Hello Im new to blocking with squid, right now im using a bad site list and that works fine, blocks urls as it should, but Im also experimenting with the bad regex style blacklist because I see a lot of porn is still getting through, but the badregex is blocking farmvilla zynga content as well as AOL email! I would like to know why "gay" and "porn" would cause aol and farmville to be blocked and any suggestions that might be helpful would be so very much appreciated, I have teenagers on the lan and need to protect them from this garbage the best of my ability. heres the contents of the bad regex blacklist im using, just a single line. .*porn*.* one entry. and this single entry causes all those sites/services and more to be blocked. What am I doing wrong? Heres my conf.. http_port 10.10.1.105:3128 hierarchy_stoplist cgi-bin ? refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 dns_nameservers 10.10.1.1 cache_swap_low 95 cache_swap_high 98 access_log /var/log/squid3/access.log cache_mem 500 MB memory_pools on maximum_object_size_in_memory 100 MB maximum_object_size 150 MB log_icp_queries off cache_mgr mrnicholsb@xxxxxxxxx cache_dir ufs /mnt/secondary/var/spool/squid3 34000 32 256 acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl localnet src 10.10.1.0/24 # RFC 1918 possible internal network acl blacklist dstdomain "/etc/squid3/squid-block.acl" #acl badregex url_regex -i "/etc/squid3/badregex.acl" acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 21 # http acl Safe_ports port 443 # ftp acl Safe_ports port 70 # https acl Safe_ports port 210 # gopher acl Safe_ports port 1025-65535 # wais acl Safe_ports port 280 # unregistered ports acl Safe_ports port 488 # http-mgmt acl Safe_ports port 591 # gss-http acl Safe_ports port 777 # filemaker acl CONNECT method CONNECT # multiling http http_access deny blacklist http_access deny badregex http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow localnet http_access deny all shutdown_lifetime 1 second
