SquidGuard and numeric address CDNs…
-
The actual problem - crappy web practices on the part of youku and tudou (Chinese YouTube-knockoff sites.)
The effective problem - if I have SquidGuard on and have "Do not allow IP-Addresses in URL" checked Youku and Tudou videos don't load. There's no clear evidence in the logs that I can find to point me at exactly what's blocked (perhaps numeric blocks are not being recorded the squidguard log - but when I look at the firewall log (only other place I can think it would be logged) I get no records whether I put in the local machine IP address as source or destination.)
I am not (as most people who have scribbled all over the net about similar sounding issues) trying to get access to the "Only in mainland China" content outside of China - I'm simply trying to appease my Chinese users without throwing the whole of my blocking schema into the trash.
As far as I can tell (by looking in the squid access log), these Chinese video sites are using a CDN which they refer to strictly by numeric IP address - the addresses in question have no DNS information (no information at all other than that they are in China, actually.) If I whitelist a bunch of the ones I have found, the videos take longer (pretending that they are preparing to load) to fail, but they never work. If I turn off "Do not allow IP-Addresses in URL", they work. If I turn off "Do not allow IP-Addresses in URL", my network is effectively unblocked against the moderately informed age 10 and up user, so that's not an option.
Any ideas, other than suggesting that my Chinese users complain to the people that wrote the websites in question?