On Wednesday 19 October 2005 17:46, Tomas Palfi wrote: > I am using external authentication ldap, where on a group basis I am > blocking file extensions such as \.exe$ \.zip$ etc. Members of this > group are restricted from downloading executable and zip files. > > Now, I have a number of users which are using client software which > needs to be regularly updated by exe files from the internet. I would > like to allow those users to be able to access the exe files from the > nominated sites only. I created another group for them and tried to > exclude them from the exe ban list for the specific sites only. > > Existing rules: > > acl internet_access6 external ldap_group Access-Exe-Bacs > acl exe-bacs dstdomain "/usr/local/squid/var/exe-sites.tp" - these are > the domains I would like those exe files from, but nowhere else! > > > acl internet_access3 external ldap_group Access-Internet > acl word-control url_regex -i "/usr/local/squid/var/word-control.tp" > acl site-control dstdomain "/usr/local/squid/var/site-control.tp" > acl download urlpath_regex \.exe$ \.zip$ > > > I can either block or no site at all. You didn't tell us which http_access statements you tried. Very much sounds like a wrong order of http_access lines. > PRIVACY & CONFIDENTIALITY > > This e-mail is private and confidential. Why do you post it to a public mailing list then? Regards Christoph -- ~ ~ ".signature" [Modified] 1 line --100%-- 1,48 All
