On 10/04/2016 06:24 AM, oleg gv wrote: > Then I try to block FTP-Command and nothing happen. Some from my config: > > acl rh req_header -i ^FTP-Command Wrong syntax. Please read req_header documentation carefully and try something like: acl rh req_header FTP-Command -i LIST I also recommend renaming the "rh" ACL to something more meaningful like "ForbiddenCommand". Finally, since a regular HTTP request might have an FTP-Command header field, you should probably limit your rh-based http_access deny rule to transactions accepted at ftp_port(s). > http_access permit all There is no "permit" action AFAIK. Please use documented "allow" and "deny" actions only and copy-paste exact configuration lines when asking questions. > request_header_access "FTP-Command: LIST" deny all Wrong syntax and wrong option. You want to deny a transaction, not to remove a header from that transaction. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
