AW: AW: [squid-users] reply_body_max_size ACLs ignored? (solved)

From: <Werner.Rost@dont-contact.us>
Date: Thu, 13 Nov 2003 09:17:28 +0100

>
>
> Have you made sure the ident lookup have completed?

How can I do this?

>
> Regards
> Henrik
>
> On Wed, 12 Nov 2003 Werner.Rost@zf.com wrote:
>
> > And why does it not work für me???????????
> >
> > Version 2.5.STABLE4
> >
> > Squid.conf:
> >
> > acl user_rost ident rost
> > <snip>
> > reply_body_max_size 0 allow user_rost
> > reply_body_max_size 2000000 allow all
> >
> > Trying to download a file of about 100 MB gives I get the message
> > ERR_TOO_BIG.
> >
> > access.log shows:
> >
> > <snip>
> >
> > 1068652370.557 3282 10.23.5.121 TCP_MISS/304 421 GET
> > http://www.microsoft.com/products/shared/images/jump2.gif rost
> > FIRST_UP_PARENT/fu0270.zff.zf-group.de image/gif
> > 1068652371.608 1050 10.23.5.121 TCP_DENIED/403 1840 GET
> >
> http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-U
> > S/W2KS
> > P2.exe rost FIRST_UP_PARENT/fu0270.zff.zf-group.de text/html
> >
> >
> >
> >
> > Mit freundlichem Gruß / regards
> >
> > Werner Rost
> > GM-FIR - Netzwerk
> >
> > ZF Boge Elastmetall GmbH
> > Friesdorfer Str. 175
> > 53175 Bonn
> >
> > Tel. +49 228 38 25 - 420
> > Fax +49 228 38 25 - 398
> > mailto:werner.rost@zf.com
> > www.zf.com/boge-elastmetall
> >
> >
> >
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: David Landgren [mailto:david@landgren.net]
> > > Gesendet: Mittwoch, 12. November 2003 14:51
> > > An: Henrik Nordstrom
> > > Cc: squid-users@squid-cache.org
> > > Betreff: Re: [squid-users] reply_body_max_size ACLs
> ignored? (solved)
> > >
> > >
> > > Henrik Nordstrom wrote:
> > > > On Tue, 4 Nov 2003, David Landgren wrote:
> > > >
> > > >
> > > >>reply_body_max_size 0 allow user_davidl user_tomn
> > > >
> > > >
> > > > This is a contradiction and can never be true. The same request
> > > > can
> > > > not
> > > > come from both users at the same time.
> > > >
> > > > What you want is a single ACL listing all users in this
> category
> > > > of
> > > > users,
> > > > and then refer to this single acl in reply_body_max_size.
> > > The logics of
> > > > reply_body_max_size is idendical to that of http_access:
> > > >
> > > > Squid FAQ 10.1 Access Controls Introduction
> > > > <url:http://www.squid-cache.org/Doc/FAQ/FAQ-10.html#ss10.1>
> > >
> > > Just for the record, this was indeed the problem. I'm kicking
> > > myself for
> > > not having thought about ANDing ACLs. I've changed the above to
> > >
> > > reply_body_max_size 0 allow user_davidl
> > > reply_body_max_size 0 allow user_tomn
> > >
> > > and of course everything works correctly now. Thanks Henrik.
> > >
> > > David
> > > --
> > > Commercial OS breeds commerce, whereas free OS breeds
> > > freedom, the only thing more dangerous and confusing than
> commerce.
> > > -- Michael R. Jinks, redhat-list, circa 1997
> > >
> >
>
Received on Thu Nov 13 2003 - 01:17:00 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:16 MST