LinuxQuestions.org - Squid: rep_mime_type or req_mime

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - Squid: rep_mime_type or req_mime_type (https://www.linuxquestions.org/questions/linux-software-2/squid-rep_mime_type-or-req_mime_type-807710/)

Squid: rep_mime_type or req_mime_type

I would like to block some files accessed by the staff in my company and verified that this can be accomplished using mimetypes. So I read on the web that this could do the trick:

1 - Basically create the acl:

Code:

acl mimeblock rep_mime_type -i "\absolute_path\filename"

2 - Create a file in "\absolute_path\filename" that corresponds with all the mimetypes I´d like to block. In example:

Code:

^application/x-pn-mpg$

^application/vnd.ms-powerpoint$

^application/asx$

^application/x-mplayer2$

^application/vnd.ms-asf$

^application/x-msn-messenger$

^application/ymsgr$



^image/mpg$



^video/x-ms-wmv$

^video/mpeg$

^video/mpg$

^video/x-mpg$

^video/mpeg2$

^video/x-mpeg$

^video/x-mpeg2a$

^video/x-ms-asf$

^video/x-ms-asf-plugin$

^video/x-ms-wm$

^video/x-ms-wmx$

^video/x-pn-realvideo$

^video/quicktime$

^video/x-msvideo$

^video/mp4v-es$



^audio/basic$

^audio/x-wav$

^audio/x-mpegurl$

^audio/mpeg$

^audio/x-mpeg$

^audio/mp3$

^audio/x-mp3$

^audio/mpeg3$

^audio/x-mpeg3$

^audio/mpg$

^audio/x-mpg$

^audio/x-mpegaudio$

^audio/x-ms-wma$

^audio/asf$

^audio/vnd.rn-realaudio$

^audio/x-pn-realaudio$

^audio/x-realaudio$

^audio/x-pm-realaudio-plugin$

^audio/x-pn-realvideo$

^audio/x-aiff$

^audio/mp4$

3 - Define the order to put the subsequent line within squid.conf to "execute" the acl:

Code:

http_reply_access deny mimeblock

--------------------------------

3 questions:

1 - Can anybody tell the difference between these squid directives: rep_mime_type & req_mime_type?

2 - Why do all mimetypes start with "^"; and end with "$"?

3 - Is the configuration above making sense to you?

Thank you very much!!! :)

1. From what I can see, it should be req_mime_type as well. Makes sense, req being, request and rep_mime_type is for post, methinks. So they cannot download nor upload the specified mime-types. You only block uploads here ... is that what you want?

2. Look up regular expressions ... in regular expressions, ^ means "stating with" and $ means "ending with". A bit like GLOB *blabla and blabla*. You know GLOB, maybe not from the name, when you open a command prompt on Windows, that is what you use ... you know, the ? and * business ... ;-) Oh, and do not look-up regular expressions on Microsoft sites, they tried to implement it in powershell and failed miserably ... LOL.

3. I would not know if this configuration makes sense ... sorry. But I would not like to work at your company ;-).
But it should be

http_reply_access deny mimeblockp
And if you want to stop them from downloading:
acl mimeblock req_mime_type -i "/absolute_path/filename"
http_access deny mimeblockq

About squid, check this out:
http://www.visolve.com/squid/squid24...s_controls.php

And in Linux, you use / and not \ as a path separator ... ;-)

PS: Sorry for the many updates, it's late, I'm tired.... need a beer!