Marc Muehlfeld schrieb:
> Hello,
>
> I have blocked some URLs through an url_regex acl, which works, if the
> URL contains any protocol execept https.
>
> The "blocked_urls.lst" file contains lines like:
> ([^\/]\.facebook\.com\/|[^\/]\.facebook\.com$|^.*://facebook\.com)+
> I've tested the regex using an online regex tester:
> "http://www.facebook.com" and "https://www.facebook.com" both match. But
> the https address can be reached, so I think, there must be a problem in
> my configuration (see below).
>
> I use 2.6.STABLE21 on CentOS 5.
>
> Regards,
> Marc
Hi Marc,
access control works in squid with "first match". Your https request
matches at the following config line first:
> http_access deny CONNECT !SSL_ports
therefore your nice RegEx is never going to see the the request.
Move the RegEx to the top or the connect rule to the bottom of your ACLs.
Regards,
Daniel
Received on Wed Oct 27 2010 - 06:57:51 MDT
This archive was generated by hypermail 2.2.0 : Wed Oct 27 2010 - 12:00:05 MDT