On Mon, 2003-02-10 at 23:12, reymc@eurecom.fr wrote:
> Hi all,
>
> I am using Squid2.5 stable1 and I want to prevent the downloading of some types
> of applications such as activeX (oleobject is the MIME type of an activeX
> object).
>
> Here is the configuration I used:
>
> ********************************
>
>
> acl trusted_sites srcdomain .microsoft.com
> acl repdangerous_appli rep_mime_type -i ^application/x -oleobject$
>
> http_reply_access allow trusted_sites repdangerous_appli
>
> ********************************
>
> Then, when I request for URL www.microsoft.com, I get an error message "Access
> denied"
>
> Does anyone know why ?
Yes. You haven't allowed any other traffic.
try:
http_reply_access deny trusted_sites repdangerous_appli
http_reply_access allow all
Also, be sure to test trusted_sites in http_access as well - in squid
2.5 http_reply_access requires 'fast' acl checks, which means that DNS
lookups cannot be done there. (This is fixed in 3.0)
Rob
-- GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:17 MST