We're trying to prevent students from bypassing our filter by using ip
addresses instead of urls. It is quite unpleasant to go through and put
in an ip address for every url we want to block. I've found a reference
in the docs for using !in-addr in the ACL's to enforce the use of url's
instead of ip addresses but it isn't working. The same documentation
says !in-addr is a fast equivalent to this regex:
^[^:/]+://[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}($|[:/])
which also doesn't work when I put it in an expression list.
Here are the relevant sections of squidGuard.conf (possibly line-wrapped
in a nasty manner).
dest ipaddress {
log local-block
expressionlist ipaddress/expressions
redirect
302:http://10.8.16.7/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%
i&srcclass=%s&targetgroup=%t&url=%u
}
acl {
default {
pass !local-block local-ok !in-addr !ipaddress !aggressive
!drugs !gambling !hacking !porn !proxy !violence !warez all
}
}
We run squidGuard-1.2.0 as provided by our distro (Redhat). Any ideas?
Thanks.
--
Mike Rambo
[EMAIL PROTECTED]
Evolution (n): A hypothetical process whereby infinitely improbable events occur
with alarming frequency, order arises from chaos, and no one is given credit.
