hosts file wildcard setting??

[RingoSaturn]

Is there a way to put in a wild card setting in the hosts file? (WinNT/2000).

ie- can I remove the DNS settings from a machine, then in the hosts file add the specific ip addresses and URL names a user should be able to contact, and then have a setting like:

10.0.0.1 www.*.com

So that any other URL entered will hit 10.0.0.1?

This would make it possible to lock down a machine from entering unauthorized websites (unless the user was savvy enough to use a specific IP address for a site - I'm not concerned about that just yet).

(Oh, and I tried the above example, it doesn't work).

[Welshjim]

RingoSaturn--I do not believe the HOSTS file accepts wildcards. You might learn here
http://www.smartin-designs.com/

[sourdaisy]

Actually you don't need to use wildcards. Just leave off the part that is supposed to be wildcarded. If you want to direct ALL .com sites to 10.0.0.1 then you just need to put this:

10.0.0.1 .com

If you're trying to block ALL websites, then be sure to add seperate entries for .org, .net, etc.

I believe (someone correct me if I'm wrong) that the rules are applied in order. That is, if there is a specific site you want to direct access to you need to put it BEFORE the generic ".com" entry. It may work such that any address entered is matched against the first entry and if it does not apply, it keeps moving on down the line until it hits ".com" and is thus redirected to 10.0.0.1.

[RingoSaturn]

Thanks for the idea sourdaisy, unfortunately it didn't work. I tried a couple of derivations of what you suggested and nothing seemed to work. It looks like the hosts file is using a literal text translation of whatever gets typed in there. In other words, I can put the letter "a" after an IP address, and then type "a" into the browser, and it will come up with the site. In other words, putting ".com" in will only take care of the instance of someone typing in ".com" in the address field in there browser, with no other text.

So, I'm losing hope that there is a solution for this.

[jerryctx]

I can't find the documentation at the moment but I'm sure I read that the hosts file does not support wild cards. Only exact matches work.

[Daufuski]

Hosts files can not use wildcards. But, Contnet Advisor can and does use wildcards, It is worth a look.

p.s. You should try using 0.0.0.0 as your hosts file block IP. If you use 127.0.0.1, the website will be search for a server on your local computer since it is a valid IP. If you use 0.0.0.0, it is immediatley recognized as a valid format, yet an invalid IP and your computer does not search for the site (windows only).

...dauf

[RingoSaturn]

I'll have to look into content advisor. I'm actually directing it to the IP address of a specific web-site, not just blocking the page. That way, it redirects requests back to that specific site. It sounds a little screwy, but I do have my reasons.


And it looks like you guys are right about no wildcard setting. Which is too bad, but oh well.

Thanks

[patweb]

A very simple method of disabling the browser is to make the PROXY server the address of a web server (or not). What I do is set the proxy server to = the Intranet server. Then the user can get to our Intranet but nowhere else (no matter what URL they type in they get the Intranet).

[RingoSaturn]

Patweb - I just recently ran accross that suggestion elsewhere, as well. I haven't had time to try it yet, but it sounds like the way you're using it is exactly what I had in mind.

Thanks for the info.

[shehriyari]

Actually you don't need to use wildcards. Just leave off the part that is supposed to be wildcarded. If you want to direct ALL .com sites to 10.0.0.1 then you just need to put this:

10.0.0.1 .com

If you're trying to block ALL websites, then be sure to add seperate entries for .org, .net, etc.

I believe (someone correct me if I'm wrong) that the rules are applied in order. That is, if there is a specific site you want to direct access to you need to put it BEFORE the generic ".com" entry. It may work such that any address entered is matched against the first entry and if it does not apply, it keeps moving on down the line until it hits ".com" and is thus redirected to 10.0.0.1.

Sorry for replying this old dead topic - just stumbled upon while I was searching for the answers to the same problem. sourdaisy's solution works quite well, guess the original poster of the question missed to clean his/her DNS cache, say with command such as "ipconfig /flushdns" . Anyway, the solution above works 100%.