On Wednesday 25 January 2006 22:34, Mark Elsen wrote:
> > Don't you rather want to use "dst" instead of "dstdomain"?
>
> From the FAQ on Access Controls :
>
> # dst: destination (server) IP addresses
> ^^^^^^^^^^^^^^^^^^^^
> # myip: the local IP address of a client's connection
> # srcdomain: source (client) domain name
> # dstdomain: destination (server) domain name
Admitted - it makes a difference. But most of the time when people want to
make an ACL point to a certain host they use 'dst'. Even though the IP
address is checked host names are still resolved.
And www.badsite.com looks suspiciously like a host entry. :)
Besides the (2.4) documentation on how to use dstdomain and when "*.domain"
or just "domain" needs to be used is not quite precise.
Christoph
-- Never trust a system administrator who wears a tie and suit.Received on Wed Jan 25 2006 - 15:05:15 MST
This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST