On Thursday 05 September 2002 04.11, Ina Patricia Lopez wrote:
> so this will work:
>
> acl allowed_sites "/squid/etc/goodsites.txt"
> acl all_others dst 0.0.0.0/0.0.0.0
>
> http_access allow allowed_sites
> http_access deny all_others
Almost.. dstdomain is missing from allowed sites.
Also, it is more efficient to use a src acl for all_others.. you don't
really care what the destination IP address is here, but using a dst
acl like above will make Squid DNS lookup the address.
> does the preceeding dot on a domain makes the whole domain
> available?
A dstdoman of .domain matches the whole domain. Without the leading
dot it only matches the exact hostname.
Regards
Henrik
Received on Thu Sep 05 2002 - 03:07:36 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:06 MST