ports, you will need to block all outgoing client access at the IP level using iptables, and then notify all your clients to enter the details of your IPCOP in their proxy settings. If not, all non-port 80 traffic will be blocked.

If you want to do the above, I can supply the appropriate iptables commands.
The administrator has disabled public write access.
Time to create page: 0.079 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup