|
Home > Archive > Linux Debian support > June 2006 > Squid - how to find out which word from acl block access to the site
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Squid - how to find out which word from acl block access to the site
|
|
| Grzegorz 2006-06-13, 7:13 am |
| Hi
I have Squid running mainly to block acces to porno sites
The problem is it turns out it also blocks acces to other sites,
one of which is the city bus timetable.
If I turn the acl of I can access the site through a proxy
but I want to keep the restrictions. Going through the list
I did not notice any words that could possibly cause the problem
In the log I get the following message
1149857502.737 2 62.121.115.188 TCP_DENIED/403 1170 GET
http://rozklady.mpk.krakow.pl/aktualne/index.php - NONE/- -
Is there a way to determine which word is causing the trouble ?
The list hasabout 300 words so chceking these one by one and restarting
squid every time is quite time consuming.
--
Regards
Greg Wajszczuk
ladowny
at wpdotpl
| |
| Seth H Holmes 2006-06-13, 1:13 pm |
| On 2006-06-13, Grzegorz <clarion@localhost.com> wrote:
> Hi
>
> I have Squid running mainly to block acces to porno sites
> The problem is it turns out it also blocks acces to other sites,
> one of which is the city bus timetable.
> If I turn the acl of I can access the site through a proxy
> but I want to keep the restrictions. Going through the list
> I did not notice any words that could possibly cause the problem
> In the log I get the following message
> 1149857502.737 2 62.121.115.188 TCP_DENIED/403 1170 GET
> http://rozklady.mpk.krakow.pl/aktualne/index.php - NONE/- -
> Is there a way to determine which word is causing the trouble ?
> The list hasabout 300 words so chceking these one by one and restarting
> squid every time is quite time consuming.
One thing you could do is start by eliminating parts of the URL. IE:
http://krakow.pl
See if that is blocked. (Maybe it doesn't like "krak.") Add parts of the
URL back in until you get blocked again.
http://mpk.krakow.pl
http://rozklady.mpk.krakow.pl
http://rozklady.mpk.krakow.pl/aktualne
http://rozklady.mpk.krakow.pl/aktualne/index.php
Yeah, the last two bring up the same page but they are different to squid.
This won't tell you what the issue is, but it will narrow it down. I'd be
amused to find out it was rejecting based on the word "lady."
If you wind up having to check 300 some odd words, may I recommend:
man egrep
man regexp
Have lots of fun. 
--
Seth H Holmes
| |
| Grzegorz 2006-06-13, 7:12 pm |
| >I'd be
> amused to find out it was rejecting based on the word "lady."
Bingo !!! Great Thanks !!! I would have never thought of that
"rozklady" means timetables (plural) and the word lady
was in the list next to ladies. In Polish the word rozklady
is actually spelled with polish-specific slashed letter L
which looks similar to the pound symbol and pronounces
like letter W in English.
--
Regards
Greg Wajszczuk
ladowny
at wpdotpl
|
|
|
|
|