Search squid archive

Re: ACL matches when it shouldn't

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ah. Think I found it.

Line 9600 in the earlier file contains a URL with un-escaped "||"
sequence. Pipe is a reserved character in regex so needs \-escaping like
'?' '*' '.', '$', '^, '[', ']', '(', ')', '$' and '\' in the original URL.


See the note below though for long-term fix ...


On 30/09/20 11:03 am, Vieri wrote:
>> None of the file entries are anchored regex. So any one of them could match.
> 
>>> Can anyone please let me know if there's a match, or how to enable debugging  to see which record in this ACL is actually triggering the denial?
>>
>> To do that we will need to see the complete and exact URL which is being blocked incorrectly.
> 
> One of them is https://www.google.com/.
> 
>> NP: a large number of that files entries can be far more efficiently blocked using the dstdomain ACL type. For example:
>>
>>   acl blacklist dstdomain .appspot.com
> 
> Agreed. However, this file is generated by an external process I don't control (SOC). It's like a "threat feed" I need to load in Squid.
> The easiest way for me would be to tell Squid that it's just a list of exact URLs, not a list of regexps. I understand that's not possible.
> 

Not with the built-in ACLs, but an external ACL helper can do any checks
you want it to. I think that would probably be best to use here.



Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux