RE: [squid-users] Request MIME Type dont work for mns [Solved]

Thanks a lot andre.
Your advice was good and now msn is block

best regards.

Mario.

-----Mensaje original-----
De: André Marques [mailto:andre_sesred@yahoo.com.br]
Enviado el: Thursday, July 28, 2005 7:12 AM
Para: mbeltran@americatel.com.sv; squid-users@squid-cache.org
Asunto: Re: [squid-users] Request MIME Type dont work for mns

Hi Mario!

Look, i have passed for this trouble also... the same
rule based on mime type (for MSN 6.2 and previous)
really doesn't work at all for thie new version.

Maybe you should try to do this:

acl sites_msn dstdomain
"/usr/local/squid/etc/listas_acesso/msn_domains.txt"
(file with domain addresses used by MSN for
communication through web browsers);

acl ip_msn dst
"/usr/local/squid/etc/listas_acesso/msn_ip.txt"
((file with IP addresses used by MSN for communication
through web browsers);

acl msnUrl url_regex -i gateway.dll (for the
expression 'gateway.dll');

acl msnMimeType req_mime_type -i
^application/x-msn-messenger$ (for the traffic of
these kind of mime-type requests).

acl MSN browser MSN (to identify the MSN client
user-agent)

deny_info ERR_MSN sites_msn
deny_info ERR_MSN ip_msn

http_access deny sites_msn
http_access deny ip_msn

(to block MSN web access)

http_access deny msnMimeType
http_access deny msnUrl

(to block MSN client access)

Don't forget to create the custom error page (ERR_MSN)
at /usr/local/squid/share/errors/(your language) and
to verify the position of your rules, maybe they are
before a restritive one...

Hope i have given you some help. Have a nice day!

André

--- mbeltran@americatel.com.sv escreveu:

> Hello
>
> Since msn launch 7.x messenger version my acl that
> blocks msn request dont
> work, but is still work for older version of mns
> messenger
>
> I have this in my squid.conf:
> acl messenger req_mime_type -i
> ^application/x-msn-messenger$ acl
> http_access deny messenger
>
>
> And that is a tail of my access.log:
> 1122374581.199 933 192.168.10.83 TCP_MISS/200 374
> POST
> http://207.46.3.12/gateway/gateway.dll? -
> DIRECT/207.46.3.12
> application/x-msn-messenger
> 1122374582.028 829 192.168.10.83 TCP_MISS/200 373
> POST
> http://207.46.3.5/gateway/gateway.dll? -
> DIRECT/207.46.3.5
> application/x-msn-messenger
> 1122374586.203 1174 192.168.10.83 TCP_MISS/200 390
> POST
> http://207.46.3.12/gateway/gateway.dll? -
> DIRECT/207.46.3.12
> application/x-msn-messenger
> 1122374602.025 784 192.168.10.83 TCP_MISS/200 373
> POST
> http://207.46.3.5/gateway/gateway.dll? -
> DIRECT/207.46.3.5
> application/x-msn-messenger
> 1122374605.102 703 192.168.10.83 TCP_MISS/200
> 2735 GET
> http://pagead2.googlesyndication.com/pagead/ads? -
> DIRECT/64.233.187.104
> text/html
> 1122374605.916 564 192.168.10.83 TCP_MISS/200
> 3027 GET
>
http://www.archivum.info/netfilter/2002-11/msg00309.html
> -
> DIRECT/213.41.128.193 text/html
> 1122374622.031 1145 192.168.10.83 TCP_MISS/200 807
> POST
> http://207.46.3.5/gateway/gateway.dll? -
> DIRECT/207.46.3.5
> application/x-msn-messenger
> 1122374622.292 261 192.168.10.83 TCP_MISS/200 373
> POST
> http://207.46.3.5/gateway/gateway.dll? -
> DIRECT/207.46.3.5
> application/x-msn-messenger
>
>
> Look TCP_MISS this is the change between version of
> msn messenger because
> with older versions the message was TCP_DENIED
>
> What should i do for fix this problem?
>
> Best Regards
>
> Mario
>

        
        
                
_______________________________________________________
Yahoo! Acesso Grátis - Internet rápida e grátis.
Instale o discador agora! http://br.acesso.yahoo.com/
Received on Fri Jul 29 2005 - 08:25:32 MDT