Re: [squid-users] Can ANyone Help Me Re: [squid-users] ACL Question - (urlpath_r

From: Chris Robertson <[email protected]>
Date: Thu, 25 Oct 2007 13:57:49 -0800

Vadim Pushkin wrote:
>
>
>> From: "Amos Jeffries" <squid3@treenet.co.nz>
>
>> >>From: Chris Robertson <crobertson@gci.net>
>> >
>> >>> > Hello All;
>> >>> >
>> >>> > I have a rule which blocks the use of CONNECT based on the
>> >>> > user calling an IP address vs. FQDN, this works great!
>> >>> >
>> >>> > I am able to specify allowed IP addresses by adding them into
>> >>> > /squid/etc/allow-ip-addresses.
>>
>> dtsdomain matches against the requested hostname. As text.
>> So that acl matches only if the client requests with an IP where it
>> should have a hostname (ie CONNECT 10.0.0.0:443 HTTP/1.1)
>
> Precisely what I am trying to do, stop CONNECT to requests which use
> an IP vs a hostname.

Let me see if I have this straight... You want to block CONNECT to IP
address, except those that are explicitly allowed, but allow CONNECT to
any FQDN. Is this correct?

Chris
Received on Thu Oct 25 2007 - 15:58:11 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:02 MDT