Hi Sico! Hi list! >[stuff deleted for brevity] > >>> I am in a similar situation (squid at home) and I simply have a >>> blacklist with lines like these: >>> >>> doubleclick >>> facebook >>> scorecardresearch >>> >>> Works like a charm for me, and no need to look up IP address blocks >>> or anything like that. And since I am the only user here there's no >>> collateral damage. ;-) >> >> Well: I am personally liable for what leaves my network so this kind of >> 'collateral damage' is what I intentionally try to achieve :-) (see the >> reply to myself a few minutes ago) > > Uhm, squid only filters incoming traffice...
Doesn't this actually answer my original question: If only incoming traffic is filtered by squid stealth outflows towards FB is not catched by the proxy. Obviously then only PF serves my needs for a reason. >> May I ask a follow-up question: Did you set up the blacklist within >> squid.conf or did you reference to a separate file? > > A bit of both really, I use a seperate file and reference it in squid.conf: > > sico@siem2:~>grep blacklist /etc/squid/squid.conf > acl blacklist url_regex "/etc/squid/blacklist.acl" > http_access deny blacklist > sico@siem2:~> Thanks for this. This brings an idea to me: I will try this with the full list of 'nasty addresses' from http://winhelp2002.mvps.org/hosts.htm. Shouldn't this then have the same effect on all clients served by the squid-server as if I'd go around and update the individual hosts-files? > The "url_regex" allows me to specify facebook instead of facebook.com etc. That is good to know! > CU, Sico. Thanks again and have a nice week, STEFAN
