Hello,
I have blocked some URLs through an url_regex acl, which works, if the URL
contains any protocol execept https.
The "blocked_urls.lst" file contains lines like:
([^\/]\.facebook\.com\/|[^\/]\.facebook\.com$|^.*://facebook\.com)+
I've tested the regex using an online regex tester: "http://www.facebook.com";
and "https://www.facebook.com"; both match. But the https address can be
reached, so I think, there must be a problem in my configuration (see below).
I use 2.6.STABLE21 on CentOS 5.
Regards,
Marc
# Define networks "all" and "localhost"
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
# Default ports we allow
acl Safe_ports port 21
acl Safe_ports port 80
acl Safe_ports port 443
acl Safe_ports port 8080
# Deny requests to unknown ports
http_access deny !Safe_ports
# Only allow cachemgr access from localhost
acl manager proto cache_object
http_access allow manager localhost
http_access deny manager
# Deny CONNECT to other than SSL ports
acl SSL_ports port 443
acl SSL_ports port 8443
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
# Block access from all IPs to URLs out of this file
acl blocked_urls url_regex "/etc/squid/blocked_urls.lst"
deny_info ERR_BLOCKED_PRIVATE blocked_urls
http_access deny all blocked_urls
# Allow access from all of our subnets
acl MyNetworkMR_Srv src 192.168.29.0/24
acl MyNetworkMR_Clt src 10.1.0.0/21
http_access allow MyNetworkMR_Srv
http_access allow MyNetworkMR_Clt
# Allow access from localhost
http_access allow localhost
# Finally deny all other access to this proxy
http_access deny all
