acl for matching URLs (non-regex)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

acl for matching URLs (non-regex)

Felix Leimbach
Hi,

I want to include the URLhaus blacklist [1] to protect my users from malware, since squidblacklists.org doesn't seem to be actively maintained anymore (RIP Ben Nichols).

However there does not seem to exist an acl type that can match plain URLs in this form:

http://tvmarket.co.kr/Order/Document.zip?natcanotti.biz[document_pdf_____+.exe%5D%2F%3F

Note the URL is not regex-friendly so url_regex is not an option.

How do people block exact URLs?
Is a c-icap module needed for this?

Thanks

Felix

[1] https://urlhaus.abuse.ch/api/#retrieve

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: acl for matching URLs (non-regex)

Amos Jeffries
Administrator
On 28/10/19 6:10 am, Felix Leimbach wrote:
> Hi,
>
> I want to include the URLhaus blacklist [1] to protect my users from malware, since squidblacklists.org doesn't seem to be actively maintained anymore (RIP Ben Nichols).
>
> However there does not seem to exist an acl type that can match plain URLs in this form:
>
> http://tvmarket.co.kr/Order/Document.zip?natcanotti.biz[document_pdf_____+.exe%5D%2F%3F
>
> Note the URL is not regex-friendly so url_regex is not an option.

What isn't regex friendly about it?


>
> How do people block exact URLs?

By making a regex which can only match that exact URL.

acl foo url_regex
^http://tvmarket\.co\.kr/Order/Document\.zip\?natcanotti\.biz\[document_pdf_____\+\.exe\]/\?



Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users