Re: How do I congiure to deny funny url accesses?

From: Seiji Tokunaga <>
Date: Tue, 4 Feb 1997 10:38:21 +0900 (JST)


>> > Are there any other character that allows such things?

>> First to match sites use:-
>> acl for_our_eyes_only domain
>> Then
>> http_access allow for_our_eyes_only allowed_addr
>> http_access deny all

I tried , this but backslash still allowed accesses.

        acl allowed_addr src
        acl for_our_eyes_only domain

        http_access allow for_our_eyes_only allowed_addr
        http_access deny for_our_eyes_only all

URL http://foo1.foo2.\ allowed access to every one!!

I was told that "dst" can be used, and it seems working.
(# the sample squid.conf file doesn't say about the "dst" type though.
   The release note for 1.0.18 did!)

acl allowed_addr src
acl for_our_eyes_only dst yyy.yyy.yyy.yyy/

http_access allow for_our_eyes_only allowed_addr
http_access deny for_our_eyes_only all

the above is access control by hosts.
For url , I would have to do something like,
        http_access allow src_acl urlpath_regex_acl dst_acl
        http_access deny src_acl urlpath_regex_acl all

and not use "url_regex".

Seiji Tokunaga (
NEC Informatec Systems, NSI Div., Network Integration Dept.
  TEL: 044-856-8481 FAX: 044-856-2273
  NEC TEL: 272-5607 FAX: 272-5649 MAIL:272-5600
Received on Mon Feb 03 1997 - 17:54:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:23 MST