• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Exclude external ip's from squid

Scheduled Pinned Locked Moved pfSense Packages
6 Posts 4 Posters 3.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    despotadmin
    last edited by May 11, 2009, 8:42 AM

    Hi everyone,

    I'm using pfsense 1.2.2 with squid&squidguard. Squid configuration has "Maximum download size" to 1GB. This way user can't download any material large than 1GB . But i want to exclude some sites or file extension this limit. For example OpenSuse iso :4.2GB or any iso file like this. I search forums and web bu i can't find about this. How can i make it?

    Thanks.

    1 Reply Last reply Reply Quote 0
    • G
      Gloom
      last edited by May 12, 2009, 7:25 AM May 11, 2009, 1:35 PM

      You'll need to create a new acl in your squid.conf file with a line something like this

      acl allowfile urlpath_regex "/etc/squid/allow-file-byextension.acl"

      Then in the file allow-file-byextension.acl you need something like this

      .[Ii][Ss][Oo]$

      save the file, restart squid and test.

      Never underestimate the power of human stupidity

      1 Reply Last reply Reply Quote 0
      • D
        despotadmin
        last edited by May 12, 2009, 9:06 AM

        I did it but no success. But i solve the problem.

        In squid.conf have :

        reply_body_mаx_size 4250000 аllow аll 
        

        I add new acl and change this line to below

        
        acl iso urlpath_regex \.[Ii][Ss][Oo]$
        reply_body_mаx_size 0 аllow iso
        reply_body_mаx_size 200000 аllow аll
        

        This way users can download all size .iso files and 200MB max other files.

        Ofcourse when i save the Webgui these line are gone!

        1 Reply Last reply Reply Quote 0
        • M
          mhab12
          last edited by May 12, 2009, 2:34 PM

          Make your changes in squid.inc - this way they will be saved even when you press 'save' in the web GUI.

          1 Reply Last reply Reply Quote 0
          • D
            despotadmin
            last edited by May 13, 2009, 6:38 AM

            @mhab12:

            Make your changes in squid.inc - this way they will be saved even when you press 'save' in the web GUI.

            Thanks for tip.

            1 Reply Last reply Reply Quote 0
            • J
              jigpe
              last edited by May 13, 2009, 10:40 AM

              Good evening. Is it possible also to use private proxy host and port? Instead of using the default proxy server ip and port 3128 of pfsense? kindly show mee the way how to do this?I think its in the Squid proxy server > Custom but im not sure though its not working when i put proxy_private_ip:port… Thanks
              jipg
              Davao City

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received