On Wed, 3 Nov 2004, Chris Robertson wrote:
> acl NoYahoo dstdom_regex -i au.(.*)yahoo.com
The . needs to be quoted wiht \, if not it matches "any character.
au\.(.*)yahoo.com
> http_access deny NoYahoo
>
> will block au.yahoo.com au.mail.yahoo.com au.this-is-not-really-yahoo.com
> and any permutation without causing much of a CPU load.
>
> If you want something a bit more specific,
>
> acl NoYahoo dstdom_regex -i au\.([a-z]+\.)?yahoo\.com
You should anchor the regex...
acl NoYahoo dstdom_reges -i ^au\.(.*\.)?yahoo\.com$
^ is "beginning", $ is "end".
without these regex patters is matching anywhere
\.yahoo\.com$
matches any domain ending in .yahoo.com.
matches any domain containing the string ".yahoo.com", including
"www.yahoo.com.examlpe.com"
Or you can use two acls to make this simpler
acl yahoo dstdomain .yahoo.com
acl au dstdom_reges -i ^au\.
http_access deny yahoo au
Regards
Henrik
Received on Wed Nov 03 2004 - 16:23:08 MST
This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:01 MST