Kevin Gordon wrote:
I changed it to
acl blockedmime_exe rep_mime_type -i ^application/octet-stream$
^application/x-compress$ ^application/x-compressed$
acl blockedmime_zip rep_mime_type -i ^application/zip$ ^multipart/x-zip$
acl blockedmime_media rep_mime_type -i ^audio/mpeg3$ ^video/x-mpeg$
^video/quicktime$ ^video/avi% ^video/x-msvideo$ ^audio/x-mpegurl$
http_reply_access deny blockedmime_exe blockedmime_zip blockedmime_media
and it still lets it through. I'mnot sure if it has to do with
ordering or not.... If I have this statement before a statement that
allows everything which one takes precidence?
Kevin
Whoops. Sorry for not catching this the first time through... There
were two problems. First, your acls were attempting to match requests.
Second, your and/or logic doesn't match the way Squid expects it.
Have a look at
http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-af2c190759b099a7986221cd12a4066eb146a1c4.
Keep the acl lines as are, but split that http_reply_access line out:
http_reply_access deny blockedmime_exe
http_reply_access deny blockedmime_zip
http_reply_access deny blockedmime_media
For what it's worth, the first matching http_access (or
http_reply_access) rule takes precedence.
Chris
