>> Shastri, try the below >> >> Assume... >> 1. Preventing Downloads File (nodowns.txt) has the following >> \.msi$ >> \.exe$ >> \.zip$ >> \.etc$ The above is regex >> >> 2. Trusted Sites File (goodsites.txt) has the following >> *.*microsoft*.com* >> *.*windows*.com* >> *.*etc*.com*.com* > > > WTF? Does regex even accept that? > > *.*microsoft*.com* Amos, the above is dstdomain. You must have missed the regex entries before this. > > ==> (zero or more 'nothings')(zero or more characters)(the text > "microsof")(zero or more 't' characters)(any single character)(thetext > "co")(zero or more 'm' characters) > > Don't you mean this? > \.microsoft\.com > \.windows\.com > \.etc\.com\.com > Thanks for that insight. > > Or perhapse the better version: > > acl goodsites dstdomain .microsoft.com .windows.com .etc.com.com > > Will that not be too much is you have a long list of sites? >> >> 3. Accompanying ACLs for files above >> acl nodowns urlpath_regex -i "/path_to/nodowns.txt" # With quotation marks >> acl goodsites dstdomains -i "/path_to/goodsites.txt" # With quotation >> marks >> >> 4. Controlling Rule >> http_access deny nodowns !goodsites # Put it above any "allow" rule >> >> The above is my thinking, and I could do with correction. >> >> # Edmonds > > > Pretty much. The problem is that Chaitanya supplied no details about their > config. Could be much simpler or much more complicated. > > Amos > >> >> On Fri, Jun 29, 2012 at 12:30 PM, Chaitanya Shastri wrote: >>> >>> Hi Amos, >>> >>> I have acl rules for preventing downloads on client machines. So a >>> client cannot download any file (for example, .exe, .zip .. etc ) on >>> his/her machine. >>> What I want is that all clients should be able to download any type of >>> file from certain trusted domain. >>> In short I want to allow a domain in my squid configuration from which >>> any client can download any type of file. >>> >>> Thanks. >>> >>> On Fri, Jun 29, 2012 at 1:15 PM, Amos Jeffries wrote: >>>> >>>> On 29/06/2012 6:10 p.m., Chaitanya Shastri wrote: >>>>> >>>>> Hi list, >>>>> >>>>> Is it possible to allow downloads from certain trusted sites? I >>>>> tried using the url_regex acl to list certain trusted sites from which >>>>> our users can download any file. >>>>> >>>>> Ex. acl allow_downloads url_regex -i ^http:\/\/example\.com >>>>> http_reply_access allow allow_downloads localnet # where >>>>> localnet is my LAN range >>>>> >>>>> But its not working. Any ideas on how to get it work? >>>>> >>>>> Thanks. >>>> >>>> >>>> Any idea what is blocking them from working in the first place? >>>> >>>> Amos >>>>
