[squid-users] assertion failed: client_side.cc:1515: "connIsUsable(http->getConn())

[Dan Charlesworth]

Hey Eliezer

With the response_size_100 ACL definition:
- 100 tells the external ACL the limit in MB
- 192.168.0.10 tells the external ACL the squid IP

I think one or both of these is only needed to build the deny page. You can’t use deny_info with reply_body_max_size so we had to customise the ERR_TOO_BIG source to do a redirect to our own page.

The http_access allow line is because result caching cannot alter the EXT_LOG for fast ACLs as cache lookups include the EXT_LOG, so we need to check the result twice to alter the EXT_LOG and then have the result cached against the altered EXT_LOG.

Cheers
Dan

> On 11 Feb 2015, at 11:09 pm, Eliezer Croitoru <eliezer at ngtech.co.il> wrote:
> 
> Hey Dan,
> 
> First I must admit that this squid.conf is quite complicated but kind of self explanatory.
> 
> I have tried to understand the next lines:
> # File size (download) restrictions
> acl response_size_100 external response_size_type 100 192.168.0.10
> http_access allow response_size_100 response_size_100
> reply_body_max_size 100 MB response_size_100
> 
> But I am unsure how it works with external_acl exactly.
> If you wish to deny 100MB size files you should have only one rule for the reply body max size, what are the others for exactly?
> 
> Eliezer
> 
> * I might missing some concepts some sorry in advance.
> 
> On 11/02/2015 00:30, Dan Charlesworth wrote:
>> Hi Eliezer
>> 
>> Took a while to get this up—sorry about that. Here’s an example of a production config of ours (with some confidential stuff necessarily taken out/edited):
>> https://gist.github.com/djch/92cf44440b04afbd7917  <https://gist.github.com/djch/92cf44440b04afbd7917>
>> 
>> Let me know if there’s any other info I can provide that might point towards the cause of this crash.
>> 
>> And thanks again for taking a look.
> 
>