Herman (ISTD) wrote:

> Currently, I am preventing my users for downloading some files e.g file
> with .bz2 extention.


> In squid.conf I define as following :
> acl BadUrl url_regex -i "/usr/local/squid/etc/data/BadUrlFile"


> Add I add this entry to /usr/local/squid/etc/data/BadUrlFile :
> \.bz2$


> But some of the users did some trick by adding ? or ?/ in the URL


> And they successful to bypass my ACL and download the files they wanted.


> I have try to add "\.bz2?$" and "\.bz2?/$" in to
> /usr/local/squid/etc/data/BadUrlFile file. But it does not work.


Like with the '.', you need to escape the '?' and '/' with a '\'.

Adam