Search squid archive

Re: url blocking using url_regex not working on squid2.5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



g f wrote:
Hello all,
I am running squid2.5STABLE14 on RHEL4.
I am close to rolling out squid3 on debian but unfortunately I still
need to support the above RHEL build.
Redhat doesnt seem to have a 2.6 rpm for RHEL4 so I cannot go to 2.6.

All is working fine but I need to implement url blocking.
I followed docs and numerous posts to attempt to implement url
blocking but squid just seems to ignore these acls.

Here is a snippet of my config:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80        # http
acl Safe_ports port 21        # ftp
acl Safe_ports port 443 563    # https, snews
acl Safe_ports port 70        # gopher
acl Safe_ports port 210        # wais
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280        # http-mgmt
acl Safe_ports port 488        # gss-http
acl Safe_ports port 591        # filemaker
acl Safe_ports port 777        # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

acl our_networks src 10.150.15.0/24
http_access allow our_networks

With this, you allow all traffic (that hasn't already been denied) from 10.150.15.0/24. For clients in this IP range, no more access rules will be checked. Have a look at the FAQ (http://wiki.squid-cache.org/SquidFaq/SquidAcl) for more.

acl our_servers src 10.150.7.0/24
http_access allow our_servers
acl msn url_regex toyota
http_access deny msn

http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all


Now I also tried the following:
acl msn dstdomain .toyota.com
http_access deny msn

acl msn_file url_regex "/etc/squid/blocker.txt"
http_access deny msn_file

I started squid using debug /usr/sbin/squid -NCd10 and get no errors.
It seems to just ignore these acls.

Any ideas?
Thanks in advance.
Graham

Chris


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux