Re: [squid-users] Particular ACL setup

From: Christoph Haas <email@dont-contact.us>
Date: Wed, 27 Sep 2006 18:49:09 +0200

On Wednesday 27 September 2006 12:51, Boniforti Flavio wrote:
> Hello list.
> In our network we have following ACLs used to block streaming media:
>
> acl ProtCiv src 10.167.211.11 10.167.211.42 10.167.211.86
>
> acl streaming rep_mime_type -i ^video/x-ms-asf ^video/x-ms-sf
> ^audio/mpeg ^audio/x-mpeg ^audio/x-pn-realaudio
> ^application/x-mms-framed ^application/vnd.ms.wm
> s-hdr.asfv1 ^video/x-flv ^video/flv
>
> acl block_stream urlpath_regex -i
> \.(ra?m|mpe?g?|mov|m3u|pls|ivf|asf|asx|avi|wax|wma|wmv|wvx|wmp|wmx|m1v|m
>p2|mp3|mpa|mpe|mpv2|ogg|m4a|flv)($|\?)
>
> acl stream_uAgents browser -i ^Engelmann Media Radio Listener
> ^NSPlayer/* RMA/* Windows-Media-Player/* WMFSDK/* ^RealPlayer*
> ^QuickTime*
>
>
> http_access deny !ProtCiv stream_uAgents
> http_reply_access deny !ProtCiv block_stream
> http_reply_access deny !ProtCiv streaming
>
> Now I need the ProtCiv IP addresses to be restricted to access just the
> streaming media in two specific sites, which are:
>
> acl CodiceUno dst 88.32.161.35 88.32.161.37
> acl RegionePiemonte dstdomain regione.piemonte.it

Sounds like:

http_reply_access allow ProtCiv CodiceUno
http_reply_access allow ProtCiv RegionePiemonte
http_reply_access deny ProtCiv
http_reply_access deny block_stream
http_reply_access deny streaming
http_reply_access allow all

 Christoph
Received on Wed Sep 27 2006 - 10:49:25 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Oct 01 2006 - 12:00:04 MDT