[squid-users] is ACL conditional directive possible ?

Amos Jeffries squid3 at treenet.co.nz
Tue Nov 15 09:48:24 UTC 2016

On 15/11/2016 10:19 p.m., AUBERT Thibaud wrote:
> Hi,
> I'm currently stuck on a study that consist to set different
> ''reply_body_max_size" directives, depending on the source IP.
> Here's the current proxy Infra : I have some corporate proxy
> (v3.5.19) used by some small and remote offices, with a small link
> (8mbits/sec).  Those proxy are often based on some datacenters with a
> big internet link (1Gbs). The thing is, I have to set a very small
> reply body max size limit to avoid users of small office to saturate
> their remote network. It mean that local users of the proxy suffer
> the same restriction while they should normally be able to download
> big files without saturating anything.

It sounds to me like your network needs proper QoS controls put in place
for bandwidth management. Placing a maximum size limit on HTTP responses
is not a good way to do that.

Start by setting up QoS/TOS bandwidth limitations on the border router(s).

Then you integrate Squid with those system QoS controls by using the
tcp_outgoing_tos directive with ACLs to send the appropriate TOS label
for the client IP.


More information about the squid-users mailing list