Re: [squid-users] Howto protect one network using ACL?

Dear Yuriy,

Acctualy, i do not know what's the different if we were using url_regex
and dstdomain. Cause as far as i know, this 2 commands have a same
function but maybe you were right, that url_regex do not have reverse
lookup. Anyone in this list may give a right explanation about the main
different between url_regex and dstdomain?
Thank you very much.

regards,

Derix Suartyo.

Yuriy Kuznetsov wrote:

> > -----Original Message-----
> > From: derix suartyo [mailto:derix@se.fujitsu.co.id]
> > Sent: 08 ?????? 2002 ?. 06:46
> > To: Colin Campbell
> > Cc: squid-users@squid-cache.org
> > Subject: Re: [squid-users] Howto protect one network using ACL?
> >
> >
> > Dear Mr.Colin,
> >
> > This is my complete configuration (i refer to your config):
> >
> > acl localnet10 src 192.168.10.0/255.255.255.0
> > acl yahoo url_regex -i ^http://http.msg.yahoo.com
> > acl MORNING time MTWHF 08:00-11:59
> > acl LUNCH time MTWHF 12:00-12:59
> > acl AFTERNOON time MTWHF 13:00-16:59
> > acl EVENING time MTWHF 17:00-23:59
> > acl MIDNIGHT time MTWHF 00:00-07:59
> >
> > and the restriction rules:
> > http_access deny localnet10 yahoo MORNING
> > http_access deny localnet10 yahoo AFTERNOON
> > http_access allow localnet10 yahoo LUNCH
> > http_access allow localnet10 yahoo EVENING
> > http_access allow localnet10 yahoo MIDNIGHT
> > http_access allow localnet10
> >
> I think it is simle... KISS :)))
>
> http_access allow localnet10 !yahoo
> http_access allow localnet10 yahoo LUNCH
> http_access allow localnet10 yahoo EVENING
> http_access allow localnet10 yahoo MIDNIGHT
>
> but I have a question .. What is better
>
> acl yahoo url_regex -i ^http://http.msg.yahoo.com
> or
> acl yahoo dstdomain http.msg.yahoo.com
>
> I prefer second because url_regex do not have reverse lookup (and not
> block IP-s) or I am wrong?
>
> cheers

--
Dë®íx Suä®työ
SysEng@Fujitsu Systems Indonesia
Cross Industry Solution Department
Jalan Cideng Timur no 55, Jakarta 10160
Tel:62-21-3442601 (ext 453)
Fax:62-21-3442595
http://www.systemwalker.com
-=GOD is the master of my fate; GOD is the captain of my soul=-