Re: [squid-users] useragent ACL directive

From: Peter Albrecht <pa@dont-contact.us>
Date: Mon, 28 Jun 2004 15:34:43 +0200

Hi David,

On Monday 28 June 2004 15:26, David Renton wrote:
> We have been using squid successfully with NTLM auth and NT domain
> groups, and squid ACLs to limit web browsing to either a positive or
> negative list of sites.
>
> Due to the US Homeland Security recommendation,
> http://www.kb.cert.org/vuls/id/713878, to disable scripting in Internet
> Explorer, I would like to disable the use of IE with squid. So, I would
> like to know if squid has an ACL that will work against the browser
> useragent? I can't rely on the users to willing stop using IE.
> Further, I cannot simply remove IE, since it is used for some Intranet
> and Extranet web sites. However, beyond those sites, I want the users
> to run Mozilla for all generic browsing. (Mozilla now supports NTLM
> auth on Win32!!! :-> )
>
> I have searched the mailing lists, and read "Squid - The Definitive
> Guide" but did not find an ACL based on useragent. Of course, maybe I
> missed it.
>
> If there is not a useragent ACL, does squid offer an ACL that is based
> on the headers the browser sent to squid?
>
> Thanks -- david
>
>

you can use regular expressions with the ACL "browser" or "browser -i"- this
checks for strings with which a browser identifies itself.

Regards,

Peter

-- 
Peter Albrecht					palbrecht@suse.com
Novell Worldwide Training Services
Program Manager - Linux
Novell GmbH					Phone +49-89-20600-1801
Frankfurter Ring 115a				Fax   +49-89-20600-2100
D-80807 Munich					http://www.suse.de/training/
Received on Mon Jun 28 2004 - 07:38:23 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:03 MDT