Re: [squid-users] how ccan i block aplication and media file downloading in squid

From: Mohsin Khan <[email protected]>
Date: Thu, 10 Jun 2004 14:26:37 -0700 (PDT)

Try http_access allow mylan ! dlb.

--- aol@nexlinx.net.pk wrote:
> salam,
> Thenx, for your kind reply my acl list is
>
<==========================================================================>
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> acl mylan src 10.1.1.1-10.1.1.150/255.255.255.255
> acl dlb urlpath_regex -i \.exe$ \.mp3$ \.mov$ \.mpg$
> \.mp?$ \.avi$ \.rm$
> \.wma$ \.mpeg$
> # http_access deny all
> http_access allow manager localhost
> http_access deny manager
> # Deny requests to unknown ports
> http_access deny !Safe_ports
> # Deny CONNECT to other than SSL ports
> http_access deny CONNECT !SSL_ports
> #http_access deny to_localhost
> #http_access allow all
> http_access allow mylan
> http_access deny dlb
> http_reply_access allow all
>
<==========================================================================>
> but i hav same problum it is not working at all and
> my all users can
> dowload all blocked files
>
> Allah Hafiz
> Kashif Ali
>
>
>
>
>
>
>
>
>
> >
> >
> >> my acl is for blocking downloading
> >> acl dlb urlpath_regex -i \.exe$ \.mp3$ \.mov$
> \.mpg$ \.mp?$ \.avi$ \.rm$
> >> \.wma$ \.mpeg$
> >> http_access deny dlb
> >> but it is not working
> >
> > Are you using anymore http_access rules with this.
> You have to be very
> > careful while setting the http_access rules.
> >
> >> how can i block down loading in a time range
> >
> > Check out the time acl type.
> > If you are going to make the squid more acl
> settings,then be care at the
> > step of setting the http_access rules.
> >
> > Regards,
> > Muthukumar.
> >
> >
> >
> > ---
> > =============== It is a "Virus Free Mail"
> ===============
> > Checked by AVG anti-virus system
> (http://www.grisoft.com).
> > Version: 6.0.701 / Virus Database: 458 - Release
> Date: 6/7/2004
> >
>

=====
Regards,
Mohsin Khan
CCNA ( Cisco Certified Network Associate 2.0 )
http://www.aaghaz.net

>>>Happy is the one who can smile<<<

        
                
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
Received on Thu Jun 10 2004 - 15:26:38 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT