[squid-users] R: Re: [squid-users] Squid: What is wrong in my acl????

From: Reale Marco <Marco.Reale@dont-contact.us>
Date: Wed, 15 Nov 2006 15:07:19 +0100

Hi Henrik

Thanks for your kind reply.
I'll try to explain better (sorry for my poor english...)

In my pornblock.txt hostnames are already without .
My pornblock.txt is:

Playboy.com
www.playboy.com
Penthouse.com
www.Penthouse.com
Superfiga.com
www.superfiga.com
.....
.....

The problem is that sometimes (AND APPARENTLY WITHOUT REASON) authentication pop-up appears even though url currently I'm browsing is not wrote in pornsite.txt

Example (occurred today with a specific site):

1) User open without problem url: www.somesite.com/homepage.aspx and while he is browsing, authentication popup appears.
2) I NOTICED THAT PRESSING CANCEL BUTTON, USER WAS ABLE TO CONTINUE BROWSING!!! Thus...I suspected that some object (a banner, a pop-up etc...) was blocked in fact....ENTERING MY CREDENTIALS (I'm in a group with full access) a pop-up with a banner was shown.
3) THUS....AND FINALLY....ANALYZING LOG FILE I SAW entries like this:
172.16.100.136 TCP_DENIED/407 2181 GET http://secure-it.imrworldwide.com/cgi-bin/m?
TCP_DENIED/407 2349 GET http://ad.it.doubleclick.net/adj/select.secondamano.it/homepage_rectangle;sz=300x250;ord=1238394311? - NONE/- text/html

http://ad.it.doubleclick.net/adj/select.secondamano.it/homepage_rectangle is the pop-up!!!

I'm sure the problem is pornsite acl because disabling acl the problem disappears thus...I suspect that acl doesn't work correctly and sometimes blocks sites containing one of these words (double for example) and not exact urls
In my pornsites.txt there are in fact urls like this:
videos-double-penetration.com
doublesexhit.com
double-god.fr.st
doublepenitration.com
.....

This problem is driving me crazy and the only solution I founded is to disable "pornsite" acl even though It isn't a solution....

Could you give me a suggestion?

-----Messaggio originale-----
Da: AdministratorIn [mailto:AdministratorIn@blackbox.net]
Inviato: luned́ 13 novembre 2006 17.17
A: Reale Marco; squid-users@squid-cache.org
Oggetto: Fwd: Re: [squid-users] Squid: What is wrong in my acl????

Begin forwarded Message from Henrik Nordstrom <henrik@henriknordstrom.net>, Sat, 11 Nov 2006 00:32:37 +0100 (MET):
fre 2006-11-10 klockan 15:05 +0100 skrev Reale Marco:

> I want to block only www.playboy.com or www.superfiga.com but NOT
> www.mysite.playboy.com or www.ciao.superfiga.com

dstdomain .playboy.com blocks playboy.com and all subdomains including www.playboy.com, www.mysite.playboy.com etc. Everything on the playboy.com domain).

To block exact host names write exact hostnames, not domain names starting with a dot.

playboy.com
www.playboy.com
[etc].

Regards
Henrik
Received on Wed Nov 15 2006 - 07:07:29 MST

This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST