Re: [squid-users] Deny IP in URL possible ?

From: Barry Irwin <bvi_at_lair.moria.org>
Date: Tue, 10 Aug 2010 16:26:07 +0200

On 10/08/2010 11:34, John Doe wrote:
> From: Scott Keith (NHS National Services Scotland) <keith_at_nhs.net>
>
>
>> Hi, I've been trying to find out if it's possible to get squid to deny access
>> to websites via an IP in the URL. I've had a fairly good Google around o= n how
>> to do this but I just keep finding out about blocking access to a sin= gle IP
>> whereas I just want to block access all websites via IP addresses.
>> I know a solution to this can be implemented via ufbdguard and probably
>> squidguard but I am only looking for a squid only solution just now.
>>
> You could do it with an external acl.
> But I am wondering if you could also use something like:
> acl notanip dstdom_regex [^0-9\.]
> Not sure if dstdom works on IPs...
>

The following should work

#stuff we need for trapping Skype connects
acl numericIp urlpath_regex [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+

then in http_access you can go ..
http_access deny CONNECT numericIp
http_access deny user21 numericIp

Barry
Received on Tue Aug 10 2010 - 14:26:15 MDT

This archive was generated by hypermail 2.2.0 : Wed Aug 11 2010 - 12:00:02 MDT