[squid-users] pls help! 2.4.S2 ignores access lists and does not compile aufs

From: <Torsten.Lange@dont-contact.us>
Date: Wed, 29 Aug 2001 15:49:36 +0100

team,

squid 2.4.s2 appears to be ignoring most of the access lists i configure.

i have put this into my squid.conf

acl BLOCKED-TYPES req_mime_type -i ^video/x-msvideo$
[...]
http_access deny BLOCKED-TYPES

but it won't work. i am still able to download avi content,
which is 'video/x-msvideo' according to squid's access log.

i have tried another acl type which matches more closely but still not
in the way i like it to:

acl BLOCKED-EXT urlpath_regex -i \.avi$
[...]
http_access deny BLOCKED-EXT

this does deny me from downloading .avi files, but it does also
deny me from accessing the microsoft download center for example
and some more other sites.
the url of the ms download center is:
http://www.microsoft.com/downloads/search.asp?

to me it appears as if squid's acl would misinterpret the '?' in the end
of the url_path string and erroneously match the access list. i was able
to work around this by explicitly allowing the ? in the end like this:

acl BLOCKED-EXT urlpath_regex -i \.avi$
acl ALLOWED-EXT urlpath_regex -i \?$
[...]
http_access allow ALLOWED-EXT
http_access deny BLOCKED-EXT

i compiled squid with --enable-gnuregex and i've tried without gnuregex
but it still does not allow/deny the things it should.

perhaps anyone can try and verify if the problem only occurs on my machine.

details:
suse linux 7.1 (gcc 2.95.2, kernel 2.4.0-64gb-smp)
squid 2.4.stable2 release

configure-options:
--enable-snmp --enable-cache-digests --enable-time-hack \
--enable-storeio="diskd,ufs" --enable dlmalloc

squid also wouldn't compile with --enable-storeio="aufs", what frightenes
me a bit, because there NEVER had been a problem compiling aufs with
squid on linux before...

Best regards

Torsten Lange
Received on Wed Aug 29 2001 - 07:50:32 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:56 MST