Re: [squid-users] Re: squid dstdom_regex not working as expected

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 02 Nov 2013 01:21:34 +1300

On 1/11/2013 11:36 p.m., Sachin Gupta wrote:
> We want to block URLs like mail.yahoo.com, but not yahoo.com.
>
> Using dstdom_regex acl for this.
>
> Regards
>
>
> On Fri, Nov 1, 2013 at 4:01 PM, Sachin Gupta <chingupt_at_gmail.com> wrote:
>> Hi All,
>>
>> I have configured a list of blacklist URLs.
>> One of these is set to (\.*)\.yahoo\.com

What that pattern matches is any series of dots '.' followed by ".yahoo.com"

For example it *literally* matches:
   .yahoo.com
  ..yahoo.com
  ...yahoo.com
.....................yahoo.com

but X.yahoo.com or www.yahoo.com since they contain non-. letters at the
start will never match.

A working regex would be one of these (all of them are the same):
   (.*)\.yahoo\.com
   .*\.yahoo\.com
   \.yahoo\.com

But the proper way to match this with Squid is dstdomain ACL type.

   acl allow_domains dstdomain yahoo.com
   acl block_domains dstdomain .yahoo.com

   http_access deny block_domains !allow_domains

NOTE: the complexity here is only because of the requirement to allow
"yahoo.com" without a third-level label while denying all the subdomains
with a label. Normally one just either allows or blocks the whole of
dstdomain .yahoo.com

>>
>> Now if i try to access URLs http://mail.yahoo.com from my browser, it blocks.

Strange mail.yahoo.com will not match that regex you show. Perhapse you
have some other reason for it blocking?

Amos
Received on Fri Nov 01 2013 - 12:21:47 MDT

This archive was generated by hypermail 2.2.0 : Mon Nov 04 2013 - 12:00:08 MST