The OpenNET Project / Index page

[ новости /+++ | форум | wiki | теги | ]

форумы  помощь  поиск  регистрация  майллист  ВХОД  слежка  RSS
"reply_body_max_size (max download) is not working !"
Вариант для распечатки  
Пред. тема | След. тема 
Форумы Настройка Squid и других прокси серверов (Public)
Изначальное сообщение [Проследить за развитием треда]

"reply_body_max_size (max download) is not working !"  
Сообщение от eXtremer email(ok) on 24-Авг-07, 17:17 
I don't know why but this option is not working.
request_body_max_size <- restriction for max upload is working well,
but reply_body_max_size <- restriciton for max download is not working.
Why ?
Here is my config file:

#  TAG: request_body_max_size    (KB)
#    This specifies the maximum size for an HTTP request body.
#    In other words, the maximum size of a PUT/POST request.
#    A user who attempts to send a request with a body larger
#    than this limit receives an "Invalid Request" error message.
#    If you set this parameter to a zero (the default), there will
#    be no limit imposed.
#
#Default:
# request_body_max_size 0 KB
request_body_max_size 3 MB

---------------------------------------------------------------------

#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 444
acl Safe_ports port 80        # http
#acl Safe_ports port 21        # ftp
acl Safe_ports port 443 563    # https, snews
#acl Safe_ports port 70        # gopher
#acl Safe_ports port 210        # wais
#acl Safe_ports port 1025-65535    # unregistered ports
#acl Safe_ports port 280        # http-mgmt
#acl Safe_ports port 488        # gss-http
#acl Safe_ports port 591        # filemaker
#acl Safe_ports port 777        # multiling http
acl CONNECT method CONNECT


#-------------Conectiuni maxime per IP-------------
#acl maxcon maxconn 3

#------------Upload max---------------
#request_body_max_size 3 MB                          <- The option is set higher

#-----------Download max--------------
#reply_body_max_size 2100000 allow all               <- The option is set lower


#----------Restrict Download max 2 Mb exception symantec.com--------
acl allow_dl_from dstdomain symantec.com

#-------------Extensii interzise video-audio-exec-------------
acl music-video urlpath_regex -i "/etc/squid/deny/ext.block"

#------------Banner-Reklama-Advertise------------
acl BANNER url_regex banner reclama linkexch banpics us\.yimg\.com[\./]ad[s]?[\./]

#--------Site-uri games-porno-music-other-spyware-chat-------------
acl porno url_regex -i "/etc/squid/deny/porn.block"
acl games url_regex -i "/etc/squid/deny/games.block"
acl multimedia url_regex -i "/etc/squid/deny/multimedia.block"
acl other url_regex -i "/etc/squid/deny/other.block"
acl adv url_regex -i "/etc/squid/deny/banner.block"


#--------------Reteaua 145------------------
acl 145a src "/etc/squid/allow/145a.allow"
acl 145b src "/etc/squid/allow/145b.allow"

acl 145c src 192.168.41.200/32

  
#-----------------------Restrictions-----------------------

#---Restrictie ptr extensii interzise---
http_access deny music-video
deny_info ERR_ACCESS_DENIED_EXT music-video

#---Restrictie ptr bannere---
http_access deny BANNER
deny_info ERR_ACCESS_DENIED_NOBANNER BANNER

#---Restrictie ptr site-uri cu jocuri---
http_access deny games

#---Restrictie ptr site-uri porno---
http_access deny porno
deny_info ERR_ACCESS_DENIED_NOPORNO porno

#---Restrictie ptr site-uri audio-video---
http_access deny multimedia
deny_info ERR_ACCESS_DENIED_MULTIMEDIA multimedia

#---Restrictie ptr orice altceva ce nu se include---
http_access deny other

#---Restriction for banre-reklama-advertise---
http_access deny adv
deny_info ERR_ACCESS_DENIED_NOBANNER adv

#---Access ptr toti in afara de sala 145---
http_access deny all !145a !145b !145c !localhost

------------------------------------------------------------------------------

#  TAG: reply_body_max_size    bytes allow|deny acl acl...
#        This option specifies the maximum size of a reply body.  It
#    can be used to prevent users from downloading very large files,
#    such as MP3's and movies. When the reply headers are recieved,
#    the reply_body_max_size lines are processed, and the first line with
#    a result of "allow" is used as the maximum body size for this reply.
#    This size is then checked twice. First when we get the reply headers,
#    we check the content-length value.  If the content length value exists
#    and is larger than the allowed size, the request is denied and the
#    user receives an error message that says "the request or reply
#    is too large." If there is no content-length, and the reply
#    size exceeds this limit, the client's connection is just closed
#    and they will receive a partial reply.
#
#    WARNING: downstream caches probably can not detect a partial reply
#    if there is no content-length header, so they will cache
#    partial responses and give them out as hits.  You should NOT
#    use this option if you have downstream caches.
#
#    WARNING: A maximum size larger than the size of squid's error messages
#    will cause an infinite loop and crash squid. Ensure that the smallest
#    non-zero value you use is greater that the maximum header size plus
#    the size of your largest error page.
#
#    If you set this parameter to zero (the default), there will be
#    no limit imposed.
#
#Default:
# reply_body_max_size 0 allow all
reply_body_max_size 0 allow allow_dl_from
reply_body_max_size 21000000 allow all             <---------- max download 2.1 Mb

Высказать мнение | Ответить | Правка | Наверх | Cообщить модератору

 Оглавление

Сообщения по теме [Сортировка по времени, UBB]


1. "reply_body_max_size (max download) is not working !"  
Сообщение от ipmanyak (??) on 27-Авг-07, 17:38 
>[оверквотинг удален]
>#
># If you set this parameter to zero (the default), there will
>be
># no limit imposed.
>#
>#Default:
># reply_body_max_size 0 allow all
>reply_body_max_size 0 allow allow_dl_from
>reply_body_max_size 21000000 allow all        
>    <---------- max download 2.1 Mb

acl  allow_dl_from  must be point on src acl, but no to dstdomain, especially to symantec.com only !  

Высказать мнение | Ответить | Правка | Наверх | Cообщить модератору

2. "reply_body_max_size (max download) is not working !"  
Сообщение от eXtremer email(ok) on 28-Авг-07, 15:13 
>[оверквотинг удален]
>># no limit imposed.
>>#
>>#Default:
>># reply_body_max_size 0 allow all
>>reply_body_max_size 0 allow allow_dl_from
>>reply_body_max_size 21000000 allow all        
>>    <---------- max download 2.1 Mb
>
>acl  allow_dl_from  must be point on src acl, but no
>to dstdomain, especially to symantec.com only !

ipmanyak pasiba, ea zamenil dstdomain na src.
no u minea bil drugoi vapros, i ea uje ivo razreshil,
reply_body_max_size 21000000 allow all  <-- na odin "0" bilo bolishe 4em nado. 21 Mb a ne 2.1.

Высказать мнение | Ответить | Правка | Наверх | Cообщить модератору

3. "reply_body_max_size (max download) is not working !"  
Сообщение от eXtremer email(ok) on 30-Авг-07, 15:24 
>[оверквотинг удален]
>># no limit imposed.
>>#
>>#Default:
>># reply_body_max_size 0 allow all
>>reply_body_max_size 0 allow allow_dl_from
>>reply_body_max_size 21000000 allow all        
>>    <---------- max download 2.1 Mb
>
>acl  allow_dl_from  must be point on src acl, but no
>to dstdomain, especially to symantec.com only !

acl allow_dl_from dstdomain symantec.com
acl allow_dl_from src symantec.com

reply_body_max_size 0 allow allow_dl_from

Cannot update antivirus, I tried both dstdomain and src but neither is working !
why ?
10x in advance

Высказать мнение | Ответить | Правка | Наверх | Cообщить модератору

Архив | Удалить

Индекс форумов | Темы | Пред. тема | След. тема
Оцените тред (1=ужас, 5=супер)? [ 1 | 2 | 3 | 4 | 5 ] [Рекомендовать для помещения в FAQ]




Спонсоры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2022 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру