mime deny not working anymore

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

mime deny not working anymore

robert k Wild
hi all,

can anyone say why this isnt working anymore, im scratching my head thinking about it

#deny MIME types
acl mimerep rep_mime_type "/usr/local/squid/etc/mimedeny.txt"
http_reply_access deny mimerep

and in my

/usr/local/squid/etc/mimedeny.txt

application/octet-stream
application/x-msi
application/zip
application/vnd.ms-cab-compressed

but when i go on 7zip website and download an exe, it allows me to download it

thanks,
rob
--
Regards,

Robert K Wild.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: mime deny not working anymore

Amos Jeffries
Administrator
On 13/11/20 7:19 am, robert k Wild wrote:

> hi all,
>
> can anyone say why this isnt working anymore, im scratching my head
> thinking about it
>
> #deny MIME types
> acl mimerep rep_mime_type "/usr/local/squid/etc/mimedeny.txt"
> http_reply_access deny mimerep
>
> and in my
>
> /usr/local/squid/etc/mimedeny.txt
>
> application/octet-stream
> application/x-msi
> application/zip
> application/vnd.ms-cab-compressed
>
> but when i go on 7zip website and download an exe, it allows me to
> download it
>

Have you checked the Content-Type on the reply message is actually on
that list?
  The one(s) I get by following your described test are, but that is no
guarantee you see the same.


Any hints in the cache.log ?

For troubleshooting use "debug_options ALL,1 11,2 28,3" to see the
traffic message headers and what ACLs are applied.


Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: mime deny not working anymore

robert k Wild
haha, so sorry Amos,  its working, which I thought it should as I havnt touched the config file in months

I have worked out it works for http traffic but not for https traffic

in my config I have enabled ssl bind ie https interception so I really don't K ow why its not working. 

thanks Amos

On Fri, 13 Nov 2020, 08:00 Amos Jeffries, <[hidden email]> wrote:
On 13/11/20 7:19 am, robert k Wild wrote:
> hi all,
>
> can anyone say why this isnt working anymore, im scratching my head
> thinking about it
>
> #deny MIME types
> acl mimerep rep_mime_type "/usr/local/squid/etc/mimedeny.txt"
> http_reply_access deny mimerep
>
> and in my
>
> /usr/local/squid/etc/mimedeny.txt
>
> application/octet-stream
> application/x-msi
> application/zip
> application/vnd.ms-cab-compressed
>
> but when i go on 7zip website and download an exe, it allows me to
> download it
>

Have you checked the Content-Type on the reply message is actually on
that list?
  The one(s) I get by following your described test are, but that is no
guarantee you see the same.


Any hints in the cache.log ?

For troubleshooting use "debug_options ALL,1 11,2 28,3" to see the
traffic message headers and what ACLs are applied.


Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users