RE: [squid-users] Google SSL searches

Instead of dstdomain, you could use a regular expression. You could use a pattern like:

^(www\.)?(google\.com?(\...)?)

Which would catch:
google.co
google.com
google.co.XX where XX is any two characters
google.com.XX "" ""
(with and without www.)

That would probably catch most of them without blocking too many legitimate sites. However, I think Google uses encrypted.google.com for HTTPS.

-Dan

-----Original Message-----
From: Marcus Kool [mailto:marcus.kool_at_urlfilterdb.com]
Sent: Monday, July 26, 2010 8:37 AM
To: Henrik Nordström
Cc: Dave Burkholder; squid-users_at_squid-cache.org
Subject: Re: [squid-users] Google SSL searches

If you want to block HTTPS for Google you need to block it for all domains
including google.co.uk, google.com.br, google.co.nz google.com.au and
130 more.

Henrik Nordström wrote:
> tor 2010-05-27 klockan 15:35 -0400 skrev Dave Burkholder:
>
>> Is there some way to specify via a Squid ACL that requests via port 443 to
>> google.com are blocked, but requests to google.com via port 80 are allowed?
>
> acl https port 443
> acl google dstdomain google.com
> http_access deny https google
>
> Regards
> Henrik
>
>
>
Received on Mon Jul 26 2010 - 21:32:00 MDT