Search squid archive

ACLs to direct request to proper parent?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I've recently installed a Squid 2.6STABLE16 system in a country that
requires all web browsing to go through a government-specified proxy
server.  The Government runs a non-transparent proxy setup that must be
explicitly listed in the Squid configuration.

That would normally be easy, as all I'd do is list the Governement proxy
as a parent.  However, I have three types of traffic I'd like to direct
to different places:

	1.  Traffic that should be virus-scanned before delivering to
the client.
	2.  Traffic that should not be virus-scanned such as web
conferencing.
	3.  Traffic that is internal and should not be virus scanned or
given to the Government proxy.

Here's what I have so far:

  cache_peer 127.0.0.1 parent 8080 7 name=vscan no-query no-digest
default
  cache_peer govproxy  parent 3128 7 no-query no-digest

  cache_peer_domain vscan  !.pressaccess.com !.presentonline.com
  cache_peer_domain vscan  !.interactconferencing.com !.raindance.com
  cache_peer_domain vscan  !.mshow.com !.placeware.com
  cache_peer_domain vscan  !.ilearning.com !.kindercam.com
!.fidelity.com
  cache_peer_domain vscan  !.lexisnexis.com !data.finlistics-vm.com
  cache_peer_domain vscan  !library.midicorp.com
  cache_peer_domain vscan  !.finance.yahoo.com !.tenrox.com
!.riskadvisory.com

  acl internal-dst dst 10.0.0.0/255.0.0.0
  acl internal-dst dst 172.16.0.0/255.240.0.0
  acl internal-dst dst 192.168.0.0/255.255.0.0
  always_direct allow internal-dst

I'd like to bypass the virus scanner for more things than just domain
lists.  I'd like to be able to use an ACL like:
  acl novirus-url urlpath_regex -i \.gif(\?.*)?$ \.jpg(\?.*)?$
\.png(\?.*)?$
  acl novirus-url urlpath_regex -i \.mpe?g(\?.*)?$ \.avi(\?.*)?$
\.swf(\?.*)?$
  acl novirus-url urlpath_regex -i \.qt(\?.*)?$ \.mov(\?.*)?$
\.as[fx](\?.*)?$
  acl novirus-url urlpath_regex -i \.rm(\?.*)?$ \.wm[av](\?.*)?$
\.mp3(\?.*)?$
  acl novirus-url urlpath_regex -i \.m4[avp](\?.*)?$ \.mp4v?(\?.*)?$
  acl novirus-url urlpath_regex -i \.wav(\?.*)?$
And then use that ACL to bypass the virus scanner and go directly to the
Government proxy.  I didn't see anything in Squid 2.6STABLE16 that would
do what I need.  Am I missing something?

Mike Mitchell
SAS Institute Inc.
Mike.Mitchell@xxxxxxx
(919) 531-6793
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux