Hello folks!
I have a "squid 2.5 Stable 12" and I'm trying to do "application
blocks" to zip, exe and MSN Messenger 7.5 connections. I need of a
special squid compilation to this?
My Squid version:
=================
Squid Cache: Version 2.5.STABLE12
configure options: --enable-x-accelerator-vary --enable-ssl
--enable-pf-transparent --enable-snmp --enable-carp
'--enable-storeio=ufs diskd'
The MSN ACL:
============
acl MSN_Free srcdomain "/etc/MSN_Free.txt"
acl msntime time M T W H F A 11:59-12:59
acl msnq req_mime_type ^application/x-msn-messenger$
acl msnp rep_mime_type ^application/x-msn-messenger$
http_reply_access allow msnp msntime
http_reply_access allow msnq msntime
http_access allow msnp MSN_Free
http_reply_access allow msnq MSN_Livre
http_access deny msnp
http_reply_access deny msnq
## BLOCKING requested mime types
acl exec_zip_free srcdomain "/etc/Exec_Zip_Free.txt"
#acl mimeblockREQ req_mime_type ^application/zip$
acl ZipBlock url_regex ^http://*application\/zip*
acl mimeblockREP rep_mime_type ^application/zip
acl mimeblockREQ req_mime_type ^application/x-zip-compressed$
acl mimeblockREP rep_mime_type ^application/x-zip-compressed
acl mimeblockREQ req_mime_type ^application/octet-stream$
acl mimeblockREP rep_mime_type ^application/octet-stream
acl mimeblockREQ req_mime_type ^application/x-msdownload$
acl mimeblockREP rep_mime_type ^application/x-msdownload
http_access allow mimeblockREQ exec_zip_livre
http_reply_access allow mimeblockREP exec_zip_livre
http_access deny mimeblockREQ
http_reply_access deny mimeblockREP
http_access deny ZipBlock
My Log File:
============
# tail -f /usr/local/squid/var/logs/access.log
1133380440.962 512 10.1.4.11 TCP_MISS/200 352 POST
http://207.46.1.11/gateway/gateway.dll? - DIRECT/207.46.1.11
application/x-msn-messenger
I think that: TCP_MISS isn't wrong here? Is The right this
TCP_BLOCK here?
Thanks,
Denis
Received on Thu Dec 01 2005 - 04:37:24 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST