Avinash Rao wrote:
> Hi,
>
> you had asked for blocks.files.acl
>
> \.[Aa][Vv][Ii]$
> \.[Mm][Pp]3$
> \.[Mm][Pp][Ee][Gg]$
> \.[Mm][Pp][Gg]$
> \.[Ss][Cc][Rr]$
> \.[Oo][Rr][Kk][Uu][Tt]$
> \.[Ee][Xx][Ee]$
You can simplify the above by setting squid.conf:
acl blah urlpath_regex -i "blocks.file.acl"
which makes it ignore upper/lower case when matching.
and simply listing:
.avi$
.mp3$
etc...
Also, the above is _almost_ identical you your squid.conf defined ACL "abc".
But the above will fail to catch any even slightly obfuscated file
extensions.
>
>
> more squid-noblock.acl
>
> ^http\:\/\/(.+@)?www\.gmail\.com\/
> ^http\:\/\/(.+@)?www\.rediff\.com\/
> ^http\:\/\/(.+@)?www\.yahoo\.com\/
> ^http\:\/\/(.+@)?www\.sscms\.org\/
The above are all MUCH better matched with dstdomain type:
acl blah dstdomain "squid-noblock.acl"
listing:
www.gmail.com
www.rediff.com
etc...
Your problem was that it would not allow yahoo stuff right? well
www.yahoo.com is not the only domain name they own and use. Most of the
content is not in the www.* domain.
Others have pointed out that the yahoo media content (including front
page images!) are hosted at *.yimg.com, and large portions of the
readable content is at *.yahoo.*.* with the final stars being some
country codes.
Same goes for all of those domains I reckon. For example
groups.gmail.com and images.gmail.com, *.google.com and
mailbox.gmail.com are all used at various points by gmail. Various
companies using gmail for internal mail also have their own
sub-domain.gmail.com used for staff access.
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19 Current Beta Squid 3.1.0.14Received on Tue Oct 13 2009 - 11:08:35 MDT
This archive was generated by hypermail 2.2.0 : Wed Oct 14 2009 - 12:00:02 MDT