On Mon, 14 Sep 2009 22:44:36 +0900, Mikio Kishi <mkishi@xxxxxxx> wrote: > Hi, Leonardo > >> not directly that way ..... you'll have to use reply_body_max_size >> for that. >> >> you'll have to define your other ACLs and merge them with >> reply_body_max_size which takes the maximum site as argument. > > I'd like to use it to control icap access. ACL for Squid-3 are easily created. If you are able to sponsor the work I'm sure we can get something done soon that uses Content-Length. The only problem will be objects without any Content-Length, of which there are still many. These will have to be covered by some 'other' setting. Amos > > For example, > >> acl MAX100Mbyte rep_max_content_length 100M >> icap_service av respmod_precache 1 icap://127.0.0.1:1344/av/respmod >> icap_class respmod av >> icap_access respmod deny MAX100Mbyte >> icap_access respmod allow all > > I can't apply "reply_body_max_size" to above.... > > Sincerely, > > -- > Mikio Kishi > > > On Mon, Sep 14, 2009 at 10:26 PM, Leonardo Rodrigues > <leolistas@xxxxxxxxxxxxxx> wrote: >> Mikio Kishi escreveu: >> >> >> >> For example >> >> acl MAX100Mbyte rep_max_content_length 100M >> >> >> >> Is it possible ? >> >> >> not directly that way ..... you'll have to use reply_body_max_size >> for that. >> >> you'll have to define your other ACLs and merge them with >> reply_body_max_size which takes the maximum site as argument. >> >> >> >> # TAG: reply_body_max_size bytes allow|deny acl acl... >> # This option specifies the maximum size of a reply body in bytes. >> # It can be used to prevent users from downloading very large >> files, >> # such as MP3's and movies. When the reply headers are received, >> # the reply_body_max_size lines are processed, and the first line >> with >> # a result of "allow" is used as the maximum body size for this >> reply. >> # This size is checked twice. First when we get the reply headers, >> # we check the content-length value. If the content length value >> exists >> # and is larger than the allowed size, the request is denied and >> the >> # user receives an error message that says "the request or reply >> # is too large." If there is no content-length, and the reply >> # size exceeds this limit, the client's connection is just closed >> # and they will receive a partial reply. >> # >> # WARNING: downstream caches probably can not detect a partial >> reply >> # if there is no content-length header, so they will cache >> # partial responses and give them out as hits. You should NOT >> # use this option if you have downstream caches. >> # >> >> -- >> >> >> Atenciosamente / Sincerily, >> Leonardo Rodrigues >> Solutti Tecnologia >> http://www.solutti.com.br >> >> Minha armadilha de SPAM, NÃO mandem email >> gertrudes@xxxxxxxxxxxxxx >> My SPAMTRAP, do not email it >> >> >>
