Thanks Matus, that did it! You guys on this list sure are a great resource and so often have simple solutions to problems such as this one. As the default setting had this setting in it, should I expect any other issues now that I have disabled it? I'm wondering if there is any reason why I'd need to do this, or if going through DansGuardian and then to the next Squid server (which is again at the default setting for "hierarchy_stoplist cgi-bin ?") should hopefully be the same thing as having this enabled without a parent? If DG doesn't mess with anything other than denying based on the content, etc., this should be OK then? I guess we'll see how it goes. Thanks, Geoff -----Original Message----- From: Matus UHLAR - fantomas [mailto:uhlar@xxxxxxxxxxx] Sent: Monday, November 27, 2006 1:06 PM To: squid-users@xxxxxxxxxxxxxxx Subject: Re: Downloads not going through parent proxy, going DIRECT On 27.11.06 12:29, Geoff Varney wrote: > I have been using Squid 2.6 with DansGuardian 2.9 for a while now and > it's been working well, blocking downloads of various file types, etc. > However, I'm just seeing today (not sure how long this has been going > on!) that *some* sites are allowing exes to come through. What I'm > seeing in the Squid access.log is like this (I tested from download.com > with a normal account not allowed to download) > > TCP_MISS/200 185021 GET > http://software-files.download.com/sd/g33i94D6JAAXtGO-PPSk_XhSmDf4MVuRC4 > CEP8QJjHfCg4aBx59AvP9DditCgw90rjIIHWsyB3P5NLlDhNcQeboRWRI19e-Z/software/ > 10607469/10279647/3/Scorched3D-40.1d.exe?lop=link&ptype=3000&ontid=7486& > siteId=4&edId=3&pid=10607469&psid=10279647 test DIRECT/216.239.112.15 > application/octet-stream > > Is there something in the way this URL is written that sends this > request out DIRECT instead of through the parent (DG) proxy? you probably have uncommented the following line (as it is in default squid.conf): hierarchy_stoplist cgi-bin ? which causes all requests containing "?" (as the one above) to go direct. -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Enter any 12-digit prime number to continue.
