Re: [squid-users] block TOR from Carlos Manuel Trepeu Pupo on 2011-12-03 (squid-users)

From: Carlos Manuel Trepeu Pupo <charlie.mtp_at_gmail.com>
Date: Sat, 3 Dec 2011 16:37:05 -0500

Sorry for reopen an old post, but a few days ago i tried with this
solution, and ..... like magic, all traffic to the Tor net it's
blocked, just typing this:
acl tor dst "/etc/squid3/tor"
http_access deny tor
where /etc/squid3/tor it's the file that I download from the page you
people recommend me !!!

Thanks a lot, this is something that are searching a lot of admin that
I know, you should put somewhere where are easily to find !!! Thanks
again !!

Sorry for my english

On Fri, Nov 18, 2011 at 4:17 PM, Carlos Manuel Trepeu Pupo
<charlie.mtp_at_gmail.com> wrote:
> Thanks a lot, I gonna make that script to refresh the list. You´ve
> been lot of helpful.
>
> On Fri, Nov 18, 2011 at 3:39 PM, Leonardo Rodrigues
> <leolistas_at_solutti.com.br> wrote:
>>
>> i dont know if this is valid for TOR ... but at least Ultrasurf, which i
>> have analized a bit further, encapsulates traffic over squid always using
>> CONNECT method and connecting to an IP address. It's basically different
>> from normal HTTPS traffic, which also uses CONNECT method but almost always
>> (i have found 2-3 exceptions in some years) connects to a FQDN.
>>
>> So, at least with Ultrasurf, i could handle it over squid simply blocking
>> CONNECT connections which tries to connect to an IP address instead of a
>> FQDN.
>>
>> Of course, Ultrasurf (and i suppose TOR) tries to encapsulate traffic to
>> the browser-configured proxy as last resort. If it finds an NAT-opened
>> network, it will always tries to go direct instead of through the proxy. So,
>> its mandatory that you do NOT have a NAT-opened network, specially on ports
>> TCP/80 and TCP/443. If you have those ports opened with your NAT rules, than
>> i really think you'll never get rid of those services, like TOR and
>> Ultrasurf.
>>
>>
>>
>>
>> Em 18/11/11 14:03, Carlos Manuel Trepeu Pupo escreveu:
>>>
>>> So, like I see, we (the admin) have no way to block it !!
>>>
>>> On Thu, Sep 29, 2011 at 3:30 PM, Jenny Lee<bodycare_5_at_live.com> wrote:
>>>>
>>>>> Date: Thu, 29 Sep 2011 11:24:55 -0400
>>>>> From: charlie.mtp_at_gmail.com
>>>>> To: squid-users_at_squid-cache.org
>>>>> Subject: [squid-users] block TOR
>>>>>
>>>>> There is any way to block TOR with my Squid ?
>>>>
>>>> How do you get it working with tor in the first place?
>>>>
>>>> I really tried for one of our users. Even used Amos's custom squid with
>>>> SOCKS option but no go.
>>>>
>>>> Jenny
>>
>>
>> --
>>
>>
>> Atenciosamente / Sincerily,
>> Leonardo Rodrigues
>> Solutti Tecnologia
>> http://www.solutti.com.br
>>
>> Minha armadilha de SPAM, NÃO mandem email
>> gertrudes_at_solutti.com.br
>> My SPAMTRAP, do not email it
>>
>>
>>
>>
>>
Received on Sat Dec 03 2011 - 21:37:14 MST

This archive was generated by hypermail 2.2.0 : Sun Dec 04 2011 - 12:00:02 MST