Search squid archive

RE: [squid-users] Blocking file uploads with HTTPS/SSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>> I'm trying to block file uploads over a certain size with squid, and have
>> everything working, except where the user connects with HTTPS.  Is there
a
>> way to limit uploads based on size when it's encrypted ssl (443) traffic?

>Nope. The size is not known to Squid when the traffic is encrypted. All 
>Squid sees is that there is some kind of bidirectional traffic between the 
>browser and the requested server.

>At best an acl could be added to forcibly terminate connections after N 
>amount of bytes have been sent in either direction, but there is no 
>guarantee this won't incorrectly terminate connections when there is 
>multiple request sent over the same persistent SSL connection, and imho 
>would generally do more bad than good.
>
>Regards 
>Henrik

I'm still very interested in trying this.  How would you write the ACL to
drop SSL traffic after N bytes?  Since I'm trying to make sure that people
don't upload files in the 300+ MB range, I'm sure that I can tweak the
amount of traffic where it will not effect my normal users.

Another external acl?

Thanks again for all your help.

Michael

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux