View Full Version : [ubuntu] squid
madunix
April 23rd, 2012, 04:35 PM
I have blocked file by extension to prevent downloading via squid,
acl BlockExt url_regex -i \.mp3$ \.zip$ \.asx$ \.wma$ \.wmv$ \.avi$ \.mpeg$
http_access deny BlockExt all
but still they could bypass proxy if they want download .zip , they write into the URL .zip?mmmm to get the file downloaded .... how can be this stopped.
newbie-user
April 23rd, 2012, 06:18 PM
I suppose you may have tried this already, but could you add .zip?mmmm to your list of regex.
madunix
April 23rd, 2012, 08:56 PM
after "?" they could write any string .... to get the file downloaded file.zip?[anystring] will bypass the squid
newbie-user
April 23rd, 2012, 11:08 PM
That's interesting. What does the $ in your squid mean (.zip$)? I use regex blocking for my squid, but I do the blocking by specifying a file which contains keywords without $.
Here's my config:
acl localnet src 192.168.1.1-192.168.1.254
acl block_sites url_regex "/etc/squid/block_sites.acl"
http deny localnet block_sites
snippet from block_sites.acl:
swcdn.apple.com
facebook
.exe
I'll have to try adding ?[string] at the end of a url to see if I can bypass squid.
Powered by vBulletin® Version 4.2.0 Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.