I can block sites. In my ACL file, let's say I have blocked

.youtube.com
.*sex.*
.*game.*
...
...
...

However when I do a google search for the word sex, it is blocked as well. I do not want the search to be blocked and I would like it to display the search result but if I visit the link www.sex.com, it will be blocked.

Can this be done in regular expression?

To explicitly deny access to a site, I'd recommend using the ACL element dstdomain rather than putting together a regular expression.

(My guess is you're already using a regular expression that is set up incorrectly. It would help if you posted your ruleset, BTW.)

Hello. This the rules currently configured:-


acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl password proxy_auth REQUIRED

# webconfig: acl_start
acl webconfig_lan src x.x.x.x/24
acl webconfig_to_lan dst x.x.x.x/24
# webconfig: acl_end

acl privoxy dstdomain config.privoxy.org

# does not block the following ports
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 81 82 83 10000 # Web-based administration tools
acl Safe_ports port 777 # multiling http
acl Safe_ports port 1863 5050 # MSN and Yahoo Messenger

# flash & shockwave
acl deny_rep_mime_flashvideo rep_mime_type -i video/flv
acl deny_rep_mime_shockwave rep_mime_type -i ^application/x-shockwave-flash$

# site, files and advertisements
acl block-site url_regex "/etc/squid/squid-block-site.acl"
acl block-url-ads url_regex -i "/etc/squid/squid-banner-ads.acl"
acl blockfiles urlpath_regex -i "/etc/squid/squid-block-file.acl"

# video & audio streaming
acl StreamingRequest1 req_mime_type -i ^video/x-ms-asf$
acl StreamingRequest2 req_mime_type -i ^application/vnd.ms.wms-hdr.asfv1$
acl StreamingRequest3 req_mime_type -i ^application/x-mms-framed$
acl StreamingRequest4 req_mime_type -i ^audio/x-pn-realaudio$
acl StreamingReply1 rep_mime_type -i ^video/x-ms-asf$
acl StreamingReply2 rep_mime_type -i ^application/vnd.ms.wms-hdr.asfv1$
acl StreamingReply3 rep_mime_type -i ^application/x-mms-framed$
acl StreamingReply4 rep_mime_type -i ^audio/x-pn-realaudio$
acl CONNECT method CONNECT

# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager

# Deny requests to unknown ports
http_access deny !Safe_ports

# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports

http_access deny blockfiles
http_access deny block-site
http_access deny block-url-ads

http_access deny StreamingRequest1 all
http_access deny StreamingRequest2 all
http_access deny StreamingRequest3 all
http_access deny StreamingRequest4 all
http_reply_access deny StreamingReply1 all
http_reply_access deny StreamingReply2 all
http_reply_access deny StreamingReply3 all
http_reply_access deny StreamingReply4 all

# deny all other access to this proxy
http_access deny privoxy
http_access allow localhost password
http_access allow webconfig_lan password
http_access deny all

http_reply_access deny deny_rep_mime_flashvideo
http_reply_access deny deny_rep_mime_shockwave
http_reply_access allow all

In squid-block-site.acl, I have these regex:-

\.metacafe.com
\.youtube\.com
\.porntube\.com
\.xtube\.com
\.xnxx\.com
\.rapidshare\.com
\.9adultsexgames\.com
movies.yahoo.com
video.google.com
urs.microsoft.com
.*game.*
.*sex.*

The search result will be blocked when I search for game or sex. Please advice. Thank you.

I think I understand what you're doing. It sounds like you just want to match the server name, and not any part of the GET request. Substitute your rule for:

Yes! I tried to use dstdomain and then I realized that wow... this will be painful to block the sites one by one. Thank you.

anomie is not saying you should use dstdomain. Infact he said use dstdom_regex and with this, squid will match words like 'sex' in the url only and NOT in search engine. you should read carefully all the help that is offered to you here. Hope this clarifies it.

1 members found this post helpful.

Part of your problem is that you aren't escaping the periods in those last few lines of your ACL.

Regular expressions don't use the asterisk for a wild card, the use the period. So you would want something like this:

The [.]* says "block any character, any number of characters, 0 and up". Hence, the block you wanted.

I suggest checking out this site if you need to brush up on some regex stuff: http://www.regular-expressions.info/