On 11/01/20 7:43 am, netadmin wrote: > I also tried with the settings from David Webb's post ie: > acl http_status_403 http_status 403 > acl virus_found rep_header X-Blocked -i \Virus found during virus scan\. > > I tried both options: > http_reply_access deny http_status_403 virus_found > and > adapted_http_access deny http_status_403 virus_found > > but something is wrong, I can download the test file (eicar). > There are two problems here. * The string SAVDI adds has no '.' at the end. The regex you have says (with "\.") that is mandatory. - remove that bit of the regex * SAVDI is producing status 200. So the 403 status check will not work for you. - remove the http_status_403. The access.log you showed earlier say that SAVDI is adding both of these headers which you could use: X-Blocked: Virus found during virus scan X-Blocked-By: Sophos Anti-Virus Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
