--- dhottinger@xxxxxxxxxxxxxxxxxxxxxx wrote: > Quoting Amos Jeffries <squid3@xxxxxxxxxxxxx>: > > > Tarak Ranjan wrote: > >> Hi List; > >> It's really surprising for me that my proxy has > been > >> bypassed by on of the user using the > "proxybuilder" > >> proxy. what it's doing is that that particular > php > >> based proxy rewrite the mimetype. and that > request > >> going through my actual proxy server, but as that > >> script is rewriting the mime type and it's > encrypting > >> as test/html. > >> > >> Overall whatever the mime type based ACL i have > in my > >> server it's ignoring them. and that person has > the > >> access of those blocked urls . > >> > >> has anyone faced this kind of situation........ > >> > > > > Yes, many have. It's a old and never-ending battle > for those who are > > involved. > > > > You could try enumerating all the badness as most > beginners do. You > > could hand in the towel early and cease to care > about your users > > wellbeing. Or you could play a bit with the > serious avioders. > > > > Just imagine, redirecting all porn sites > downloads seamlessly to > > tubgirl dot com for one gross example. > > > > Or if you have families to think of, building a > kitten-net can be fun > > http://ex-parrot.com/~pete/upside-down-ternet.html > > > > Amos > > -- > > Please use Squid 2.6.STABLE19 or 3.0.STABLE4 > > Just a quick question. How would you redirect those > requests, if the > proxy server doesnt recognize them? Most of my > users doing this are > using https sites that dont go through my proxy > server. My firewall > only redirects port 80 traffic to my proxy server. > If I could > redirect these people that would be great. the thing is that, suppose dumpdata dot com is the site you want to access but it has some unwanted words in that site which my proxy can easily block that. problem is that suppose my proxy is 192.168.1.4:8080 through that i can see that user is connecting to that particular site, but what regex/mime type blocking ACL i have done on that, it's not hitting . either it's sending the request as text/html mymetype request. which i cant block. Else using wwww dot glyps dot com , bluff bluff some kind of site he is just pasting the url on that particular request form & he has the access. what i'm able to see in my proxy is that , from that ip that particular site( wwww dot glyps dot com) request is going through, I can easily block that url but there is N number of site like that which will give the privileges to bypass the prosy completely. Can't it be rectified, any idea Amos, dansguardian will be helpful ? /\ Tarak Share files, take polls, and make new friends - all under one roof. Go to http://in.promos.yahoo.com/groups/ Get the freedom to save as many mails as you wish. To know how, go to http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html
