* Erwann PENCREACH <erwann.pencreach_at_ch-chaumont.fr>:
> Hi all,
>
> I'm configuring a squid 3 proxy and I want, to deny access to all
> unwanted browsers but that is not working.
>
> here are my current acl :
You REALLY need to read on regular expressions
> acl nodst url_regex ^.*sex.*$ ^.*porn.*$ ^.*hack.*$ ^.*crack.*$ ^.*drug.*$
Or shorter:
acl nodst url_regex sex porn hack crack drug
Note that you won't be able to access
http://www.sextant.fr/ with that. Which is a bit problematix.
> acl nodst1 url_regex -i \.bat$ \.cmd$ \.exe$ \.pif$ \.vbs$ \.ade$ \.adp$
> acl nodst2 url_regex -i \.bas$ \.chm$ \.cpl$ \.eml$ \.hlp$ \.hta$ \.inf$
> acl nodst3 url_regex -i \.ins$ \.isp$ \.jse$ \.lnk$ \.msc$ \.msi$ \.msp$
> acl nodst4 url_regex -i \.mst$ \.reg$ \.sct$ \.shs$ \.vb$ \.vbe$ \.vbs$
> acl nodst5 url_regex -i \.wav$ \.avi$ \.ogg$ \.wma$ \.wme$ \.wsc$ \.wsf$
> acl nodst6 url_regex -i \.wsh$ \.sh$ \.mp3$ \.scr$ \.cab$ \.zip$ \.tar$
> acl nodst7 url_regex -i \.gz$ \.bz2$ \.xpi$ \.wmv$ \.mpeg$
acl nodst1 url_regex -i \.(bat|cmd|exe|pif|vbs|ade|adp)$
etc.
> acl contenttype1 req_mime_type ^.*video.*$ ^.*audio.*$
acl contenttype1 req_mime_type video audio
> acl checkua browser -i ^.*Mozilla/.*$ ^Keyvelop$ ^ClamWin/.*$
acl checkua browser -i Mozilla/ ^Keyvelop$ ^ClamWin/
Maybe it would be more useful to add DansGuardian to your setup.
Received on Wed Jun 24 2009 - 09:19:22 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 24 2009 - 12:00:04 MDT