[squid-users] ACL dst with no netmask
I need to block an IP address. So far I've read that I can't enter it into my dstdomain acl because it's not a FQDN. Fine, but the dst ACL type expects an IP address AND subnet mask, which isn't used for web addresses. Anyone who can clarify this for me would be a hero, now that we seem to be getting more of those false URLs in carefully constructed emails lately. Eric
RE: [squid-users] False Web addresses, and how to handle them
With it you could write some rules to deny any HTTP request that contains any login credentials: Where do I go to understand how to create such rules? I'm not very knowledgeable about structure of rules; I've only created ACLs that block websites (launch.yahoo.com; gator.com; these are very simple and straightforward). A resource for designing them would be wonderful. TIA!
[squid-users] False Web addresses, and how to handle them
I read an article in EWeek that explained how to create a misleading web link or link in email by typing the acceptable http address, followed by %01%00@ and the actual destination address. I showed it to my boss, who didn't like what she saw. Is it possible to create an ACL in Squid that specifically stomps out misdirected URLs? I don't know if Squid must accept literal characters when sniffing out URLs for ACLs, since the %01 and %00 are hex representations. Anyone have an idea about this? If so, it'd be a boon to add another ACL that stops this simple exploit at the proxy. According to the W3 consortium, the @ symbol is a reserved character, so it's probably not wise to block for it exclusively. Thanks! Eric