I'm studying squid for proxy admin. Recently, I need filter the access of multimedia files from squid proxy. So I write this in my squid.conf --
acl test_network src 100.70.224.0/23
http_access allow test_network
#acl media_url url_regex -i .*\.mp4$ .*\.mkv$ .*\.webm$
acl media_url url_regex -i ^http://.*\.mp4$
http_access deny media_url test_network
But unfortunately, I found it can't work, the test result is --
vsa10995083:/tmp/eisen # curl -x "100.70.225.235:8080" -O "http://100.70.224.70/kitty_in_the_sun.mp4"
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 36.3M 100 36.3M 0 0 1508k 0 0:00:24 0:00:24 --:--:-- 1558k
I tries -- .mp4$ , .*\(?*)mp4$ ... All failed that curl test always can download that mp4 file.
I don't know what's wrong in my squid.conf. Please kind help on it.
Thanks a lot.
Oh. After test, find the answer -- it's due to the "http_access allow test_network" before the "http_access deny media_url test_network" So it's allowed first and override the "deny" rules. Then if the squid.conf like this --
acl test_network src 100.70.224.0/23
acl media_url url_regex -i \.mp4$ \.mkv$ \.webm$
http_access deny media_url test_network
http_access allow test_network
Then everything is OK.