RE: [squid-users] Stopping windows update

From: Rick Matthews <[email protected]>
Date: Thu, 21 Aug 2003 01:24:46 -0500

> -----Original Message-----
> From: Fajar Priyanto
>
> 1. Can windowsupdate.microsoft.com be denied rather than redirected?

Sure.
_Put 'windowsupdate.microsoft.com' in a squidGuard domains file.
_Reference that domains file in a destination group in your
 squidGuard.conf file.
_Prohibit that destination group in the acl section of your
 squidGuard.conf file.

Works fine. Only blocks the windowsupdate.microsoft.com sub-domain.

>
> In my access.log shows:
> 1061255076.570 3030 192.168.0.11 TCP_MISS/200 303 HEAD
> http://windowsupdate.microsoft.com/ident.cab - DIRECT/127.0.0.1 text/html
> 1061255076.613 26 192.168.0.11 TCP_MISS/200 303 HEAD
> http://windowsupdate.microsoft.com/ident.cab - DIRECT/127.0.0.1 text/html
> 1061255076.654 26 192.168.0.11 TCP_MISS/200 303 HEAD
> http://windowsupdate.microsoft.com/ident.cab - DIRECT/127.0.0.1 text/html

Those are strange. What controls and/or redirection was in place to
produce those? The request was approved (200) and the object was
fetched from 127.0.0.1 (instead of 207.46.134.30).

If you block it with squidGuard as I explained above your access.log
will show the request was Forbidden (403), and the Hierarchy will
show the ip of the machine that hosts your squidGuard redirect
page.

Will that work for you?

Rick
Received on Thu Aug 21 2003 - 00:24:54 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:02 MST