Re: [squid-users] trying to block exe files ...

From: Andrey Shorin <tolsty@dont-contact.us>
Date: Sun, 15 May 2005 12:06:52 +0400

Hello Chris,

Friday, May 13, 2005, 21:26:52, Chris Robertson wrote:

>>>>
>>>>acl blockedfiles url_regex -i \.exe$ \.cab$
>>>>http_access deny blockedfiles
>>>>
>>>>Can anyone please tell me what I've done wrong?

>>>They maybe loged into ur log file but be sure that they never can be
>>>downloaded. Logs just shows requests. I didn't see bug in Url regex
>>>command.
>>>nisa

>> Thanks for that tip ... it does raise another point, though ... How can
>> I tell from the logs if the download actually occurred? If I have valid
>> file size information, is that an indication that the download actually
>> occured?

The indication is some of TCP_MISS, TCP_REFRESH_MISS etc. status of
the request.

> There is a small problem with the url_regex, in that some times the .exe or
> .cab file is not downloaded directly. Something like
> http://files.example.com/download.php?filename=program.exe&path=/files/
> might be a pipe (as opposed to a redirect) to download an executable.
> Examples of access.log entries for successful downloads would be helpful.

Look a little up the message. regexps having '$' at the end which
means 'end of string'

> Otherwise, if the request matches an "http_access allow" before the
> "http_access deny blockedfiles" the download will be successful. That
> depends entirely on the order of your http_access lines.

> Chris

-- 
Best regards,
 Andrey Shorin
Received on Sun May 15 2005 - 02:14:02 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:02 MDT