Wednesday, August 8, 2007

Block Internet Explorer in Squid

Blocking Internet Explorer with the Squid Web proxy


/etc/squid/squid.conf :

#We want to block IE, but some sites are only working under IE
# so we put up a list of URLs for Internet Explorer in the following file

acl allowed_url_IE            url_regex -i            "/etc/squid/allowed_url"

### The ACL for the IE user-agent
acl internet_explorer browser MSIE

### The world
acl all         src 0.0.0.0/0.0.0.0

### Internal Network
acl lan        src 192.168.1.0/24

### allowed machines in the network to use IE

acl ie_allowed_machine       src 192.168.1.100/32

### First, we are allowing the IE-machine here
http_access allow ie_allowed_machine internet_explorer

### here, we are denying Internet Explorer,
### except for the "safe URL" list that is still allowed.
http_access deny internet_explorer !allowed_url_IE

### Now, after the restrictions, we are allowing our network.
http_access allow lan

### And finally blocking the rest of the world.
http_access deny all

The Allowed url ACL file (/etc/squid/safe_url) looks like this :

http://.*\.capstocks.biz/.*
http://.*\.tvsesupport.com/.*
http://.*\.ceattingal.ac.in/.*

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)