Search squid archive

RE: stoppin Torrent file download

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----Original Message-----
From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] 
Sent: Tuesday, March 20, 2012 7:18 PM
To: squid-users@xxxxxxxxxxxxxxx
Subject: Re:  stoppin Torrent file download

On 20/03/2012 9:14 p.m., Vishal Agarwal wrote:
> Hi,
>
> Pl advise if some user want to download ".torrent" file. He should get
> downloaded my own created file, already stored in my server.
>
> Thanks/regards,
> Vishal Agarwal
>
> I am not able to use "deny_info" for my custome defined messages.

That is the best way, but only works in squid-3.2.

Alternatively, you can use url_rewrite system to redirect the .torrent 
URL to a web server where you host your own file.

Amos
---------------------------------------
Hi Amos,
Thanks for your reply.

When I enable the deny_info, The squid crash. And I need to change the conf
as earlier and then have to work without custom message.

Pl find the squid conf below :
######################################
visible_hostname  mail2.norpknit.com
cache_dir ufs /var/spool/squid3 10000 32 256
#cache_access_log none
http_port 192.168.7.1:8080 transparent

logformat common %>A %ui %un [%tl] "%rm %ru" %Hs %<st %Ss:%Sh
access_log /var/log/squid3/access.log common
cache_access_log none
#logformat common %>a %ul [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
#logformat NewFormat %>A %ul [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
#acl all src 0/0
acl norpnet src 192.168.7.0/24 # Norpknit localLan

acl allowed_ip_group01  src "/etc/squid3/allowed_ip_group01"  # Managers
acl allowed_ip_group02  src "/etc/squid3/allowed_ip_group02"  # Executives
acl allowed_ip_group03  src "/etc/squid3/allowed_ip_group03"  # Officers
acl allowed_ip_group04  src "/etc/squid3/allowed_ip_group04"  # Others
acl allowed_ip_group05  src "/etc/squid3/allowed_ip_group05"  # Guest

acl buyer_website dst underarmour.com   # Underarmour Website Allowed
acl ebl_bank dst ebl-bd.com             # Bank website

acl blocked_domain dstdomain "/etc/squid3/blocked_domain"
acl blockedext url_regex -i "/etc/squid3/FileExt"
acl Totally_Not_Allowed url_regex -i "/etc/squid3/totally_not_allowed"
acl allowed_domain dstdomain "/etc/squid3/allowed_domain"
acl morning_hour time S M T W H F A  00:00-09:00
acl lunch_hour time S M T W H F A 13:00-14:00
acl evening_hour time S M T W H F A  18:00-24:00

acl SSL_ports port 443
acl SSL_ports port 587          # gmail
acl SSL_ports port 873          # rsync
acl SSL_ports port 4443         # Eastern Bank
acl SSL_ports port 2443         # Iceweb
acl SSL_ports port 3067         # GAP
acl Safe_ports port 4443        # Eastern Bank Limited
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-10000  # unregistered ports
acl Safe_ports port 10001-20000 # unregistered ports
acl Safe_ports port 20001-30000 # unregistered ports
acl Safe_ports port 30001-40000 # unregistered ports
acl Safe_ports port 40001-50000 # unregistered ports
acl Safe_ports port 50001-60000 # unregistered ports
acl Safe_ports port 60001-65535 # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl PURGE method PURGE
acl CONNECT method CONNECT
http_access deny Totally_Not_Allowed
http_access deny  !allowed_ip_group01  blockedext
http_access deny !Safe_ports
http_access allow manager
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow to_localhost
http_access allow buyer_website
http_access allow ebl_bank

#http_access deny manager

#http_access allow norpnet allowed_domain # Common Domain access allowed
#http_access deny blocked_domain !allowed_ip_group01 !allowed_ip_group02
!allowed_ip_group03
http_access allow allowed_ip_group01 blockedext
	
deny_info ERR_ACCESS_DENIED_TORRENT blockedext
#http_access allow allowed_ip_group01
http_access allow allowed_ip_group02
http_access allow allowed_ip_group03
http_access allow allowed_ip_group04
http_access allow allowed_ip_group05

http_access allow norpnet
#  allowed_domain

http_access deny !allowed_ip_group01
http_access deny !allowed_ip_group02
http_access deny !allowed_ip_group03
http_access deny !allowed_ip_group04
http_access deny !allowed_ip_group05
#http_access deny norpnet
http_access allow localhost
http_access allow to_localhost
http_access allow PURGE
http_access deny PURGE
http_access allow all
http_access deny all
icp_access deny all
#htcp_access deny all
hierarchy_stoplist cgi-bin ?
#access_log /var/log/squid3/access.log common
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern (cgi-bin|\?)    0       0%      0
refresh_pattern .               0       20%     4320
icp_port 3130
coredump_dir /var/spool/squid3
emulate_httpd_log on
positive_dns_ttl 2 minute
negative_dns_ttl 2 minute
connect_timeout 5 minute
read_timeout 2 minute
#siteselect_timeout 2 minute
request_timeout 5 minute
half_closed_clients off
cache_store_log none
ident_lookup_access allow CONNECT
cache deny blocked_domain blockedext Totally_Not_Allowed CONNECT
dns_nameservers 8.8.8.8 8.8.4.4
delay_pools 1
delay_class 1 2
delay_parameters 1 45000/60000 -1/-1
delay_access 1 deny norpnet !allowed_ip_group01 !allowed_ip_group02
!allowed_ip_group03 !buyer_website !ebl_bank
delay_access 1 allow all

##################################

Deny Info File

##################################################
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd";>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css">
<!--  %l  body :lang(fa) { direction: rtl; font-size: 100%; font-family:
Tahoma, Roya, sans-serif; float: right; } :lang(he)

{ direction: rtl; float: right; }  -->
</style>
</head>
<body>
<div id="titles">
<h1>ERROR</h1>
<h2>This File is blocked as per IT Policy</h2>
</div> <hr>
<div id="content">
<p>The following error was encountered while trying to retrieve the URL:
<a href="%U">%U</a>
</p>  <blockquote id="error"> <p>
<b>Torrents Download is not allowed</b>
</p>
</blockquote>
<p>You are not allowed to download this file. This case will be reported to
<b>IT Dept.</b></p>
<p>In case you feel you want to download this file in anycase, Then inform
to <a href="mailto:support@xxxxxxxxxxxx";>Support

</a>.</p>
<br>
</div>
<hr>
<div id="footer">
<p><b>IT Dept. <br>
Norpknit Industries Ltd.
</b></p> <!-- %c -->
</div>
</body>
</html>

###########################################3
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux