[squid-users] can't block streaming
Amos Jeffries
squid3 at treenet.co.nz
Tue Oct 31 14:45:18 UTC 2017
On 31/10/17 22:05, Vacheslav wrote:
> Peace,
>
> I tired searching and debugging but I couldn’t find a solution, whatever
> I do youtube keeps working.
>
> Here is my configuration:
...
> # Media Streams
>
> ## MediaPlayer MMS Protocol
>
> acl media rep_mime_type mms
>
> acl mediapr url_regex dvrplayer mediastream ^mms://
>
> ## (Squid does not yet handle the URI as a known proto type.)
Unsupported URI schemes should result in the client receiving an HTTP
error page instead of Squid handling the traffic.
Which also explains your problems: the Browser is either not using the
proxy at all for this traffic, or sending the traffic through a CONNECT
tunnel that is allowed to be created for other reasons.
...
> # We strongly recommend the following be uncommented to protect innocent
>
> # web applications running on the proxy server who think the only
>
> # one who can access services on "localhost" is a local user
>
> #http_access deny to_localhost
>
> # Deny all blocked extension
>
> error_directory /usr/share/squid/errors/en
>
> deny_info ERR_BLOCKED_FILES blockfiles
>
> http_access deny blockfiles
>
> #
>
> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
>
Please read the above line, and consider all the custom rules you placed
above it.
...
>
> #url_rewrite_program /usr/sbin/squidGuard
>
> #url_rewrite_children 5
>
> #debug_options ALL,1 33,2 28,9
>
> And where must I place the before last 2 lines in order for squid guard
> to work?
>
Right there where they are in your config will do.
What do you expect SquidGuard to do?
If Squid itself cannot identify any URLs with "mms://" scheme there is
no hope of SG being passed the non-existent URLs.
Amos
More information about the squid-users
mailing list