[Privoxy-users] permit-access wildcards?

[Richard Glaser]

Hi:

Thanks for the reply

That’s too bad, for example if you have Apple clients, you would need to add a ton of hostnames to provide enterprise management.

https://support.apple.com/en-us/HT210060

And many require wildcard support like

*.push.apple.com
*.school.apple.com
*.itunes.apple.com
*.mzstatic.com
*.vertexsmb.com
*.itunes.apple.com
*.apps.apple.com
*.mzstatic.com
*.appattest.apple.com
*.apple-cloudkit.com<http://apple-cloudkit.com>
*.apple-livephotoskit.com<http://apple-livephotoskit.com>
*.apzones.com<http://apzones.com>
*.cdn-apple.com<http://cdn-apple.com>
*.gc.apple.com<http://gc.apple.com>
*.icloud.com<http://icloud.com>
*.icloud.apple.com<http://icloud.apple.com>
*.icloud-content.com<http://icloud-content.com>
*.iwork.apple.com<http://iwork.apple.com>*.apple-cloudkit.com<http://apple-cloudkit.com>
*.apple-livephotoskit.com<http://apple-livephotoskit.com>
*.apzones.com<http://apzones.com>
*.cdn-apple.com<http://cdn-apple.com>
*.gc.apple.com<http://gc.apple.com>
*.icloud.com<http://icloud.com>
*.icloud.apple.com<http://icloud.apple.com>
*.icloud-content.com<http://icloud-content.com>
*.iwork.apple.com<http://iwork.apple.com>

For example, we are using privoxy with macOS and iPadOS clients to allow and deny hosts.

Thanks:

[Block U Logo]
Richard Glaser  (he, him, his)
Assistant Head, Client Platform Services
Marriott Library ITDLS
The University of Utah
On Aug 17, 2023 at 8:53 PM -0600, Ian Silvester <iansilvester at fastmail.fm>, wrote:
Hi Richard,

I'm afraid that the permit-access and deny-access directives in the Privoxy core configuration file do not support wildcard addressing for dst-addr, per the User Guide:

The Main Configuration File (privoxy.org)<https://www.privoxy.org/user-manual/config.html#ACLS>

Does someone else have a suggestion for Richard's use case?

Apologies,

Ian


On Thu, 17 Aug 2023, at 12:18, Richard Glaser wrote:
4.7. ACLs: permit-access and deny-access section of the privoxy configuration...

Trying this now...

permit-access 10.18.0.0/17 [\w\-\.]+\.utah.edu<http://utah.edu>
permit-access 10.18.0.0/17 [\w\-\.]+\.utah.edu:443<http://utah.edu:443>
permit-access 10.18.0.0/17 [\w\-\.]+\.lib.utah.edu<http://lib.utah.edu>
permit-access 10.18.0.0/17 [\w\-\.]+\.lib.utah.edu:443<http://lib.utah.edu:443>
permit-access 10.18.0.0/17 [\w\-\.]+\.apple.com<http://apple.com>
permit-access 10.18.0.0/17 [\w\-\.]+\.apple.com:443<http://apple.com:443>
permit-access 10.18.0.0/17 [\w\-\.]+\.duosecurity.com<http://duosecurity.com>
permit-access 10.18.0.0/17 [\w\-\.]+\.duosecurity.com:443<http://duosecurity.com:443>
permit-access 10.18.0.0/17 [\w\-\.]+\.labstats.com<http://labstats.com>
permit-access 10.18.0.0/17 [\w\-\.]+\.labstats.com:443<http://labstats.com:443>

Thanks:


[Block U Logo]

Richard Glaser  (he, him, his)
Assistant Head, Client Platform Services
Marriott Library ITDLS
The University of Utah

On Aug 17, 2023 at 10:00 AM -0600, Ian Silvester <iansilvester at fastmail.fm>, wrote:
Hi Richard,

Could you share the error message you are getting, and also the exact filter or action file configuration element you are using?

Thanks,

Ian

On Thu, 17 Aug 2023, at 11:44, Richard Glaser wrote:
Hi:

I am trying to use wild cards with privacy and get errors.

For example...

permit-access 155.0.0.0/2 S*\.S*\.duosecurity.com<http://duosecurity.com>

B<http://duosecurity.com>asically I want to allow any hostnames with
ending domain .duosecurity.com<http://duosecurity.com>

Any suggestions?

Thanks:

[Block U Logo]
Richard Glaser (he, him, his)
Assistant Head, Client Platform Services
Marriott Library ITDLS
The University of Utah
_______________________________________________
Privoxy-users mailing list
Privoxy-users at lists.privoxy.org
https://lists.privoxy.org/mailman/listinfo/privoxy-users
_______________________________________________
Privoxy-users mailing list
Privoxy-users at lists.privoxy.org
https://lists.privoxy.org/mailman/listinfo/privoxy-users