Re: [squid-users] ACL help: blocking non-html objects from particular domains

From: Amos Jeffries <[email protected]>
Date: Wed, 17 Oct 2007 01:08:39 +1300

Craig Skinner wrote:
> On Mon, Oct 15, 2007 at 12:04:41AM +1300, Amos Jeffries wrote:
>> It should work. What does cache.log / access.log say when (3) is used?
>>
>
> Thanks for the help, I'll work on dstdomains next, logs below:
>
>
> ###################################
>
>
> acl our_networks src 127.0.0.1/32
> http_access allow our_networks
> acl suspect-domains dstdom_regex "/etc/squid/suspect-domains.acl"
> acl ok-mime-types rep_mime_type -i ^text/html$
> http_access allow suspect-domains ok-mime-types
> http_access deny all
>
> The request GET http://www.example.com/ is DENIED, because it matched 'all'
> TCP_DENIED/403 1375 GET http://www.example.com/ - NONE/- text/html
>
>
> ###################################
>
>
> acl our_networks src 127.0.0.1/32
> http_access allow our_networks
> acl suspect-domains dstdom_regex "/etc/squid/suspect-domains.acl"
> acl ok-mime-types rep_mime_type -i ^text/html$
> http_access deny suspect-domains !ok-mime-types
> http_access allow suspect-domains
> http_access deny all
>
> The request GET http://www.example.com/ is DENIED, because it matched 'ok-mime-types'
> TCP_DENIED/403 1375 GET http://www.example.com/ - NONE/- text/html
>

Really weird. So what does /etc/squid/suspect-domains.acl contain
exactly then?

Amos
Received on Tue Oct 16 2007 - 06:08:43 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:01 MDT