The situation is that I am using squid on the pfsense firewall. Squid is available as a package with GUI interface. The whitelist is part of the sections provided by the GUI and somehow entering the domains as a list that I provided it does work for most of the domains but it fails in others. The squid.conf is generated by the GUI and uses dstdom_regex for the whitelist. It has custom area where I can place the lines to use dstdomain and it works. But I would like to know how I should enter the domains as to make it work correctly using dstdom_regex behaving like dstdomain Jose E Torres 939-777-4030 JET System Services On Wed, Oct 5, 2016 at 12:10 PM, Jok Thuau <jok@xxxxxxxxxx> wrote: > > > On Tue, Oct 4, 2016 at 6:01 PM, Jose Torres-Berrocal > <jetsystemservices@xxxxxxxxx> wrote: >> >> > /var/squid/acl/whitelist.acl: >> >> [snip] >> > >> > .assertus.com >> > .neodecksoftware.com >> >> >> your whitelist for this domain says that it has "something" followed >> by that domain name... >> >> > >> > >> > .office.net >> >> 1. Each domain is on separate line, why is consider the next line part >> of the same pattern? >> >> in the end, your regular expression doesn't match. >> "." means "any single character". you should replace that line with >> something like this: >> ^neodecksoftware\.com >> >> 2. Then I should change each domain line to resemble your suggested >> pattern? >> >> ^assertus\.com >> ^neodecksoftware\.com >> ^office\.net >> > > Well, not quite that simple. That pattern will block "www.office.net", which > is probably not what you want. That pattern would only fix that one i > mentioned (which doesn't use "www" or anything else in front of the domain). > The "^" is an anchor for the beginning of the string. that would exclude any > of the sub-domains. > > In the end, I believe Alex's suggestion (to change from dstdom_regex to > dstdomain will be simpler, and will do what you expect (where if you list > ".something.tld", it will accept both "www.something.tld" and > "something.tld"). Refer to the documentation and example to understand how > that is being handled. > > I would suggest you research regular expressions. Visit and play with > regex101.com -- The explanation panel on the side will do wonders to > demystify the pattern I provided. > > see: > https://regex101.com/r/hVu6vX/3 > > Thanks, > Jok > _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
