Search squid archive

Re: Squid Proxy not blocking websites

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi All

Can any one help on the below issue.
I tried changing the order of deny and allow acl but it did not yield any result.

Regards
Arjun K


On Sunday, 3 May, 2020, 05:21:02 pm IST, Arjun K <email_arjun@xxxxxxxxx> wrote:


Hi All

The below is the configuration defined in the proxy server.
The issue is that the proxy is not blocking the websites mentioned in a file named denylist.txt.
Kindly let me know what needs to be changed to block the websites.



####IP Ranges allowed to use proxy
acl localnet src 10.196.0.0/16
acl localnet src 10.197.0.0/16
acl localnet src 10.198.0.0/16
acl localnet src 10.199.0.0/16
acl localnet src 10.200.0.0/16

####Allowed and Denied URLs
acl allowedurl dstdomain /etc/squid/allowed_url.txt
acl denylist dstdomain /etc/squid/denylist.txt

acl windowsupdate dstdomain windowsupdate.microsoft.com
acl windowsupdate dstdomain .update.microsoft.com
acl windowsupdate dstdomain download.windowsupdate.com
acl windowsupdate dstdomain redir.metaservices.microsoft.com
acl windowsupdate dstdomain images.metaservices.microsoft.com
acl windowsupdate dstdomain c.microsoft.com
acl windowsupdate dstdomain www.download.windowsupdate.com
acl windowsupdate dstdomain wustat.windows.com
acl windowsupdate dstdomain crl.microsoft.com
acl windowsupdate dstdomain sls.microsoft.com
acl windowsupdate dstdomain productactivation.one.microsoft.com
acl windowsupdate dstdomain ntservicepack.microsoft.com
acl windowsupdate dstdomain eu.vortex-win.data.microsoft.com
acl windowsupdate dstdomain eu-v20.events.data.microsoft.com
acl windowsupdate dstdomain usseu1northprod.blob.core.windows.net
acl windowsupdate dstdomain usseu1westprod.blob.core.windows.net
acl windowsupdate dstdomain winatp-gw-neu.microsoft.com
acl windowsupdate dstdomain winatp-gw-weu.microsoft.com
acl windowsupdate dstdomain wseu1northprod.blob.core.windows.net
acl windowsupdate dstdomain wseu1westprod.blob.core.windows.net
acl windowsupdate dstdomain automatedirstrprdweu.blob.core.windows.net
acl windowsupdate dstdomain automatedirstrprdneu.blob.core.windows.net
acl windowsupdate dstdomain play.google.com
acl windowsupdate dstdomain go.microsoft.com

acl CONNECT method CONNECT
acl wuCONNECT dstdomain www.update.microsoft.com
acl wuCONNECT dstdomain sls.microsoft.com
http_access allow CONNECT wuCONNECT localnet
http_access allow windowsupdate localnet

acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl CONNECT method CONNECT

http_access allow allowedurl
http_access deny denylist
http_access allow localhost manager
http_access allow localhost
http_access allow localnet
http_access deny manager
http_access deny !Safe_ports
http_access deny all

http_port 8080

cache_dir ufs /var/spool/squid 10000 16 256
coredump_dir /var/spool/squid

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims




Regards
Arjun K.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux