RE: [squid-users] Blocking all IP sites

From: Chris Robertson <crobertson@dont-contact.us>
Date: Tue, 10 May 2005 10:31:18 -0800

> -----Original Message-----
> From: Matus UHLAR - fantomas [mailto:uhlar@fantomas.sk]
> Sent: Tuesday, May 10, 2005 9:40 AM
> To: squid-users@squid-cache.org
> Subject: Re: [squid-users] Blocking all IP sites
>
>
> On 10.05 14:21, Mukunthan D wrote:
>> url_regex http://[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*
>
> I'm not so sure that would deny requests for sites like
1.2.3.4.fantomas.sk
>

The original request was:

>>> Can you guide me how to block all dest IP based sites (no domain name),
>>> while name based requests are still allowed?

*shrug*

In any case, the regex would block the domain you specified
(1.2.3.4.fantomas.sk), as it (the regex) doesn't specify where the string
would start or end... In all honesty, it would probably be better to use a
dstdom_regex for the stated purpose, as then only the domain portion of the
request would be compared to the regex, versus the whole url. Something
like:

dstdom_regex ip_based ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$

would match IP based requests fairly narrowly. One could get even more
specific, but that might require a pretty complex regular expression, and
that's not something that you really want to do to reduce load.

Chris
Received on Tue May 10 2005 - 12:31:18 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:02 MDT