Dustin Hane wrote:
> I'm trying to work with regex's and have a quick question in response to your response. Wouldn't you also be able to do just a url_regex -I pagesjuanes and allow that? That should theoretically work yes?
>
I think the -I needs to be lowercase, but otherwise that would work.
It's just more resource intensive, and would allow
"http://random.website/?fakequery=pagesjuanes&haha=true" through.
Handling regular expressions (url_regex, dstdom_regex) is far more
complex than performing a string equality test (both for Squid and the
maintainer).
> If you are doing a url_allow and if you have the period infront of the domain, that allows anything from the "tld".pagesjuanes.fr correct?
>
Correct. A dstdomain ACL with a leading dot will match the base domain
(pagesjuanes.fr in this case) AND "anything" dot base domain
(tld.pagesjuanes.fr, www.pagesjuanes.fr, search.pagesjuanes.fr). If you
have a few host names you wish to block, while allowing the majority,
you can combine ACLs on a http_access line...
# Allow most, block a few
acl pagesjuanes dstdomain .pagesjuanes.fr
acl pagesjuanesExceptions dstdomain blocked.pagesjuanes.fr
bad.pagesjuanes.fr
# Allow access to all pagesjuanes.fr domains, except
blocked.pagesjuanes.fr and bad.pagesjuanes.fr
http_access allow pagesjuanes !pagesjuanesExceptions
# Block access to all pagesjuanes.fr domains not allowed above
http_access deny pagesjuanes
Chris
Received on Tue Apr 21 2009 - 20:31:09 MDT
This archive was generated by hypermail 2.2.0 : Wed Apr 22 2009 - 12:00:02 MDT