I strongly advise against blocking http://ip_address.
There are WAY too many websites that redirect to an ip address.
You really should use a firewall to control worms and viruses.
Besides, if you leave it open, your access.log will be able to tell you of
any machines on your network that might be susceptible to the exploit.
Otherwise Andreas' idea would work just fine.
Regards,
Tim Rainier
"Andreas Pettersson" <[EMAIL PROTECTED]>
03/26/2004 01:02 PM
To: <[EMAIL PROTECTED]>
cc:
Subject: Re: [squid-users] Urgent: I need filter IP
----- Original Message -----
From: "Muthukumar" <[EMAIL PROTECTED]>
To: "Benjam�n Vay�" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Friday, March 26, 2004 4:28 PM
Subject: Re: [squid-users] Urgent: I need filter IP
>
> >
> > Because of the virus Nachi, I need to deny the accesses of the type:
> >
> > http://ip_address
> >
> url's with ip-address don't have the keyword ".com".
There are many top level domains beside .com.
Perhaps this would be a better regexp to block:
http://[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/
/Andreas
