RE: [squid-users] trying to block exe files ...

From: Chris Robertson <crobertson@dont-contact.us>
Date: Fri, 13 May 2005 09:26:52 -0800

>>>On 5/13/05, Kenn <kenn@thebytebusiness.com> wrote:
>>>
>>>
>>>Greetings.
>>>
>>>I'm attempting to block .exe and .cab files, and my attempt seems to
>>>work part of the time but not always. I've often received the proper
>>>page stating that I was prohibited from downloading such files, but
>>>occasionally they ARE downloaded and appear as such in my logs.
>>>
>>>Here's what I've tried:
>>>
>>>acl blockedfiles url_regex -i \.exe$ \.cab$
>>>http_access deny blockedfiles
>>>
>>>Can anyone please tell me what I've done wrong?
>>>
>>>Thanks in advance.
>>>
>>>Kenn
>> nima sadeghian wrote:
>>
>>They maybe loged into ur log file but be sure that they never can be
>>downloaded. Logs just shows requests. I didn't see bug in Url regex
>>command.
>>nisa
>>
> -----Original Message-----
> From: Kenn [mailto:kenn@thebytebusiness.com]
> Sent: Friday, May 13, 2005 8:25 AM
> To: nima sadeghian; squid-users@squid-cache.org
> Subject: Re: [squid-users] trying to block exe files ...
>
>
> Nisa:
>
> Thanks for that tip ... it does raise another point, though ... How can
> I tell from the logs if the download actually occurred? If I have valid
> file size information, is that an indication that the download actually
> occured?
>
> thanks again.
>
> kenn
>
>
>

There is a small problem with the url_regex, in that some times the .exe or
.cab file is not downloaded directly. Something like
http://files.example.com/download.php?filename=program.exe&path=/files/
might be a pipe (as opposed to a redirect) to download an executable.
Examples of access.log entries for successful downloads would be helpful.

Otherwise, if the request matches an "http_access allow" before the
"http_access deny blockedfiles" the download will be successful. That
depends entirely on the order of your http_access lines.

Chris
Received on Fri May 13 2005 - 11:28:18 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:02 MDT