Re: [squid-users] Squidnt: Error message displayed problem and dstdomain question

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Mon, 23 Oct 2006 23:08:49 +0200

mån 2006-10-23 klockan 18:54 +0200 skrev Reale Marco:

> acl porn dstdomain "c:/squid/block/pornblock.txt"
> http_access deny porn !Proxy_All_Open
> deny_info ERR_PORN_ACCESS_DENIED porn
>
>
> In c:squid\share\errors\Italian\ERR_ACCESS_DENIED there is my customized
> html file.
> The problem is that while using acl "a" my error messagge is correctely
> displayed, with acl "b" the messagge is always

deny_info looks for the last acl on the http_access deny line. I don't
see how any of the two configurations could work.

Use
http_access deny !Proxy_All_Open porn

instead and deny_info becomes easier to apply..

> 2) dstdomain problem
> In order to block porn sites I used dstdomain
>
> acl porn dstdomain "c:/squid/block/pornblock.txt"
>
> And in c:/squid/block/pornblock.txt I added urls like these:
> .playboy.com
> .superfiga.com
> ....
>
> I want to block only www.playboy.com or www.superfiga.com but NOT
> www.mysite.playboy.com or www.ciao.superfiga.com

Then type the exact sites you want to block, without a leading .

www.playboy.com and playboy.com matches exacly
.playboy.com matches the whole domain and any subdomains

or alternatively make a whitelist of known acceptable subdomains of
blocked sites.

acl good_porn .mysite.playboy.com

http_access deny ... !good_porn porn

> Moreover I would like to write in log file the name of acl that is
> blocking a site in order to help debugging.

Thats only available in cache.log unfortunately.

Regards
Henrik

Received on Mon Oct 23 2006 - 15:08:54 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST