[squid-users] URL/P2P blocking
Yuri Voinov
yvoinov at gmail.com
Wed May 4 21:42:48 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Just for information:
http://pastebin.com/dBYV9Zzb
Here is completely actual Cisco NBAR filtering capabilities from one of
my front 2901 with IOS 15.5 + actual NBAR2 protocol pack.
Just take a look. You can see there P2P, Torrents, FB, YT, etc.etc.etc.
Not as Squid's antagonist - but just as attitional tools to filter.
Note: Cisco also has time-based ACL's.
05.05.16 3:28, Yuri Voinov пишет:
>
> Finally,
>
> read this thread too:
>
> http://www.spinics.net/lists/squid/msg81113.html
>
> Some questions already answered here.
>
> 05.05.16 3:26, Yuri Voinov пишет:
>
>
> > As a part of solution I recommend (by my own experience)
> consider to use this:
>
>
>
> > https://www.urlfilterdb.com/products/ufdbguard.html
>
>
>
> > But I repeat: this is NOT magic button "Disable all". This is
> relatively effective tool to block categories.
>
>
>
> > This is only URL/HTTP based tool, which required some more
> forces to use it with HTTPS.
>
> > And this can't be other means to replace when it comes to
> other protocols.
>
>
>
> > Squid is only HTTP/HTTPS proxy. Not at all existing
> protocols.
>
>
>
> > 05.05.16 3:18, Yuri Voinov пишет:
>
>
>
>
>
> > > Generally, for effective blocking of everything
> better design
>
> > would first consider - as everyone and everything is
> engeneered,
>
>
>
> > > and then look for the magic button "to disable all
> to hell."
>
>
>
>
>
>
>
> > > Then it becomes clear what is possible and what
> means - and
>
> > what is not.
>
>
>
>
>
>
>
> > > Especially P2P - this is at all not about Squid.
>
>
>
>
>
>
>
> > > 05.05.16 3:11, Yuri Voinov пишет:
>
>
>
>
>
>
>
>
>
>
>
> > > > Facebook uses Akamai as background CDN,
> so you
>
> > need to block
>
>
>
> > > Akamai (related URL's, which can be
> difficult, so
>
> > consider to use
>
>
>
> > > Cisco NBAR DPI functionality). too in case
> to
>
> > completely block FB.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > YT still uses QUIC/SPDY, so read this
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> http://wiki.squid-cache.org/KnowledgeBase/Block%20QUIC%20protocol
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > About P2P/Torrents said enough here
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > >
>
>
> http://wiki.squid-cache.org/ConfigExamples/TorrentFiltering
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > Note: Using Cisco NBAR required valid
> service
>
> > contract.
>
>
>
> > > Protocol packs is not lying at all angles,
> and are
>
> > updated
>
>
>
> > > monthly.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > 05.05.16 3:04, Maile Halatuituia пишет:
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > > Someone with ideas on how
> to block
>
>
>
> > > Facebook,Youtube, P2P
>
>
>
>
>
>
>
> > > > Traffic though my squid box.
> Facebook seems
>
> > to be
>
>
>
> > > working but
>
>
>
>
>
>
>
> > > > likely some users bypass to
> youtube.com and
>
> > the rest
>
>
>
> > > are blocked.
>
>
>
>
>
>
>
> > > > Also am looking to block P2P
> traffic , BITS
>
> > proticols,
>
>
>
> > > etc etc
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > > Cheers
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > > Confidentiality Notice: This
> email
>
> > (including any
>
>
>
> > > attachment)
>
>
>
>
>
>
>
> > > > is intended for internal use
> only. Any
>
> > unauthorized
>
>
>
> > > use,
>
>
>
>
>
>
>
> > > > dissemination or copying of the
> content is
>
> > prohibited.
>
>
>
> > > If you are
>
>
>
>
>
>
>
> > > > not the intended recipient and
> have received
>
> > this
>
>
>
> > > e-mail in error,
>
>
>
>
>
>
>
> > > > please notify the sender by email
> and delete
>
> > this email
>
>
>
> > > and any
>
>
>
>
>
>
>
> > > > attachment.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > >
>
> > _______________________________________________
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > > squid-users mailing list
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > >
> squid-users at lists.squid-cache.org
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > > >
>
> > http://lists.squid-cache.org/listinfo/squid-users
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXKmzYAAoJENNXIZxhPexGPB4H/1YUfoeFVgVChaD1qj/8EEhE
apmfM15P+5Aia3qJQLWCMTTgnA206sj8KglnxBWPS/LsC+kMEFW/d62W2BAH9POv
xDfsZ/qn4N2YbiKbqa+2ul3lY2OGCEb3nZY/ZiRy9JBfK+vrh3ZArcapEuWwMrKw
mDqC/EAtbaWvJz+m/zy1mPCfOHEe59N1CV/PZuqOp20a4KsISLxvWXEyTZ2vXt9a
P2DDhl1+VeTE48NSv8p8WB6Aam7tdp3wxpN8mMubMhOYs6Bf+KOHEZmKm25ZrpgE
4WVXbO3OBb3Zs73tF1LKmu3p/Hm46AUn733NDPFI9+CUp3QxN0QYdh1C23H8GYA=
=aCxH
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160505/604da674/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160505/604da674/attachment-0001.key>
More information about the squid-users
mailing list