ProxySG Content Policy Language Guide
url.domain=nbc.com/athletics deny
;etc, suppose it's a substantial list url.regex="sportsathletics" access_server(no) url.regex="\.mail\." deny
;etc
url=www.bluecoat.com/internal group=!bluecoat_employees deny url=www.bluecoat.com/proteus group=!bluecoat_development deny ; etc
This can be recast into three sections:
<Proxy>
[url.domain] abc.com/sports deny nbc.com/athletics deny
;etc.
[Rule]
url.regex="sportsathletics" access_server(no) url.regex="\.mail\." deny
[url]
www.bluecoat.com/internal group=!bluecoat_employees deny www.bluecoat.com/proteus group=!bluecoat_development deny
Notice that the first thing on each line is not a labelled CPL trigger, but is the argument for the trigger assumed by the section type. Also, after the first thing on the line, the rest of the line is the familiar format.
The performance advantage of using the [url], [url.domain], or [server_url.domain] sections is measurable when the number of URLs being tested reaches roughly 100. Certainly for lists of several hundred or thousands of URLs, the performance advantage is significant.
When no explicit section is specified, all rules in a layer are assumed to be in a [Rule] section. That is, the first example is equivalent to:
<Proxy>
[Rule] url.domain=abc.com/sports deny url.domain=nbc.com/athletics deny
;etc, suppose it's a substantial list url.regex="sportsathletics" access_server(no) url.regex="\.mail\." deny
;etc
url=www.bluecoat.com/internal group=!bluecoat_employees deny url=www.bluecoat.com/proteus group=!bluecoat_development deny ; etc
[Rule]
The [Rule] section type is used to logically organize policy rules into a section, optionally applying a guard to the contained rules. The [Rule] section was so named because it can accept all rules in a policy. If no section is specified, all rules in a layer are assumed to be in a [Rule] section.
•Use [Rule] sections to clarify the structure of large layers. When a layer contains many rules, and many of the rules have one or more conditions in common, you may find it useful to define [Rule] sections.
42
