Hello All,
Thanks Simon and Edwin for your replies.
Please find attached my denied.txt which in fact I have downloaded from this
site..... For example, I can´t access www.squid-cache.org when I uncomment
the "http_access deny nosite" line......
Thanks once again.....
Fernanda
Em 29 Apr 2002, Simon White escreveu:
>29-Apr-02 at 13:19, fe...@ig.com.br (fe...@ig.com.br) wrote :
>> However, I still can´t make squid block properly certain sites as per the
>> instructions I´ve found. When I block them, there are some other dynamic
>> pages that are blocked as well, which are not intended to be blocked.
>
>> I am running Squid 2.4 Stable 1 on Linux Red Hat 7.2. Here it is an
> extract of my squid.conf file:
>>
>> hierarchy_stoplist cgi-bin ?
>> acl QUERY urlpath_regex cgi-bin \?
>> no_cache deny QUERY
>> acl rionet src 121.200.200.0/255.0.0.0
>> acl nosite url_regex "/usr/local/squid/etc/denied.txt"
>> #Deny access to certain sites
>> http_access deny nosite
>> #Allow access to our local network
>> http_access allow rionet
>> http_access allow localhost
>
>Can you send a small amount of the denied.txt file, since the actual
>regexps are in there. Dynamic pages are set to not be cached, but are not
>set to be blocked, in the config above.
>
>--
>[Simon White. vim/mutt. si...@mtds.com. GIMPS:95.16% see www.mersenne.org]
>If the brain was so simple that we could understand it, we would be so
>simple that we could not understand it -- Lyall Watson
>[Linux user #170823 http://counter.li.org. Home cooked signature rotator.]
>
>----------
_________________________________________________________________________
Você podia estar baixando sua musica predileta, enquanto lia esse e-mail.
Não perca tempo, tenha acesso rápido a internet com o Super iG.
http://registro.ig.com.br/superig
--Message-Boundary-1020113406
Content-type: text/plain; name="denied.txt"; type=Unknown
Content-description: denied.txt
Content-transfer-encoding: Quoted-printable
Content-disposition: attachment
3x=0D
adult=0D
amateur=0D
anzwers=0D
asian=0D
ass=0D
babe=0D
babes=0D
babilonx=0D
bizarre=0D
bizzarre=0D
blow=0D
blow=0D
boobs=0D
brunette=0D
celeb=0D
cicciolina=0D
coppie=0D
couple=0D
crazy=0D
cum=0D
denispenis=0D
dick=0D
dirty=0D
ebony=0D
eros=0D
erot=0D
extacy=0D
fetish=0D
fuck=0D
gay=0D
girl=0D
hard=0D
horny=0D
http://www.beckys-dungeon.com/=0D
http://www.call-kelly.com/=0D
http://www.digitalchicks.com/=0D
http://www.europix.com/=0D
http://www.extremethumbs.com/=0D
http://www.freepicsandmovies.com/=0D
http://www.heavyhotties.com/=0D
http://www.hotadventures.com=0D
http://www.hpic.com/=0D
http://www.libraryofthumbs.com/=0D
http://www.littlecinderella.com/=0D
http://www.mygrannys.com/=0D
http://www.peeclub.com/=0D
http://www.pervertedpix.com/=0D
http://www.realfreepics.com/=0D
http://www.serenagirl.com/=0D
http://www.suzi-wong.com/=0D
http://www.swedishcovergirl.com/=0D
http://www.troie.com/=0D
illegal=0D
interracial=0D
kamilla=0D
latin=0D
lesb=0D
livecam=0D
lolitas=0D
matur=0D
models=0D
movepost=0D
nasty=0D
nude=0D
picpost=0D
porn=0D
pregnant=0D
pussy=0D
pythonvideo=0D
schoolgirls=0D
sesso=0D
sex=0D
sheboy=0D
shemale=0D
suck=0D
teen=0D
tgirl=0D
tgp=0D
tits=0D
titties=0D
tranny=0D
video=0D
virgin=0D
vivid=0D
voyeur=0D
wives=0D
www.ampland.com=0D
www.bloatedgoat.com=0D
www.excyte.it =0D
www.freeheaven.com =0D
www.fuxx.com =0D
www.playboy.com =0D
www.figa.com
www.rednready.com =0D
xxx=0D
--Message-Boundary-1020113406--
regex is a very powerful pattern matching language, but writing
correct regex:es for filtering "bad" content is tricky at best. See
"man 7 regex" and "info regex" for regex language syntax. (Squid uses
what is called "Modern" or "Extended" regex).
Some goodies that is helpful when writing Squid filter patterns:
\. matches a dot (. matches any character)
\b matches a word boundary (some OS:es may require
--enable-gnu-regex)
^ and $ matches the start and end respectively of the string looked
at (^ is quite useful in url_regex, while $ is useful in dstdom_regex)
[] matches any of the characters between the brackets
Regards
Henrik
On Wednesday 01 May 2002 01:34, Fernanda Santos wrote:
> Hello All,
>
> Yes, I can block specific known sites using dstdomain, but I still
> have problems when blocking some words in the URL using
> url_regex... other pages are blocked as well...... Any other hint??
>
> Thanks,
>
> Fernanda
>
> On 30 Apr 2002, Squid Support (Henrik Nordstrom) wrote:
> >If your intention is to block specific known sites then using the
> >dstdomain (and dst) ACL types is more approproate..
> >
> >Regards
> >Henrik
> >
> >On Monday 29 April 2002 18:19, fe...@ig.com.br wrote:
> >> However, I still can´t make squid block properly certain sites
> >> as per the instructions I´ve found. When I block them, there are
> >> some other dynamic pages that are blocked as well, which are not
> >> intended to be blocked.
> >>
> >> I am running Squid 2.4 Stable 1 on Linux Red Hat 7.2. Here it is
> >> an extract of my squid.conf file:
> >>
> >> hierarchy_stoplist cgi-bin ?
> >> acl QUERY urlpath_regex cgi-bin \?
> >> no_cache deny QUERY
> >> acl rionet src 121.200.200.0/255.0.0.0
> >> acl nosite url_regex "/usr/local/squid/etc/denied.txt"
> >> #Deny access to certain sites
> >> http_access deny nosite
> >> #Allow access to our local network
> >> http_access allow rionet
> >> http_access allow localhost
> >>
> >> Thanks in advance for your help.
> >>
> >> Fernanda Santos
--
MARA Systems AB, Giving you basic free Squid support
Your source of advanced web reverse proxying solutions
http://www.marasystems.com/producs/
Thanks Henrik for your patience.... I wondered the same thing about the
regex patterns in my denied.txt file. So, I deleted everything in it and
left only one word which was "ig" (without quotation marks). Then I tried to
access www.ig.com.br and received an Access Denied msg. Perfect! However, I
received the same error msg when accessing www.squid-cache.org...... I am
really confused about it...... the only thing I can noticed is that the
unintended blocked pages are mostly asp or cgi-bin.....
Can be something wrong with regex?? Where can I find more details about it?
Thanks a lot!!
Fernanda