3

I'm a developer, not a sysadmin but I have the task to maintain a file which is basically a list of domains to whitelist. This file is used in the Squid caching proxy. The content of the file looks like this:

.example.com
.google.com
.bing.com

The file is used like this:

acl whitelist dstdomain "/path/to/squid/whitelist.txt"

Now I'm trying to find the documentation on how this file is parsed and I can't find clear (official) instructions on the Web on how to fill this file.

It seems that a dot before the domain will whitelist the domain and all it's subdomains. I'm trying to find if there is other wildcard rules that we can apply (like google.* or something like that).

I want to understand how it works not just follow blindly how we used this in the past.

AlexV
  • 169
  • 1
  • 2
  • 16
  • 2
    Been many moons since I worked with it, but with the example you show it is .google.com allows http://google.com but not http://notgoogle.com whereas just google.com would allow anythinggoogle.com - note the lack of a . before the google. – ivanivan Mar 16 '17 at 22:04

1 Answers1

5

Wildcards other than leading dot (.) are not supported in Squid's dstdomain acl. See http://wiki.squid-cache.org/SquidFaq/SquidAcl#How_do_I_implement_an_ACL_ban_list.3F

Rafael
  • 524
  • 2
  • 3