Marc Muehlfeld schrieb:
Hello,
I have blocked some URLs through an url_regex acl, which works, if the
URL contains any protocol execept https.
The "blocked_urls.lst" file contains lines like:
([^\/]\.facebook\.com\/|[^\/]\.facebook\.com$|^.*://facebook\.com)+
I've tested the regex using an online regex tester:
"http://www.facebook.com"; and "https://www.facebook.com"; both match. But
the https address can be reached, so I think, there must be a problem in
my configuration (see below).
I use 2.6.STABLE21 on CentOS 5.
Regards,
Marc
Hi Marc,
access control works in squid with "first match". Your https request
matches at the following config line first:
> http_access deny CONNECT !SSL_ports
therefore your nice RegEx is never going to see the the request.
Move the RegEx to the top or the connect rule to the bottom of your ACLs.
Regards,
Daniel
