Hi Amos , thanks it seems okay for normal http sites I want to ask , is there a trick can we do it so that it be applied to google & yahoo images search ?? Here is wt I see in yahoo logs , just small logs and all images are allowed and not blocked ===== 1426881748.078 70740 x.70 TCP_MISS/200 11790 CONNECT js.dmtry.com:443 - DIRECT/184.170.128.58 - 1426881749.077 103 xx.70 TCP_MISS/200 2228 POST http://sd.symcd.com/ - DIRECT/23.9.123.27 application/ocsp-response 1426881749.752 29 xx.70 TCP_MISS/200 2228 POST http://sd.symcd.com/ - DIRECT/23.9.123.27 application/ocsp-response 1426881750.098 21 xx.70 TCP_MISS/200 393 GET http://ping.chartbeat.net/ping? - DIRECT/23.21.149.132 image/gif 1426881750.731 62443 xx.70 TCP_MISS/200 122185 CONNECT www.gstatic.com:443 - DIRECT/206.126.112.185 - 1426881751.476 xx.70 TCP_MISS/200 4191 CONNECT secure.footprint.net:443 - DIRECT/8.12.219.125 - 1426881752.215 505 xxx.70 TCP_MISS/200 459 CONNECT secure.footprint.net:443 - DIRECT/8.12.219.125 - 1426881753.005 1091 xx.70 TCP_MISS/200 5303 CONNECT av.beap.bc.yahoo.com:443 - DIRECT/76.13.28.21 - 1426881762.280 12994 188.161.107.70 TCP_MISS/200 5502 CONNECT d.adgear.com:443 - DIRECT/205.204.71.140 - 1426881764.215 16497 xx70 TCP_MISS/200 9832 CONNECT ads.yahoo.com:443 - DIRECT/98.139.225.43 - 1426881764.216 16453 x.70 TCP_MISS/200 6534 CONNECT ads.yahoo.com:443 - DIRECT/98.139.225.43 - 1426881765.044 18777 x.70 TCP_MISS/200 11132 CONNECT ads.yahoo.com:443 - DIRECT/98.139.225.43 - 1426881765.681 15193 xx.107.70 TCP_MISS/200 6225 CONNECT comet.yahoo.com:443 - DIRECT/72.30.196.161 - 1426881765.691 14149 xx.107.70 TCP_MISS/200 832 CONNECT comet.yahoo.com:443 - DIRECT/72.30.196.161 - 1426881766.046 116219 xx.70 TCP_MISS/200 529 CONNECT d31qbv1cthcecs.cloudfront.net:443 - DIRECT/54.230.16.189 - 1426881766.714 296 xx.70 TCP_MISS/200 2228 POST http://ocsp.verisign.com/ - DIRECT/23.9.123.27 application/ocsp-response 1426881770.049 117609 xx107.70 TCP_MISS/200 711 CONNECT d5nxst8fruw4z.cloudfront.net:443 - DIRECT/54.240.160.97 - 1426881780.403 67786 xx.70 TCP_MISS/200 852 CONNECT www.yahoo.com:443 - DIRECT/98.139.180.149 - 1426881781.519 353 xx.70 TCP_MISS/200 571 GET http://data.cnn.com/jsonp/breaking_news/domestic.json? - DIRECT/157.166.249.67 application/javascript 1426881782.057 118788 xx.70 TCP_MISS/200 19972 CONNECT cdn2sitescout-a.akamaihd.net:443 - DIRECT/23.15.4.18 - 1426881790.558 71055 xx TCP_MISS/200 26805 CONNECT s.yimg.com:443 - DIRECT/206.190.56.191 - 1426881814.445 100461 xx TCP_MISS/200 124129 CONNECT ca.yahoo.com:443 - DIRECT/98.139.180.149 - 1426881818.437 70709 xx70 TCP_MISS/200 8503 CONNECT beap-bc.yahoo.com:443 - DIRECT/206.190.57.60 - regards -----Original Message----- From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] Sent: Friday, March 20, 2015 9:56 AM To: snakeeyes Cc: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: i want to block images with size more than 40 KB On 21/03/2015 12:05 p.m., snakeeyes wrote: > Hi amos , thanks for reply > I have tried @ top of squidf.conf > > acl images rep_header Content-Type ^image/ ^x-image/ acl small > rep_header Content-Length ^[1234]?[0-9]$ http_reply_access deny small > images > > are you sure that its blocking images with size >40KB ???? Sorry I slightly mis-read your request. What I gave is blocking images *smaller* than 40 bytes (see what I mean about cut-n-paste without understanding?). To block images *over* 40 bytes change that to: http_reply_access deny !small images > also I didn’t see extensions like jpg or bmp or similar like that ??!! Because HTTP does not transfer files. It transfers data. Sometimes data can *also* be found inside "files", sometimes not. HTTP Content-Type header describes what format the data is. In this case you requested images in general, so thats the pattern I gave. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users