Hello everyone, The site where I work has pretty stringent Internet policies, one of them being that most downloads are prohibited and they have asked me to cobble together a filter that can enforce that.
So I created an expression list that will cause squidGuard to refuse the most common dangerous (or timewasting) extensions. The list looks like so: \.(exe|com|bat|scr|pif|vbs|ade|adp|chm|cmd|cpl|crt|hlp|hta)$ \.(inf|ins|isp|jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|reg|sct|)$ \.(shs|shb|vb|vbe|wcs|wsf|wsh|avi|ram|ra|mov|mp3|wmv|zip|rar)$ \.(asf|rm|mpg|mpeg|wav)$ This expressionlist works quite well, and when people try to download an executable, like say anything ending in ".exe" they are redirected to our standard "Access Denied" page. However, ever inventive as our users are, they now have found a site that no longer works because of this expression list. The site uses links such as the following: http://somesite.tld/?menu=1. When parsing this url, squidguard finds the last dot, matches it to the expression list and redirects the user to "Access Denied". This is of course not desirable. Unfortunately, I am no genius when it comes to regexes. I have tried googling around to find a workaround for this and I have found many regex tutorials, but not something that looks like I can use it. I was hoping some of you may have had dealings with a similar situation or are better at regexes than me and could tell me how I can work around this, or point me to somewhere where I can find the answer. Thanks in advance, Joop -- Netwerkbeheerder/Network Admin De Risse Holding BV "When you just want a system that works, you choose Linux; when you want a system that just works, you choose Microsoft."
