Thank you very much. It's my fault - wrote wrong ACL .
That'll do it! Yahooo! LIST , C.?D blocked ok.2016-10-04 17:55 GMT+03:00 Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx>:
On 10/04/2016 06:24 AM, oleg gv wrote:
> Then I try to block FTP-Command and nothing happen. Some from my config:
>
> acl rh req_header -i ^FTP-Command
Wrong syntax. Please read req_header documentation carefully and try
something like:
acl rh req_header FTP-Command -i LIST
I also recommend renaming the "rh" ACL to something more meaningful like
"ForbiddenCommand".
Finally, since a regular HTTP request might have an FTP-Command header
field, you should probably limit your rh-based http_access deny rule to
transactions accepted at ftp_port(s).
> http_access permit all
There is no "permit" action AFAIK. Please use documented "allow" and
"deny" actions only and copy-paste exact configuration lines when asking
questions.
> request_header_access "FTP-Command: LIST" deny all
Wrong syntax and wrong option. You want to deny a transaction, not to
remove a header from that transaction.
HTH,
Alex.
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
