Henrik Nordstrom wrote:
>> My config is like below:
>> # apache + mod_clamav
>> cache_peer 127.0.0.1 parent 80 0 default no-query
>> # i would like to have all mime types # starting with application*
(application/octet-stream, # application/x-zip-compressed etc) going
through default parent
>> acl scanned_req_mime_type req_mime_type ^application/* never_direct
allow scanned_req_mime_type
>
>
>
> What do you refer to by "mime types" here?
Well, basically I mean the last part of a line in Squid's access log:
1083600673.478 201 195.143.49.115 TCP_MISS/302 565 GET
http://twoje.konto.pl/cgi-bin/mmstdo.cgi? - DIRECT/212.106.140.12
application/octet-stream
1083600675.294 7147 195.143.49.115 TCP_MISS/200 1661 GET
http://www.elunatic.host.sk/toolbar.html - DEFAULT_PARENT/127.0.0.1
text/html
Above, what I refer to is text/html and application/octet-stream.
I would like every application/* go through proxy 127.0.0.1.
> b) Mime type of the response sent by the web server in response to
the request. I.e. when the browser fetches an object from the web server.
>
>
> If the first then what you have done should work. This is however a
very rare operation so I doubt this is what you is looking for.
>
> If the second then it can not work as the response mime type is only
known when receiving the response, and to receive the response one must
first forward the request..
Then I assume it's b)
What would you suggest then?
Now that it's clear to me that I'm case b) the problem is:
1) .zip .exe .com .pif etc. - all may be infected
1a) scanning for just "url_regex (...) .com" is lame - i would scan
google.com too...
1b) scanning for "url_regex (...) .com$" would be lame too: I would not
scan for all such files downloaded from webmails
(http://some.server/file.com?download=user&blah&blah).
How do I actually build url_regex for links like in 1b)?
-- T.
Received on Mon May 03 2004 - 16:36:15 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT