Hi all,
i'm looking for a way to block certain file downloads within squid. I
currently
apply a list of filename extensions with url_pathregex to an acl. Obviously
this
doesn't catch cases where a file is given a "incorrect" filename extension.
Also
with webservers using asp- or php-ish webpages the filename extension is
almost
always not in the url_path. Thus the question, if there is a short term
solution
to circumvent the latter problem? As for the
filename-extension-does-not-match-
the-real-file-type-problem i thought about a external-helper performing
checks
based upon the UNIX "file" command resp. magic bytes. This could be
problematic,
since the file has to be retrieved first in order to check its filetype.
I've
seen this feature in some virusgateway software, but with limited
functionallity
(no acl system like in squid, only a very limited set of filetypes, etc.).
Admittedly i have no clue of the inner workings of squid to judge if this
would
be a practical way to go. So can anyone comment this in terms of
has-already-
been-done, "should be no problem, but ...", "forget about it, pal!" and also
performance matters?
Regards,
Frank
--
+++ NEU bei GMX und erstmalig in Deutschland: T�V-gepr�fter Virenschutz +++
100% Virenerkennung nach Wildlist. Infos: http://www.gmx.net/virenschutz
