Re: [squid-users] filtering by file extension (was: problem with req_mime_type) from Tomasz Chmielewski on 2004-05-04 (squid-users)

From: Tomasz Chmielewski <mangoo@dont-contact.us>
Date: Tue, 04 May 2004 20:40:20 +0200

Emilio Casbas wrote:

> mangoo@interia.pl wrote:
>
>> Hello,
>> Building an acl with urlpath_regex, for example to deny downloading
.zip files is quite easy, if the downloading is happening from an ftp
server.
>> However, preventing to do so from certain http servers can be a bit
of a pain.
>> In a link below, there is a zip file:
>>
http://www.sveasoft.com/modules/phpBB2/dlman.php?func=select_folder&folder_id=12
>> Clicking on it would result in downloading a zip file named
Satori_v2_2.00.8.7sv-pre1.bin.zip.
>> However, Squid logs it as follows:
>> 1083673720.252 30799 195.143.49.115 TCP_MISS/200 3024638 GET
http://www.sveasoft.com/modules/phpBB2/dlman.php? -
DIRECT/213.242.178.190 application/x-zip-compressed
>> and therefore, this file I wanted to deny with urlpath_regex is
passed through.
>> Is it possible to filter such files somehow, and if so, how?
>>
>>
> with the rep_mime_type and http_reply_access acl.

Actually, I can't use rep_mime_type; I don't really want to block
downloading certain files, but rather have them scanned for viruses at
another proxy (apache + mod_clamav); I thought the syntax would be the
same, but as it appears, it is not.

Using rep_mime_type won't do it's task here, as it's too late for a
Squid to decide if the file should go through another proxy rather than
directly (Squid already has this file downloaded directly).

I can divide my problem into four parts, from the easiest to the most
complicated:

We have a file like:

1) file like http://some.server/file.zip

easy to do a match:

acl scan_for_virus urlpath_regex -i \.zip$

and then appropriate always_direct or never_direct.

2) file like http://some.server/file.zip?blah&blah&blah

I bet it's safe to just omit "$" from 1)?

acl scan_for_virus urlpath_regex -i \.zip

3) http://some.server/file%2Ezip

I don't know how to do a match here?

would

acl scan_for_virus urlpath_regex -i \%2Ezip

work?

4) hardest:

http://www.sveasoft.com/modules/phpBB2/dlman.php?func=select_folder&folder_id=12

Clicking on it would result in downloading a zip file named
Satori_v2_2.00.8.7sv-pre1.bin.zip.

Is it possible to pass such files from 4) to another proxy (not to
download such files directly)?

-- T.
Received on Tue May 04 2004 - 12:40:26 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT