For NBM 3.9 SP1, I want to make sure I am using the correct pattern for
Access rules that allow access to specific Web sites. In Craig's
Beginner's Guide to BorderManager, pg 1133, he has two entries for an
allow rule to Yahoo. They are:

'Yahoo!' (http://www.yahoo.com/)
http://www.yahoo.com/*

Do I always have to have both rules? Why can't I just do
http://www.yahoo.com/* ?

Also, if I want users to have access to all sites in a domain, would
the correct rule format be:

http://*.yahoo.com/*

Finally, in the iManager Access Rules dialog, when looking at the URL
list as shown in the above mentioned page, I can't figure out how to
delete one of the entries. There is a 'Delete' link there but if I
check the box next to one of the URL's listed then click 'Delete', it
just checks all of the boxes; it doesn't delete the checked entry. What
am I missing?

Dan


--
dchuntdnc
------------------------------------------------------------------------
dchuntdnc's Profile: http://forums.novell.com/member.php?userid=25182
View this thread: http://forums.novell.com/showthread.php?t=351290

In article <dchuntdnc.3j358o@no-mx.forums.novell.com>, Dchuntdnc wrote:
> Do I always have to have both rules? Why can't I just do
> http://www.yahoo.com/* ?

Try it. I have found too many times in the past where some sites wanted
both rules. If a single rule with wildcard works for you, then that's all
you need.
>
> Also, if I want users to have access to all sites in a domain, would
> the correct rule format be:
>
> http://*.yahoo.com/*

Yes, but....

If you use something like RTMonitor to monitor browsing while it is
happening, you will very likely see that going to a web site links you to
multiple other sites, for advertising headers, toolbars, login dialogs and
the like. Setting up access rules to allow AOL Web Mail is a good case in
point as it involves not just multiple HTTP rules, but also some port
based rules last time I did that.
>
> Finally, in the iManager Access Rules dialog, when looking at the URL
> list as shown in the above mentioned page, I can't figure out how to
> delete one of the entries. There is a 'Delete' link there but if I
> check the box next to one of the URL's listed then click 'Delete', it
> just checks all of the boxes; it doesn't delete the checked entry. What
> am I missing?

Perhaps you have an iManager bug or need an update. (Perhaps you are
going through proxy and getting some problem due to caching there?) The
checkbox at the top of the rules list should select all of the rules. The
one next to the rule itself should select only that rule.

Thanks, Craig!




phxazcraig;1685424 Wrote:
> In article <dchuntdnc.3j358o@no-mx.forums.novell.com>, Dchuntdnc wrote:
> > Do I always have to have both rules? Why can't I just do
> > http://www.yahoo.com/* ?
>
> Try it. I have found too many times in the past where some sites
> wanted
> both rules. If a single rule with wildcard works for you, then that's
> all
> you need.
> >
> > Also, if I want users to have access to all sites in a domain, would
> > the correct rule format be:
> >
> > http://*.yahoo.com/*
>
> Yes, but....
>
> If you use something like RTMonitor to monitor browsing while it is
> happening, you will very likely see that going to a web site links you
> to
> multiple other sites, for advertising headers, toolbars, login dialogs
> and
> the like. Setting up access rules to allow AOL Web Mail is a good case
> in
> point as it involves not just multiple HTTP rules, but also some port
> based rules last time I did that.
> >
> > Finally, in the iManager Access Rules dialog, when looking at the
> URL
> > list as shown in the above mentioned page, I can't figure out how to
> > delete one of the entries. There is a 'Delete' link there but if I
> > check the box next to one of the URL's listed then click 'Delete',
> it
> > just checks all of the boxes; it doesn't delete the checked entry.
> What
> > am I missing?
>
> Perhaps you have an iManager bug or need an update. (Perhaps you are
> going through proxy and getting some problem due to caching there?)
> The
> checkbox at the top of the rules list should select all of the rules.
> The
> one next to the rule itself should select only that rule.


--
dchuntdnc
------------------------------------------------------------------------
dchuntdnc's Profile: http://forums.novell.com/member.php?userid=25182
View this thread: http://forums.novell.com/showthread.php?t=351290

Craig, looking at this more, I see that I can tell NBM to either use the
URL to 'equal', 'Start with' or 'End with' the string. So would I be
better off doing something like:

Starts with:
http://*.yahoo.com/*

Do you think? Do you use the 'Equals' or 'Starts with' when you create
an URL list exception? If I say 'Starts with' is the trailing * even
necessary?

Thanks,
Dan



phxazcraig;1685424 Wrote:
> In article <dchuntdnc.3j358o@no-mx.forums.novell.com>, Dchuntdnc wrote:
> > Do I always have to have both rules? Why can't I just do
> > http://www.yahoo.com/* ?
>
> Try it. I have found too many times in the past where some sites
> wanted
> both rules. If a single rule with wildcard works for you, then that's
> all
> you need.
> >
> > Also, if I want users to have access to all sites in a domain, would
> > the correct rule format be:
> >
> > http://*.yahoo.com/*
>
> Yes, but....
>
> If you use something like RTMonitor to monitor browsing while it is
> happening, you will very likely see that going to a web site links you
> to
> multiple other sites, for advertising headers, toolbars, login dialogs
> and
> the like. Setting up access rules to allow AOL Web Mail is a good case
> in
> point as it involves not just multiple HTTP rules, but also some port
> based rules last time I did that.
> >
> > Finally, in the iManager Access Rules dialog, when looking at the
> URL
> > list as shown in the above mentioned page, I can't figure out how to
> > delete one of the entries. There is a 'Delete' link there but if I
> > check the box next to one of the URL's listed then click 'Delete',
> it
> > just checks all of the boxes; it doesn't delete the checked entry.
> What
> > am I missing?
>
> Perhaps you have an iManager bug or need an update. (Perhaps you are
> going through proxy and getting some problem due to caching there?)
> The
> checkbox at the top of the rules list should select all of the rules.
> The
> one next to the rule itself should select only that rule.


--
dchuntdnc
------------------------------------------------------------------------
dchuntdnc's Profile: http://forums.novell.com/member.php?userid=25182
View this thread: http://forums.novell.com/showthread.php?t=351290