For exemple: allowsites - > /usr/local/ITIS/allow_sites
BlockedDownloads - > /usr/local/ITIS/restricted_files acl allowsites src "/usr/local/ITIS/allow_sites" acl BlockedDownloads urlpath_regex -i "/usr/local/ITIS/restricted_files" http_access allow allowsites !BlockedDownloads You´ll allow the allow_sites and deny downloads... Regards, Renato Policani. -----Mensagem original----- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Enviada em: terça-feira, 18 de janeiro de 2005 09:39 Para: squid-users@squid-cache.org Assunto: [squid-users] Problem blocking files with urlpath_regex acl Hi, I'm having a few problems trying to block file downloads with Squid. I have a file called 'restricted_files' with the following contents: \.7z$ \.7z? \.7z; \.ace$ \.ace? \.ace; \.arc$ \.arc? \.arc; \.arj$ \.arj? \.arj; \.bat$ \.bat? \.bat; \.b64$ \.b64? \.b64; \.bh$ \.bh? \.bh; \.bhx$ \.bhx? \.bhx; \.bz2$ \.bz2? \.bz2; \.cpio$ \.cpio? \.cpio; \.deb$ \.deb? \.deb; \.gz$ \.gz? \.gz; \.gzip$ \.gzip? \.gzip; \.hqx$ \.hqx? \.hqx; \.iso$ \.iso? \.iso; \.jar$ \.jar? \.jar; \.lha$ \.lha? \.lha; \.lzh$ \.lzh? \.lzh; \.mim$ \.mim? \.mim; \.mp3$ \.mp3? \.mp3; \.ogg$ \.ogg? \.ogg; \.rar$ \.rar? \.rar; \.rpm$ \.rpm? \.rpm; \.tar$ \.tar? \.tar; \.taz$ \.taz? \.taz; \.tgz$ \.tgz? \.tgz; \.torrent$ \.torrent? \.torrent; \.tz$ \.tz? \.tz; \.uu$ \.uu? \.uu; \.uue$ \.uue? \.uue; \.wma$ \.wma? \.wma; \.xxe$ \.xxe? \.xxe; \.z$ \.z? \.z; \.zip$ \.zip? \.zip; \.zoo$ \.zoo? \.zoo; And I have the following setup in my squid.conf: acl User1 proxy_auth user1 acl User2 proxy_auth user2 acl BlockedDownloads urlpath_regex -i "/usr/local/ITIS/restricted_files" http_access allow User1 http_access deny BlockedDownloads http_access allow User2 Now, if I authenticate as user1, I can download all files with no problems. However, if I authenticate as user2, and browse to - for example - www.google.co.uk, cache.log is showing that the following URL's are blocked because they match 'BlockedDownloads': http://www.google.co.uk/intl/en-uk/images/logo.gif http://www.google.co.uk/favicon.ico However, these extensions are not in my list! I notice similar results on other sites, with files getting blocked that shouldn't be. Can anyone offer me any help on this? Cheers, John ITIS Holdings plc www.itisholdings.com Station House, Stamford New Road Altrincham, Cheshire WA14 1EP +44(0)161 927 3600 +44(0)161 929 5074 (fax) Internet communications are not secure and therefore ITIS Holdings cannot accept responsibility for the contents of this message. If you wish to verify that this email is genuine please contact us at the address above. This email is confidential and is intended only for the named recipient. If you are not the intended recipient, any dissemination, copying or disclosure of this message is strictly prohibited. If you have received this email in error please delete this email and contact us immediately. Any personal opinions expressed in this email are those of the sender and should not be taken as being representative of ITIS Holdings plc. Atenção: Esta mensagem foi enviada para uso exclusivo do(s) destinatários(s) acima identificado(s), podendo conter informações e/ou documentos confidencias/privilegiados e seu sigilo é protegido por lei. Caso você tenha recebido por engano, por favor, informe o remetente e apague-a de seu sistema. Notificamos que é proibido por lei a sua retenção, disseminação, distribuição, cópia ou uso sem expressa autorização do remetente. Opiniões pessoais do remetente não refletem, necessariamente, o ponto de vista da CETIP, o qual é divulgado somente por pessoas autorizadas. Attention: This message was sent for exclusive use of the addressees above identified, being able to contain information and or privileged/confidential documents and law protects its secrecies. In case that you it has received for deceit, please, it informs the shipper and erases it of your system. We notify that law forbids its retention, dissemination, distribution, copy or use without express authorization. Personal opinions of the shipper do not reflect, necessarily, the point of view of the CETIP, which is only divulged by authorized people.
