RE: [squid-users] Problem blocking files with urlpath_regex acl

Neil,

Many thanks, that cleared the problem!

However, I have now noticed another problem - it seems I am unable to block
these downloads if they are done in a secure https session. The rules just
don't seem to be applied in this case.

Can anyone maybe offer any advice on this?

Cheers
John

-----Original Message-----
From: Neil A. Hillard [mailto:hillardn@whl.co.uk]
Sent: 18 January 2005 11:50
To: John O'Reilly
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Problem blocking files with urlpath_regex acl

John,

On Tue, 18 Jan 2005 JOReilly@itisholdings.com wrote:

> Hi,
>
> I'm having a few problems trying to block file downloads with Squid. I
have
> a file called 'restricted_files' with the following contents:
>
> \.7z$
<snip>
> \.gz$
> \.gz?
> \.gz;
<snip>
> \.zoo;
>
> And I have the following setup in my squid.conf:
>
> acl User1 proxy_auth user1
> acl User2 proxy_auth user2
> acl BlockedDownloads urlpath_regex -i "/usr/local/ITIS/restricted_files"
>
> http_access allow User1
> http_access deny BlockedDownloads
> http_access allow User2
>
> Now, if I authenticate as user1, I can download all files with no
problems.
> However, if I authenticate as user2, and browse to - for example -
> www.google.co.uk, cache.log is showing that the following URL's are
blocked
> because they match 'BlockedDownloads':
>
> http://www.google.co.uk/intl/en-uk/images/logo.gif
> http://www.google.co.uk/favicon.ico
>
> However, these extensions are not in my list! I notice similar results on
> other sites, with files getting blocked that shouldn't be.
>
> Can anyone offer me any help on this?
I believe that the following regex will be matching .gif files:

\.gz?

? means minimal match so it will match either '.g' or '.gz'. You'll nee d
to escape a question mark:

\.gz\?

Hope this helps,

                                Neil.

-- 
Neil Hillard                    hillardn@whl.co.uk
Westland Helicopters Ltd.       http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
            views of Westland Helicopters Ltd.
ITIS Holdings plc
www.itisholdings.com
Station House, Stamford New Road
Altrincham, Cheshire WA14 1EP
+44(0)161 927 3600
+44(0)161 929 5074 (fax)
Internet communications are not secure and therefore ITIS Holdings cannot
accept responsibility for the contents of this message. If you wish to
verify that this email is genuine please contact us at the address above.
This email is confidential and is intended only for the named recipient. If
you are not the intended recipient, any dissemination, copying or disclosure
of this message is strictly prohibited. If you have received this email in
error please delete this email and contact us immediately. Any personal
opinions expressed in this email are those of the sender and should not be
taken as being representative of ITIS Holdings plc.