[squid-users] reply_body_max_size question
Amos Jeffries
squid3 at treenet.co.nz
Fri Jul 3 15:35:23 UTC 2015
On 3/07/2015 5:46 a.m., Danny wrote:
>> It works as documented at
>> <http://www.squid-cache.org/Doc/config/reply_body_max_size/>. If that
>> does not fit your criteria then its not what you need.
>
> I am aware of that, I was just a little unsure how to split the different dowload
> sizes amongst all the different users.
>
>>> http_access allow localnet
>>
>> NOTE: No http_access ACLs controlling 10.0.0.0/24 have any effect below
>> this one that allows them all access to use the proxy.
>>
>>> http_access allow localnet_dad_laptop
>>> http_access allow localnet_dad_smartphone
>>> http_access allow localnet_mom_laptop
>>> http_access allow localnet_mom_smartphone
>>> http_access allow localnet_son_laptop
>>> http_access allow localnet_son_smartphone
>>> http_access allow localnet_son_tablet
>
> Thank you ... did not know that ... I was under the impression every user i.e
> device needed to be granted http_access ...
They do. But not necessarily individually. The /24 does all IPs in the
subnetwork as a group.
You can also list multiple IPs and/or subnets in one ACL name. That
helps fixing the below...
>
>> By applying ACLs for the kids on the reply_body_max_size directive lines
>> setting the sizes to use for them. Like so:
>> reply_body_max_size 50 KB localnet_son_smartphone
>
> O.k ... so currently I have:
> reply_body_max_size 20 MB
>
> If I combine your suggestion and Augusto Gabanzo's (who suggested something a little different) can I then do something like this:
> ##########
> reply_body_max_size 0 MB !localnet_son_laptop !localnet_son_smartphone !localnet_son_tablet
> reply_body_max_size 5 MB localnet_son_laptop localnet_son_smartphone localnet_son_tablet (// Or must each device get it's own limit?)
The ACLs on a line are AND'd together. Better to make one ACL that
matches all the IPs for the user you want to limit.
Amos
More information about the squid-users
mailing list