found out why my "rep_mime_type" wasnt working

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

found out why my "rep_mime_type" wasnt working

robert k Wild
i finally figured out why my blocking of mime types wasn't working

this is my good code now

#allow special URL paths
acl special_url url_regex "/usr/local/squid/etc/urlspecial.txt"
#
#deny MIME types
acl mimetype rep_mime_type "/usr/local/squid/etc/mimedeny.txt"
#
http_reply_access allow special_url
http_reply_access deny mimetype

in my mime deny its

application/octet-stream
application/x-msi
application/zip
application/x-7z-compressed
application/vnd.ms-cab-compressed

but in my url specials


it contains a mime type that im blocking but now it passes it through as i have put an allow specials before the deny mime types

and when i go to an adobe website to download an exe ie adobe reader dc, it detects it and blocks it as its an exe or octet stream

but then this was in my code aswell

#SSL Interception
acl DiscoverSNIHost at_step SslBump1
acl NoSSLIntercept ssl::server_name_regex -i "/usr/local/squid/etc/interceptssl.txt"
ssl_bump splice NoSSLIntercept
ssl_bump peek DiscoverSNIHost
ssl_bump bump all

and in my "interceptssl.txt" i stupidly put


and this was just allowing me to download the exe acrobat adobe reader, i was going nuts over this but i finally figured it out

thanks all

--
Regards,

Robert K Wild.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users