squid 限制内网用户 只能登陆，不能上传

操作没有成功， 能查询，但还是不能登陆！

 

 

有点网站，登陆与上传的都是 method="post"动作

 

 

http_access allow local_rd_network rd_allow_url

http_access allow local_rd_network rd_post_url

http_access allow local_rd_network rd_get_url Get

http_access allow local_rd_network allowfile

 

如何限制？

 

 

网友摘录：

============================>

 

 近日，小弟将公司squid2.7升级到了3.1，但是不知如何实现“部分上传大小限制”！

  尝试过用request_body_max_size 30 KB，但是很遗憾这是一个全局变量，无法做例外，一但加到squid.conf里面所有IP都无法上传30KB以上的文件。

  坛子里高手如云，有哪位大虾在“squid3.0+”中做过限制部分IP上传大小的，可否指点一二？

 

还是把方案贴出来吧，给大伙参考下下！

acl my_net 10.0.0.0/32

acl UPLIMIT req_header Content-Length [5-9][0-9]{5} [0-9]{7,}

acl UPLOAD method post ftp

http_access deny my_net UPLIMIT UPLOAD

 

 

 

 

 

 

 

 

 

 

 

Re: [squid-users] How to limit upload for a particular source ip/user?

• This message: [ Message body ] [ More options ]
• Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ]

From: Abu Khaled <khaled.abu@dont-contact.us> 
Date: Sat, 20 Aug 2005 09:39:39 +0300

On 8/20/05, Senthil Murugan <zenmurugan@gmail.com> wrote: 
> Thanks for your prompt response. I should have asked you clearly. I was 
> thought of limiting the file size of the upload. I think using delay pools 
> we can limit the bandwidth for a particular user.... I thought of using the 
> "request_body_max_size" to control the upload size, but it is a general 
> configuration parameter which is applicable for all the users. 
> 
> Syntax: 
> # TAG: request_body_max_size (KB) 
> 
> But for limiting download size i think we can use "reply_body_max_size" 
> with acl capabilities 
> 
> # TAG: reply_body_max_size bytes allow|deny acl acl... 
> 
> I like to know if there is any way in which we can control the upload size 
> for a particular user 
> 
> -SenthilMurugan 
> 
> 
> >> How to limit the upload for a particular user/source ip? 
> >> 
> >AFAIK squid delay pools only affect incomming traffic (download) and 
> >have no effect on the outgoing traffic (upload). 
> > 
> >Regards. 
> >Abu Khaled 
> 
> 

Seems like I did not cc the list on my first reply !!! 
Here is how I was able to block uploads larger than 500KB: 

acl my_net src 10.0.0.1/255.255.255.0 
acl USERA src 10.0.0.1/255.255.255.255 
acl UPLIMIT req_header Content-Length [5-9][0-9]{5,} 
acl UPMETH method post 
http_access deny USERA UPMETH UPLIMIT 
http_access allow my_net 
http_access deny_all 

PS: Though I was able to block the uploads the traffic still hits 
squid (eq: 2MB) before it displays the deny page 

 

-- 
Regards.
Abu Khaled

Received on Sat Aug 20 2005 - 00:39:41 MDT

• This message: [ Message body ]
• Next message: Roman Rathler: "Re: [squid-users] configuring Squid to authenticate AND to log users' access to forbidden sites."
• Previous message: Abu Khaled: "Re: [squid-users] Squidguard.cgi problem"
• In reply to: Senthil Murugan: "[squid-users] How to limit upload for a particular source ip/user?"
• Next in thread: Joost de Heer: "Re: [squid-users] How to limit upload for a particular source ip/user?"
• Reply: Joost de Heer: "Re: [squid-users] How to limit upload for a particular source ip/user?"

• Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with p_w_uploads ]

This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:02 MDT

 

 

 

 

 

 

转载于:https://blog.51cto.com/fccwcom/1117856