Hey Eliezer With the response_size_100 ACL definition: - 100 tells the external ACL the limit in MB - 192.168.0.10 tells the external ACL the squid IP I think one or both of these is only needed to build the deny page. You can’t use deny_info with reply_body_max_size so we had to customise the ERR_TOO_BIG source to do a redirect to our own page. The http_access allow line is because result caching cannot alter the EXT_LOG for fast ACLs as cache lookups include the EXT_LOG, so we need to check the result twice to alter the EXT_LOG and then have the result cached against the altered EXT_LOG. Cheers Dan > On 11 Feb 2015, at 11:09 pm, Eliezer Croitoru <eliezer@xxxxxxxxxxxx> wrote: > > Hey Dan, > > First I must admit that this squid.conf is quite complicated but kind of self explanatory. > > I have tried to understand the next lines: > # File size (download) restrictions > acl response_size_100 external response_size_type 100 192.168.0.10 > http_access allow response_size_100 response_size_100 > reply_body_max_size 100 MB response_size_100 > > But I am unsure how it works with external_acl exactly. > If you wish to deny 100MB size files you should have only one rule for the reply body max size, what are the others for exactly? > > Eliezer > > * I might missing some concepts some sorry in advance. > > On 11/02/2015 00:30, Dan Charlesworth wrote: >> Hi Eliezer >> >> Took a while to get this up—sorry about that. Here’s an example of a production config of ours (with some confidential stuff necessarily taken out/edited): >> https://gist.github.com/djch/92cf44440b04afbd7917 <https://gist.github.com/djch/92cf44440b04afbd7917> >> >> Let me know if there’s any other info I can provide that might point towards the cause of this crash. >> >> And thanks again for taking a look. > > _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
