Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 05 December 2024, 03:39:15 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Development
| |-+  EFW Wishlist
| | |-+  wildcards in http proxy policies [Solved]
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: wildcards in http proxy policies [Solved]  (Read 30802 times)
dysmas
Full Member
***
Offline Offline

Posts: 28


« on: Saturday 11 June 2011, 06:03:38 pm »

When defining access lists in the http Proxy policies, full url is required. The result is that for a single site, many lines may be necessary.
Example for www .bnf.fr in a policy defined with "allow access" we must add :

www .bnf.fr
catalogue.bnf.fr
ccfr.bnf.fr
didacat.bnf.fr
grebib.bnf.fr
guideducatalogueur.bnf.fr
archivesetmanuscrits.bnf.fr
renet.bnf.fr
bibliographienationale.bnf.fr
gallica.bnf.fr
mandragore.bnf.fr
classes.bnf.fr
lajoieparleslivres.bnf.fr
ark.bnf.fr
rameau.bnf.fr
signets.bnf.fr
webapp.bnf.fr
visualiseur.bnf.fr

It takes a lot of time to find all the addresses necessary for this site when I want to give a user full access to it.
I tried to use wildcards, but it does not seem to be possible.
It would be very useful to be able to use wilcards like :

*.bnf.fr
 or to allow a syntax like :

.bnf.fr

another user wanted to block all .ru addresses. This also could be written

*.ru
or
.ru

Logged
dysmas
Full Member
***
Offline Offline

Posts: 28


« Reply #1 on: Friday 07 October 2011, 02:28:06 am »

Well no replies after 3 months   Sad

I am ready to try to do the job myself, but I would appreciate some indications from the developers to help me find the point where I have to work.
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #2 on: Tuesday 11 October 2011, 02:05:16 am »

Wildcard works with a dot

.bnf.fr should allow any page of bnf domain.
You should check if there is some kind of error on console mode.
 Run this command restartdansguardian.py -d &> /tmp/dans.txt and check for any error on the /tmp/dans.txt file.
Also check restartsquid.py -d &> /tmp/squid.txt

What I'm not sure you can do is blocking the whole .ru as it is a ccTLD and not a domain.
Logged
dysmas
Full Member
***
Offline Offline

Posts: 28


« Reply #3 on: Sunday 23 October 2011, 04:17:33 am »

Hello mrkroket,
thanks for the answer. You are right, it works with  .bnf.fr , it is a feature of squid.
I am sure I already tested but probably I made a mistake.

If you know whom to contact, I think adding a line in the documentation would be useful. More than 600 has looked at this message before you and nobody knew the answer. I just checked the documentation, this important feature is not mentioned.

Thanks again

Dysmas
Logged
kouzoulos
Jr. Member
*
Offline Offline

Posts: 3


« Reply #4 on: Saturday 29 December 2012, 11:35:02 am »

Wildcard works with a dot

.bnf.fr should allow any page of bnf domain.
You should check if there is some kind of error on console mode.
 Run this command restartdansguardian.py -d &> /tmp/dans.txt and check for any error on the /tmp/dans.txt file.
Also check restartsquid.py -d &> /tmp/squid.txt

What I'm not sure you can do is blocking the whole .ru as it is a ccTLD and not a domain.

Hello everyone,

yes wildcard works but for me it only worked in whitelist because when I use a wildcard in the sites to block "block the following sites" it doesn't work.
I want to block for example all the subdomains of xx.mt-50.com so normally if I use *.mt-50.com or .mt50cmp.com it should be blocked...but it isn't. It worked only when I put the whole address "ad.mt50cmp.com".
Another example, I'd like to block all the websites starting by "ads" so normally, if I use ads.* it should work(?) but in my case it doesn't.

I tried to modify directly the dansguardian files but...nothing at all.

Do you have any ideas?

Thank you in advance.
kouzoulos
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com