Re: [squid-users] Streaming control

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 25 Jul 2008 15:25:13 +1200 (NZST)

> Tarak Ranjan wrote:
>>> -----Original Message-----
>>> From: Tarak Ranjan [mailto:contacttrm_at_yahoo.co.in]
>>> Sent: Friday, July 18, 2008 9:33 AM
>>> To: Squid
>>> Subject: [squid-users] Streaming control
>>>
>>> Hi List,
>>> i have blocked all audio/ video streaming in my
>>> squid server but i want
>>> to enable certain site like myvideo.com to receive
>>> streaming from , what
>>> sort ACL i have to write. only from myvideo.com rest
>>> of all streaming
>>> will be deny. is it possible to do , if so then can
>>> anyone help me to do
>>> that...
>>>
>>> /\
>>> Tarak
>>>
>>
>> Hi ,
>> below is the code
>> acl media_files rep_mime_type -i ^audio/ ^video/
>> http_access deny media_files
>>
>
> Does this actually work? An http_access (request) deny associated with
> a reply mime type acl? Interesting. Well, assuming it does work...

No. It does not.

Some requests do have mime. For POST/PUT requests sending files etc.
Also, GET requests etc have an implicit mime type, though its better to
just block those by request method.

>
> acl myvideo dstdomain .myvideo.com
> acl media_files rep_mime_type -i ^audio/ ^video/
> http_access deny media_files !myvideo
>
> ...would only deny media files if they are not requested from a site in
> the .myvideo.com domain.

The problem is http_access + rep_mime_type. vs http_access + req_mime_type.

Note: reQ vs reP. One for each direction of request/reply.
 - http_access uses reQ
 - http_reply_access uses reP

What is needed is two ports of blockage:

  http_access + dstdomain/urlpath_regex
  http_reply_access + rep_mime_type

Amos
Received on Fri Jul 25 2008 - 03:25:16 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 25 2008 - 12:00:02 MDT