Okay... but how i can i do that in this yahoo account??? - -- --- Always try to find truth!!! ------------***---------------***--------------***------------ Its always nice to know that people with no understanding of technologies want to evaluate technical professionals based on their own lack of knowledge ------------***---------------***--------------***------------ --- On Mon, 3/30/09, Matus UHLAR - fantomas <uhlar@xxxxxxxxxxx> wrote: > From: Matus UHLAR - fantomas <uhlar@xxxxxxxxxxx> > Subject: Re: .com extension blocking causing blocking of redirecting URL's > To: squid-users@xxxxxxxxxxxxxxx > Date: Monday, March 30, 2009, 11:55 AM > > -----Inline Attachment Follows----- > > Hello, > > please configure your mailer to wrap lines below 80 > characters per line. > 72 to 75 is usually OK. > > Thank you. > > On 27.03.09 23:40, Truth Seeker wrote: > > I have an acl which blocks download of file with > harmful extension's. like > > .exe, .bat, .com, etc. This rule is working fine. the > following is the > > details of it; > ... > > acl dangerous_extension urlpath_regex -i > "/etc/squid/include-files/dangerous_extension.squid" > ... > > # cat > /etc/squid/include-files/dangerous_extension.squid > ... > > ..*\.com$ > ... > > > If there is a site which redirect traffic to another > .com site, will cause > > to trigger the above rule, which will result in > failure of a legitimate > > request. How can i do a workaround on this issue??? > > You apparently mean It's blocking redirects like > > http://redirect.to/blablablabl.com > > Well, I may tell you that blocking by file extension can be > easily avoided. > e.g. > http://download.some.file/blablabl.com? > > will prevent the acl from matching. > > If you want really avoid downloading of suspect files, try > filtering them > with ICAP, 3rd party proxy filters (there are some > supportign squid), and > forget those ACL's (note that parsing multiple regular > expressions withing > squid may be very ineffective and can cause squid's > slowdown). > > Otherwise, simply find sites with such redirectors and try > explicitly > allowing them. Maybe simple rules like allowing "redir=" > would work, but > note the above, this is not good way of blocking dangerous > content. > > -- > Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx > ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this > address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek > reklamnu postu. > WinError #98652: Operation completed successfully. >
