RE: [squid-users] Stopping windows update

From: Rick Matthews <[email protected]>
Date: Fri, 22 Aug 2003 10:02:22 -0500

> -----Original Message-----
> From: Fajar Priyanto
>
> You're right. That's exactly what I want squidGuard does: to DENY
> rather than redirect. But I don't how to do it. I've put
> windowsupdate.microsoft.com into the 'banneddestination' list,
> and that's what squidGuard does: redirecting the request to
> "denied web page".
>
> How to make squidGuard to DENY request rather than redirecting?

Generally speaking, whether you block it with squidGuard or with
Squid ACLs the result is the same for the user; they see a page that
tells them they cannot go where they want to go.

So I understand now that your question does not pertain to the
user perspective, and is more likely concerning reporting issues.

A Squid acl denial can give you an access.log entry that contains
"TCP_DENIED/403". Due to limitations in Squid's redirector interface,
the best you can do with squidGuard is "TCP_MISS/403". And for most
of the logfile reporting packages, that's not good enough.

Question for others on the list: Is it possible that "TCP_DENIED"
could be achieved in a redirector environment using http_reply_access
to look for a predetermined something-or-other indicating DENIED?

Rick
Received on Fri Aug 22 2003 - 09:02:30 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:04 MST