LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 12-10-2017, 07:02 PM   #1
hhhrrrzzzzzzzzz
LQ Newbie
 
Registered: Jan 2016
Posts: 6

Rep: Reputation: Disabled
Squid on Win ->bade Website https block?


pls dont arue around why it run on win (at the moment).
Here is just a snip of the config:
Code:
acl badsites url_regex -i exosrv.com
acl badsites url_regex -i syndication.exosrv.com
acl totalfail dstdomain tracking.
http_access deny totalfail
https_access deny totalfail
http_reply_access deny badsites lan123
acl banned_machines_dom dstdomain "C:/squid/etc/domains.deny"
http_access deny banned_machines_dom
http_reply_access deny banned_machines_dom
acl banned_machines dstdomain "C:/squid/etc/ip.deny"
http_access deny banned_machines
http_reply_access deny banned_machines
for example syndication.exosrv.com get still load.
So what do I wrong?
Thx
 
Old 12-11-2017, 08:02 AM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,403

Rep: Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526
Quote:
Originally Posted by hhhrrrzzzzzzzzz View Post
pls dont arue around why it run on win (at the moment).

Here is just a snip of the config:
Code:
acl badsites url_regex -i exosrv.com
acl badsites url_regex -i syndication.exosrv.com
acl totalfail dstdomain tracking.
http_access deny totalfail
https_access deny totalfail
http_reply_access deny badsites lan123
acl banned_machines_dom dstdomain "C:/squid/etc/domains.deny"
http_access deny banned_machines_dom
http_reply_access deny banned_machines_dom
acl banned_machines dstdomain "C:/squid/etc/ip.deny"
http_access deny banned_machines
http_reply_access deny banned_machines
for example syndication.exosrv.com get still load.
So what do I wrong?
Thx
Read the "LQ Rules" about text-speak, and about not using it first, please. Secondly, you also need to read the "Question Guidelines" link in my posting signature. You've posted a very few lines of your configuration file, provided ZERO other details (even a version of Squid), what else you've done/tried/installed, anything from your logs, or even what its doing (or NOT doing) wrong. We cannot guess; provide details and we can try to help. The Squid documentation has extensive examples on how to configure ACL's for allow/deny scenarios...starting there would be good.

And since you are running Windows, you probably aren't going to get too many answers that are not squid-only suggestions. Don't know how many folks on a Linux site will know how to interpret Windows event logs.
 
Old 12-11-2017, 09:36 AM   #3
hhhrrrzzzzzzzzz
LQ Newbie
 
Registered: Jan 2016
Posts: 6

Original Poster
Rep: Reputation: Disabled
Sry i am in Rush. This week i be on vacation. Sry if I spell something wrong.I think it's V 2.7 or so. I know there is a 3. whatever Version to.
The Logfile say the domain don't get blocked. When I try with http it get blocked. With https not.
The log don't give any Info why or why not it Rush through.
Everything else work just the defier by an https aka tls connection and an non encrypt http connection.
 
Old 12-11-2017, 09:47 AM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,403

Rep: Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526
Quote:
Originally Posted by hhhrrrzzzzzzzzz View Post
Sry i am in Rush. This week i be on vacation. Sry if I spell something wrong.
Does not matter one bit if you are in a rush...DO NOT USE TEXT SPEAK. It is "sorry", not "sry".
Quote:
I think it's V 2.7 or so. I know there is a 3. whatever Version to.
..and until we know, there's not much we can offer past "read the documentation", since things change from one major version to another
Quote:
The Logfile say the domain don't get blocked. When I try with http it get blocked. With https not. The log don't give any Info why or why not it Rush through. Everything else work just the defier by an https aka tls connection and an non encrypt http connection.
Right...because HTTPS is **NOT** HTTP. Squid is an HTTP proxy, and HTTPS is different. Again, you need to read the "Question Guidelines" link in my posting signature; doing a search first is a good thing, as this has been asked/answered on this site and others MANY times:
https://www.linuxquestions.org/quest...-squid-750621/
http://squid-web-proxy-cache.1019090...td1033687.html

Again, you provide no details, but if you're running in transparent mode, that will make a difference here. HTTPS traffic needs to be addressed with iptables.
 
Old 12-11-2017, 09:49 AM   #5
hhhrrrzzzzzzzzz
LQ Newbie
 
Registered: Jan 2016
Posts: 6

Original Poster
Rep: Reputation: Disabled
I Replay when I am back in the Hotel.
 
Old 12-11-2017, 02:59 PM   #6
hhhrrrzzzzzzzzz
LQ Newbie
 
Registered: Jan 2016
Posts: 6

Original Poster
Rep: Reputation: Disabled
log:
Quote:
TCP_MISS/200 7140 CONNECT main.exoclick.com:443 - DIRECT/95.211.229.246 -
Version:
Quote:
WELCOME TO SQUID 2.7.STABLE8
i will read the link later in bed.
 
Old 12-18-2017, 05:30 AM   #7
hhhrrrzzzzzzzzz
LQ Newbie
 
Registered: Jan 2016
Posts: 6

Original Poster
Rep: Reputation: Disabled
So i read multiple treads and found no information how to block it.
What is different between url_regex and dstdomain?
 
Old 12-18-2017, 06:15 AM   #8
hhhrrrzzzzzzzzz
LQ Newbie
 
Registered: Jan 2016
Posts: 6

Original Poster
Rep: Reputation: Disabled
So I tried differen thinks and nothing worked.
I have absolutely no plan why it dont work.
It sucks a lot!
 
Old 12-18-2017, 07:34 AM   #9
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,403

Rep: Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526
Quote:
Originally Posted by hhhrrrzzzzzzzzz View Post
So i read multiple treads and found no information how to block it. What is different between url_regex and dstdomain?
...and...
Quote:
Originally Posted by hhhrrrzzzzzzzzz
So I tried differen thinks and nothing worked. I have absolutely no plan why it dont work. It sucks a lot!
Again, you are NOT PROVIDING INFORMATION. Just saying "I tried different things and nothing worked" tells us absolutely ZERO. You have only told us up to now that you're using an old version of Squid, and still haven't said what version/distro of Linux you're using. You're not showing us your ACL's/attempts, nor are you show us what the logs are saying.

If you actually *DID* read the squid documentation, you would see very clear explanations between the two things you mention, as well as examples. We are not going to look these things up for you and re-type them here.
 
Old 12-18-2017, 07:45 AM   #10
hhhrrrzzzzzzzzz
LQ Newbie
 
Registered: Jan 2016
Posts: 6

Original Poster
Rep: Reputation: Disabled
Quote:
tells us absolutely ZERO
what did you want to know?
Quote:
You have only told us up to now that you're using an old version of Squid
in the previos post i saw its is SQUID 2.7.STABLE8.
Quote:
and still haven't said what version/distro of Linux you're using.
None I told before it run on my Win Server and Squid on Win work quite identical to the Linux Versions.
Quote:
You're not showing us your ACL's/attempts
I also did before.
But again:
Quote:
deny_info http://......at lan123 #Deny with redirect to google.com for lan
deny_info http://.....at banned_machines_dom
deny_info http://.....at banned_machines
deny_info http://......at badsites
deny_info http://......at badsites2
acl lan123 src 192.168.*.0/24 #client acl for the lan
acl lan123 src 192.168.*.0/24 #client acl for the lan
acl lan123 src 192.168.*.0/24 #client acl for the *
###
acl badsites2 url_regex -i ad1.adfarm1.adition.com
acl badsites2 url_regex -i vt.adition.com
acl badsites2 url_regex -i googleads4.g.doubleclick.net
acl badsites2 url_regex -i ad.doubleclick.net
acl badsites2 url_regex -i s306.meetrics.net
####
acl badsites url_regex -i adserver.idg.de
acl badsites url_regex -i adserver.powerlinks.com
acl badsites url_regex -i akamaihd.net/ads
acl badsites url_regex -i pagead2.googlesyndication.com
acl badsites url_regex -i ^http://video.n-tv.de/.*/opener.*.mp4
acl badsites url_regex -i ^syndication.exosrv.com
acl badsites url_regex -i ^main.exosrv.com
acl badsites url_regex -i .*/adcontrol/adcontrol.min.js
acl badsites url_regex -i tracker
acl badsites url_regex -i ^http://.*/interne_messung/.*
acl badsites url_regex -i ^http://.*AdServer.*
acl badsites url_regex -i mobileads.msn.com
acl badsites url_regex -i ad-js.chip.de
acl badsites url_regex -i adx.chip.de
acl badsites url_regex -i ^.firethepixel.click.
acl badsites url_regex -i ^http://tracker..*.de
acl badsites url_regex -i trackmedia101.com
acl badsites url_regex -i linktrack.*
acl badsites url_regex -i slashdotmedia.com
acl badsites url_regex -i offerzone.click
acl badsites url_regex -i mobileofferplace.site
acl badsites url_regex -i analytics.edgesuite.net
acl badsites url_regex -i pixel.jpg #funktioniert
acl badsites url_regex -i triptease.net
acl badsites url_regex -i telemetry
acl badsites url_regex -i global.ssl.fastly.net/ad2
acl badsites url_regex -i fastly.net/ads
acl badsites url_regex -i track.gif
acl badsites url_regex -i blank.gif
acl badsites url_regex -i tracking
acl badsites url_regex -i ^http://.*sensic.net*
acl badsites url_regex -i adbroker
acl badsites url_regex -i trck.gif
acl badsites url_regex -i amazonaws.com/homad
acl badsites url_regex -i partners.webmasterplan.com
acl badsites url_regex -i clkde.tradedoubler.com/click?p=
acl badsites url_regex -i piwikext
acl badsites url_regex -i adfarm
acl badsites url_regex -i nuggad.net
acl badsites url_regex -i theadex.com
acl badsites url_regex -i doubleclick.net
acl badsites url_regex -i schneevonmorgen.com
acl badsites url_regex -i akamai.net
acl badsites url_regex -i exoclick.com
acl badsites url_regex -i exosrv.com
acl badsites url_regex -i syndication.exosrv.com
acl badsites url_regex -i static.exosrv.com
acl badsites url_regex -i ads.exosrv.com
acl badsites url_regex -i contentabc.com
acl badsites url_regex -i juicyads.com
acl badsites url_regex -i adsrvr.org/track
acl badsites url_regex -i "C:/squid/etc/domains.deny"
acl totalfail dstdomain prodcache.internal.ihg.com
acl totalfail dstdomain googleads.g.doubleclick.net
acl totalfail dstdomain oewabox.at
acl totalfail dstdomain oewabox.de
acl totalfail dstdomain otaserve.net
acl totalfail dstdomain exosrv.com
acl totalfail dstdomain nexus.ensighten.com
acl totalfail dstdomain ad.yieldlab.net
acl totalfail dstdomain doubleclick.net
acl totalfail dstdomain ads.yahoo.com
acl totalfail dstdomain tag.yieldoptimizer.com
acl totalfail dstdomain secure.analytics.ihg.com
acl totalfail dstdomain demdex.net
acl totalfail dstdomain addthis.com
acl totalfail dstdomain scorecardresearch.com
acl totalfail dstdomain adform.net
acl totalfail dstdomain adsrvr.org
acl totalfail dstdomain adtech.de
acl totalfail dstdomain rackcdn.com
acl totalfail dstdomain visualwebsiteoptimizer.com
acl totalfail dstdomain google-analytics.com
acl totalfail dstdomain googleadservices.com
acl totalfail dstdomain ioam.de
acl totalfail dstdomain visualrevenue.com
acl totalfail dstdomain smartadserver.com
acl totalfail dstdomain adtech.de
acl totalfail dstdomain example.com
acl totalfail dstdomain crashlytics.com
acl totalfail dstdomain adjust.com
acl totalfail dstdomain lp4.io
acl totalfail dstdomain ad.smartclip.net
acl totalfail dstdomain ad.sxp.smartclip.net
acl totalfail dstdomain plista.com
acl totalfail dstdomain awin1.com
acl totalfail dstdomain adclear.teufelaudio.at
acl totalfail dstdomain visualrevenue.com
acl totalfail dstdomain chartbeat.com
acl totalfail dstdomain oewabox.at
acl totalfail dstdomain msads.net
acl totalfail dstdomain rad.msn.com
acl totalfail dstdomain advertising.com
acl totalfail dstdomain hitwebcounter.com
acl totalfail dstdomain fiksu.com
acl totalfail dstdomain mbdn.de
acl totalfail dstdomain himediads.com
acl totalfail dstdomain msftncsi.com
acl totalfail dstdomain emjcd.com
acl totalfail dstdomain dotomi.com
acl totalfail dstdomain jdoqocy.com
acl totalfail dstdomain csi.gstatic.com
acl totalfail dstdomain anrdoezrs.net
acl totalfail dstdomain lmgtfy.com
acl totalfail dstdomain l2.io
acl totalfail dstdomain amazon-adsystem.com
acl totalfail dstdomain googleadservices.com
acl totalfail dstdomain glomex.com
acl totalfail dstdomain adservice
acl totalfail dstdomain analytic
acl totalfail dstdomain analytics
acl totalfail dstdomain analyze
acl totalfail dstdomain tracking
acl totalfail dstdomain pixel
http_access deny totalfail
http_reply_access deny badsites lan123
http_reply_access deny badsites2 lan123
acl banned_machines_dom dstdomain "C:/squid/etc/domains.deny"
http_access deny banned_machines_dom
http_reply_access deny banned_machines_dom
acl banned_machines dstdomain "C:/squid/etc/ip.deny"
http_access deny banned_machines
http_reply_access deny banned_machines
Quote:
nor are you show us what the logs are saying.
i also did before!
Quote:
*.605 328 192.168.*.0 TCP_MISS/200 14989 CONNECT ad.doubleclick.net:443 - DIRECT/172.217.21.230 -
*.605 390 192.168.*.0 TCP_MISS/200 29949 CONNECT cdn-pilotmedia.adverserve.net:443 - DIRECT/23.111.11.140 -
*.652 328 192.168.*.0 TCP_MISS/200 18519 CONNECT ad.doubleclick.net:443 - DIRECT/172.217.21.230 -
*.949 297 192.168.*.0 TCP_MISS/200 6641 CONNECT s79.research.de.com:443 - DIRECT/148.251.87.168 -
*.105 0 192.168.*.0 TCP_DENIED/302 375 CONNECT pagead2.googlesyndication.com:443 - NONE/- text/html
*.246 844 192.168.*.0 TCP_MISS/200 4803 CONNECT t.mindtake.com:443 - DIRECT/52.210.80.6 -
*.668 1063 192.168.*.0 TCP_MISS/200 9168 CONNECT s79.research.de.com:443 - DIRECT/148.251.84.39 -
*.683 1359 192.168.*.0 TCP_MISS/200 11516 CONNECT s306.meetrics.net:443 - DIRECT/5.9.119.17 -
*.683 1078 192.168.*0 TCP_MISS/200 9817 CONNECT s79.research.de.com:443 - DIRECT/148.251.49.168 -
*.699 547 192.168.*.0 TCP_MISS/200 4765 CONNECT googleads4.g.doubleclick.net:443 - DIRECT/172.217.22.98 -
*.277 984 192.168.*.0 TCP_MISS/200 7740 CONNECT dc55.s79.research.de.com:443 - DIRECT/136.243.32.75 -
*.668 1985 192.168.*.0 TCP_MISS/200 9132 CONNECT dc544.s79.research.de.com:443 - DIRECT/188.40.110.203 -
*.746 2047 192.168.*.0 TCP_MISS/200 5262 CONNECT server.adform.net:443 - DIRECT/37.157.4.24 -
*.746 0 192.168.*.0 TCP_DENIED/302 375 CONNECT pagead2.googlesyndication.com:443 - NONE/- text/html
*.793 2094 192.168.*.0 TCP_MISS/200 7790 CONNECT dc544.s79.research.de.com:443 - DIRECT/188.40.110.203 -
*.793 1500 192.168.*.0 TCP_MISS/200 1384 CONNECT s306.meetrics.net:443 - DIRECT/5.9.119.17 -
*.793 2094 192.168.*.0 TCP_MISS/200 11920 CONNECT dc544.s79.research.de.com:443 - DIRECT/188.40.110.203 -
*.887 3250 192.168.*.0 TCP_MISS/200 11772 CONNECT s0.2mdn.net:443 - DIRECT/172.217.22.102 -
*.887 0 192.168.*.0 TCP_DENIED/302 375 CONNECT pagead2.googlesyndication.com:443 - NONE/- text/html
*.887 0 192.168.*.0 TCP_DENIED/302 375 CONNECT pagead2.googlesyndication.com:443 - NONE/- text/html
*.902 0 192.168.*.0 TCP_DENIED/302 375 CONNECT pagead2.googlesyndication.com:443 - NONE/- text/html
*.105 422 192.168.*.0 TCP_MISS/200 6326 CONNECT fls.doubleclick.net:443 - DIRECT/172.217.21.230 -
Quote:
If you actually *DID* read the squid documentation, you would see very clear explanations between the two things you mention, as well as examples.
i read but i dont understand what the mean. its very weired!
 
Old 12-18-2017, 08:39 AM   #11
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,403

Rep: Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526
Quote:
Originally Posted by hhhrrrzzzzzzzzz View Post
what did you want to know?
If you didn't see the other questions asked before, there's no point in asking again.
Quote:
in the previos post i saw its is SQUID 2.7.STABLE8.
Right...so as said, it is OLD
Quote:
None I told before it run on my Win Server and Squid on Win work quite identical to the Linux Versions.
Ok.
Quote:
I also did before. But again:
No, you did NOT show your config before, just a few lines that REFERENCED the ACL's...you didn't actually show us what they were, did you?
Quote:
i also did before!
No, you did NOT show your logs before.
Quote:
i read but i dont understand what the mean. its very weired!
Post #4 had links that had examples. If you don't understand them, there's little we can do to help...we cannot understand it for you.
 
Old 12-18-2017, 09:06 AM   #12
hhhrrrzzzzzzzzz
LQ Newbie
 
Registered: Jan 2016
Posts: 6

Original Poster
Rep: Reputation: Disabled
sryI am still in rush...
Does I have forgotten to tell anything now?
 
Old 12-18-2017, 09:11 AM   #13
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,403

Rep: Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526Reputation: 4526
Quote:
Originally Posted by hhhrrrzzzzzzzzz View Post
sryI am still in rush... Does I have forgotten to tell anything now?
You are not paying attention. ONCE AGAIN:
  • DO NOT use text speak
  • We do not care if you are 'in rush'...we volunteer our time so do not expect everyone else to hurry to help you, because YOU are in a hurry.
  • You are still not reading/answering the questions you were asked
  • You were handed examples and documentation; either read it and follow it, or hire someone to do this job for you since you're 'in rush'. Again, we cannot understand the documentation for you.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] unable to block https in squid Net_Spy Linux - Networking 46 02-15-2017 08:45 AM
Squid to block https sites srinivasanece Linux - Security 7 07-17-2012 09:09 PM
squid server how to block https:www.website.com aliabbass Linux - Server 4 10-01-2011 02:45 PM
How to block https sites through ACL in squid avi_tokade Linux - Newbie 5 04-12-2011 06:53 PM
How can I block HTTPS packets with iptables/Squid? sanjee Linux - Security 5 10-29-2008 05:52 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 12:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration