lör 2007-04-28 klockan 20:35 -0700 skrev Chuck Kollars: > I want to block a whole bunch of https: proxies. I > don't need to find them or to understand them - just > block them. I already have a list of them (thanks to > urlblacklist.com and DansGuardian). Then block them. Provided the traffic is sent via Squid to begin with. What is a no-dice is to have Squid deny traffic which is not even sent via Squid. I'e if you run a transparent interception setup, not having the browsers configured to use the proxy. > acl proxy dstdomain "file_blacklist_of_proxies.txt" > http_access deny proxy This needs to go before where you allow traffic. > 2) Is the problem that the size of the blacklist might > be very large (~10,000) and performance suffers so > much this is unworkable? 10000 is quite fine for dstdomain. > Help me understand. Help me understand in what context I said this was not possible. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
