SquidTL

Problema ACL

Asked by Paolo PAVAN

Ciao trovo interessante il progetto volevo dargli spazio su sistemistiindipendenti.org, ma incontro qualche problema con l'applicazione delle ACL.
Ho interfacciato squidtl come redirector ad uno squid che mi autentica degli utenti e/o gruppi. Questa parte di gestione funziona egregiamente, ma la parte relativa al blocco di siti e liste con redirect verso la pagina deny.php, non funziona o meglio viene loggata e mappata come bloccata nelle regole e nella lista dei siti, però squid autorizza comunque l'accesso al sito/dominio bloccato.
Il mio dubbio e che a squid manchi qualche direttiva. Sai aiutarmi?

Allego la mia conf di squid

http_port 8080
url_rewrite_program /usr/local/bin/squidtl --verbose -l /var/log/squid/squidtl.log -c /etc/squidtl/config.xml
##PAM AUTH (passwd e shadow)
auth_param basic program /usr/lib/squid/pam_auth
auth_param basic children 5
auth_param basic realm Proxy
auth_param basic credentialsttl 2 hours
###allow auth PAM
acl password proxy_auth REQUIRED
http_access allow password
# And finally deny all other access to this proxy
http_access deny all

Saluti

Paolo

Question information

Language:
Italian Edit question
Status:
Answered
For:
SquidTL Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Michele "O-Zone" Pinassi (o-zone) said : 		#1

Ciao Paolo,

l'URL rewriter dovrebbe bloccare, a prescindere dalle ACL di Squid, la connessione se rileva che non è autorizzata. Puoi allegare qualche riga del log di SquidTL nelle parti relative al BLOCCO ?

Grazie, Michele

Revision history for this message
Paolo PAVAN (paolopav) said : 		#2

si certo...ho impostato una semplice ACL, ho provato anche con regexp per bloccare un semplice sito, ad esempio facebook.com

asterisk:/var/log# tail -f squid/squidtl.log|grep facebook
[2197] 2011-01-17 10:10:13 DEBUG - IN: http://www.facebook.com/ 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:10:13 DEBUG - SquidInfo - P:http D:www.facebook.com U: O:http://www.facebook.com/ S:facebook.com/ F:www.facebook.com/
[2197] 2011-01-17 10:10:13 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="www.facebook.com") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:10:13 DEBUG - MySQL: INSERT INTO DB_Access (Src,Domain,FullUrl,Ident,realIdent,Context,AddDate) VALUES ("192.168.200.152","www.facebook.com","http://www.facebook.com/","paolo","paolo","",NOW());
[2197] 2011-01-17 10:10:13 NOTICE - ALLOWED: www.facebook.com (DEFAULT)

in realtà al sito viene applicata la politica di default (ALLOWED) e non la rules correttamenet attivata.

LOG esteso

[2197] 2011-01-17 10:13:51 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="www.facebook.com") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:51 DEBUG - MySQL: SELECT ipRange,ID FROM DB_Context;
[2197] 2011-01-17 10:13:51 DEBUG - doRegExp: 192.168.200.152/32 192.168.200.152 = 0
[2197] 2011-01-17 10:13:51 DEBUG - doRegExp: 192.168.200.9/32 192.168.200.152 = 0
[2197] 2011-01-17 10:13:51 DEBUG - doRegExp: 192.168.200.0/24 192.168.200.152 = 0
[2197] 2011-01-17 10:13:51 NOTICE - getUserContext(192.168.200.152) = DEFAULT CONTEXT
[2197] 2011-01-17 10:13:51 DEBUG - MySQL: SELECT IdentifiedBy,Value,Username,Type,isActive,DATEDIFF(ExpireDate,CURDATE()) FROM DB_Users WHERE Context=''
[2197] 2011-01-17 10:13:51 DEBUG - doRegExp: paolo paolo = 1
[2197] 2011-01-17 10:13:51 NOTICE - getRealIdent(192.168.200.152) = paolo@ (Level:1 Expire:0)
[2197] 2011-01-17 10:13:51 DEBUG - MySQL: INSERT INTO DB_Access (Src,Domain,FullUrl,Ident,realIdent,Context,AddDate) VALUES ("192.168.200.152","www.facebook.com","http://www.facebook.com/","paolo","paolo","",NOW());
[2197] 2011-01-17 10:13:51 DEBUG - MySQL: SELECT GroupID FROM UserGroup WHERE UserID='paolo';
[2197] 2011-01-17 10:13:51 DEBUG - MySQL: SELECT t1.ID,t1.Type,t1.Value,t1.Action,t1.MaxHits,t1.TimeSlice,t1.redirectUrl FROM DB_Rules AS t1 INNER JOIN RulesGroup AS t2 ON t2.RuleID=t1.ID WHERE t2.GroupID='1' AND t1.isActive=1 AND t1.Context='';
[2197] 2011-01-17 10:13:51 NOTICE - ALLOWED: www.facebook.com (DEFAULT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/yV/r/V5sxFKt9VEt.css 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/yV/r/V5sxFKt9VEt.css S:b.static.ak.fbcdn.net/rsrc.php/yv/r/v5sxfkt9vet.css F:b.static.ak.fbcdn.net/rsrc.php/yv/r/v5sxfkt9vet.css
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ipRange,ID FROM DB_Context;
[2197] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.152/32 192.168.200.152 = 0
[2197] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.9/32 192.168.200.152 = 0
[2197] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.0/24 192.168.200.152 = 0
[2197] 2011-01-17 10:13:52 NOTICE - getUserContext(192.168.200.152) = DEFAULT CONTEXT
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT IdentifiedBy,Value,Username,Type,isActive,DATEDIFF(ExpireDate,CURDATE()) FROM DB_Users WHERE Context=''
[2197] 2011-01-17 10:13:52 DEBUG - doRegExp: paolo paolo = 1
[2197] 2011-01-17 10:13:52 NOTICE - getRealIdent(192.168.200.152) = paolo@ (Level:1 Expire:0)
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: INSERT INTO DB_Access (Src,Domain,FullUrl,Ident,realIdent,Context,AddDate) VALUES ("192.168.200.152","b.static.ak.fbcdn.net","http://b.static.ak.fbcdn.net/rsrc.php/yV/r/V5sxFKt9VEt.css","paolo","paolo","",NOW());
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT GroupID FROM UserGroup WHERE UserID='paolo';
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT t1.ID,t1.Type,t1.Value,t1.Action,t1.MaxHits,t1.TimeSlice,t1.redirectUrl FROM DB_Rules AS t1 INNER JOIN RulesGroup AS t2 ON t2.RuleID=t1.ID WHERE t2.GroupID='1' AND t1.isActive=1 AND t1.Context='';
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (DEFAULT)
[2199] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/yN/r/Uuokrl6Xv3c.css 192.168.200.152/- paolo GET -
[2199] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/yN/r/Uuokrl6Xv3c.css S:b.static.ak.fbcdn.net/rsrc.php/yn/r/uuokrl6xv3c.css F:b.static.ak.fbcdn.net/rsrc.php/yn/r/uuokrl6xv3c.css
[2199] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2198] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/yN/r/rEV0OdVu1yG.css 192.168.200.152/- paolo GET -
[2198] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/yN/r/rEV0OdVu1yG.css S:b.static.ak.fbcdn.net/rsrc.php/yn/r/rev0odvu1yg.css F:b.static.ak.fbcdn.net/rsrc.php/yn/r/rev0odvu1yg.css
[2198] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/yP/r/E3onco1dkAq.css 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/yP/r/E3onco1dkAq.css S:b.static.ak.fbcdn.net/rsrc.php/yp/r/e3onco1dkaq.css F:b.static.ak.fbcdn.net/rsrc.php/yp/r/e3onco1dkaq.css
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: b.static.ak.fbcdn.net related request of ID 1065
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (EXPLICIT)
[2200] 2011-01-17 10:13:52 DEBUG - IN: http://static.ak.fbcdn.net/rsrc.php/yY/r/71qWoI8S5cd.js 192.168.200.152/- paolo GET -
[2200] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:static.ak.fbcdn.net U: O:http://static.ak.fbcdn.net/rsrc.php/yY/r/71qWoI8S5cd.js S:static.ak.fbcdn.net/rsrc.php/yy/r/71qwoi8s5cd.js F:static.ak.fbcdn.net/rsrc.php/yy/r/71qwoi8s5cd.js
[2200] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2200] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ipRange,ID FROM DB_Context;
[2200] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.152/32 192.168.200.152 = 0
[2200] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.9/32 192.168.200.152 = 0
[2200] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.0/24 192.168.200.152 = 0
[2200] 2011-01-17 10:13:52 NOTICE - getUserContext(192.168.200.152) = DEFAULT CONTEXT
[2200] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT IdentifiedBy,Value,Username,Type,isActive,DATEDIFF(ExpireDate,CURDATE()) FROM DB_Users WHERE Context=''
[2200] 2011-01-17 10:13:52 DEBUG - doRegExp: paolo paolo = 1
[2200] 2011-01-17 10:13:52 NOTICE - getRealIdent(192.168.200.152) = paolo@ (Level:1 Expire:0)
[2200] 2011-01-17 10:13:52 DEBUG - MySQL: INSERT INTO DB_Access (Src,Domain,FullUrl,Ident,realIdent,Context,AddDate) VALUES ("192.168.200.152","static.ak.fbcdn.net","http://static.ak.fbcdn.net/rsrc.php/yY/r/71qWoI8S5cd.js","paolo","paolo","",NOW());
[2200] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT GroupID FROM UserGroup WHERE UserID='paolo';
[2200] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT t1.ID,t1.Type,t1.Value,t1.Action,t1.MaxHits,t1.TimeSlice,t1.redirectUrl FROM DB_Rules AS t1 INNER JOIN RulesGroup AS t2 ON t2.RuleID=t1.ID WHERE t2.GroupID='1' AND t1.isActive=1 AND t1.Context='';
[2200] 2011-01-17 10:13:52 NOTICE - ALLOWED: static.ak.fbcdn.net (DEFAULT)
[2199] 2011-01-17 10:13:52 DEBUG - ALLOWED: b.static.ak.fbcdn.net related request of ID 1065
[2199] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (EXPLICIT)
[2198] 2011-01-17 10:13:52 DEBUG - ALLOWED: b.static.ak.fbcdn.net related request of ID 1065
[2198] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/yi/r/rfa2VmzROn_.css 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/yi/r/rfa2VmzROn_.css S:b.static.ak.fbcdn.net/rsrc.php/yi/r/rfa2vmzron_.css F:b.static.ak.fbcdn.net/rsrc.php/yi/r/rfa2vmzron_.css
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: b.static.ak.fbcdn.net related request of ID 1065
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:static.ak.fbcdn.net U: O:http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png S:static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2ujyj4.png F:static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2ujyj4.png
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: static.ak.fbcdn.net related request of ID 1066
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://static.ak.fbcdn.net/rsrc.php/zX/r/4PIot2bO7ET.jpg 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:static.ak.fbcdn.net U: O:http://static.ak.fbcdn.net/rsrc.php/zX/r/4PIot2bO7ET.jpg S:static.ak.fbcdn.net/rsrc.php/zx/r/4piot2bo7et.jpg F:static.ak.fbcdn.net/rsrc.php/zx/r/4piot2bo7et.jpg
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: static.ak.fbcdn.net related request of ID 1066
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: static.ak.fbcdn.net (EXPLICIT)
[2198] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif 192.168.200.152/- paolo GET -
[2198] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif S:b.static.ak.fbcdn.net/rsrc.php/yb/r/gsnjnwui-um.gif F:b.static.ak.fbcdn.net/rsrc.php/yb/r/gsnjnwui-um.gif
[2198] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://static.ak.fbcdn.net/rsrc.php/zD/r/B4K_BWwP7P5.png 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:static.ak.fbcdn.net U: O:http://static.ak.fbcdn.net/rsrc.php/zD/r/B4K_BWwP7P5.png S:static.ak.fbcdn.net/rsrc.php/zd/r/b4k_bwwp7p5.png F:static.ak.fbcdn.net/rsrc.php/zd/r/b4k_bwwp7p5.png
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: static.ak.fbcdn.net related request of ID 1066
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: static.ak.fbcdn.net (EXPLICIT)
[2198] 2011-01-17 10:13:52 DEBUG - ALLOWED: b.static.ak.fbcdn.net related request of ID 1065
[2198] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/zi/r/OBaVg52wtTZ.png 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/zi/r/OBaVg52wtTZ.png S:b.static.ak.fbcdn.net/rsrc.php/zi/r/obavg52wttz.png F:b.static.ak.fbcdn.net/rsrc.php/zi/r/obavg52wttz.png
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: b.static.ak.fbcdn.net related request of ID 1065
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/zs/r/1HX6ENG455b.jpg 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/zs/r/1HX6ENG455b.jpg S:b.static.ak.fbcdn.net/rsrc.php/zs/r/1hx6eng455b.jpg F:b.static.ak.fbcdn.net/rsrc.php/zs/r/1hx6eng455b.jpg
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: b.static.ak.fbcdn.net related request of ID 1065
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://b.static.ak.fbcdn.net/rsrc.php/yG/r/lgqVG5x1kGD.js 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:b.static.ak.fbcdn.net U: O:http://b.static.ak.fbcdn.net/rsrc.php/yG/r/lgqVG5x1kGD.js S:b.static.ak.fbcdn.net/rsrc.php/yg/r/lgqvg5x1kgd.js F:b.static.ak.fbcdn.net/rsrc.php/yg/r/lgqvg5x1kgd.js
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="b.static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: b.static.ak.fbcdn.net related request of ID 1065
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: b.static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://static.ak.fbcdn.net/rsrc.php/yn/r/VlahxD0Dvb-.js 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:static.ak.fbcdn.net U: O:http://static.ak.fbcdn.net/rsrc.php/yn/r/VlahxD0Dvb-.js S:static.ak.fbcdn.net/rsrc.php/yn/r/vlahxd0dvb-.js F:static.ak.fbcdn.net/rsrc.php/yn/r/vlahxd0dvb-.js
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: static.ak.fbcdn.net related request of ID 1066
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://static.ak.fbcdn.net/rsrc.php/y0/r/H8wml-J7LiS.js 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:static.ak.fbcdn.net U: O:http://static.ak.fbcdn.net/rsrc.php/y0/r/H8wml-J7LiS.js S:static.ak.fbcdn.net/rsrc.php/y0/r/h8wml-j7lis.js F:static.ak.fbcdn.net/rsrc.php/y0/r/h8wml-j7lis.js
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: static.ak.fbcdn.net related request of ID 1066
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: static.ak.fbcdn.net (EXPLICIT)
[2197] 2011-01-17 10:13:52 DEBUG - IN: http://static.ak.fbcdn.net/rsrc.php/zS/r/STeWPW2kh0m.png 192.168.200.152/- paolo GET -
[2197] 2011-01-17 10:13:52 DEBUG - SquidInfo - P:http D:static.ak.fbcdn.net U: O:http://static.ak.fbcdn.net/rsrc.php/zS/r/STeWPW2kh0m.png S:static.ak.fbcdn.net/rsrc.php/zs/r/stewpw2kh0m.png F:static.ak.fbcdn.net/rsrc.php/zs/r/stewpw2kh0m.png
[2197] 2011-01-17 10:13:52 DEBUG - MySQL: SELECT ID FROM DB_Access WHERE (Src="192.168.200.152" AND Domain="static.ak.fbcdn.net") AND TIMESTAMPDIFF(SECOND, AddDate, NOW()) < 5 ORDER BY AddDate DESC LIMIT 1;
[2197] 2011-01-17 10:13:52 DEBUG - ALLOWED: static.ak.fbcdn.net related request of ID 1066
[2197] 2011-01-17 10:13:52 NOTICE - ALLOWED: static.ak.fbcdn.net (EXPLICIT)

Revision history for this message
Michele "O-Zone" Pinassi (o-zone) said : 		#3

Innanzitutto ti suggerisco di utilizzare, per la regola, il dominio "*.facebook.com" così da comprendere tutto. Poi sembra esserci un problema nella definizione dei contesti:

[2197] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.152/32 192.168.200.152 = 0
[2197] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.9/32 192.168.200.152 = 0
[2197] 2011-01-17 10:13:52 DEBUG - doRegExp: 192.168.200.0/24 192.168.200.152 = 0

suggerisco di mettere gli IP senza "/netmask": prova ad impostare solamente 192.168.200.152

Fammi sapere, Michele

Revision history for this message
Paolo PAVAN (paolopav) said : 		#4

ho provato....ma anche definiendo un solo filtro per un solo utente, il blocco non viene applicato, eliminare la mask non cambia nulla. A dire il vero anche identificando gli IP e non lo user il blocco non viene applicato...forse qualcosa mi sfugge,. Grazie comunque

Saluti

Paolo

Can you help with this problem?

Provide an answer of your own, or ask Paolo PAVAN for more information if necessary.

To post a message you must log in.