On Wed, 3 Nov 2004, Chris Robertson wrote:
acl NoYahoo dstdom_regex -i au.(.*)yahoo.com
The . needs to be quoted wiht \, if not it matches "any character.
au\.(.*)yahoo.com
http_access deny NoYahoo
will block au.yahoo.com au.mail.yahoo.com au.this-is-not-really-yahoo.com and any permutation without causing much of a CPU load.
If you want something a bit more specific,
acl NoYahoo dstdom_regex -i au\.([a-z]+\.)?yahoo\.com
You should anchor the regex...
acl NoYahoo dstdom_reges -i ^au\.(.*\.)?yahoo\.com$
^ is "beginning", $ is "end".
without these regex patters is matching anywhere
\.yahoo\.com$
matches any domain ending in .yahoo.com.
matches any domain containing the string ".yahoo.com", including "www.yahoo.com.examlpe.com"
Or you can use two acls to make this simpler
acl yahoo dstdomain .yahoo.com acl au dstdom_reges -i ^au\.
http_access deny yahoo au
Regards Henrik
