Squid webfilter don't filter file type like .exe

webfilter
webproxy

(Nacef Ben Tahar) #1

Hello!
I just tray to add a filter for .exe file with webcontenent filter ,so it should not allow client to download any exe file, but nothing happen it continue to work.
Can you please tell me what is wrong .

[root@nethserver ~]# config show squidguard 
squidguard=configuration
    BlockedFileTypes=exe,zip
    CustomListURL=
    DomainBlacklist=mosaiquefm.net,facebook.fr,facebook.net,facebook.com
    DomainWhitelist=linkedin.com
    Expressions=disabled
    IdleChildren=5
    Lists=toulouse
    MaxChildren=20
    RedirectUrl=
    RedirectUrlHTTPS=blocked.nethserver.org:443
    StartupChildren=5
    UrlBlacklist=
    UrlWhitelist=

Thank you


(Giacomo Sanchietti) #2

Make sure to enable the “Enable expression matching on URL” checkbox from the “Web content filter” page.

Otherwise the category “Expressions” will not be enabled.


(Nacef Ben Tahar) #3

thank you for you answer but i cheked expession matching and it still allow downloading exe and zip file
i wonder if i have to add acl tp squid.conf manually


(Giacomo Sanchietti) #4

You can also check the Troubleshooting section: http://docs.nethserver.org/projects/nethserver-devel/en/latest/nethserver-squidguard.html#troubleshooting


(Nacef Ben Tahar) #5

i did checked the troubleshooting section, it don’t help in this case
i think it’s a bug and u can reproduce it, it happen when we use ufdbguard instead of squidguard

TY


(Marc) #6

In Web content filter, Enable expression matching on URL and set a List of blocked file extensions:
01_web-content-filter-general-tab

Filters: Edit desired filter(s) and enable Block file extensions:
02_filters-block-file-extensions

On current tests, blocking on http works but no file extensions are blocked through https, possibly due to peek and splice method ??:

Note also that Block HTTP and HTTPS ports option will influence connection behavior.


(Giacomo Sanchietti) #7

Please @davide_marini could you try it and eventually extend the doc?