Squid2 - problem blocking user agent because ; is not allowed



  • Hi,

    I am using squid2 and squidguard. Actually there is a security hole in Internet Explorer 8 and so I want to block this special browser and version. I do not want to block IE9 or IE10. Now I have the problem that the custom options in squid GUI do not allow me to use a  ;  because this will make a new line. Further I am not 100% sure if my squid syntax is correct.

    At the moment I have the problem that all versions of IE will be blocked.

    Here it is:

    
    ##### Create ACL which identifies IE8;
    acl block_internet_explorer browser MSIE 8\.0;
    ;
    ##### Whitelist some source IPs and subnets;
    acl browsers_allowed_src src 172.17.252.0/22 172.17.64.0/22 172.17.0.21/32 172.17.0.22/32 172.17.0.23/32;
    ;
    ##### First place the ACL to allow the subnets;
    http_access allow browsers_allowed_src block_internet_explorer;
    ;
    ##### Now the ACL which should block IE8 for all others;
    http_access deny block_internet_explorer;
    
    

    This is the exact code I put in squid custom options GUI. Remember that  ;  makes a new line.
    I got the user agent strings from here:
    http://www.useragentstring.com/pages/Internet%20Explorer/

    Anyone who could help me?

    For curiosity it is now working even if I did not change anything. Perhaps it took some time to take effect !?



  • Don't know what happend but nothing on may custom options code but now again all internet explorer versions are blocked. Can someone help me on this how to block user agent only for some source subnets but not for all ?

    I appreciate your help!


Log in to reply