subject:"\[squid\-users\] reply_body_max

[squid-users] reply_body_max_size question

2017-03-11 Thread Danny

Hi,

Just want someone to confirm my current reply_body_max_size setup. I have a
simple network at home i.e: Debian with a wireless card (wlan0) which is bridged
(br0) to an ethernet card (eth0). All devices comes through the wireless card
(wlan0) and then of to the router.

I want "localnet_sniper localnet_bridge localnet_fever localnet_44081 
localnet_dannyS4" to have unlimited download capabilty but
"localnet_vS5mini localnet_anTab2 localnet_vTab3 localnet_samsungTV 
localnet_samsungDVD localnet_dhcp" must be limited to a
5MB download limit.

Here is my configuration:
##
acl localnet src 10.0.0.0/24# RFC1918 possible internal network
acl localnet_sniper src 10.0.0.3#(eth0)
acl localnet_bridge src 10.0.0.4#(br0)
acl localnet_fever src 10.0.0.5 #(wlan0)
acl localnet_44081 src 10.0.0.11#(RaspberryPi3)
acl localnet_dannyS4 src 10.0.0.54
acl localnet_vS5mini src 10.0.0.55
acl localnet_shotgun src 10.0.0.56
acl localnet_anTab2 src 10.0.0.71
acl localnet_vTab3 src 10.0.0.73
acl localnet_samsungTV src 10.0.0.80
acl localnet_samsungDVD src 10.0.0.81
acl localnet_dhcp src 10.0.0.201
acl localnet_dhcp src 10.0.0.202
acl localnet_dhcp src 10.0.0.203
acl localnet_dhcp src 10.0.0.204

http_access allow password
http_access allow localhost
http_access allow localnet
http_access allow localnet_sniper
http_access allow localnet_bridge
http_access allow localnet_fever
http_access allow localnet_44081
http_access allow localnet_dannyS4
http_access allow localnet_vS5mini
http_access allow localnet_anTab2
http_access allow localnet_vTab3
http_access allow localnet_samsungTV
http_access allow localnet_samsungDVD
http_access allow localnet_dhcp

reply_body_max_size 99 MB localnet_sniper localnet_bridge 
localnet_fever localnet_44081 localnet_dannyS4
reply_body_max_size 5 MB localnet_vS5mini localnet_anTab2 localnet_vTab3 
localnet_samsungTV localnet_samsungDVD localnet_dhcp

url_rewrite_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf
redirect_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf
###

Any help will be greatly appreciated.

Thank you

Danny
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] reply_body_max_size question

2015-07-02 Thread Danny

I am running Debian 8 with Squid3 installed (transparent). However, I would 
like to know a little more about the "reply_body_max_size" directive. I have 
read quite a bit about it but none of the discussions on the net fits my 
criteria ... 
(Oh yes, squidGuard is also running around my server somewhere doing what it is 
supposed to do ... I hope ... )

It is a home setup with the Debian box serving DHCP IP's over wlan0 (which all 
devices in the house connect to for internet access). 9 laptops, 4 PC's, 7 
tablets and 9 SmartPhones (and that is only the kid's stuff fighting for 
bandwidth supremacy ... ;) ) ... We are all on the same subnet ...

The problem I have (as with most parents) is to limit the kid's download sizes 
from all over the net. Where I am we have capped internet and have to pay for 
more cap. 
Currently I get 20GB of data every month and by the end of the month I have 
purchased in excess of 100GB throughout the month which gets very expensive. 
My son plays games on his PS3 and some of the games (Call of Duty, I think) one 
player can download another player's in-game recorded video (or something like 
that) and that eats up the cap.

Currently my "reply_body_max_size" is set to 20 MB in my efforts to curb 
downloads and save some bandwidth. 
However, whenever myself or the wife wants to download or visit youtube I have 
to change the 20MB limit, restart Squid3, watch youtube, change limit back to 
20MB and reload Squid3 again ... which is a pain in the butt ...

Currently my ACL's look like this:

acl localnet src 10.0.0.0/24
acl localnet_dad_laptop 10.0.0.10
acl localnet_dad_smartphone 10.0.0.11
acl localnet_mom_laptop 10.0.0.12
acl localnet_mom_smartphone 10.0.0.13
acl localnet_son_laptop 10.0.0.14
acl localnet_son_smartphone 10.0.0.15
acl localnet_son_tablet 10.0.0.16

---and so it goes on for all the other devices---

http_access allow localnet
http_access allow localnet_dad_laptop
http_access allow localnet_dad_smartphone
http_access allow localnet_mom_laptop
http_access allow localnet_mom_smartphone
http_access allow localnet_son_laptop
http_access allow localnet_son_smartphone
http_access allow localnet_son_tablet

---and so it goes on for all the other devices---

How can I allow mom and dad unlimited download sizes but limit download sizes 
for my kids (son, daughter and daughter) and all the kid's friends that visit 
and sleep over?

Thank You

Danny
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] reply_body_max_size question

2017-03-14 Thread Amos Jeffries

On 12/03/2017 8:11 p.m., Danny wrote:
> Hi,
> 
> Just want someone to confirm my current reply_body_max_size setup. I have a
> simple network at home i.e: Debian with a wireless card (wlan0) which is 
> bridged
> (br0) to an ethernet card (eth0). All devices comes through the wireless card
> (wlan0) and then of to the router.
> 
> I want "localnet_sniper localnet_bridge localnet_fever localnet_44081 
> localnet_dannyS4" to have unlimited download capabilty but
> "localnet_vS5mini localnet_anTab2 localnet_vTab3 localnet_samsungTV 
> localnet_samsungDVD localnet_dhcp" must be limited to a
> 5MB download limit.
> 
> Here is my configuration:
> ##
> acl localnet src 10.0.0.0/24  # RFC1918 possible internal network
> acl localnet_sniper src 10.0.0.3#(eth0)
> acl localnet_bridge src 10.0.0.4#(br0)
> acl localnet_fever src 10.0.0.5 #(wlan0)
> acl localnet_44081 src 10.0.0.11#(RaspberryPi3)
> acl localnet_dannyS4 src 10.0.0.54
> acl localnet_vS5mini src 10.0.0.55
> acl localnet_shotgun src 10.0.0.56
> acl localnet_anTab2 src 10.0.0.71
> acl localnet_vTab3 src 10.0.0.73
> acl localnet_samsungTV src 10.0.0.80
> acl localnet_samsungDVD src 10.0.0.81
> acl localnet_dhcp src 10.0.0.201
> acl localnet_dhcp src 10.0.0.202
> acl localnet_dhcp src 10.0.0.203
> acl localnet_dhcp src 10.0.0.204
> 
> http_access allow password
> http_access allow localhost
> http_access allow localnet

The localnet ACL above matches and allows all requests from any IP in
the 10.*/24 to use the proxy.

So none of the below individual IP checks will ever be reached. They are
pointless anyway since they do the same as the more generic "allow
localnet".

> http_access allow localnet_sniper
> http_access allow localnet_bridge
> http_access allow localnet_fever
> http_access allow localnet_44081
> http_access allow localnet_dannyS4
> http_access allow localnet_vS5mini
> http_access allow localnet_anTab2
> http_access allow localnet_vTab3
> http_access allow localnet_samsungTV
> http_access allow localnet_samsungDVD
> http_access allow localnet_dhcp

The default security protections for Safe_ports, SSL_ports, CONNECT,
manager access, and final "deny all" are missing.

I hope you have just omited them from this mail, not removed them from
your config.

> 
> reply_body_max_size 9 999 999 999 MB localnet_sniper localnet_bridge 
> localnet_fever localnet_44081 localnet_dannyS4

Squid understands the magic word "none" to mean no limit. The above is
setting a large, but not impossible limit of ~9.3 PB.

> reply_body_max_size 5 MB localnet_vS5mini localnet_anTab2 localnet_vTab3 
> localnet_samsungTV localnet_samsungDVD localnet_dhcp
> 

The ACLs on both these lines are defining an impossible situation.
See  for
what is going wrong there and ways to fix it.

Transactions which do not have a limit applied, are of course unlimited.
So drop the ACL's explicitly listing what not to limit. You only need
ACL to match what does get limited, and only one is needed (you are only
matching on IP, nothing complex).

Like so:

 acl limit_5MB src 10.0.0.201-10.0.0.204 # dhcp
 acl limit_5MB src 10.0.0.80# samsung TV
 acl limit_5MB src 10.0.0.81# samsung DVD
 ...
 reply_body_max_size 5 MB limit_5MB

That is it.

> url_rewrite_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf
> redirect_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf

redirect_program is a deprecated alias for url_rewrite_program. You can
only have one configured for use. So, only the latter of the two
directives will do anything.

Amos

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] reply_body_max_size question

2017-03-18 Thread Danny

Thank you Amos for the detailed reply. Never too old to learn are we?

Have a nice day

Danny

On Mar 15 17, Amos Jeffries :
> To: squid-users@lists.squid-cache.org
> Date: Wed, 15 Mar 2017 15:49:04 +1300
> From: Amos Jeffries 
> Subject: Re: [squid-users] reply_body_max_size question
> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101
>  Thunderbird/45.8.0
> X-BeenThere: squid-users@lists.squid-cache.org
> 
> On 12/03/2017 8:11 p.m., Danny wrote:
> > Hi,
> > 
> > Just want someone to confirm my current reply_body_max_size setup. I have a
> > simple network at home i.e: Debian with a wireless card (wlan0) which is 
> > bridged
> > (br0) to an ethernet card (eth0). All devices comes through the wireless 
> > card
> > (wlan0) and then of to the router.
> > 
> > I want "localnet_sniper localnet_bridge localnet_fever localnet_44081 
> > localnet_dannyS4" to have unlimited download capabilty but
> > "localnet_vS5mini localnet_anTab2 localnet_vTab3 localnet_samsungTV 
> > localnet_samsungDVD localnet_dhcp" must be limited to a
> > 5MB download limit.
> > 
> > Here is my configuration:
> > ##
> > acl localnet src 10.0.0.0/24# RFC1918 possible internal network
> > acl localnet_sniper src 10.0.0.3#(eth0)
> > acl localnet_bridge src 10.0.0.4#(br0)
> > acl localnet_fever src 10.0.0.5 #(wlan0)
> > acl localnet_44081 src 10.0.0.11#(RaspberryPi3)
> > acl localnet_dannyS4 src 10.0.0.54
> > acl localnet_vS5mini src 10.0.0.55
> > acl localnet_shotgun src 10.0.0.56
> > acl localnet_anTab2 src 10.0.0.71
> > acl localnet_vTab3 src 10.0.0.73
> > acl localnet_samsungTV src 10.0.0.80
> > acl localnet_samsungDVD src 10.0.0.81
> > acl localnet_dhcp src 10.0.0.201
> > acl localnet_dhcp src 10.0.0.202
> > acl localnet_dhcp src 10.0.0.203
> > acl localnet_dhcp src 10.0.0.204
> > 
> > http_access allow password
> > http_access allow localhost
> > http_access allow localnet
> 
> The localnet ACL above matches and allows all requests from any IP in
> the 10.*/24 to use the proxy.
> 
> So none of the below individual IP checks will ever be reached. They are
> pointless anyway since they do the same as the more generic "allow
> localnet".
> 
> 
> > http_access allow localnet_sniper
> > http_access allow localnet_bridge
> > http_access allow localnet_fever
> > http_access allow localnet_44081
> > http_access allow localnet_dannyS4
> > http_access allow localnet_vS5mini
> > http_access allow localnet_anTab2
> > http_access allow localnet_vTab3
> > http_access allow localnet_samsungTV
> > http_access allow localnet_samsungDVD
> > http_access allow localnet_dhcp
> 
> 
> The default security protections for Safe_ports, SSL_ports, CONNECT,
> manager access, and final "deny all" are missing.
> 
> I hope you have just omited them from this mail, not removed them from
> your config.
> 
> > 
> > reply_body_max_size 9 999 999 999 MB localnet_sniper localnet_bridge 
> > localnet_fever localnet_44081 localnet_dannyS4
> 
> Squid understands the magic word "none" to mean no limit. The above is
> setting a large, but not impossible limit of ~9.3 PB.
> 
> 
> > reply_body_max_size 5 MB localnet_vS5mini localnet_anTab2 localnet_vTab3 
> > localnet_samsungTV localnet_samsungDVD localnet_dhcp
> > 
> 
> The ACLs on both these lines are defining an impossible situation.
> See <http://wiki.squid-cache.org/SquidFaq/SquidAcl#Common_Mistakes> for
> what is going wrong there and ways to fix it.
> 
> Transactions which do not have a limit applied, are of course unlimited.
> So drop the ACL's explicitly listing what not to limit. You only need
> ACL to match what does get limited, and only one is needed (you are only
> matching on IP, nothing complex).
> 
> Like so:
> 
>  acl limit_5MB src 10.0.0.201-10.0.0.204 # dhcp
>  acl limit_5MB src 10.0.0.80# samsung TV
>  acl limit_5MB src 10.0.0.81# samsung DVD
>  ...
>  reply_body_max_size 5 MB limit_5MB
> 
> That is it.
> 
> 
> > url_rewrite_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf
> > redirect_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf
> 
> 
> redirect_program is a deprecated alias for url_rewrite_program. You can
> only have one configured for use. So, only the latter of the two
> directives will do anything.
> 
> Amos
> 
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] reply_body_max_size question

2015-07-02 Thread Amos Jeffries

On 3/07/2015 2:41 a.m., Danny wrote:
> I am running Debian 8 with Squid3 installed (transparent). However, I would 
> like to know a little more about the "reply_body_max_size" directive. I have 
> read quite a bit about it but none of the discussions on the net fits my 
> criteria ... 

It works as documented at
.  If that
does not fit your criteria then its not what you need.


> (Oh yes, squidGuard is also running around my server somewhere doing what it 
> is supposed to do ... I hope ... )
> 
> It is a home setup with the Debian box serving DHCP IP's over wlan0 (which 
> all devices in the house connect to for internet access). 9 laptops, 4 PC's, 
> 7 tablets and 9 SmartPhones (and that is only the kid's stuff fighting for 
> bandwidth supremacy ... ;) ) ... We are all on the same subnet ...
> 
> The problem I have (as with most parents) is to limit the kid's download 
> sizes from all over the net. Where I am we have capped internet and have to 
> pay for more cap. 
> Currently I get 20GB of data every month and by the end of the month I have 
> purchased in excess of 100GB throughout the month which gets very expensive. 
> My son plays games on his PS3 and some of the games (Call of Duty, I think) 
> one player can download another player's in-game recorded video (or something 
> like that) and that eats up the cap.
> 
> Currently my "reply_body_max_size" is set to 20 MB in my efforts to curb 
> downloads and save some bandwidth. 
> However, whenever myself or the wife wants to download or visit youtube I 
> have to change the 20MB limit, restart Squid3, watch youtube, change limit 
> back to 20MB and reload Squid3 again ... which is a pain in the butt ...
> 
> Currently my ACL's look like this:
> 
> acl localnet src 10.0.0.0/24
> acl localnet_dad_laptop 10.0.0.10
> acl localnet_dad_smartphone 10.0.0.11
> acl localnet_mom_laptop 10.0.0.12
> acl localnet_mom_smartphone 10.0.0.13
> acl localnet_son_laptop 10.0.0.14
> acl localnet_son_smartphone 10.0.0.15
> acl localnet_son_tablet 10.0.0.16
> 
> ---and so it goes on for all the other devices---
> 
> http_access allow localnet

NOTE: No http_access ACLs controlling 10.0.0.0/24 have any effect below
this one that allows them all access to use the proxy.

> http_access allow localnet_dad_laptop
> http_access allow localnet_dad_smartphone
> http_access allow localnet_mom_laptop
> http_access allow localnet_mom_smartphone
> http_access allow localnet_son_laptop
> http_access allow localnet_son_smartphone
> http_access allow localnet_son_tablet
> 
> ---and so it goes on for all the other devices---
> 
> How can I allow mom and dad unlimited download sizes but limit download sizes 
> for my kids (son, daughter and daughter) and all the kid's friends that visit 
> and sleep over?

By applying ACLs for the kids on the reply_body_max_size directive lines
setting the sizes to use for them. Like so:
  reply_body_max_size 50 KB localnet_son_smartphone

Amos

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] reply_body_max_size question

2015-07-02 Thread Augusto Gabanzo

i belive you can do something like this:

reply_body_max_size X deny localnet !localnet_dad_laptop !localnet_mom_laptop 

that should if im not wrong deny all ips but those ending in 10 and 12

-Mensaje original-
De: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] En nombre de 
Danny
Enviado el: jueves, 02 de julio de 2015 10:42 a. m.
Para: squid-users@lists.squid-cache.org
Asunto: [squid-users] reply_body_max_size question

I am running Debian 8 with Squid3 installed (transparent). However, I would 
like to know a little more about the "reply_body_max_size" directive. I have 
read quite a bit about it but none of the discussions on the net fits my 
criteria ... 
(Oh yes, squidGuard is also running around my server somewhere doing what it is 
supposed to do ... I hope ... )

It is a home setup with the Debian box serving DHCP IP's over wlan0 (which all 
devices in the house connect to for internet access). 9 laptops, 4 PC's, 7 
tablets and 9 SmartPhones (and that is only the kid's stuff fighting for 
bandwidth supremacy ... ;) ) ... We are all on the same subnet ...

The problem I have (as with most parents) is to limit the kid's download sizes 
from all over the net. Where I am we have capped internet and have to pay for 
more cap. 
Currently I get 20GB of data every month and by the end of the month I have 
purchased in excess of 100GB throughout the month which gets very expensive. 
My son plays games on his PS3 and some of the games (Call of Duty, I think) one 
player can download another player's in-game recorded video (or something like 
that) and that eats up the cap.

Currently my "reply_body_max_size" is set to 20 MB in my efforts to curb 
downloads and save some bandwidth. 
However, whenever myself or the wife wants to download or visit youtube I have 
to change the 20MB limit, restart Squid3, watch youtube, change limit back to 
20MB and reload Squid3 again ... which is a pain in the butt ...

Currently my ACL's look like this:

acl localnet src 10.0.0.0/24
acl localnet_dad_laptop 10.0.0.10
acl localnet_dad_smartphone 10.0.0.11
acl localnet_mom_laptop 10.0.0.12
acl localnet_mom_smartphone 10.0.0.13
acl localnet_son_laptop 10.0.0.14
acl localnet_son_smartphone 10.0.0.15
acl localnet_son_tablet 10.0.0.16

---and so it goes on for all the other devices---

http_access allow localnet
http_access allow localnet_dad_laptop
http_access allow localnet_dad_smartphone http_access allow localnet_mom_laptop 
http_access allow localnet_mom_smartphone http_access allow localnet_son_laptop 
http_access allow localnet_son_smartphone http_access allow localnet_son_tablet

---and so it goes on for all the other devices---

How can I allow mom and dad unlimited download sizes but limit download sizes 
for my kids (son, daughter and daughter) and all the kid's friends that visit 
and sleep over?

Thank You

Danny
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] reply_body_max_size question

2015-07-02 Thread Danny

> It works as documented at
> .  If that
> does not fit your criteria then its not what you need.

I am aware of that, I was just a little unsure how to split the different 
dowload
sizes amongst all the different users.
 
> > http_access allow localnet
> 
> NOTE: No http_access ACLs controlling 10.0.0.0/24 have any effect below
> this one that allows them all access to use the proxy.
> 
> > http_access allow localnet_dad_laptop
> > http_access allow localnet_dad_smartphone
> > http_access allow localnet_mom_laptop
> > http_access allow localnet_mom_smartphone
> > http_access allow localnet_son_laptop
> > http_access allow localnet_son_smartphone
> > http_access allow localnet_son_tablet

Thank you ... did not know that ... I was under the impression every user i.e
device needed to be granted http_access ...

> By applying ACLs for the kids on the reply_body_max_size directive lines
> setting the sizes to use for them. Like so:
>   reply_body_max_size 50 KB localnet_son_smartphone

O.k ... so currently I have:
reply_body_max_size 20 MB

If I combine your suggestion and Augusto Gabanzo's (who suggested something a 
little different) can I then do something like this:
##
reply_body_max_size 0 MB !localnet_son_laptop !localnet_son_smartphone 
!localnet_son_tablet
reply_body_max_size 5 MB localnet_son_laptop localnet_son_smartphone 
localnet_son_tablet (// Or must each device get it's own limit?)
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] reply_body_max_size question

2015-07-03 Thread Amos Jeffries

On 3/07/2015 5:46 a.m., Danny wrote:
>> It works as documented at
>> .  If that
>> does not fit your criteria then its not what you need.
> 
> I am aware of that, I was just a little unsure how to split the different 
> dowload
> sizes amongst all the different users.
>  
>>> http_access allow localnet
>>
>> NOTE: No http_access ACLs controlling 10.0.0.0/24 have any effect below
>> this one that allows them all access to use the proxy.
>>
>>> http_access allow localnet_dad_laptop
>>> http_access allow localnet_dad_smartphone
>>> http_access allow localnet_mom_laptop
>>> http_access allow localnet_mom_smartphone
>>> http_access allow localnet_son_laptop
>>> http_access allow localnet_son_smartphone
>>> http_access allow localnet_son_tablet
> 
> Thank you ... did not know that ... I was under the impression every user i.e
> device needed to be granted http_access ...

They do. But not necessarily individually. The /24 does all IPs in the
subnetwork as a group.

You can also list multiple IPs and/or subnets in one ACL name. That
helps fixing the below...


> 
>> By applying ACLs for the kids on the reply_body_max_size directive lines
>> setting the sizes to use for them. Like so:
>>   reply_body_max_size 50 KB localnet_son_smartphone
> 
> O.k ... so currently I have:
> reply_body_max_size 20 MB
> 
> If I combine your suggestion and Augusto Gabanzo's (who suggested something a 
> little different) can I then do something like this:
> ##
> reply_body_max_size 0 MB !localnet_son_laptop !localnet_son_smartphone 
> !localnet_son_tablet
> reply_body_max_size 5 MB localnet_son_laptop localnet_son_smartphone 
> localnet_son_tablet (// Or must each device get it's own limit?)

The ACLs on a line are AND'd together. Better to make one ACL that
matches all the IPs for the user you want to limit.

Amos
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] reply_body_max_size question

2015-07-06 Thread Danny

Thank You Amos ... with a  little trial and error I got it right.

Danny

On Jul 04 15, Amos Jeffries :
> To: squid-users@lists.squid-cache.org
> Date: Sat, 04 Jul 2015 03:35:23 +1200
> From: Amos Jeffries 
> Subject: Re: [squid-users] reply_body_max_size question
> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101
>  Thunderbird/31.7.0
> X-BeenThere: squid-users@lists.squid-cache.org
> 
> On 3/07/2015 5:46 a.m., Danny wrote:
> >> It works as documented at
> >> <http://www.squid-cache.org/Doc/config/reply_body_max_size/>.  If that
> >> does not fit your criteria then its not what you need.
> > 
> > I am aware of that, I was just a little unsure how to split the different 
> > dowload
> > sizes amongst all the different users.
> >  
> >>> http_access allow localnet
> >>
> >> NOTE: No http_access ACLs controlling 10.0.0.0/24 have any effect below
> >> this one that allows them all access to use the proxy.
> >>
> >>> http_access allow localnet_dad_laptop
> >>> http_access allow localnet_dad_smartphone
> >>> http_access allow localnet_mom_laptop
> >>> http_access allow localnet_mom_smartphone
> >>> http_access allow localnet_son_laptop
> >>> http_access allow localnet_son_smartphone
> >>> http_access allow localnet_son_tablet
> > 
> > Thank you ... did not know that ... I was under the impression every user 
> > i.e
> > device needed to be granted http_access ...
> 
> They do. But not necessarily individually. The /24 does all IPs in the
> subnetwork as a group.
> 
> You can also list multiple IPs and/or subnets in one ACL name. That
> helps fixing the below...
> 
> 
> > 
> >> By applying ACLs for the kids on the reply_body_max_size directive lines
> >> setting the sizes to use for them. Like so:
> >>   reply_body_max_size 50 KB localnet_son_smartphone
> > 
> > O.k ... so currently I have:
> > reply_body_max_size 20 MB
> > 
> > If I combine your suggestion and Augusto Gabanzo's (who suggested something 
> > a little different) can I then do something like this:
> > ##
> > reply_body_max_size 0 MB !localnet_son_laptop !localnet_son_smartphone 
> > !localnet_son_tablet
> > reply_body_max_size 5 MB localnet_son_laptop localnet_son_smartphone 
> > localnet_son_tablet (// Or must each device get it's own limit?)
> 
> The ACLs on a line are AND'd together. Better to make one ACL that
> matches all the IPs for the user you want to limit.
> 
> Amos
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] reply_body_max_size question

[squid-users] reply_body_max_size question

Re: [squid-users] reply_body_max_size question

Re: [squid-users] reply_body_max_size question

Re: [squid-users] reply_body_max_size question

Re: [squid-users] reply_body_max_size question

Re: [squid-users] reply_body_max_size question

Re: [squid-users] reply_body_max_size question

Re: [squid-users] reply_body_max_size question

9 matches

Site Navigation

Mail list logo

Footer information