Vadim Pushkin escribió:
> Hello;
>
> I have an ACL which contains IP addresses that I want to allow outbound
> requests to.
>
> acl allowed_IPs dstdomain "/net/squid/allowed-IP-Dests"
>
> I have another ACL which is intended to capture all destinations which
> use an IP address versus FQDN, which one of these two is correct for
> this purpose?
>
> acl numeric_IPs url_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
> or
> acl numeric_IPs urlpath_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
>
> Finally, I want to deny all outbound requests to ACL numeric IP's (IP
> addresses only), *unless* the requested IP address is contained in my
> ACL "allowed_IPs".
>
> Would the below work for this?
>
> http_access deny CONNECT numeric_IPs !allowed_IPs
>
If you are going to use in CONNECT you have to use dstdom_regex.
CONNECT only have hostname and port.
Emilio C.
Received on Thu Jul 05 2007 - 09:42:43 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:03 MDT