Re: [squid-users] .com extension blocking causing blocking of redirecting URL's

From: Truth Seeker <truth_seeker_3535_at_yahoo.com>
Date: Mon, 30 Mar 2009 06:38:14 -0700 (PDT)

Okay... but how i can i do that in this yahoo account???

-

--
---
Always try to find truth!!!
------------***---------------***--------------***------------
Its always nice to know that people with no understanding of technologies want to evaluate technical professionals based on their own lack of knowledge
------------***---------------***--------------***------------
--- On Mon, 3/30/09, Matus UHLAR - fantomas <uhlar_at_fantomas.sk> wrote:
> From: Matus UHLAR - fantomas <uhlar_at_fantomas.sk>
> Subject: Re: [squid-users] .com extension blocking causing blocking of redirecting URL's
> To: squid-users_at_squid-cache.org
> Date: Monday, March 30, 2009, 11:55 AM
> 
> -----Inline Attachment Follows-----
> 
> Hello,
> 
> please configure your mailer to wrap lines below 80
> characters per line.
> 72 to 75 is usually OK.
> 
> Thank you.
> 
> On 27.03.09 23:40, Truth Seeker wrote:
> > I have an acl which blocks download of file with
> harmful extension's. like
> > .exe, .bat, .com, etc. This rule is working fine. the
> following is the
> > details of it;
> ...
> > acl dangerous_extension urlpath_regex -i
> "/etc/squid/include-files/dangerous_extension.squid"
> ...
> > # cat
> /etc/squid/include-files/dangerous_extension.squid 
> ...
> > ..*\.com$
> ...
> 
> > If there is a site which redirect traffic to another
> .com site, will cause
> > to trigger the above rule, which will result in
> failure of a legitimate
> > request. How can i do a workaround on this issue???
> 
> You apparently mean It's blocking redirects like
> 
> http://redirect.to/blablablabl.com
> 
> Well, I may tell you that blocking by file extension can be
> easily avoided.
> e.g.
> http://download.some.file/blablabl.com?
> 
> will prevent the acl from matching.
> 
> If you want really avoid downloading of suspect files, try
> filtering them
> with ICAP, 3rd party proxy filters (there are some
> supportign squid), and
> forget those ACL's (note that parsing multiple regular
> expressions withing
> squid may be very ineffective and can cause squid's
> slowdown).
> 
> Otherwise, simply find sites with such redirectors and try
> explicitly
> allowing them. Maybe simple rules like allowing "redir="
> would work, but
> note the above, this is not good way of blocking dangerous
> content.
> 
> -- 
> Matus UHLAR - fantomas, uhlar_at_fantomas.sk
> ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this
> address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
> reklamnu postu.
> WinError #98652: Operation completed successfully.
> 
      
Received on Mon Mar 30 2009 - 13:38:22 MDT

This archive was generated by hypermail 2.2.0 : Mon Mar 30 2009 - 12:00:02 MDT