[squid-users] Blocking file uploads with HTTPS/SSL

From: Tracey, Michael <[email protected]>
Date: Mon, 21 Mar 2005 10:05:50 -0500

I'm trying to block file uploads over a certain size with squid, and have
everything working, except where the user connects with HTTPS. Is there a
way to limit uploads based on size when it's encrypted ssl (443) traffic?

Here's the ACL part of my squid.conf (I'm only blocking uploads based on
size on one port, 8080):
------------------------------------------------
external_acl_type request_body %{Content-Length}
/usr/local/bin/squid_request_size.sh
acl user_port myport 8080
acl user_port_unlimited myport 8081
acl admin_port myport 8082
acl auth proxy_auth REQUIRED
acl uploadsize external request_body 102400
acl ftp_put method put

redirector_access allow user_port
redirector_access allow user_port_unlimited
redirector_access deny admin_port

http_access deny ftp_put
http_access allow admin_port
http_access allow user_port_unlimited auth
http_access deny !uploadsize
http_access allow user_port auth
-------------------------------------------------

My external acl, I gleened off this list, from Henrik:

-------------------------------------------------
#!/bin/sh
while read size limit; do
         if [ "${size}" -gt "${limit}" ]; then
                 echo ERR
         else
                 echo OK
         fi
done
-------------------------------------------------

Thanks for any help, this list has been wonderful,

Michael
Received on Mon Mar 21 2005 - 08:06:53 MST

This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST