Block download

Cry Havok

Well, you could install Squid and then configure it to limit access (acl type urlpath_regex).  The problem is, it's pretty trivial to bypass by simply changing "song.mp3" to "song.txt".

There's also the problem that if the URL doesn't match your pattern then the download will succeed (say your pattern is *.mp3, if the url is http://some.server/download?song.mp3&id=12354, then your pattern won't match.  If you try to make the pattern more generic then you run risks of blocking other things).

cdsu

you could experiment with snort and create a custom rule to check for the extention such as mp3 avi mpg….etc and also check for the contents of a file to defeat the song.txt bypass.. I have the same isse I need to prevent users from downloading files. I will be working on creating some rules this week. and will post my rulesets. :)

anthylon

Hello there,

Are you still working on your rule? I wish to see it if you done with programming.

Thank you in advance,

Anthylon

pogey

Hmm.. what I do is manually create a few ACL file in /var/squid/acl and edit the squid.inc in /usr/local/pkg. Right now all streaming, ads & file download was succesfully block by squid. Tell me if you want to look at my squid.inc file.

anthylon

Hello pogey,

If you could be so kind to get me some example or maybe your conf. file. It could be helpful to me. I'm really having huge problem with users watching video (and pornography). I'm living in Bosnia and I don't have good speed here so I must block things like ads, video streaming and simillar. Unfortunatelly (as I found out during my researching) there is no way to block flash streaming. >:( It could be blocked but all flash content would be blocked too. :o But at least I wish to block what I could.

Any help would be more than welcome. ;D If you can and want send your configuration to me my email is anthylon@gmail.com.

Thank you :)

jahonix

Pogey, if you post your squid.inc here others may benefit as well. Now or in future.

pogey

@anthylon:

Hello pogey,

If you could be so kind to get me some example or maybe your conf. file. It could be helpful to me. I'm really having huge problem with users watching video (and pornography). I'm living in Bosnia and I don't have good speed here so I must block things like ads, video streaming and simillar. Unfortunatelly (as I found out during my researching) there is no way to block flash streaming. >:( It could be blocked but all flash content would be blocked too. :o But at least I wish to block what I could.

Any help would be more than welcome. ;D If you can and want send your configuration to me my email is anthylon@gmail.com.

Thank you :)

Dear anthylon,

Yes if you block streaming it would block all flash content but you can create your exception list. Another thing is don't edit your squid.conf but edit your squid.inc in /usr/local/pkg. If you edit the squid.conf it will gone after you reboot your pfsense. I will send my squid.inc & my ACL file to you later.

EricTyrrell

Blocking .flv files may block flash videos without blocking flash. Let me know if it works.

newera

@pogey:

Hmm.. what I do is manually create a few ACL file in /var/squid/acl and edit the squid.inc in /usr/local/pkg. Right now all streaming, ads & file download was succesfully block by squid. Tell me if you want to look at my squid.inc file.

Dear Pogey,

Appreciate if you could send me the ACL file and squid.inc to me at kokwan.lee@newera.edu.my

Thank you in advance.

dvserg

Can i know how to block user from downloading file from internet. can I use squidguard for this?

Possible. Create Destination item with expression
.*.(zip|rar|cab|mp3|avi|mpg|swf|exe|mpeg|mpv)

ps not add to this .com - this blocked www.xxxx.com zone