Exclude external ip's from squid



  • Hi everyone,

    I'm using pfsense 1.2.2 with squid&squidguard. Squid configuration has "Maximum download size" to 1GB. This way user can't download any material large than 1GB . But i want to exclude some sites or file extension this limit. For example OpenSuse iso :4.2GB or any iso file like this. I search forums and web bu i can't find about this. How can i make it?

    Thanks.



  • You'll need to create a new acl in your squid.conf file with a line something like this

    acl allowfile urlpath_regex "/etc/squid/allow-file-byextension.acl"

    Then in the file allow-file-byextension.acl you need something like this

    .[Ii][Ss][Oo]$

    save the file, restart squid and test.



  • I did it but no success. But i solve the problem.

    In squid.conf have :

    reply_body_mаx_size 4250000 аllow аll 
    

    I add new acl and change this line to below

    
    acl iso urlpath_regex \.[Ii][Ss][Oo]$
    reply_body_mаx_size 0 аllow iso
    reply_body_mаx_size 200000 аllow аll
    

    This way users can download all size .iso files and 200MB max other files.

    Ofcourse when i save the Webgui these line are gone!



  • Make your changes in squid.inc - this way they will be saved even when you press 'save' in the web GUI.



  • @mhab12:

    Make your changes in squid.inc - this way they will be saved even when you press 'save' in the web GUI.

    Thanks for tip.



  • Good evening. Is it possible also to use private proxy host and port? Instead of using the default proxy server ip and port 3128 of pfsense? kindly show mee the way how to do this?I think its in the Squid proxy server > Custom but im not sure though its not working when i put proxy_private_ip:port… Thanks
    jipg
    Davao City


Locked