Vadim Pushkin wrote:
From: "Amos Jeffries" <[EMAIL PROTECTED]>
>>From: Chris Robertson <[EMAIL PROTECTED]>
>
>>> > Hello All;
>>> >
>>> > I have a rule which blocks the use of CONNECT based on the
>>> > user calling an IP address vs. FQDN, this works great!
>>> >
>>> > I am able to specify allowed IP addresses by adding them into
>>> > /squid/etc/allow-ip-addresses.
dtsdomain matches against the requested hostname. As text.
So that acl matches only if the client requests with an IP where it
should have a hostname (ie CONNECT 10.0.0.0:443 HTTP/1.1)
Precisely what I am trying to do, stop CONNECT to requests which use
an IP vs a hostname.
Let me see if I have this straight... You want to block CONNECT to IP
address, except those that are explicitly allowed, but allow CONNECT to
any FQDN. Is this correct?
Chris
