> Thomas Raef wrote:
> > You need to apply your acls with some deny statements.
> >
> > http_reply_access deny blockfiles for your mp3's, etc.
>
> > To block websites I use dstdomain instead of url_regex.
> >
> > So my squid.conf contains:
> >
> > acl blocksites dstdomain "/etc/squid/squid-block.acl"
> >
> > http_access deny blocksites
> >
>
> ok. it's seems to me that it's working. i have another issue for this
.
> while manually in my browser if i select proxy then the acl's are
> working fine . when i select Auto detect that time it's not working,
in
> the sense acl's are hot hitting. although i've disable "allow_direct"
[Tom replied with:]
More information about your configuration is needed.
Are you using a transparent proxy? If not, then your users could easily
add their own proxy settings and bypass squid. If you are using squid in
transparent mode, then your firewall rules redirecting port 80 traffic
to squid are needed.
I know the topic of blocking access to anonymous proxies has been
discussed numerous times here, but nobody seems to have a solution.
Thomas J. Raef
e-Based Security, LLC
www.ebasedsecurity.com
1-866-838-6108
"You're either hardened, or you're hacked!"
Received on Thu Nov 01 2007 - 05:05:16 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:01 MST