Security :: Deny Download Some File Types On Squid?

Nov 15, 2010

How to deny download some file types on squid ?

I tried below in my squid.conf

acl blockfiles urlpath_regex -i "/etc/squid/src/blockfiles"
http_access allow localnet freesites !blockfiles

and in my /etc/squid/src/blockfiles


I still able to download

View 2 Replies


Server :: Squid And Apache2 - Http_access All Deny At The End Of The File - Allow External Petitions To Web?

Nov 11, 2010

I have a server running both apache2 (default port) and squid (3128 port) I set an squid ACL so my LAN gets filtered. ok all works fine except for external web petitions. When i try to access my web server from the outside, using my public ip, i get a SQUID DENIED. i guess that is because in squid ACL's there is something like: http_access all deny at the end of the file. How can i allow external petitions to my web?

View 4 Replies View Related

Networking :: .htaccess And Forced Download Of Certain File Types?

Jun 10, 2009

I tried to force download of certain file types - pdf,doc,jpg - instead of opening them in applications. I used AddType application/octet-stream .pdf and AddType application/force-download .pdf but it doesnt works. Has anybody an idea how to solve this problem?

View 1 Replies View Related

Security :: Deny Root Access To A Given File

Dec 7, 2010

I would like to know if it is possible to deny the access to a file for root? Would ACL's be a possibility? I have "googled" around but haven't found anything interesting (except SELinux). I should secure a password file to an important database.

View 6 Replies View Related

Ubuntu :: Grsync - Filtering File Types / Getting Only Some File Types Getting Included And Not Others?

Sep 1, 2011

I'm using Grsync and I want to be able to plug in any drive into my laptop and run rsync on it to back up all the user documents on there to another external hdd and to exclude everything else. Working on the principle that user documents don't always appear where we'd expect I want rsync to look through the whole drive and filter what it backs up by file type. I am only having partial success, however.

I am using the 'filter' option in the 'additional options' box. I am using the command
filter='merge /home/tim/Desktop/filter'
and I am attaching the filter file I have written. (I have added the .txt extention to upload it).

I have tested this script on my home folder and here's what's going wrong. Rsync will copy the entire directory structure regardless of whether there are any files to be copied over in those directories. I am also getting only some file types getting included and not others. .odt and .ods files are copied, for instance, but not .doc or .rtf.

View 3 Replies View Related

Networking :: Squid.conf Deny All Except 1 External Ip

Jul 3, 2010

I have encountered a problem using squid, I am currently configuring my squid to deny all http and https except 1 external dst ip address which I will use to connect trough RDP, how can I configure my squid with what I want to accomplish?

View 1 Replies View Related

Server :: Squid - Deny Streaming To All IP Addresses Of A LAN

Aug 23, 2010

I'm trying to use Squid to restrict web access on the computers of my LAN. All of the computers are using static IP address and we use our firewall to deny all HTTP access except for the proxy machine so everyone needs to go through the proxy to access the web.

Most of of the computers have access to websites that are listed on a white list that I called "goodsites". I have a range of IP address that I listed in a file called "super_users". These IP adresses are able to access everything except sites that I have put in a black list called "badsites".

I would like to restrict the use of audio/video streaming for all the IP adresses including the super_users. So far I have been able to effectively block streaming for all the IP addresses except the super_users that are able to bypass this restriction.

Here is the transcript of my squid.conf file:

acl manager proto cache_object
acl localhost src
acl to_localhost dst
acl localnet src RFC1918 possible internal network


View 11 Replies View Related

Networking :: Download Torrent File Through Squid?

Nov 25, 2008

i am using squid proxy server in my office but i cant download torrent file from client usnig bittorrent. bitorrent may use port 6881 to 6889. but i dont know how and where to put this port numbers in squid to download torrent files.

View 1 Replies View Related

General :: How To Configure Juniper SSG140 Deny Port 80&443 Except Squid Proxy

Dec 22, 2010

I have just installed Squid proxy. i also use WPAD to deploy policies for all client. Both works well together. Now i want to configure firewall Juniper SSG140 will be deny all request from client to access internet and redirect to Squid. I mean deny HTTP & HTTPS except Squid (port 3128), even i want to all access to internet have to through Squid proxy. I don't expert about the firewall Juniper. May i know step by step configure it.


View 6 Replies View Related

General :: Squid Delay Pools Configuration For 3 Types Of Clients

Mar 4, 2011

I want to configure squid delay pool for the following scenario:

Internet Connection Speed: 7Mbps
3 Types of clients
Type 1: unlimited access to bandwidth
Type 2: 1.5 Mbps
Type 3: 512 Kbps

Unlimited access ip address,2,5,10
1.5 mbps ip addresses,4,6-9,11
512 mbps ip addresses

How to create acl for these ip's and delay pools for above speed.

View 5 Replies View Related

Fedora Security :: Iptables To Deny All Except Localhost?

May 15, 2011

i was hoping that someone in here could possibly help me out with my iptables rule set. First here is what i would like iptables to do, i want iptables to deny all packets or traffic from the outside coming in and for output allow the things i need like web and irc etc... Also, i would like iptables to deny access to all services like sendmail and ssh except i would like localhost to have access to everything. What i mean by localhost is that when i run my iptables script it loads fine except when i try ssh from localhost i get this output:ssh -l user localhostssh_exchange_identification: Connection closed by remote hostI know what most of you are thinking, why do i need to ssh into localhost from localhost just open another terminal, well i am getting myself familiar with iptables i want all services logged and blocked but not from localhost. I cant seem to figure out this problem and i have tried several different things. Here is my iptables script, I am hoping that someone out there can tell me what i am doing wrong...

iptables -v -F;
iptables -v -A INPUT -i lo -j ACCEPT;


View 5 Replies View Related

Security :: Configure Deny.hosts For Opensuse 11.1?

Sep 7, 2010

I just downloaded the DenyHosts2.6python2.5.rpm for deny.hosts from sourceforge and would like to set it up. I normally use fish://, smb:// and ftp:// on the boxes on my lan. I already have files called hosts.allow and hosts.deny in the /etc folder. Will the rpm configure hosts.deny when first run?

View 1 Replies View Related

Security :: Deny Host When Changing SSH Port 22

Oct 30, 2010

I have an Asterisk on an externally hosted vServer with Lenny. In order to further protect the SSH access I intended to change the Port number 22 to something like 55555. For this I changed the /etc/ssh/sshd_config file and restarted ssh. This caused unfortunately the following problems:

(1) The first login works but DenyHost writes now the IP in its list so that the second login with the same IP is blocked.

(2) With RESET_ON_SUCCESS = yes several logins were possible with the same IP, but later it also was blocked for some still unknown reasons.

(3) Files can be uploaded for being edited, but they can't always be saved. When they can't be saved the next login with this IP is blocked. It thus looks like the blocking can occur while being connected. When the files can't be saved it is however still possible to copy files from the computer to the vServer.

I add below the entries in the auth.log from a logout and a login. It shows further how suddenly the attempts to save files were blocked. After this session the IP used for it was blocked. I don't know where the message "Unable to open env file: /etc/default/locale" comes from. If I remember right I had these messages already before. I don't know how much that is really important.


View 4 Replies View Related

Ubuntu Security :: Sshd And Hosts.deny Not Always Observed?

Jan 18, 2010

I'm having troubles trying to understand this problem:my homeserver until yesterday had a public IP, staying on network, with sshd running and all was fine;this evening I changed the IP, giving it a local lan address, and what happened if I tried to connect to it by ssh?I got an error about "Connection closed by remote host". Google helped me finding that was regarded to hosts.deny file, that was actually containing a lineALL:ALLthat I commented, and all was fine.My question is: why the hosts.deny (that has never changed) was observed only with the local IP?I tried to switch back to the public IP and leaving ALL:ALL, and it did connect without any problem

View 1 Replies View Related

Security :: Firewall, Can't Deny Ips After Allowing Local Subnet?

Feb 23, 2010

If I allow, my server's IP is:

If I allow, and block can't access the server

But if I allow, and block can still access the server!!

Does anyone know why that is?

View 4 Replies View Related

Ubuntu Security :: Deny Hosts Removing An Ip And Checking Tcpwrappers?

Oct 21, 2010

I could not find any where the documentation the only best which I got was [URL]

My question is the following blog says to remove an IP from /etc/hosts.deny which denyhost has blocked

[URL] you need to have a directory /usr/share/denyhosts/data I do not find any such directory

Also when I tried to check tcp wrapper configuration as given here


tcpdchk -v Cannot find your inetd.conf or tlid.conf file. Please specify its location.

what does the above output mean? How do I make sure denyhosts is doing its job?

View 2 Replies View Related

Ubuntu Security :: Unable To Deny Sudo Access To Regular User Account.

Dec 19, 2010

I made a Desktop User account. When I went on that account, it allowed me to execute sudo as if I was an administrator. I don't know what might be causing this. I do have ufw set up and blocking incoming connections. Do you guys know what might be at the root of this?Also, when I used sudo from the user account (which I shouldn't have been able to do), I provided the password for my admin account.

View 9 Replies View Related

Ubuntu Security :: Denyhosts Working \ First Time Adding Lots Of Ips To The Hosts.deny?

May 16, 2011

I just set up denyhosts and it worked properly the first time adding lots of ips to the hosts.deny.I then set it to run every 12 hours noon and midnight.I wanted to see if ran properly and I got all this.Does it look like its working?

May 15 12:00:01 hyrule CRON[14286]: (root) CMD (python /usr/share/denyhosts/ -c /usr/share/denyhosts/denyhosts.cfg )


View 4 Replies View Related

Security :: Firewall Deny Traffic Inbound Destination Port 53372 & 53375?

May 5, 2010

I have a question, on my firewall at work I am seeing a constant flow of denies from many different source IP addresses, of tcp/udp destination port 53372 & 53375.What in the world is that, and why these two ports over and over

View 1 Replies View Related

Security :: Invalid Login Attempts Not Refused Using Deny Hosts And Conf Of Denyhost Not Working?

Oct 28, 2010

I am using denyhosts on a server so in a config file/etc/denyhosts.confthe following value is setQuote:DENY_THRESHOLD_INVALID = 3which as per their configuration file saysQuote:

DENY_THRESHOLD_INVALID: block each host after the number of failed login
# attempts has exceeded this value. This value applies to invalid
# user login attempts (eg. non-existent user accounts)


View 1 Replies View Related

Server :: Technology For Detecting Types Of Traffic And Allowing To Run Multiple Types?

Apr 9, 2011

I would like port 80 to have a small daemon running on it that detects HTTP traffic and sends a small redirect response, and any other traffic begins streaming data from my VPN daemon. I was wondering if this has already been made, or any kind of technology for detecting types of traffic and allowing you to run multiple types of servers on the same port.

View 4 Replies View Related

Programming :: Conflicting Type Declarations Between Sys/types.h And Linux/types.h

Sep 12, 2010

I'm trying to use "netlink" to get ip address of a Linux box. But the linux/types.h included from "linux/rtnetlink.h" introduced many conflicting type declarations with "sys/types.h".

#include <rtnetlink.h>
#include <sys/types.h>
#include <sys/socket.h>
int main (int argc, char *argv[])
return 0;

The program will demonstrate such type conflicts.

View 3 Replies View Related

Ubuntu Security :: IPBlock: Exhausted Search To Find Download File?

Dec 31, 2010

I have totally exhausted my search to find IPBlock. I use it on my other Ubuntu machines but for some strange reason I cannot find it anywhere for my Ubuntu 10.10 Maverick. I know where the iplist is but not the actual file IPBlock download

View 2 Replies View Related

General :: Copy Certain File Types Recursively While Maintaining File Structure On Destination?

Jun 14, 2011

I have just been bothered by a fairly small issue for some time now. I am trying to search (using find -name) for some .jpg files recursively. This is a Redhat environment with bash.

I get this job done though I need to copy ALL of them and put them in a separate folder BUT I also need to keep the order intact after copying.

For e.g - If I get a JPG file under /home/usr/new/1/ then the destination also needs to be /test/old/new/1/.

At the moment, I am simply putting all files under /test/old/ and I can't somehow get the later /new/1/ folder path created under /test/old/

I understand this could well be done using while OR if else loop, though if someone can just guide me with a hint, I would be really grateful.

I will complete the rest of the steps and was asking here since I am still not comfortable with the shell/bash scripts yet and planning to be really good at it over the next couple of months.

View 1 Replies View Related

Security :: Warning: /etc/hosts.deny, Line 20: Missing ":" Separator?

May 15, 2010

I am getting a warning from /etc/hosts.deny



View 14 Replies View Related

Fedora :: How To Open RAR File Types

Sep 25, 2009

I'm not completely new to fedora, but I'm still getting used toWhat programs do I search in the add/remove software. For opening rar file types?

View 10 Replies View Related

Ubuntu :: Set Autoindent In Vim For Certain File Types?

Apr 15, 2010

I hope this is in the right spot. I need some help editing my .vimrc file. I want to edit it so that if I create a .cpp file, it will turn on cindent, and if I create a .asm file, it will turn on regular autoindent and set ft=nasm so Vim uses NASM syntax highlighting. How do I go about doing this?

View 2 Replies View Related

Debian :: Tar Multiple File Types Eg *.doc *.txt?

May 21, 2009

how would i go about taring multiple file types, such as *.doc *.pdf *.txt

i know that i can use the command Code: tar -zcvf filename.tar.gz /location/of/backup *.doc , but how do i include multiple wild cards?

View 2 Replies View Related

Ubuntu :: Looking For File Types Editor For GNOME?

Feb 2, 2010

I'm trying to use this guide:

but i can't seem to find or to download AssoGiate so i need something eles to create mime.

View 6 Replies View Related

Ubuntu :: Associate A File-types With A Program?

May 7, 2010

I want to make vlc the default application for opening avi files.

I tried 'open with a different application', selected vlc and checked the box 'Remember this application for "AVI video" files' (see attached), but the next time I double-click on an avi file it loads in Movie Player.

I've searched the Ubuntu documentation for "file associations" and "default programs" with no success. I'm probably using the wrong search terms, but somewhere, in all the configuration files and tables, there must be a way to assign a particular program to a given file-type.

(If you're wondering why I want to use vlc, it's because, after hours of research and tinkering, I finally got it to respond to my mceusb remote via lirc.)

View 2 Replies View Related

Copyrights 2005-15, All rights reserved