URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID12
Нить номер: 5079
[ Назад ]

Исходное сообщение
"reply_body_max_size (max download) is not working !"
Отправлено eXtremer , 24-Авг-07 17:17

I don't know why but this option is not working.
request_body_max_size <- restriction for max upload is working well,
but reply_body_max_size <- restriciton for max download is not working.
Why ?
Here is my config file:
#  TAG: request_body_max_size    (KB)
#    This specifies the maximum size for an HTTP request body.
#    In other words, the maximum size of a PUT/POST request.
#    A user who attempts to send a request with a body larger
#    than this limit receives an "Invalid Request" error message.
#    If you set this parameter to a zero (the default), there will
#    be no limit imposed.
#
#Default:
# request_body_max_size 0 KB
request_body_max_size 3 MB
---------------------------------------------------------------------
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 444
acl Safe_ports port 80        # http
#acl Safe_ports port 21        # ftp
acl Safe_ports port 443 563    # https, snews
#acl Safe_ports port 70        # gopher
#acl Safe_ports port 210        # wais
#acl Safe_ports port 1025-65535    # unregistered ports
#acl Safe_ports port 280        # http-mgmt
#acl Safe_ports port 488        # gss-http
#acl Safe_ports port 591        # filemaker
#acl Safe_ports port 777        # multiling http
acl CONNECT method CONNECT

#-------------Conectiuni maxime per IP-------------
#acl maxcon maxconn 3
#------------Upload max---------------
#request_body_max_size 3 MB                          <- The option is set higher

#-----------Download max--------------
#reply_body_max_size 2100000 allow all               <- The option is set lower

#----------Restrict Download max 2 Mb exception symantec.com--------
acl allow_dl_from dstdomain symantec.com
#-------------Extensii interzise video-audio-exec-------------
acl music-video urlpath_regex -i "/etc/squid/deny/ext.block"
#------------Banner-Reklama-Advertise------------
acl BANNER url_regex banner reclama linkexch banpics us\.yimg\.com[\./]ad[s]?[\./]
#--------Site-uri games-porno-music-other-spyware-chat-------------
acl porno url_regex -i "/etc/squid/deny/porn.block"
acl games url_regex -i "/etc/squid/deny/games.block"
acl multimedia url_regex -i "/etc/squid/deny/multimedia.block"
acl other url_regex -i "/etc/squid/deny/other.block"
acl adv url_regex -i "/etc/squid/deny/banner.block"

#--------------Reteaua 145------------------
acl 145a src "/etc/squid/allow/145a.allow"
acl 145b src "/etc/squid/allow/145b.allow"
acl 145c src 192.168.41.200/32

#-----------------------Restrictions-----------------------
#---Restrictie ptr extensii interzise---
http_access deny music-video
deny_info ERR_ACCESS_DENIED_EXT music-video
#---Restrictie ptr bannere---
http_access deny BANNER
deny_info ERR_ACCESS_DENIED_NOBANNER BANNER
#---Restrictie ptr site-uri cu jocuri---
http_access deny games
#---Restrictie ptr site-uri porno---
http_access deny porno
deny_info ERR_ACCESS_DENIED_NOPORNO porno
#---Restrictie ptr site-uri audio-video---
http_access deny multimedia
deny_info ERR_ACCESS_DENIED_MULTIMEDIA multimedia
#---Restrictie ptr orice altceva ce nu se include---
http_access deny other
#---Restriction for banre-reklama-advertise---
http_access deny adv
deny_info ERR_ACCESS_DENIED_NOBANNER adv
#---Access ptr toti in afara de sala 145---
http_access deny all !145a !145b !145c !localhost
------------------------------------------------------------------------------
#  TAG: reply_body_max_size    bytes allow|deny acl acl...
#        This option specifies the maximum size of a reply body.  It
#    can be used to prevent users from downloading very large files,
#    such as MP3's and movies. When the reply headers are recieved,
#    the reply_body_max_size lines are processed, and the first line with
#    a result of "allow" is used as the maximum body size for this reply.
#    This size is then checked twice. First when we get the reply headers,
#    we check the content-length value.  If the content length value exists
#    and is larger than the allowed size, the request is denied and the
#    user receives an error message that says "the request or reply
#    is too large." If there is no content-length, and the reply
#    size exceeds this limit, the client's connection is just closed
#    and they will receive a partial reply.
#
#    WARNING: downstream caches probably can not detect a partial reply
#    if there is no content-length header, so they will cache
#    partial responses and give them out as hits.  You should NOT
#    use this option if you have downstream caches.
#
#    WARNING: A maximum size larger than the size of squid's error messages
#    will cause an infinite loop and crash squid. Ensure that the smallest
#    non-zero value you use is greater that the maximum header size plus
#    the size of your largest error page.
#
#    If you set this parameter to zero (the default), there will be
#    no limit imposed.
#
#Default:
# reply_body_max_size 0 allow all
reply_body_max_size 0 allow allow_dl_from
reply_body_max_size 21000000 allow all             <---------- max download 2.1 Mb

Содержание

reply_body_max_size (max download) is not working !,ipmanyak, 17:38 , 27-Авг-07
- reply_body_max_size (max download) is not working !,eXtremer, 15:13 , 28-Авг-07
- reply_body_max_size (max download) is not working !,eXtremer, 15:24 , 30-Авг-07

Сообщения в этом обсуждении

"reply_body_max_size (max download) is not working !"
Отправлено ipmanyak , 27-Авг-07 17:38

>[оверквотинг удален]
>#
># If you set this parameter to zero (the default), there will
>be
># no limit imposed.
>#
>#Default:
># reply_body_max_size 0 allow all
>reply_body_max_size 0 allow allow_dl_from
>reply_body_max_size 21000000 allow all
>    <---------- max download 2.1 Mb
acl  allow_dl_from  must be point on src acl, but no to dstdomain, especially to symantec.com only !

"reply_body_max_size (max download) is not working !"
Отправлено eXtremer , 28-Авг-07 15:13

>[оверквотинг удален]
>># no limit imposed.
>>#
>>#Default:
>># reply_body_max_size 0 allow all
>>reply_body_max_size 0 allow allow_dl_from
>>reply_body_max_size 21000000 allow all
>>    <---------- max download 2.1 Mb
>
>acl  allow_dl_from  must be point on src acl, but no
>to dstdomain, especially to symantec.com only !
ipmanyak pasiba, ea zamenil dstdomain na src.
no u minea bil drugoi vapros, i ea uje ivo razreshil,
reply_body_max_size 21000000 allow all  <-- na odin "0" bilo bolishe 4em nado. 21 Mb a ne 2.1.

"reply_body_max_size (max download) is not working !"
Отправлено eXtremer , 30-Авг-07 15:24

>[оверквотинг удален]
>># no limit imposed.
>>#
>>#Default:
>># reply_body_max_size 0 allow all
>>reply_body_max_size 0 allow allow_dl_from
>>reply_body_max_size 21000000 allow all
>>    <---------- max download 2.1 Mb
>
>acl  allow_dl_from  must be point on src acl, but no
>to dstdomain, especially to symantec.com only !
acl allow_dl_from dstdomain symantec.com
acl allow_dl_from src symantec.com
reply_body_max_size 0 allow allow_dl_from
Cannot update antivirus, I tried both dstdomain and src but neither is working !
why ?
10x in advance