RE: [squid-users] IP based ACL - regex?

> -----Original Message-----
> From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
> Sent: Saturday, June 23, 2012 12:18 PM
> To: squid-users_at_squid-cache.org
> Subject: Re: [squid-users] IP based ACL - regex?
>
> On 22/06/2012 11:30 p.m., Jasper Van Der Westhuizen wrote:
> > Hi all
> >
> > Could anyone give me some pointers on how to set up a ACL based on
> allowing : If I want to set up an ACL that includes all hosts(different subnets)
> that end in .105, how would I go about?
>
> Strictly speaking you *can't*. Because hosts don't end in numbers. Hosts are
> alphanumeric names.
>
> I take it you mean IPv4 addresses, (one host has at least 1 MAC address,
> 2 IPv4 addresses, 3 IPv6 addresses - three of which may be used to contact
> Squid).
>
>
> A 1980-style netmask does what you are asking:
>
> acl foo src 0.0.0.105/0.0.0.255
>
> But Why? Modern networks use CIDR subnet masking /8, /16, /24, /32, /48,
> /56, /64, /128 etc.
>
> Amos
>
Thank you Amos. Yes, I should have been more clear. I have to set the ACL based on the IP address, with the last octet ending with for example .105.

The problem with your second proposal is that I don't have a list of all the networks. We have various networks and as in the example of the .105 IP address, every host in our enormous list networks ending in .105 has the same function. If I want to allow these hosts access to only a certain list of websites, I need to set up an ACL based on the last octet.

I think your "acl foo src 0.0.0.105/0.0.0.255" idea will work for me and I will test it.

Thanks again.
Received on Sat Jun 23 2012 - 13:48:21 MDT