Re: [squid-users] Re: blocking all download from Dave Raven on 2001-12-22 (squid-users)

From: Dave Raven <dave@dont-contact.us>
Date: Sat, 22 Dec 2001 23:09:45 +0200

Having never done this, I cannot say it works -- but I suspect it will
Also I am not sure of how url_regex works however, can you specify
extensions?
Anyway, someone will most likely need to correct me, but is this not
possible? :

    acl lanip dst 192.16.1.0/255.255.255.0
    acl blsite urlpath_regex mp3 exe zip ace mpg mpeg wmv avi rm rar gz
(ETC...)
    http_access deny lanip blsite
    http_access allow all

Perhaps urlpath_regex must be url_regex ... but I'm sure with some
experimentaion
you can work it out.

Dave.
OpteqSec

----- Original Message -----
From: "Root@itcserra.net" <root@itcserra.net>
To: "Visolve.com" <squid@visolve.com>
Cc: <squid-users@squid-cache.org>
Sent: Saturday, December 22, 2001 10:13 PM
Subject: [squid-users] Re: blocking all download

>
> Hello!
>
> Thank you, first of all, for your kind help!
>
> There is a problem: all users must be view www pages, but they cannot
> download any program, such as .exe .com .zip .mp3, ecc. files.
>
> This is what i mean for download, transferring from the Internet to the
hard
> disk of the pc by web-browser files; web pages such as www.vnunet.com, as
> example, must be freely accessed. Only files cannot been downloaded
>
> Thank you again, hear from you later!
>
> Francesco Collini
>
> Visolve.com writes:
>
> > Hello Francesco Collini,
> >
> > Assuming you've set the 192.16.1.0/255.255.255.0 to LAN ,
> > acl lanip dst 192.16.1.0/255.255.255.0
> > acl blsite url_regex [-i] ^http:// ... # regex matching on whole URL
> > http_access deny lanip blsite
> > http_access allow all
> >
> > Thanks and Regards,
> > -Kanchana
> > squid@visolve.com
> > www.visolve.com
> >
> > ----- Original Message -----
> > From: "Root@itcserra.net" <root@itcserra.net>
> > To: "Wojciech Puchar" <wojtek@chylonia.3miasto.net>
> > Cc: <squid-users@squid-cache.org>
> > Sent: Saturday, December 22, 2001 8:15 PM
> > Subject: [squid-users] Re: blocking all download
> >
> >
> >> Wojciech Puchar writes:
> >>
> >> >>
> >> >> How can i create an ACL that won't permit any download from the LAN
and
> > will
> >> >> permit to see www websites?
> >> > you must first define what is download and what is not.
> >> >
> >> > viewing www site is download too
> >> >
> >>
> >> Ah, i am sorry!
> >>
> >> Is there a way, perhaps listing every file-extension, to block all the
> >> downloads instead?
> >>
> >> Thank you again, hope hear from you soon!
> >>
> >> Bye,
> >>
> >> Francesco Collini
> >
>
>
Received on Sat Dec 22 2001 - 14:12:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:28 MST