Re: [squid-users] Squid doesn't block access to port 8080

From: Palula Brasil <[email protected]>
Date: Fri, 9 Dec 2005 13:14:14 -0200

It is in transparent mode. There is no need to configure anything in the
browser.
I think I pasted the acl config... Anyway here it goes again.

########################################
# CONFIGURACAO DE ACCESS LISTS #
########################################

acl all src 0/0
acl minha_rede src 192.168.100.0/24
acl bad_strings url_regex "/etc/squid/bad_strings.acl"
acl bad_sites dstdomain "/etc/squid/bad_sites.acl"
acl bad_files urlpath_regex "/etc/squid/bad_files.acl"
acl good_sites dstdomain "/etc/squid/permitted.acl"
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl ssl_ports port 443 563

acl safe_ports port 80 # http
acl safe_ports port 21 # ftp
acl safe_ports port 443 563 # https, snews
acl safe_ports port 70 # gopher
acl safe_ports port 210 # wais
acl safe_ports port 1025-65535 # unregistered ports
acl safe_ports port 280 # http-mgmt
acl safe_ports port 488 # gss-http
acl safe_ports port 591 # filemaker
acl safe_ports port 777 # multiling http

Here are the permissions relative to the ACL's

acl CONNECT method CONNECT

http_access deny bad_sites
http_access deny bad_strings
http_access deny bad_files
http_access deny CONNECT !ssl_ports
http_access allow good_sites
http_access allow safe_ports
http_access allow manager localhost
http_access deny manager
http_access allow minha_rede

http_access deny all

Is this what you wanted?

----- Original Message -----
From: "Brian Phillips" <brian.phillips@gmx.net>
To: <squid-users@squid-cache.org>
Sent: Friday, December 09, 2005 2:01 PM
Subject: RE: [squid-users] Squid doesn't block access to port 8080

On Friday 09 December 2005 12:13, Palula Brasil wrote:
> I've been receiving some links to executables files through my email and
> the link comes like this: www.somesite.com.country/urlpath/file.exe:8080
>
> The problem is that I putted the ".somesite.com.country" on the
> bad_sites acl and it still is permitting access thos files.
>
> Can anybody help me out on how to overcome this problem.

Are you running in transparent/intercept mode, or do you have the squid
proxy configured in the settings of your browser?

Paste the acl's too.

Brian
Received on Fri Dec 09 2005 - 14:32:49 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST