Re: [squid-users] miranda

[Peter Marshall]

I was not able to figure this out with the mime headers either (although 
it made my logs quite large ;).

Anyone have any other ideas ??
I did try
log_mime_hdrs on

It is off again.

P

Peter Marshall wrote:
As far as actual server set up .. we have an internal Firewall that does 
 not route to anything that I do not set up by hand.  The proxy is a 
stand alone box in the DMZ, and then we have an external Firewall.

internal - :firewall:| DMZ - Proxy - |:external Firewall:| Web

Peter Marshall wrote:

http_port 192.168.1.254:8080
http_port 127.0.0.1:8082
http_port a.b.c.5:8081
icp_port 0
#http_port 8080
#snmp_port 3401
#snmp_port 161
cache_mem 256 MB
cache_dir ufs /usr/local/squid/var/cache 8000 16 256
debug_options ALL,1 33,2
emulate_httpd_log on
forwarded_for off

acl public snmp_community public

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl caris_int src 192.168.200.0/255.255.248.0
acl caris_dmz src a.b.c.0/255.255.255.192

acl admin_lst src 192.168.202.73/32 192.168.200.122/32
acl admin_lst2 src 192.168.202.73/32 192.168.202.75/32 192.168.201.26/32
acl ALLOW_WIN_UP src 192.168.200.3/32 192.168.202.3/32 192.168.202.90 
192.168.200.32 192.168.200.10 192.168.200.23 192.168.200.122 
205.174.164.51 192.168.201.65 192.168.201.77 192.168.201.106

acl forcerobak src 192.168.100.0/24 205.174.164.50/32
acl aca src 192.168.90.0/24

acl Safe_ports port 21 80 88 443 563 2095 3915 4500 7778 8000 8020 
8070 8090 8080 8081 8087 8096 8030 8194 8585 8765 8988 9000 9443 16080 
19638
#acl Safe_ports port 21 80 443 563 8080 8081 8030 1025-65535

http_access allow localhost
acl manager proto cache_object
http_access allow manager localhost

acl PURGE method PURGE
http_access allow PURGE localhost
http_access deny PURGE

acl snmpServer src 192.168.202.73/32

acl ICQ url_regex -i .icq.com
acl MSN req_mime_type ^application/x-msn-messenger$
acl STREAM rep_mime_type ^application/octet-stream$
acl YAHOO url_regex .msg.yahoo.com
acl CHAT url_regex -i webmessenger .webmessenger .messenger.* 
messenger.yahoo gateway.dll messenger.msn mirc icq.com go.icq 
miranda-im.org
acl DICT url_regex -i dictionary.reference.com
acl MICROSOFT url_regex -i .windowsupdate
acl banned_types url_regex -i .mpeg$ .mpg$ .avi$ .wmv$ .mp3$ \.rm$ 
.asf$ .wma$ \.ram$ \.aif$ \.ra$ .asx$
# acl banned_types2 url_regex -i .mpeg* .mpg* .avi* .wmv* .mp3* .rm* 
.asf* .wma* .ram* .aif* .ra* .asx*
acl INTERNAL url_regex caris.priv
acl VIRUS url_regex -i genmexe.biz
acl TROJAN url_regex -i gookle
acl WEBMSN url_regex -i .webmessenger.msn.com
acl EMESS url_regex -i .e-messenger.net .webmessenger.msn.com/* 
iloveim.com
acl TALK url_regex -i .google.com/talk talk.google.com 
.google.com/talk* .google.*/talk*
acl WEB1 url_regex -i .caris.com/* .caris.com
acl GTALK url_regex -i .google.com/mail/im/* 
.google.com/mail/channel/bind .google.com/mail/channel/bind/*
acl GTALK_FIX url_regex -i .google.com/mail/images/*

snmp_access deny !snmpServer

http_access allow GTALK_FIX all
http_access deny GTALK all

# http_access deny block_user

# http_access allow !Safe_ports admin_lst
http_access allow !Safe_ports forcerobak
http_access deny !Safe_ports

http_access deny TROJAN

## Do not want to block searches of words
## ex, besmirce has mirc in it.
http_access allow DICT all

http_access allow CHAT admin_lst
http_access allow YAHOO forcerobak
http_access allow ICQ forcerobak
http_access allow TALK forcerobak
http_access allow MSN forcerobak
http_access allow WEBMSN forcerobak
http_access allow CHAT forcerobak

http_access allow WEBMSN admin_lst2
http_access allow MSN admin_lst
http_access allow TALK admin_lst

http_access allow ICQ admin_lst
http_access allow MSN aca
http_access allow ICQ aca

http_access deny MSN
http_access deny ICQ
http_access deny YAHOO
http_access deny CHAT
http_access deny VIRUS
http_access deny WEBMSN
http_access deny EMESS
http_access deny TALK

# http_reply_access allow STREAM admin_lst
#http_reply_access deny STREAM

http_access allow MICROSOFT admin_lst
http_access allow MICROSOFT forcerobak
http_access allow MICROSOFT aca
http_access allow MICROSOFT ALLOW_WIN_UP
http_access deny MICROSOFT

http_access allow banned_types admin_lst
http_access deny banned_types

http_access allow forcerobak
http_access allow aca
http_access allow admin_lst
http_access allow caris_int
http_access allow caris_dmz

http_access deny all

Nikos Zaharioudakis wrote:

On 3/24/06, Peter Marshall <[EMAIL PROTECTED]> wrote:

I am trying to figure out how some users are using Miranda to get past
my squid rules.  normally, msn, icq, gtalk, yahoo messenger, etc will
not work, however, a few users have figured out how to get around this,
and I have not been able to figure out how.

Does anyone have any suggestions ?

Thanks



Would you mind tell us a little more about current network topology
and internet connection?
Or perhaps your squid rules to see what is going on.


Best regards,
--
########################################3
Zaharioudakis Nikos
mob: +30 6947204063
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?