James Moe said:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
> ~ Disclaimer: Yes, I RTFM. Yes, I scanned the archives; because there is
> no search, I probably missed a similar question. Yes, I have lurked here
> for a couple of weeks.
>
> ~ v2.5.stable5
> ~ Can squid be configured to deny access to certain domains? Like
> *.doubleclick.net or *.falkag.net? The "acl <waste-of-time> dstdomain
> <unwanted>" + "http_access deny <waste-of-time>" looked promising but had
> no effect; the hosts were accessed anyway.
> ~ Here is what I tried:
> acl adclick1 dstdomain .doubleclick.net
> acl adclick2 dstdomain .valueclick.net
> acl adclick3 dstdomain .falkag.net
> http_access deny adclick1 adclick2 adclick3
acl's are 'OR' lists, http_access rules are 'AND' lists. Your http_access
rule will never be true, because the destination domain is never
.doubleclick.net AND .valueclick.net AND .falkag.net.
So what you want is
acl adclick dstdomain .doubleclick.net .valueclick.net .falkag.net
http_access deny adclick
This will deny access if dstdomain is .doubleclick.net OR .valueclick.net
OR .falkag.net.
If your list of ads-to-block is very long, you can also use
acl adclick dstdomain "/path/to/textfile"
where /path/to/textfile is a list of domains (one per line). You can add
comments in this file by starting the line with #.
> ~ How does squid block/deny/etc specified domains?
With a dstdomain acl
> ~ Is a reload all that is necessary after changing squid.conf? Or is a
> full restart required?
Reload is enough
Joost
Received on Mon Sep 19 2005 - 08:58:31 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:03 MDT