On Mon, 14 Sep 2009 22:44:36 +0900, Mikio Kishi <mkishi_at_104.net> wrote:
> Hi, Leonardo
>
>> not directly that way ..... you'll have to use reply_body_max_size
>> for that.
>>
>> you'll have to define your other ACLs and merge them with
>> reply_body_max_size which takes the maximum site as argument.
>
> I'd like to use it to control icap access.
ACL for Squid-3 are easily created. If you are able to sponsor the work
I'm sure we can get something done soon that uses Content-Length.
The only problem will be objects without any Content-Length, of which there
are still many. These will have to be covered by some 'other' setting.
Amos
>
> For example,
>
>> acl MAX100Mbyte rep_max_content_length 100M
>> icap_service av respmod_precache 1 icap://127.0.0.1:1344/av/respmod
>> icap_class respmod av
>> icap_access respmod deny MAX100Mbyte
>> icap_access respmod allow all
>
> I can't apply "reply_body_max_size" to above....
>
> Sincerely,
>
> --
> Mikio Kishi
>
>
> On Mon, Sep 14, 2009 at 10:26 PM, Leonardo Rodrigues
> <leolistas_at_solutti.com.br> wrote:
>> Mikio Kishi escreveu:
>>
>>
>>
>> For example
>>
>> acl MAX100Mbyte rep_max_content_length 100M
>>
>>
>>
>> Is it possible ?
>>
>>
>> not directly that way ..... you'll have to use reply_body_max_size
>> for that.
>>
>> you'll have to define your other ACLs and merge them with
>> reply_body_max_size which takes the maximum site as argument.
>>
>>
>>
>> # TAG: reply_body_max_size bytes allow|deny acl acl...
>> # This option specifies the maximum size of a reply body in bytes.
>> # It can be used to prevent users from downloading very large
>> files,
>> # such as MP3's and movies. When the reply headers are received,
>> # the reply_body_max_size lines are processed, and the first line
>> with
>> # a result of "allow" is used as the maximum body size for this
>> reply.
>> # This size is checked twice. First when we get the reply headers,
>> # we check the content-length value. If the content length value
>> exists
>> # and is larger than the allowed size, the request is denied and
>> the
>> # user receives an error message that says "the request or reply
>> # is too large." If there is no content-length, and the reply
>> # size exceeds this limit, the client's connection is just closed
>> # and they will receive a partial reply.
>> #
>> # WARNING: downstream caches probably can not detect a partial
>> reply
>> # if there is no content-length header, so they will cache
>> # partial responses and give them out as hits. You should NOT
>> # use this option if you have downstream caches.
>> #
>>
>> --
>>
>>
>> Atenciosamente / Sincerily,
>> Leonardo Rodrigues
>> Solutti Tecnologia
>> http://www.solutti.com.br
>>
>> Minha armadilha de SPAM, NÃO mandem email
>> gertrudes_at_solutti.com.br
>> My SPAMTRAP, do not email it
>>
>>
>>
Received on Mon Sep 14 2009 - 23:55:15 MDT
This archive was generated by hypermail 2.2.0 : Thu Sep 17 2009 - 12:00:02 MDT