<html><body><div style="font-family: tahoma, new york, times, serif; font-size: 12pt; color: #000000"><div>I was asked to block Facebook access from 8:00am to 3:00pm for almost all users but them are using **alternative Facebook URLs** to access the social network anyway. This is consuming a lot of our low bandwidth and we can't even work. I decided to design a **regular expression (regex) to parse these URLs and block them**. I don't want to block all facebook URLs but only alternatives. An alternative Facebook URLs mostly contains the words **prod** or **iphone**. The next ones are alternative Facebook URLs registered by our proxy server:<br><br> m.iphone.touch.prod.facebook.com<br> m.iphone.haid.prod.facebook.com:443<br> m.ct.prod.facebook.com<br> m.vi-vn.prod.facebook.com<br><br>The designed regex: `/((?=.*\biphone\b)|(?=.*\bprod\b)).*\.facebook\.com(\:|\d|)/`<br><br>I tested this regex on https://regex101.com/ and https://www.regextester.com. The regex is **matching** for:<br><br> m.iphone.touch.prod.facebook.com<br> m.iphone.haid.prod.facebook.com:443<br> m.ct.prod.facebook.com<br> m.vi-vn.prod.facebook.com<br><br>And is **not matching** for:<br><br> www.facebook.com<br> m.facebook.com<br> mqtt.facebook.com (for purple-facebook)<br> graph.facebook.com<br> connect.facebook.com<br> 3-edge-chat.facebook.com<br><br>So far this is what I wanted, alternative URLs blocked and regular Facebook URLs allowed. **My regex looks good to be used in squid**.<br><br>Next step is to modify the file /etc/squid3/squid.conf by adding a new acl pointing the file that contains the regex:<br><br> <strong> acl facebook dstdom_regex "/etc/squid3/acl/facebook" //The file contains the regex</strong><br><strong> http_access deny pass facebook</strong><br><br>When I run **squid3 -k parse** for check the configuration file I am getting the errors:<br><br> <strong>2017/09/22 11:12:26| Processing: acl facebook dstdom_regex "/etc/squid3/acl/facebook"</strong><br><strong> 2017/09/22 11:12:26| squid.conf line 78: acl facebook dstdom_regex "/etc/squid3/acl/facebook"</strong><br><strong> 2017/09/22 11:12:26| aclParseRegexList: Invalid regular expression '((?=.*\biphone\b)|(?=.*\bprod\b)).*\.facebook\.com(\:|\d|)': Invalid preceding regular expression</strong><br><strong> 2017/09/22 12:39:33| Warning: empty ACL: acl facebook dstdom_regex "/etc/squid3/acl/facebook"</strong><br><br>Obviously, the squid3 parser is tagging my acl as **wrong**, but I already tested online and it was good to use. Also it says the acl is empty. What does this mean? The acl was declared with the name **facebook**. I am very confused at this.<br></div><div><br></div><div>-- <br></div><div><span name="x"></span>Ing. Pedro Pablo Delgado Martell<span name="x"></span><br></div></div></body>
<br>
Participe en el Congreso Internacional de las Ciencias Agropecuarias (AGROCIENCIAS 2017) http://www.agrocienciascuba.com/</br>
<br></html>