On 04/17/02(10:09) you "Vaughn Jardine" <email@example.com> wrote
|Forgive my ignorance as I'm new to delegate. My users use cuteftp,
|icq, and msn through Delegate socks. What parameters do I use to
|block ftp to ONE specific domain, while allowing access to other ftp sites?
|Lets say I wanted people to access all ftp sites except *.uwi.com
|I tried ./delegated -P1080 SERVER=socks PERMIT="*:*,!*.uwi.com:*" but
|this still allows access to www.uwi.com.
Socks version 4 clients sends resolved destination IP-address to the
% nslookup www.uwi.com
% nslookup 184.108.40.206
In this case, Socks server (DeleGate in this case) receives "220.127.116.11"
which cannot be resolved to host name like "www.uwi.com" by DNS inverse
lookup. So you need to negate the IP-address like this:
or define the mapping privately by a HOSTS parameter like:
(be sure that you need escape "!" by "\!" in some shells like csh)
|The I tried ./delegated -P1080 SERVER=socks PERMIT="*:!*.uwi.com,*:*
|(all sites"*" come after the negate uwi) This blocks access but also
|to other ftp sites.
A hostlist "...,*" equals to "*" so I don't see why it blocks something.
@ @ Yutaka Sato <firstname.lastname@example.org> http://www.delegate.org/y.sato/
( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan