kevin band wrote:
Hi Amos, Thanks for the reply, I'm happy to accept what you say, but is there anything specific that tells you that it's the remote web-server rather than the squid-proxy that's rejecting the connection? Regarding, dstdomain, yes I am familiar with that, but it doesn't meet our needs in this instance, because there are multiple marks and spencers domains that we need to allow access to, and they seem to create a new one every few weeks. We've been asked to setup a rule that wild-cards anything for marksandspencer. They have a wide variety of formats in their URLs, e.g. www.marksandspencer.com, suppliers.marksandspencer.com, suppliers.marksandspencercate.com, the regex rule was the best compromise.
For what it's worth, dstdomain has the capability of performing wild card matches (by using a leading period).
acl marskandspencer dstdomain .marksandspencer.com .marksandspencercate.com 63.130.82.113
will match the domains you mentioned above, as well as the IP address.
Thanks again. Kevin.
Chris
