Re: [squid-users] issue getting replay_body_max_size to work with an external acl

From: Cameron Charles <cameron_at_getbusi.com>
Date: Wed, 30 May 2012 17:14:05 +1000

oops wrong email heres what i wrote in replay from my other email,
sorry to all for the mixup

HI, thanks for the quick response, i have a line like the one you
mentioned above my replay_body.. line, however further above that line
i have the following line aswell "hhtp_reply_access deny
differentacl"

could this be causing a confliction error or something like that, if
not then i have the lines you suggested in place and still dont get a
restriction working

Thanks
Cam

ps.i hope im replaying to this the correct way << nope

On 30 May 2012 17:07, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On 30/05/2012 6:05 p.m., Cameron Charles wrote:
>>
>> Hi,
>>
>> I am trying to use an external acl to "toggle" a reply_body_max_size,
>> so im my conf i have the following
>>
>> reply_body_max_size 1 MB extaclname
>>
>> and extaclname is setup to run a check on some data and return its
>> findings with an OK or ERR, the ext acl works correctly as its used
>> elsewhere in squids workings but i cannot get it restrict the reply
>> size when it should be, in fact it appears never to "run" the acl as
>> some debug message in the external check are never fired
>>
>> I have found this very old posting
>> http://www.mail-archive.com/squid-users@squid-cache.org/msg59937.html
>> which mentions " you may be able to get this to work then by adding
>> the ACL test to an http_reply_access line as well." but im not sure
>> how to implement this in anyway that would affect the line i have
>> above
>
>
> http_reply_access is tested on first receiving the reply. You run the ACL
> test there and its result gets cached for use by the reply_body_max_size
> test later.
>
>  http_reply_access allow extaclname !all
>
> note the "!all" that is important to make it have no effect on actual reply
> access. Place this at the top of the http_reply_access list set if you have
> any others doing allow/deny.
>
> Amos
Received on Wed May 30 2012 - 07:14:13 MDT

This archive was generated by hypermail 2.2.0 : Wed May 30 2012 - 12:00:06 MDT