ACL: request max body size

Diego Woitasen (Lanux) Thu, 12 Feb 2004 05:51:06 -0800


This patch add a new ACL type: max_body_size. This will be matched when
the client's HTTP request body is greater than X bytes.


Example: 

acl users max_body_size 100000


Comments and suggestions are welcome...


diff -Nur squid-2.5.STABLE4-20040208/src/acl.c 
squid-2.5.STABLE4-20040208-diegows/src/acl.c
--- squid-2.5.STABLE4-20040208/src/acl.c        Thu Jan 15 04:43:57 2004
+++ squid-2.5.STABLE4-20040208-diegows/src/acl.c        Sun Feb  8 15:49:57 2004
@@ -178,6 +178,8 @@
        return ACL_MAX_USER_IP;
     if (!strcmp(s, "external"))
        return ACL_EXTERNAL;
+    if (!strcmp(s, "max_body_size"))
+       return ACL_MAX_BODY_SIZE;
     if (!strcmp(s, "urllogin"))
        return ACL_URLLOGIN;
     return ACL_NONE;
@@ -254,6 +256,8 @@
        return "max_user_ip";
     if (type == ACL_EXTERNAL)
        return "external";
+    if (type == ACL_MAX_BODY_SIZE)
+       return "max_body_size";
     if (type == ACL_URLLOGIN)
        return "urllogin";
     return "ERROR";
@@ -757,6 +761,7 @@
     case ACL_SRC_ASN:
     case ACL_MAXCONN:
     case ACL_DST_ASN:
+    case ACL_MAX_BODY_SIZE:
        aclParseIntlist(&A->data);
        break;
     case ACL_MAX_USER_IP:
@@ -1587,6 +1592,8 @@
        k = clientdbEstablished(checklist->src_addr, 0);
        return ((k > ((intlist *) ae->data)->i) ? 1 : 0);
        /* NOTREACHED */
+    case ACL_MAX_BODY_SIZE:
+       return ((r->content_length > ((intlist *) ae->data)->i) ? 1 : 0);
     case ACL_URL_PORT:
        return aclMatchIntegerRange(ae->data, (int) r->port);
        /* NOTREACHED */
@@ -2149,6 +2156,9 @@
        case ACL_MAXCONN:
            intlistDestroy((intlist **) & a->data);
            break;
+       case ACL_MAX_BODY_SIZE:
+           intlistDestroy((intlist **) & a->data);
+           break;
        case ACL_MAX_USER_IP:
            aclDestroyUserMaxIP(&a->data);
            break;
@@ -2557,6 +2567,7 @@
     case ACL_SRC_ASN:
     case ACL_MAXCONN:
     case ACL_DST_ASN:
+    case ACL_MAX_BODY_SIZE:
        return aclDumpIntlistList(a->data);
     case ACL_MAX_USER_IP:
        return aclDumpUserMaxIP(a->data);
diff -Nur squid-2.5.STABLE4-20040208/src/cf.data.pre 
squid-2.5.STABLE4-20040208-diegows/src/cf.data.pre
--- squid-2.5.STABLE4-20040208/src/cf.data.pre  Wed Feb  4 14:42:28 2004
+++ squid-2.5.STABLE4-20040208-diegows/src/cf.data.pre  Sun Feb  8 19:29:05 2004
@@ -2082,6 +2082,10 @@
          # effect in rules that affect the reply data stream such as
          # http_reply_access.
 
+       acl aclname max_body_size <bytes>
+         # This will be matched when the client's HTTP Request Body is
+         # greater than <bytes>.
+
        acl acl_name external class_name [arguments...]
          # external ACL lookup via a helper class defined by the
          # external_acl_type directive.
diff -Nur squid-2.5.STABLE4-20040208/src/enums.h 
squid-2.5.STABLE4-20040208-diegows/src/enums.h
--- squid-2.5.STABLE4-20040208/src/enums.h      Wed Feb  4 14:42:28 2004
+++ squid-2.5.STABLE4-20040208-diegows/src/enums.h      Sun Feb  8 15:34:06 2004
@@ -137,6 +137,7 @@
     ACL_MAX_USER_IP,
     ACL_EXTERNAL,
     ACL_URLLOGIN,
+    ACL_MAX_BODY_SIZE,
     ACL_ENUM_MAX
 } squid_acl;

ACL: request max body size

Reply via email to