Re: [squid-users] Block IP based lookups
Hi, I tried what Dean mentioned, and it worked well. Thanks. On Mon, Apr 23, 2012 at 7:04 PM, Leonardo Rodrigues wrote: > > despite the fact the most usual is browsing by hostnames of any kind, > there's LOTS of pages that uses IP addresses on the links displayed and, > thus, your rule would probably break LOTS of legitime browsing where the > user is NOT really 'typing' an IP address. > > for example, even HOTMAIL uses this !! This logline was grabbed from a > TODAY log, it's not an old log, it's from TODAY: > > > 1335178083.446 1058 192.168.0.162 TCP_MISS/200 127569 GET > http://65.55.40.87/att/GetInline.aspx?messageid=8cefd7ba-8b2b-1fe1-b879-00237d65e98e&attindex=0&cp=-1&attdepth=0&imgsrc=cid%3aimage005.jpg%4001CD1A64.F6641BA0&shared=1&blob=MHxpbWFnZTAwNS5qcGd8aF1hZ2UvenBlZw_3d_3d&hm__login=XX&hm__domain=hotmail.com&ip=10.12.148.8&d=d405&mf=0&hm__ts=Mon%2c%2023%20Apr%202012%2010%3a47%3a40%20GMT&st=lleugerb&hm__ha=01_f1a95b6922365947ae92542149a187a6c6f1b688c4afc76a77c422789965&oneredir=1 > - DIRECT/65.55.40.87 image/jpeg > > > > Em 23/04/12 09:36, Dean Weimer escreveu: > >> -Original Message- >> >> Is it possible to block all IP based lookups from the browser with squid >> acls? >> >> If I assume you mean to match request to IP address, >> http://192.168.1.1/, instead of to a hostname like >> http://www.example.com, the following works quite well. >> >> # Match By IP Requests >> acl BYIP dstdom_regex ^[0-9\.:]*$ > > > > -- > > > Atenciosamente / Sincerily, > Leonardo Rodrigues > Solutti Tecnologia > http://www.solutti.com.br > > Minha armadilha de SPAM, NÃO mandem email > gertru...@solutti.com.br > My SPAMTRAP, do not email it > > > > -- Thanks and Regards Bijoy Lobo Paladion Networks
Re: [squid-users] Block IP based lookups
despite the fact the most usual is browsing by hostnames of any kind, there's LOTS of pages that uses IP addresses on the links displayed and, thus, your rule would probably break LOTS of legitime browsing where the user is NOT really 'typing' an IP address. for example, even HOTMAIL uses this !! This logline was grabbed from a TODAY log, it's not an old log, it's from TODAY: 1335178083.446 1058 192.168.0.162 TCP_MISS/200 127569 GET http://65.55.40.87/att/GetInline.aspx?messageid=8cefd7ba-8b2b-1fe1-b879-00237d65e98e&attindex=0&cp=-1&attdepth=0&imgsrc=cid%3aimage005.jpg%4001CD1A64.F6641BA0&shared=1&blob=MHxpbWFnZTAwNS5qcGd8aF1hZ2UvenBlZw_3d_3d&hm__login=XX&hm__domain=hotmail.com&ip=10.12.148.8&d=d405&mf=0&hm__ts=Mon%2c%2023%20Apr%202012%2010%3a47%3a40%20GMT&st=lleugerb&hm__ha=01_f1a95b6922365947ae92542149a187a6c6f1b688c4afc76a77c422789965&oneredir=1 - DIRECT/65.55.40.87 image/jpeg Em 23/04/12 09:36, Dean Weimer escreveu: -Original Message- Is it possible to block all IP based lookups from the browser with squid acls? If I assume you mean to match request to IP address, http://192.168.1.1/, instead of to a hostname like http://www.example.com, the following works quite well. # Match By IP Requests acl BYIP dstdom_regex ^[0-9\.:]*$ -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
RE: [squid-users] Block IP based lookups
-Original Message- Is it possible to block all IP based lookups from the browser with squid acls? If I assume you mean to match request to IP address, http://192.168.1.1/, instead of to a hostname like http://www.example.com, the following works quite well. # Match By IP Requests acl BYIP dstdom_regex ^[0-9\.:]*$ Thanks, Dean Weimer Network Administrator Orscheln Management Co
Re: [squid-users] Block IP based lookups
On 23/04/2012 9:26 p.m., Bijoy Lobo wrote: Hello All, Is it possible to block all IP based lookups from the browser with squid acls? What do you call an "IP based lookup"? The obvious interpretation of a request arriving over IP protocol means *everything* is blocked. Amos