team,
squid 2.4.s2 appears to be ignoring most of the access lists i configure.
i have put this into my squid.conf
acl BLOCKED-TYPES req_mime_type -i ^video/x-msvideo$
[...]
http_access deny BLOCKED-TYPES
but it won't work. i am still able to download avi content,
which is 'video/x-msvideo' according to squid's access log.
i have tried another acl type which matches more closely but still not
in the way i like it to:
acl BLOCKED-EXT urlpath_regex -i \.avi$
[...]
http_access deny BLOCKED-EXT
this does deny me from downloading .avi files, but it does also
deny me from accessing the microsoft download center for example
and some more other sites.
the url of the ms download center is:
http://www.microsoft.com/downloads/search.asp?
to me it appears as if squid's acl would misinterpret the '?' in the end
of the url_path string and erroneously match the access list. i was able
to work around this by explicitly allowing the ? in the end like this:
acl BLOCKED-EXT urlpath_regex -i \.avi$
acl ALLOWED-EXT urlpath_regex -i \?$
[...]
http_access allow ALLOWED-EXT
http_access deny BLOCKED-EXT
i compiled squid with --enable-gnuregex and i've tried without gnuregex
but it still does not allow/deny the things it should.
perhaps anyone can try and verify if the problem only occurs on my machine.
details:
suse linux 7.1 (gcc 2.95.2, kernel 2.4.0-64gb-smp)
squid 2.4.stable2 release
configure-options:
--enable-snmp --enable-cache-digests --enable-time-hack \
--enable-storeio="diskd,ufs" --enable dlmalloc
squid also wouldn't compile with --enable-storeio="aufs", what frightenes
me a bit, because there NEVER had been a problem compiling aufs with
squid on linux before...
Best regards
Torsten Lange
Received on Wed Aug 29 2001 - 07:50:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:56 MST