Re: [squid-users] miranda

http_port 192.168.1.254:8080
http_port 127.0.0.1:8082
http_port a.b.c.5:8081
icp_port 0
#http_port 8080
#snmp_port 3401
#snmp_port 161
cache_mem 256 MB
cache_dir ufs /usr/local/squid/var/cache 8000 16 256
debug_options ALL,1 33,2
emulate_httpd_log on
forwarded_for off

acl public snmp_community public

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl caris_int src 192.168.200.0/255.255.248.0
acl caris_dmz src a.b.c.0/255.255.255.192

acl admin_lst src 192.168.202.73/32 192.168.200.122/32
acl admin_lst2 src 192.168.202.73/32 192.168.202.75/32 192.168.201.26/32
acl ALLOW_WIN_UP src 192.168.200.3/32 192.168.202.3/32 192.168.202.90
192.168.200.32 192.168.200.10 192.168.200.23 192.168.200.122
205.174.164.51 192.168.201.65 192.168.201.77 192.168.201.106

acl forcerobak src 192.168.100.0/24 205.174.164.50/32
acl aca src 192.168.90.0/24

acl Safe_ports port 21 80 88 443 563 2095 3915 4500 7778 8000 8020 8070
8090 8080 8081 8087 8096 8030 8194 8585 8765 8988 9000 9443 16080 19638
#acl Safe_ports port 21 80 443 563 8080 8081 8030 1025-65535

http_access allow localhost
acl manager proto cache_object
http_access allow manager localhost

acl PURGE method PURGE
http_access allow PURGE localhost
http_access deny PURGE

acl snmpServer src 192.168.202.73/32

acl ICQ url_regex -i .icq.com
acl MSN req_mime_type ^application/x-msn-messenger$
acl STREAM rep_mime_type ^application/octet-stream$
acl YAHOO url_regex .msg.yahoo.com
acl CHAT url_regex -i webmessenger .webmessenger .messenger.*
messenger.yahoo gateway.dll messenger.msn mirc icq.com go.icq miranda-im.org
acl DICT url_regex -i dictionary.reference.com
acl MICROSOFT url_regex -i .windowsupdate
acl banned_types url_regex -i .mpeg$ .mpg$ .avi$ .wmv$ .mp3$ \.rm$ .asf$
.wma$ \.ram$ \.aif$ \.ra$ .asx$
# acl banned_types2 url_regex -i .mpeg* .mpg* .avi* .wmv* .mp3* .rm*
.asf* .wma* .ram* .aif* .ra* .asx*
acl INTERNAL url_regex caris.priv
acl VIRUS url_regex -i genmexe.biz
acl TROJAN url_regex -i gookle
acl WEBMSN url_regex -i .webmessenger.msn.com
acl EMESS url_regex -i .e-messenger.net .webmessenger.msn.com/* iloveim.com
acl TALK url_regex -i .google.com/talk talk.google.com .google.com/talk*
.google.*/talk*
acl WEB1 url_regex -i .caris.com/* .caris.com
acl GTALK url_regex -i .google.com/mail/im/*
.google.com/mail/channel/bind .google.com/mail/channel/bind/*
acl GTALK_FIX url_regex -i .google.com/mail/images/*

snmp_access deny !snmpServer

http_access allow GTALK_FIX all
http_access deny GTALK all

# http_access deny block_user

# http_access allow !Safe_ports admin_lst
http_access allow !Safe_ports forcerobak
http_access deny !Safe_ports

http_access deny TROJAN

## Do not want to block searches of words
## ex, besmirce has mirc in it.
http_access allow DICT all

http_access allow CHAT admin_lst
http_access allow YAHOO forcerobak
http_access allow ICQ forcerobak
http_access allow TALK forcerobak
http_access allow MSN forcerobak
http_access allow WEBMSN forcerobak
http_access allow CHAT forcerobak

http_access allow WEBMSN admin_lst2
http_access allow MSN admin_lst
http_access allow TALK admin_lst

http_access allow ICQ admin_lst
http_access allow MSN aca
http_access allow ICQ aca

http_access deny MSN
http_access deny ICQ
http_access deny YAHOO
http_access deny CHAT
http_access deny VIRUS
http_access deny WEBMSN
http_access deny EMESS
http_access deny TALK

# http_reply_access allow STREAM admin_lst
#http_reply_access deny STREAM

http_access allow MICROSOFT admin_lst
http_access allow MICROSOFT forcerobak
http_access allow MICROSOFT aca
http_access allow MICROSOFT ALLOW_WIN_UP
http_access deny MICROSOFT

http_access allow banned_types admin_lst
http_access deny banned_types

http_access allow forcerobak
http_access allow aca
http_access allow admin_lst
http_access allow caris_int
http_access allow caris_dmz

http_access deny all

Nikos Zaharioudakis wrote:
> On 3/24/06, Peter Marshall <peter.marshall@caris.com> wrote:
>
>>I am trying to figure out how some users are using Miranda to get past
>>my squid rules. normally, msn, icq, gtalk, yahoo messenger, etc will
>>not work, however, a few users have figured out how to get around this,
>>and I have not been able to figure out how.
>>
>>Does anyone have any suggestions ?
>>
>>Thanks
>>
>
>
> Would you mind tell us a little more about current network topology
> and internet connection?
> Or perhaps your squid rules to see what is going on.
>
>
> Best regards,
> --
> ########################################3
> Zaharioudakis Nikos
> mob: +30 6947204063
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?
> A: Top-posting.
> Q: What is the most annoying thing on usenet and in e-mail?
Received on Mon Mar 27 2006 - 05:29:40 MST