Yuriy Kuznetsov wrote:
> > and the restriction rules:
> > http_access deny localnet10 yahoo MORNING
> > http_access deny localnet10 yahoo AFTERNOON
> > http_access allow localnet10 yahoo LUNCH
> > http_access allow localnet10 yahoo EVENING
> > http_access allow localnet10 yahoo MIDNIGHT
> > http_access allow localnet10
> >
> I think it is simle... KISS :)))
>
> http_access allow localnet10 !yahoo
> http_access allow localnet10 yahoo LUNCH
> http_access allow localnet10 yahoo EVENING
> http_access allow localnet10 yahoo MIDNIGHT
or simply
http_access deny localnet10 yahoo MORNING
http_access deny localnet10 yahoo AFTERNOON
http_access allow localnet10
> but I have a question .. What is better
>
> acl yahoo url_regex -i ^http://http.msg.yahoo.com
> or
> acl yahoo dstdomain http.msg.yahoo.com
dstdomain is always better than regexp matching, especially if there is
many items to match. When there is only a single pattern the difference
is not that large.
> I prefer second because url_regex do not have reverse lookup (and not
> block IP-s) or I am wrong?
Correct, but is not generally the main reason why dstdomain is
preferable.
Regards
Henrik Nordström
Squid Developer
MARA Systems AB, Sweden
Received on Fri Jan 11 2002 - 16:47:15 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:49 MST