Re: [squid-users] Denied sites x Dynamic pages from Squid Support (Henrik Nordstrom) on 2002-05-01 (squid-users)

From: Squid Support (Henrik Nordstrom) <hno@dont-contact.us>
Date: Wed, 1 May 2002 21:26:18 +0200

Figure out which of your regex patterns that are causing these other
pages to get blocked, and then review these to see if there is better
ways to block these not causing as many false matches.

regex is a very powerful pattern matching language, but writing
correct regex:es for filtering "bad" content is tricky at best. See
"man 7 regex" and "info regex" for regex language syntax. (Squid uses
what is called "Modern" or "Extended" regex).

Some goodies that is helpful when writing Squid filter patterns:

  \. matches a dot (. matches any character)
  \b matches a word boundary (some OS:es may require
--enable-gnu-regex)
  ^ and $ matches the start and end respectively of the string looked
at (^ is quite useful in url_regex, while $ is useful in dstdom_regex)
  [] matches any of the characters between the brackets

Regards
Henrik

On Wednesday 01 May 2002 01:34, Fernanda Santos wrote:
> Hello All,
>
> Yes, I can block specific known sites using dstdomain, but I still
> have problems when blocking some words in the URL using
> url_regex... other pages are blocked as well...... Any other hint??
>
> Thanks,
>
> Fernanda
>
> On 30 Apr 2002, Squid Support (Henrik Nordstrom) wrote:
> >If your intention is to block specific known sites then using the
> >dstdomain (and dst) ACL types is more approproate..
> >
> >Regards
> >Henrik
> >
> >On Monday 29 April 2002 18:19, fefi@ig.com.br wrote:
> >> However, I still can´t make squid block properly certain sites
> >> as per the instructions I´ve found. When I block them, there are
> >> some other dynamic pages that are blocked as well, which are not
> >> intended to be blocked.
> >>
> >> I am running Squid 2.4 Stable 1 on Linux Red Hat 7.2. Here it is
> >> an extract of my squid.conf file:
> >>
> >> hierarchy_stoplist cgi-bin ?
> >> acl QUERY urlpath_regex cgi-bin \?
> >> no_cache deny QUERY
> >> acl rionet src 121.200.200.0/255.0.0.0
> >> acl nosite url_regex "/usr/local/squid/etc/denied.txt"
> >> #Deny access to certain sites
> >> http_access deny nosite
> >> #Allow access to our local network
> >> http_access allow rionet
> >> http_access allow localhost
> >>
> >> Thanks in advance for your help.
> >>
> >> Fernanda Santos

-- 
MARA Systems AB, Giving you basic free Squid support
Your source of advanced web reverse proxying solutions
http://www.marasystems.com/producs/

Received on Wed May 01 2002 - 13:34:14 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:52 MST