Re: [squid-users] Blocking Canonical Names, Not IP Addresses from Hamid Hashemi Golpayegani on 2002-06-09 (squid-users)

From: Hamid Hashemi Golpayegani <hamid@dont-contact.us>
Date: Sun, 9 Jun 2002 18:56:43 +0430

Also it seems that using squidgaurd is better for you cause it has a list of
porn urls and you can use additional feature of squidgaurd instead of ACL
list in squid .

On Sunday 09 June 2002 06:20 pm, Joe Cooper wrote:
> Of course. Squid can block on just about any aspect of the URL,
> including domain name.
>
> See the ACL section of the FAQ for all ACL types currently supported:
>
> http://www.squid-cache.org/Doc/FAQ/FAQ-10.html
>
> Cliff wrote:
> > Hi Squid Listers
> >
> > Problem:
> >
> > Many hosting providers will co-locate porn sites
> > on the same webserver that also hosts non-porn web sites.
> > They use Apache's name based virtual web hosting for this.
> >
> > So a porn site may actually exist at the exact same
> > IP address as a non-porn site.
> >
> > Our existing porn filter does a canonical name lookup
> > and then blocks the web site's IP address. So if we choose
> > to block a porn site...we are also choosing to block any/all
> > web sites that may exist at that IP address.
> >
> > The existing porn filter is from H2N.
> >
> > Needless to say, the users don't understand why
> > http://non-porn.website.com is blocked, the reason being
> > that http://good-porn.website.com and http://non-porn.website.com
> > are both hosted at the same IP addy via name based virtual hosting.
> >
> > So can squid block by canonical name only?
> > It seems like blocking by canonical name only would leave
> > the rest of the non-porn websites at the same address reachable.
> >
> > Or perhaps I'm mistaking/misunderstanding something?
> >
> > Thank you fellow Squid Gurus.

-- 
Regards
    =================================================================
   /  Seyyed Hamid Reza    /        WINDOWS FOR NOW  !!            /
  /  Hashemi Golpayegani  /  Linux for future , FreeBSD for ever  /
 /    Morva System Co.   / ------------------------------------- /
/  Network Administrator/ hamid@morva.net   ,   ICQ# : 42209876 /
================================================================

Received on Sun Jun 09 2002 - 08:29:12 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:37 MST