Dear all,
I would like to ask for help regarding the Squid regex_url
configuration.
Currently, I am preventing my users for downloading some files e.g file
with .bz2 extention.
In squid.conf I define as following :
acl BadUrl url_regex -i "/usr/local/squid/etc/data/BadUrlFile"
Add I add this entry to /usr/local/squid/etc/data/BadUrlFile :
\.bz2$
So for example if my users try to download this URL
http://www.kernel.org/pub/linux/kernel/v2.0/patch-2.0.40.bz2 , he will
got access denied page.
But some of the users did some trick by adding ? or ?/ in the URL, for
example :
http://www.kernel.org/pub/linux/kernel/v2.0/patch-2.0.40.bz2? Or
http://www.kernel.org/pub/linux/kernel/v2.0/patch-2.0.40.bz2?/
And they successful to bypass my ACL and download the files they wanted.
I have try to add "\.bz2?$" and "\.bz2?/$" in to
/usr/local/squid/etc/data/BadUrlFile file. But it does not work.
Can anyone help me ? Thank you very much in advance.
Regards,
Herman
Received on Fri Apr 16 2004 - 04:27:47 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT