> -----Original Message----- > From: Justin Hennessy [mailto:jhennessy@xxxxxxxxxxxxxxxxxxxxxxxx] > Sent: Thursday, February 10, 2005 2:50 PM > To: squid-users@xxxxxxxxxxxxxxx > Subject: [squid-users] Blocking EXE problem?? > > > Hi all, > > I am trying to stop my staff from download EXE files from the > internet. > > The problem is that I have come across a couple of sites that are legit > that have EXE in the URL. > > Here is an example: > > http://www.ht.com.au/scripts/xworks.exe?M > > I have the following ACLs: > > acl ITStaff src IP1 IP2 IP3 etc > acl POST method post > acl EXE urlpath_regex \.[eE][xX][eE] > > And here is the rule: > > http_access deny EXE !POST !ITStaff > > Shouldn't that allow the URL with the EXE to display? > > Can anyone think of a way to get around this (other than creating a URL > exception list)? > > Thanks, > > Justin Perhaps something like: acl EXE urlpath_regex -i \.exe$ # Or just add the $ to the end of your EXE acl above acl programs rep_mime_type application/octet-stream http_reply_access deny EXE programs That will not block requests for anything ending in exe (or EXE or ExE or...), but should block replies for files ending with .exe of type application/octet-stream. A request for the above url (...xworks.exe?M) is currently blocked due to the missing "$" (which matches end of string) on the end of your regex expression. In addition, the http_access line is blocking requests that contain .exe unless it's a POST request from an ITStaff IP address. Usually (but not always) requests with a ? are GETs. Chris
