On 1/11/2013 11:36 p.m., Sachin Gupta wrote:
We want to block URLs like mail.yahoo.com, but not yahoo.com.
Using dstdom_regex acl for this.
Regards
On Fri, Nov 1, 2013 at 4:01 PM, Sachin Gupta <chingupt@xxxxxxxxx> wrote:
Hi All,
I have configured a list of blacklist URLs.
One of these is set to (\.*)\.yahoo\.com
What that pattern matches is any series of dots '.' followed by ".yahoo.com"
For example it *literally* matches:
.yahoo.com
..yahoo.com
...yahoo.com
.....................yahoo.com
but X.yahoo.com or www.yahoo.com since they contain non-. letters at the
start will never match.
A working regex would be one of these (all of them are the same):
(.*)\.yahoo\.com
.*\.yahoo\.com
\.yahoo\.com
But the proper way to match this with Squid is dstdomain ACL type.
acl allow_domains dstdomain yahoo.com
acl block_domains dstdomain .yahoo.com
http_access deny block_domains !allow_domains
NOTE: the complexity here is only because of the requirement to allow
"yahoo.com" without a third-level label while denying all the subdomains
with a label. Normally one just either allows or blocks the whole of
dstdomain .yahoo.com
Now if i try to access URLs http://mail.yahoo.com from my browser, it blocks.
Strange mail.yahoo.com will not match that regex you show. Perhapse you
have some other reason for it blocking?
Amos
