Dear

i want to stop downloads these are the file format using squid
can u help

\.msi$ \.exe$ \.mp3$ \.mov$ \.mpg$ \.mp?$ \.avi$ \.rm$ \.zip$ \.rpm$ \.tif$ \.vqf$ \.tar$ \.gz$ \.rar$ \.mpeg$ \.mpe$ \.mpg$ \.qt$ \.ram$ \.iso$ \.maw$ \.wav$ \.jar$ \.wvm$ \.rim$ \.xlt$ \.dot$ \.asc$ \.xls$ \.tiff$ \.tif$ \.aiff$ \.aif$ \.aifc$ \.au$

with regards
Kutty n

Just use Dansguardian:

1. File extensions downloads are blocked by default
2. Has true content filtering
3. Integration of clamav for AV scanning of downloaded files and web contents.
4. Flexible enough to allow selected downloads by simply listing the sites. This functionality is very important since OS and programs need to be updated regularly and as well to allow necessary downloads from selected sites.
5. Easy and flexible administration. Configuration files are in plain text only, no regexp to write.
6. Just leave to squid web acceleration to make things simpler for you.

www.dansguardian.org

hi..

can u say how to use dansguardian

Dansguardian requires a running ClamAV and PCRE library prior to installations. As much as possible, use the latest stable ClamAV release for better web threats detection and performance.

Download the latest beta version, it's 2.9.9.5 to date, unpack and read the INSTALL text file for distro specific instructions and compilation options or simply use the very basic './configure --help |less'.

If you are able to configure squid, dansguardian is even simpler to configure. Dansguardian (DG), connects via a parent proxy, a web accelerator like squid in order to work. DG's preferred listening port is 8080 and connects to squid at squid's default port of 3128.

In order to prevent your users bypassing DG by manually configurating their browsers to connect directly to squid's port, bind only squid at 127.0.0.1.

If you only wanted a transparent proxy, simply bind DG at 127.0.0.1 and configure your firewall to redirect/port forward outgoing http/www traffic through DG's address and port first. When running in transparent proxy mode, there's no need to manually set the network setting of your browsers.

Dansgurdian's configuration files:

/etc/dansguardian/dansguardian.conf - main configuration file including network settings and other specific options

/etc/dansguardian/contentscanners - directory that contains specific AV or content scanner configuration files. For ClamAV it's clamdscan.conf

/etc/dansguardian/lists - directory containing specific config files for banning, exempting, greylisting, allowing AV scanning for a download and exempting/bypassing known clean/trusted sites from AV scanning to reduce load. Exceptions and banning are done either by listing sites (site.com, games.domain.com) or some specific URLs (site.com/example). Listing a domain only, would affect the entire site.

/etc/dansguardian/lists/blacklists - directories containing categorized blacklist for content filtering if you donwloaded and unpacked urlblacklists.com free for trial big blacklists.

dansguardian.conf, like with squid is highly commented to guide the users during configurations.

Startup scripts are available at /usr/local/share/dansguardian/scripts for all major Unix variants.

It is advisable and practical to not to use DG's default system configuration directory - /etc/dansguardian in order to prevent accidentally overwriting what you have labored during upgrades and tediously doing backup copies of each files. Use the --with-sysconfsubdir configuration option when compiling. By default, this is "dansguardian" that you must change to something else like "webfilter" --with-sysconfsubdir=webfilter. In this way, every time you "make install" during every upgrade, all your settings are intact. (But you must take note for any changes made in its configuration file and do a manual merge.) On the first installation, you still have to manually create your "sysconfsubdir" and copy all files from /etc/dansguardian.

Just to be sure, always copy /etc/dansguardian/lists/weightedphraselist and /etc/dansguardian/lists/phraselists/ to your "sysconfsubdir" every time you do an upgrade. Then restart DG.

Here is a typical compile option that you can try in Linux:

./configure --sysconfdir=/etc \
--localstatedir=/var \
--mandir=/usr/local/man \
--sbindir=/usr/local/sbin \
--enable-clamd=yes \
--with-sysconfsubdir=webfilter

This would use "nobody" user and group.

------

Its not possible to use urlpath_regex to stop the downloads

If you want it done in squid here is a tutorial that I found:

http://www.cyberciti.biz/faq/squid-c...r-block-files/

It made the regexp case insensitive by creating \.[Ee][Xx][Ee]$.

Although I would still recommend using DG since it would make your life a lot more easier and installing DG isn't hard actually. You are not just building a file download blocker but as well a simple UTM (Unified Threat Management) since it has a very good and easy to use content filter and online virus scanner that scans pages while your users browse. It is able to detect embedded malware on pages and the malware's attempt to infect windows PC would be prevented automatically.

Also take note that OSes and programs behind your gateway, specially windows and anti-virus needs to download files for updates and yahoo mail as well is executing certain program when a user logon and logout.

The above is easily solved by DG by listing sites and URLs in "exceptionsitelist" and "exceptionurllist". Also if you are in doubt of a file that a user requested for download, list the site in "exceptionfilesitelist" to let ClamAV interfere by scanning the file during download.

DG has both control and convenience for admins.

------