diff --git a/squid/src/acl.c b/squid/src/acl.c
index ae71564..b284cc1 100644
--- a/squid/src/acl.c
+++ b/squid/src/acl.c
@@ -192,6 +192,8 @@ aclStrToType(const char *s)
 	return ACL_MAX_USER_IP;
     if (!strcmp(s, "external"))
 	return ACL_EXTERNAL;
+    if (!strcmp(s, "max_body_size"))
+	return ACL_MAX_BODY_SIZE;
     if (!strcmp(s, "urllogin"))
 	return ACL_URLLOGIN;
 #if USE_SSL
@@ -286,6 +288,8 @@ aclTypeToStr(squid_acl type)
 	return "max_user_ip";
     if (type == ACL_EXTERNAL)
 	return "external";
+    if (type == ACL_MAX_BODY_SIZE)
+	return "max_body_size";
     if (type == ACL_URLLOGIN)
 	return "urllogin";
 #if USE_SSL
@@ -1020,6 +1024,7 @@ aclParseAclLine(acl ** head)
     case ACL_SRC_ASN:
     case ACL_MAXCONN:
     case ACL_DST_ASN:
+    case ACL_MAX_BODY_SIZE:
 	aclParseIntlist(&A->data);
 	break;
     case ACL_MAX_USER_IP:
@@ -1896,6 +1901,8 @@ aclMatchAcl(acl * ae, aclCheck_t * check
 	k = clientdbEstablished(checklist->src_addr, 0);
 	return ((k > ((intlist *) ae->data)->i) ? 1 : 0);
 	/* NOTREACHED */
+    case ACL_MAX_BODY_SIZE:
+	return ((r->content_length > ((intlist *) ae->data)->i) ? 1 : 0);
     case ACL_URL_PORT:
 	return aclMatchIntegerRange(ae->data, (int) r->port);
 	/* NOTREACHED */
@@ -2538,6 +2545,9 @@ aclDestroyAcls(acl ** head)
 	case ACL_MAXCONN:
 	    intlistDestroy((intlist **) (void *) &a->data);
 	    break;
+	case ACL_MAX_BODY_SIZE:
+	    intlistDestroy((intlist **) & a->data);
+	    break;
 	case ACL_MAX_USER_IP:
 	    aclDestroyUserMaxIP(&a->data);
 	    break;
@@ -2971,6 +2981,7 @@ aclDumpGeneric(const acl * a)
     case ACL_SRC_ASN:
     case ACL_MAXCONN:
     case ACL_DST_ASN:
+    case ACL_MAX_BODY_SIZE:
 	return aclDumpIntlistList(a->data);
     case ACL_MAX_USER_IP:
 	return aclDumpUserMaxIP(a->data);
diff --git a/squid/src/cf.data.pre b/squid/src/cf.data.pre
index d6aed37..f48757a 100644
--- a/squid/src/cf.data.pre
+++ b/squid/src/cf.data.pre
@@ -2769,6 +2769,10 @@ DOC_START
 	  # effect in rules that affect the reply data stream such as
 	  # http_reply_access.
 
+	acl aclname max_body_size <bytes>
+	  # This will be matched when the client's HTTP Request Body is
+	  # greater than <bytes>.
+
 	acl aclname rep_header header-name [-i] any\.regex\.here
 	  # regex match against any of the known response headers.
 	  # Example:
diff --git a/squid/src/enums.h b/squid/src/enums.h
index c32d2e1..5cb01aa 100644
--- a/squid/src/enums.h
+++ b/squid/src/enums.h
@@ -141,6 +141,7 @@ typedef enum {
     ACL_MAX_USER_IP,
     ACL_EXTERNAL,
     ACL_URLLOGIN,
+    ACL_MAX_BODY_SIZE,
 #if USE_SSL
     ACL_USER_CERT,
     ACL_CA_CERT,