Re: [squid-users] BYPASSED acl allowedurls url_regex "/etc/squid/url.txt" , help?

From: Andres Salazar <ndrsslzr80_at_gmail.com>
Date: Tue, 16 Feb 2010 08:35:15 -0600

Hello,

acl allowedurls dstdomain "/etc/squid/url.txt" works better. However
now the problem is that its not evaluating https sites that use the
CONNECT method. So pretty much I can enter any https in the browser.

Is there anyway to control this?

Andres

On Sun, Feb 14, 2010 at 2:07 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> Andres Salazar wrote:
>>
>> Hello,
>>
>> Iam using:
>>
>> acl allowedurls url_regex "/etc/squid/url.txt"
>> and then only allowing localnet to access that acl.
>>
>> a.) If a user behind localnet types:
>> http://www.facebook.com/@http://www.allowed.org/page.html �they are
>> able to peak some content of the disallowed website facebook. Is it
>> possible ot set the regex so that it is more strict and only matches
>> if it is located at the beginning of the URL?
>>
>> The original line in the .txt file is: http://www.allowed.org/page.html
>>
>
> http://www.gnu.org/software/emacs/manual/html_node/emacs/Regexps.html
>
> see: ^
>
>> b.) Also, what would be the correct regex for something like this:
>> http://*.google.com Obviously that doesnt match.
>>
>
> Best to avoid regex for domain matching.
>
> Use:
> �acl google dstdomain .google.com
>
>
> Amos
> --
> Please be using
> �Current Stable Squid 2.7.STABLE8 or 3.0.STABLE24
> �Current Beta Squid 3.1.0.16
>
Received on Tue Feb 16 2010 - 14:35:26 MST

This archive was generated by hypermail 2.2.0 : Wed Feb 17 2010 - 12:00:04 MST