Re: [squid-users] again Code Red

From: Duane Wessels <wessels@dont-contact.us>
Date: Mon, 13 Aug 2001 16:29:57 -0600 (MDT)

I put together a patch that might be helpful for code red sufferers.
With the patch, you can make Squid reset the client's TCP connection
instead of sending back an error message. After applying the patch
(to squid-2.4), you'd use it something like this in squid.conf:

    acl codered url_regex /default.ida.... (whatever identifies the worm)
    deny_info ERR_RESET codered
    http_access deny codered

then, just put the word 'reset' in ERR_RESET:

    echo reset > /usr/local/squid/etc/errors/ERR_RESET

then restart/reconfigure Squid.

Received on Mon Aug 13 2001 - 16:29:59 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:36 MST