>> I'm trying to block file uploads over a certain size with squid, and have
>> everything working, except where the user connects with HTTPS. Is there
a
>> way to limit uploads based on size when it's encrypted ssl (443) traffic?
>Nope. The size is not known to Squid when the traffic is encrypted. All
>Squid sees is that there is some kind of bidirectional traffic between the
>browser and the requested server.
>At best an acl could be added to forcibly terminate connections after N
>amount of bytes have been sent in either direction, but there is no
>guarantee this won't incorrectly terminate connections when there is
>multiple request sent over the same persistent SSL connection, and imho
>would generally do more bad than good.
>
>Regards
>Henrik
I'm still very interested in trying this. How would you write the ACL to
drop SSL traffic after N bytes? Since I'm trying to make sure that people
don't upload files in the 300+ MB range, I'm sure that I can tweak the
amount of traffic where it will not effect my normal users.
Another external acl?
Thanks again for all your help.
Michael
Received on Mon Mar 21 2005 - 13:45:19 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST