Re: [squid-users] Allow all '.gov' sites

From: mesartwell <msartwell_at_centralbankga.com>
Date: Thu, 31 Jul 2008 10:05:20 -0700 (PDT)

Thanks guys. Got this issue resolved.
I previously was using the 'url_regex' acl method.
I switched over to 'dstdomain' and added a '.' in front of every item on the
whitelist.
Works like a charm.

Michael Alger-3 wrote:
>
> On Thu, Jul 31, 2008 at 07:16:19AM -0700, mesartwell wrote:
>> I just setup a squid proxy server and have blocked all web access
>> except for a whitelist of acceptable sites. On the whitelist I
>> have .gov, which I intended to allow users to get to all sites
>> ending in .gov. However this gives access to unintended sites,
>> like 'www.screwthegovernment.com'. Is it possible to specify that
>> .gov must be the top level domain? Thanks.
>
> How did your implement your whitelist? The "dstdomain" ACL is
> intended for matching domains and does what you want.
>
> For all domains ending in .gov, the correct entry is: .gov
>
> The leading "." indicates that subdomains are also acceptable;
> without it, only the specified domain name is okay. For example,
> "dstdomain whitehouse.gov" would allow access to
> http://whitehouse.gov, but not http://www.whitehouse.gov.
>
>

-- 
View this message in context: http://www.nabble.com/Allow-all-%27.gov%27-sites-tp18755615p18759110.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Thu Jul 31 2008 - 17:05:23 MDT

This archive was generated by hypermail 2.2.0 : Fri Aug 01 2008 - 12:00:04 MDT