[squid-users] i want to block images with size more than 40 KB

snakeeyes ahmed.zaeem at netstream.ps
Sat Mar 21 05:04:44 UTC 2015


Hi Amos , thanks  it seems okay for normal http sites

I want to ask , is there a trick can we do it so that it be applied to google & yahoo images search ??

Here is wt I see in yahoo logs , just small logs and all images are allowed and not blocked
=====

1426881748.078  70740 x.70 TCP_MISS/200 11790 CONNECT js.dmtry.com:443 - DIRECT/184.170.128.58 -
1426881749.077    103 xx.70 TCP_MISS/200 2228 POST http://sd.symcd.com/ - DIRECT/23.9.123.27 application/ocsp-response
1426881749.752     29 xx.70 TCP_MISS/200 2228 POST http://sd.symcd.com/ - DIRECT/23.9.123.27 application/ocsp-response
1426881750.098     21 xx.70 TCP_MISS/200 393 GET http://ping.chartbeat.net/ping? - DIRECT/23.21.149.132 image/gif
1426881750.731  62443 xx.70 TCP_MISS/200 122185 CONNECT www.gstatic.com:443 - DIRECT/206.126.112.185 -
1426881751.476   xx.70 TCP_MISS/200 4191 CONNECT secure.footprint.net:443 - DIRECT/8.12.219.125 -
1426881752.215    505 xxx.70 TCP_MISS/200 459 CONNECT secure.footprint.net:443 - DIRECT/8.12.219.125 -
1426881753.005   1091 xx.70 TCP_MISS/200 5303 CONNECT av.beap.bc.yahoo.com:443 - DIRECT/76.13.28.21 -
1426881762.280  12994 188.161.107.70 TCP_MISS/200 5502 CONNECT d.adgear.com:443 - DIRECT/205.204.71.140 -
1426881764.215  16497 xx70 TCP_MISS/200 9832 CONNECT ads.yahoo.com:443 - DIRECT/98.139.225.43 -
1426881764.216  16453 x.70 TCP_MISS/200 6534 CONNECT ads.yahoo.com:443 - DIRECT/98.139.225.43 -
1426881765.044  18777 x.70 TCP_MISS/200 11132 CONNECT ads.yahoo.com:443 - DIRECT/98.139.225.43 -
1426881765.681  15193 xx.107.70 TCP_MISS/200 6225 CONNECT comet.yahoo.com:443 - DIRECT/72.30.196.161 -
1426881765.691  14149 xx.107.70 TCP_MISS/200 832 CONNECT comet.yahoo.com:443 - DIRECT/72.30.196.161 -
1426881766.046 116219 xx.70 TCP_MISS/200 529 CONNECT d31qbv1cthcecs.cloudfront.net:443 - DIRECT/54.230.16.189 -
1426881766.714    296 xx.70 TCP_MISS/200 2228 POST http://ocsp.verisign.com/ - DIRECT/23.9.123.27 application/ocsp-response
1426881770.049 117609 xx107.70 TCP_MISS/200 711 CONNECT d5nxst8fruw4z.cloudfront.net:443 - DIRECT/54.240.160.97 -
1426881780.403  67786 xx.70 TCP_MISS/200 852 CONNECT www.yahoo.com:443 - DIRECT/98.139.180.149 -
1426881781.519    353 xx.70 TCP_MISS/200 571 GET http://data.cnn.com/jsonp/breaking_news/domestic.json? - DIRECT/157.166.249.67 application/javascript
1426881782.057 118788 xx.70 TCP_MISS/200 19972 CONNECT cdn2sitescout-a.akamaihd.net:443 - DIRECT/23.15.4.18 -
1426881790.558  71055 xx TCP_MISS/200 26805 CONNECT s.yimg.com:443 - DIRECT/206.190.56.191 -
1426881814.445 100461 xx TCP_MISS/200 124129 CONNECT ca.yahoo.com:443 - DIRECT/98.139.180.149 -
1426881818.437  70709 xx70 TCP_MISS/200 8503 CONNECT beap-bc.yahoo.com:443 - DIRECT/206.190.57.60 -


regards

-----Original Message-----
From: Amos Jeffries [mailto:squid3 at treenet.co.nz] 
Sent: Friday, March 20, 2015 9:56 AM
To: snakeeyes
Cc: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] i want to block images with size more than 40 KB

On 21/03/2015 12:05 p.m., snakeeyes wrote:
> Hi amos , thanks for reply
> I have tried @ top of squidf.conf
> 
> acl images rep_header Content-Type ^image/ ^x-image/ acl small 
> rep_header Content-Length ^[1234]?[0-9]$ http_reply_access deny small 
> images
> 
> are you sure that its blocking images with size >40KB ????

Sorry I slightly mis-read your request. What I gave is blocking images
*smaller* than 40 bytes (see what I mean about cut-n-paste without understanding?).

To block images *over* 40 bytes change that to:
 http_reply_access deny !small images


> also I didn’t see extensions like jpg or bmp or similar like that ??!!

Because HTTP does not transfer files. It transfers data. Sometimes data can *also* be found inside "files", sometimes not.

HTTP Content-Type header describes what format the data is. In this case you requested images in general, so thats the pattern I gave.

Amos



More information about the squid-users mailing list