I have 2 problems:
1) Error message displayed
Until 2 months ago my squid.conf was based on ip acl and, to prevent
porn sites, there was this acl:
a) acl based on ip
acl porn url_regex "c:/squid/block/pornblock.txt"
acl mycompany_ip_no_restriction src 172.16.99.2 172.16.100.34
http_access deny porn !mycompany_ip_no_restriction
deny_info ERR_PORN_ACCESS_DENIED porn
b) Now squid is based on windows domain groups and acl is:
acl porn dstdomain "c:/squid/block/pornblock.txt"
http_access deny porn !Proxy_All_Open
deny_info ERR_PORN_ACCESS_DENIED porn
In c:squid\share\errors\Italian\ERR_ACCESS_DENIED there is my customized
html file.
The problem is that while using acl "a" my error messagge is correctely
displayed, with acl "b" the messagge is always
c:\squid\share\errors\Italian\ERR_CACHE_ACCESS_DENIED
(I report english version)
Cache Access Denied
Sorry, you are not currently allowed to request:
from this cache until you have authenticated yourself.
Do someone know what is wrong?
2) dstdomain problem
In order to block porn sites I used dstdomain
acl porn dstdomain "c:/squid/block/pornblock.txt"
And in c:/squid/block/pornblock.txt I added urls like these:
.playboy.com
.superfiga.com
....
The problem is that all sites containing one of the above world were
blocked while I need to block only entire urls and not those matching a
word contained in this file.
Example:
I want to block only www.playboy.com or www.superfiga.com but NOT
www.mysite.playboy.com or www.ciao.superfiga.com
The only workaround I founded is to duplicate entries in pornblock.txt;
example:
playboy.com
www.playboy.com
Unfortunately this solution takes 60/80 seconds to squid service start
instead 15/20 seconds
Moreover I would like to write in log file the name of acl that is
blocking a site in order to help debugging.
Do someone know another solution for dstdomain and log?
Thanks
Marco
Received on Mon Oct 23 2006 - 10:54:11 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST